stephengates
Posts: 7 +0
Hey guys,
Thanks for your helpful article and support. It looks like my computer has a trojan horse that AVG can't get rid of. Not sure if these logs will show that or not. What's the next step for me to take?
Also, you should know that I think I clicked on a fake adobe flash player update which may have started all this. Not sure. Thanks!
Stephen
Logs are in the following order: Malwarebytes, DDS, Atttach
Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org
Database version: v2013.05.24.06
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
LMPC :: LMPC-PC [administrator]
Protection: Enabled
5/24/2013 11:12:01 AM
mbam-log-2013-05-24 (11-12-01).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 216809
Time elapsed: 2 minute(s),
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16483
Run by LMPC at 11:18:05 on 2013-05-24
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.8178.4653 [GMT -5:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Common Files\SPBA\upeksvr.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
C:\Program Files (x86)\Rockwell Software\RSView Enterprise\TagSrv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe
C:\Program Files (x86)\Common Files\Rockwell\EventServer.exe
C:\Program Files (x86)\Rockwell Software\FactoryTalk Activation\lmgrd.exe
C:\Program Files (x86)\Common Files\Rockwell\FTAEArchiver.exe
C:\Program Files (x86)\Rockwell Software\FactoryTalk Activation\lmgrd.exe
C:\Program Files (x86)\Common Files\Rockwell\FTAE_HistServ.exe
C:\Program Files (x86)\Common Files\Rockwell\FTSysDiagSvcHost.exe
C:\Windows\system32\hasplms.exe
c:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.FTVIEWX64TAGDB\MSSQL\Binn\sqlservr.exe
C:\Program Files (x86)\Rockwell Software\FactoryTalk Activation\flexsvr.exe
C:\Program Files (x86)\Common Files\Rockwell\NmspHost.exe
C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
C:\Program Files (x86)\Common Files\Rockwell\RdcyHost.exe
C:\Program Files (x86)\Common Files\Rockwell\RNADiagnosticsSrv.exe
C:\Program Files (x86)\Rockwell Software\RSView Enterprise\HMIDIAGNOSTICSLSTADAPT.exe
C:\Program Files (x86)\Rockwell Software\RSLinx Enterprise\RSLinxNG.exe
C:\Program Files (x86)\Common Files\Rockwell\RsvcHost.exe
c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Rockwell Software\FactoryTalk Activation\Tools\FTActivationBoost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Common Files\Rockwell\EventClientMultiplexer.exe
C:\Program Files (x86)\Common Files\Rockwell\RnaDirServer.exe
C:\Program Files (x86)\Common Files\Rockwell\RNADirMultiplexor.exe
C:\Program Files (x86)\Common Files\Rockwell\RnaAeServer.exe
C:\Program Files (x86)\Common Files\Rockwell\RnaAlarmMux.exe
C:\Program Files (x86)\Rockwell Software\RSView Enterprise\ServerFramework.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Realtek\Audio\HDA\RtDCpl64.exe
C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe
C:\dell\DBRM\Reminder\DbrmTrayicon.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Rockwell Automation\UsbCipDriver\UsbCipHelper\UsbCipHelper.exe
C:\Program Files (x86)\Rockwell Software\RSCommon\RSOBSERV.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\LogonUI.exe
C:\Windows\system32\atieclxx.exe
C:\Program Files\Common Files\SPBA\upeksvr.exe
C:\Windows\system32\rdpclip.exe
C:\Program Files (x86)\Rockwell Software\RSView Enterprise\HMIServer.exe
C:\Program Files (x86)\Rockwell Software\RSView Enterprise\HMITagsSCM.EXE
C:\Program Files (x86)\Rockwell Software\RSView Enterprise\HMITagsDDM.EXE
C:\Program Files (x86)\Rockwell Software\RSView Enterprise\HMITagsBTM.EXE
C:\Program Files (x86)\Rockwell Software\RSView Enterprise\SHDE.EXE
C:\Program Files (x86)\Rockwell Software\RSView Enterprise\RsAlarmLogServ.exe
C:\Program Files (x86)\Rockwell Software\RSView Enterprise\RsAlmLogExpServ.exe
C:\Windows\system32\IProsetMonitor.exe
C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe
C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\AVG\AVG2013\avgcfgex.exe
C:\Program Files (x86)\AVG\AVG2013\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Free SMTP Server\localsrv.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\notepad.exe
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://dell13-comm.msn.com
uDefault_Page_URL = hxxp://dell13-comm.msn.com
mWinlogon: Userinit = userinit.exe
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\15.2.0.5\AVG SafeGuard toolbar_toolbar.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL
TB: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\15.2.0.5\AVG SafeGuard toolbar_toolbar.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [UsbCipHelper] C:\Program Files (x86)\Rockwell Automation\UsbCipDriver\UsbCipHelper\UsbCipHelper.exe
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
mRun: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
StartupFolder: C:\Users\LMPC\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\RSLINX~1.LNK - C:\Program Files (x86)\Rockwell Software\RSLinx\RSLINX.EXE
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: DisableCAD = dword:1
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
LSP: mswsock.dll
TCP: Interfaces\{D0D41F40-34B2-4D6F-B3CF-CD34C01FE1E1} : NameServer = 66.172.200.11,66.172.201.11
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.2.0\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
LSA: Authentication Packages = msv1_0 wvauth
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtDCpl64.exe
x64-Run: [TdmNotify] C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe
x64-Run: [DBRMTray] C:\Dell\DBRM\Reminder\DbrmTrayIcon.exe
x64-RunOnce: [DBRMTray] C:\Dell\DBRM\Reminder\TrayApp.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: spba - C:\Program Files\Common Files\SPBA\homefus2.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-2-8 311096]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-2-8 116536]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-2-8 45880]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2013-4-2 20024]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-3-29 246072]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-2-8 206136]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-3-21 240952]
R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2013-5-23 45856]
R1 VirtualBackplane;A-B Virtual Backplane;C:\Windows\System32\drivers\VirtualBackplane.sys [2011-6-2 51200]
R2 aksdf;aksdf;C:\Windows\System32\drivers\aksdf.sys [2013-4-5 78208]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-4-2 204288]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-5-14 4937264]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-4-18 283136]
R2 EmbassyService;EmbassyService;C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe [2012-11-20 225720]
R2 FactoryTalk Activation Service;FactoryTalk Activation Service;C:\Program Files (x86)\Rockwell Software\FactoryTalk Activation\lmgrd.exe [2012-12-12 1407312]
R2 FTActivationBoost;FactoryTalk Activation Helper;C:\Program Files (x86)\Rockwell Software\FactoryTalk Activation\Tools\FTActivationBoost.exe [2012-12-21 145888]
R2 FTAE_Archiver;Rockwell Alarm History Archiver;C:\Program Files (x86)\Common Files\Rockwell\FTAEArchiver.exe [2012-12-20 62136]
R2 FTAE_HistServ;Rockwell Alarm Historian;C:\Program Files (x86)\Common Files\Rockwell\FTAE_HistServ.exe [2012-12-20 152248]
R2 FTSysDiagSvcHost;FTSysDiagSvcHost;C:\Program Files (x86)\Common Files\Rockwell\FTSysDiagSvcHost.exe [2012-12-17 69120]
R2 hasplms;Sentinel Local License Manager;C:\Windows\System32\hasplms.exe -run --> C:\Windows\System32\hasplms.exe -run [?]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-4-2 13632]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2012-7-27 170824]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-5-24 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-5-24 701512]
R2 MSSQL$FTVIEWX64TAGDB;SQL Server (FTVIEWX64TAGDB);C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.FTVIEWX64TAGDB\MSSQL\Binn\sqlservr.exe [2010-4-3 42884448]
R2 NmspHost;Rockwell Namespace Services;C:\Program Files (x86)\Common Files\Rockwell\NmspHost.exe [2012-12-19 226488]
R2 OfficeSvc;Microsoft Office Service;C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-4-11 1872568]
R2 PbaDrvSvc_x64;Dell PBA x64 Service;C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe [2012-11-23 20480]
R2 RdcyHost;Rockwell Redundancy Services;C:\Program Files (x86)\Common Files\Rockwell\RdcyHost.exe [2012-12-20 226488]
R2 RnaAeServer;Rockwell Alarm Server;C:\Program Files (x86)\Common Files\Rockwell\RnaAeServer.exe [2012-12-20 164024]
R2 RnaAlarmMux;Rockwell Alarm Multiplexer;C:\Program Files (x86)\Common Files\Rockwell\RnaAlarmMux.exe [2012-12-20 708280]
R2 Rockwell HMI Framework;Rockwell HMI Framework;C:\Program Files (x86)\Rockwell Software\RSView Enterprise\ServerFramework.exe [2013-1-5 889016]
R2 vToolbarUpdater15.2.0;vToolbarUpdater15.2.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe [2013-5-23 1015984]
R2 Wave Authentication Manager Service;Wave Authentication Manager Service;C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe [2012-11-19 1758720]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-4-2 95248]
R3 dcdbas;System Management Driver;C:\Windows\System32\drivers\dcdbas64.sys [2012-9-23 39016]
R3 EventServer;Rockwell Event Server;C:\Program Files (x86)\Common Files\Rockwell\EventServer.exe [2012-12-19 252600]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2013-4-2 358456]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2013-4-2 791608]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-5-24 25928]
R3 Rockwell HMI Alarm Logger;Rockwell HMI Alarm Logger;C:\Program Files (x86)\Rockwell Software\RSView Enterprise\RsAlarmLogServ.exe [2013-1-5 132792]
R3 SNXPCAMD;SUNIX Multi-I/O Card Driver;C:\Windows\System32\drivers\snxpcamd.sys [2013-4-2 53112]
R3 SNXPPAMD;SUNIX Parallel Port Driver;C:\Windows\System32\drivers\snxppamd.sys [2013-4-2 100728]
R3 SNXPSAMD;SUNIX Serial Port Driver;C:\Windows\System32\drivers\snxpsamd.sys [2013-4-2 97144]
S0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-2-8 71480]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 WvPCR;WvPCR;C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Common\WvPCR.exe [2012-11-8 254384]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 LogReceiver;LogReceiver;C:\Program Files (x86)\Rockwell Software\RSLinx Enterprise\LogReceiver.exe [2012-12-27 82616]
S3 netvsc;netvsc;C:\Windows\System32\drivers\netvsc60.sys [2010-11-21 168448]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 SynthVid;SynthVid;C:\Windows\System32\drivers\VMBusVideoM.sys [2010-11-21 22528]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-5-16 1255736]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files (x86)\Microsoft SQL Server\100\Shared\sqladhlp.exe [2010-4-3 44896]
S4 SQLAgent$FTVIEWX64TAGDB;SQL Server Agent (FTVIEWX64TAGDB);C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.FTVIEWX64TAGDB\MSSQL\Binn\SQLAGENT.EXE [2010-4-3 367456]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2013-05-24 16:11:06--------d-----w-C:\Users\LMPC\AppData\Roaming\Malwarebytes
2013-05-24 16:11:0325928----a-w-C:\Windows\System32\drivers\mbam.sys
2013-05-24 16:11:03--------d-----w-C:\ProgramData\Malwarebytes
2013-05-24 16:11:03--------d-----w-C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-05-24 16:10:48--------d-----w-C:\Users\LMPC\AppData\Local\Programs
2013-05-23 21:41:36--------d-----w-C:\Users\LMPC\AppData\Roaming\AVG2013
2013-05-23 21:41:04--------d-----w-C:\Users\LMPC\AppData\Roaming\TuneUp Software
2013-05-23 21:41:0045856----a-w-C:\Windows\System32\drivers\avgtpx64.sys
2013-05-23 21:40:58--------d-----w-C:\Program Files (x86)\Common Files\AVG Secure Search
2013-05-23 21:40:58--------d-----w-C:\Program Files (x86)\AVG SafeGuard toolbar
2013-05-23 21:40:28--------d--h--w-C:\$AVG
2013-05-23 21:40:28--------d-----w-C:\ProgramData\AVG2013
2013-05-23 21:40:00--------d-----w-C:\Program Files (x86)\AVG
2013-05-23 21:34:49--------d--h--w-C:\ProgramData\Common Files
2013-05-23 21:34:49--------d-----w-C:\Users\LMPC\AppData\Local\MFAData
2013-05-23 21:34:49--------d-----w-C:\Users\LMPC\AppData\Local\Avg2013
2013-05-23 21:34:49--------d-----w-C:\ProgramData\MFAData
2013-05-23 20:05:32--------d-sh--w-C:\Windows\SysWow64\%APPDATA%
2013-05-23 16:45:45--------d-----w-C:\Program Files (x86)\SysInternals
2013-05-21 13:38:28--------d-----w-C:\Users\LMPC\AppData\Local\{0A01D529-A43A-494C-ADB5-0FB00DB3A468}
2013-05-21 07:50:409460464----a-w-C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E5FDA868-20D1-4AC8-B3D6-E7B9395A4BD1}\mpengine.dll
2013-05-21 01:38:17--------d-----w-C:\Users\LMPC\AppData\Local\{6B509808-A99C-4191-9A32-5C1E97FC35BF}
2013-05-20 21:26:12101376----a-w-C:\Windows\System32\Spool\prtprocs\x64\HPZPPWN7.DLL
2013-05-20 13:38:05--------d-----w-C:\Users\LMPC\AppData\Local\{CCB0FDFF-F3CF-4EEF-975C-02CAFD34D73A}
2013-05-20 01:37:54--------d-----w-C:\Users\LMPC\AppData\Local\{7F2BE1C7-4C61-4F83-8ECF-D4232EA35927}
2013-05-19 13:37:42--------d-----w-C:\Users\LMPC\AppData\Local\{FBFB7710-CE86-4666-9092-B856C673430F}
2013-05-19 01:37:31--------d-----w-C:\Users\LMPC\AppData\Local\{1A1966B7-8CD3-480F-B51F-3412E055187C}
2013-05-18 13:37:19--------d-----w-C:\Users\LMPC\AppData\Local\{05134FA1-DC8D-453C-A701-13B208FD5F52}
2013-05-18 01:37:08--------d-----w-C:\Users\LMPC\AppData\Local\{DE700F8B-0FEA-407F-9B23-30A868EFB2D0}
2013-05-17 13:36:56--------d-----w-C:\Users\LMPC\AppData\Local\{7F8999CA-0C50-441B-8347-4EF0692941CE}
2013-05-17 01:36:45--------d-----w-C:\Users\LMPC\AppData\Local\{C46AE467-4907-4855-9B9F-329A3A10AB24}
2013-05-16 21:50:13--------d-----w-C:\Program Files (x86)\Free SMTP Server
2013-05-16 13:36:21--------d-----w-C:\Users\LMPC\AppData\Local\{19EF95DD-3C46-4B23-9C53-CA090B4C8524}
2013-05-16 13:36:08--------d-----w-C:\Users\LMPC\AppData\Roaming\Windows Live Writer
2013-05-16 13:36:08--------d-----w-C:\Users\LMPC\AppData\Local\Windows Live Writer
2013-05-16 12:39:27--------d-----w-C:\Program Files (x86)\MSXML 4.0
2013-05-16 08:33:05--------d-----w-C:\Windows\SysWow64\Wat
2013-05-16 08:33:05--------d-----w-C:\Windows\System32\Wat
2013-05-16 08:11:579728----a-w-C:\Windows\System32\Wdfres.dll
2013-05-16 08:11:57785512----a-w-C:\Windows\System32\drivers\Wdf01000.sys
2013-05-16 08:11:5754376----a-w-C:\Windows\System32\drivers\WdfLdr.sys
2013-05-16 08:11:572560----a-w-C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2013-05-16 08:03:562382848----a-w-C:\Windows\SysWow64\mshtml.tlb
2013-05-16 08:03:562382848----a-w-C:\Windows\System32\mshtml.tlb
2013-05-16 08:03:1987040----a-w-C:\Windows\System32\drivers\WUDFPf.sys
2013-05-16 08:03:1984992----a-w-C:\Windows\System32\WUDFSvc.dll
2013-05-16 08:03:19744448----a-w-C:\Windows\System32\WUDFx.dll
2013-05-16 08:03:1945056----a-w-C:\Windows\System32\WUDFCoinstaller.dll
2013-05-16 08:03:19229888----a-w-C:\Windows\System32\WUDFHost.exe
2013-05-16 08:03:19198656----a-w-C:\Windows\System32\drivers\WUDFRd.sys
2013-05-16 08:03:19194048----a-w-C:\Windows\System32\WUDFPlatform.dll
2013-05-15 21:30:0790624----a-w-C:\Windows\System32\drivers\bowser.sys
2013-05-15 21:30:06983400----a-w-C:\Windows\System32\drivers\dxgkrnl.sys
2013-05-15 21:30:06265064----a-w-C:\Windows\System32\drivers\dxgmms1.sys
2013-05-15 21:30:06144384----a-w-C:\Windows\System32\cdd.dll
2013-05-15 21:30:053717632----a-w-C:\Windows\System32\mstscax.dll
2013-05-15 21:30:053217408----a-w-C:\Windows\SysWow64\mstscax.dll
2013-05-15 21:30:0444032----a-w-C:\Windows\System32\tsgqec.dll
2013-05-15 21:30:0436864----a-w-C:\Windows\SysWow64\tsgqec.dll
2013-05-15 21:30:04158720----a-w-C:\Windows\System32\aaclient.dll
2013-05-15 21:30:04131584----a-w-C:\Windows\SysWow64\aaclient.dll
2013-05-15 17:56:14886784----a-w-C:\Program Files\Common Files\System\wab32.dll
2013-05-15 17:56:14708608----a-w-C:\Program Files (x86)\Common Files\System\wab32.dll
2013-05-15 17:56:13142336----a-w-C:\Windows\System32\poqexec.exe
2013-05-15 17:56:13123904----a-w-C:\Windows\SysWow64\poqexec.exe
2013-05-15 17:56:12395776----a-w-C:\Windows\System32\webio.dll
2013-05-15 17:56:12314880----a-w-C:\Windows\SysWow64\webio.dll
2013-05-15 17:56:1019968----a-w-C:\Windows\System32\drivers\usb8023.sys
2013-05-15 17:56:097680----a-w-C:\Windows\SysWow64\instnm.exe
2013-05-15 17:56:095120----a-w-C:\Windows\SysWow64\wow32.dll
2013-05-15 17:56:0925600----a-w-C:\Windows\SysWow64\setup16.exe
2013-05-15 17:56:09215040----a-w-C:\Windows\System32\winsrv.dll
2013-05-15 17:56:092048----a-w-C:\Windows\SysWow64\user.exe
2013-05-15 17:56:0914336----a-w-C:\Windows\SysWow64\ntvdm64.dll
2013-05-15 17:55:50288088----a-w-C:\Windows\System32\drivers\FWPKCLNT.SYS
2013-05-15 17:55:501913192----a-w-C:\Windows\System32\drivers\tcpip.sys
2013-05-15 17:55:34503808----a-w-C:\Windows\System32\srcore.dll
2013-05-15 17:55:3443008----a-w-C:\Windows\SysWow64\srclient.dll
2013-05-15 17:53:079460464----a-w-C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2013-05-15 14:09:59--------d-----w-C:\Program Files (x86)\MSECache
2013-05-02 18:18:3886016----a-r-C:\Users\LMPC\AppData\Roaming\Microsoft\Windows\Templates\F\LGUTchkdl.dll
2013-05-02 18:18:384608----a-r-C:\Users\LMPC\AppData\Roaming\Microsoft\Windows\Templates\F\LGEUSBAutorun.dll
2013-05-01 21:57:35--------d-----w-C:\Users\LMPC\AppData\Local\Adobe
.
==================== Find3M ====================
.
2013-05-02 07:06:08278800------w-C:\Windows\System32\MpSigStub.exe
2013-04-13 05:49:23135168----a-w-C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49:19350208----a-w-C:\Windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49:19308736----a-w-C:\Windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49:19111104----a-w-C:\Windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45:16474624----a-w-C:\Windows\apppatch\AcSpecfc.dll
2013-04-13 04:45:152176512----a-w-C:\Windows\apppatch\AcGenral.dll
2013-04-12 14:45:081656680----a-w-C:\Windows\System32\drivers\ntfs.sys
2013-04-10 03:30:503153920----a-w-C:\Windows\System32\win32k.sys
2013-04-05 20:19:131488----a-w-C:\Windows\SysWow64\Rsvchost.reg
2013-04-05 20:19:131488----a-w-C:\Windows\SysWow64\RdcyReg.reg
2013-04-05 20:04:100----a-w-C:\Windows\invcol.tmp
2013-04-05 01:08:442312704----a-w-C:\Windows\System32\jscript9.dll
2013-04-05 01:00:301392128----a-w-C:\Windows\System32\wininet.dll
2013-04-05 00:59:241494528----a-w-C:\Windows\System32\inetcpl.cpl
2013-04-05 00:56:16173056----a-w-C:\Windows\System32\ieUnatt.exe
2013-04-05 00:55:47599040----a-w-C:\Windows\System32\vbscript.dll
2013-04-04 22:11:341800704----a-w-C:\Windows\SysWow64\jscript9.dll
2013-04-04 22:02:591427968----a-w-C:\Windows\SysWow64\inetcpl.cpl
2013-04-04 22:02:171129472----a-w-C:\Windows\SysWow64\wininet.dll
2013-04-04 21:58:51142848----a-w-C:\Windows\SysWow64\ieUnatt.exe
2013-04-04 21:57:45420864----a-w-C:\Windows\SysWow64\vbscript.dll
2013-04-02 11:04:5391648----a-w-C:\Windows\System32\SetIEInstalledDate.exe
2013-04-02 09:53:230----a-w-C:\Windows\ativpsrm.bin
2013-04-02 09:25:5573656----a-w-C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-04-02 09:25:55697272----a-w-C:\Windows\SysWow64\FlashPlayerApp.exe
2013-03-29 07:53:48246072----a-w-C:\Windows\System32\drivers\avgidsdrivera.sys
2013-03-21 08:08:24240952----a-w-C:\Windows\System32\drivers\avgtdia.sys
2013-03-19 06:04:065550424----a-w-C:\Windows\System32\ntoskrnl.exe
2013-03-19 05:53:5848640----a-w-C:\Windows\System32\wwanprotdim.dll
2013-03-19 05:53:58230400----a-w-C:\Windows\System32\wwansvc.dll
2013-03-19 05:46:5643520----a-w-C:\Windows\System32\csrsrv.dll
2013-03-19 05:04:133968856----a-w-C:\Windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04:103913560----a-w-C:\Windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47:506656----a-w-C:\Windows\SysWow64\apisetschema.dll
2013-03-19 03:06:33112640----a-w-C:\Windows\System32\smss.exe
2013-02-27 06:02:44111448----a-w-C:\Windows\System32\consent.exe
2013-02-27 05:48:001930752----a-w-C:\Windows\System32\authui.dll
2013-02-27 05:47:1070144----a-w-C:\Windows\System32\appinfo.dll
2013-02-27 04:49:241796096----a-w-C:\Windows\SysWow64\authui.dll
.
============= FINISH: 11:18:19.03 ===============
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 4/5/2013 3:00:50 PM
System Uptime: 5/23/2013 3:32:46 PM (20 hours ago)
.
Motherboard: Dell Inc. | | 0KRC95
Processor: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz | CPU 1 | 1568/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 451 GiB total, 399.102 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP24: 4/26/2013 3:42:15 PM - Scheduled Checkpoint
RP25: 5/14/2013 7:38:45 PM - Scheduled Checkpoint
RP26: 5/15/2013 9:11:00 AM - Installed Microsoft Access database engine 2010 (English)
RP27: 5/15/2013 12:52:43 PM - Windows Update
RP28: 5/16/2013 3:00:14 AM - Windows Update
RP29: 5/16/2013 7:38:54 AM - Windows Update
RP30: 5/17/2013 3:00:12 AM - Windows Update
RP31: 5/17/2013 7:42:13 AM - Windows Update
RP32: 5/18/2013 3:00:10 AM - Windows Update
RP34: 5/23/2013 3:15:14 PM - Windows Defender Checkpoint
RP35: 5/23/2013 4:39:45 PM - Installed AVG 2013
RP36: 5/23/2013 4:40:04 PM - Installed AVG 2013
.
==== Installed Programs ======================
.
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.7)
AMD APP SDK Runtime
AMD Catalyst Install Manager
AVG 2013
Catalyst Control Center
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
Catalyst Control Center Profiles Desktop
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Custom
D3DX10
Dell Backup and Recovery Manager
Dell Client System Update
Dell Data Protection | Access
Dell Edoc Viewer
DellAccess
EMBASSY Client Core
ERAS Connector
FactoryTalk Activation Manager 3.60.00 (CPR 9 SR 6)
FactoryTalk Alarms and Events 2.60.00 (CPR 9 SR 6)
FactoryTalk Diagnostics 2.60.00 (CPR 9 SR 6)
FactoryTalk Services Platform 2.60.00 (CPR 9 SR 6)
FactoryTalk View Site Edition Client 7.00.00
FactoryTalk® View Site Edition Client 7.00.00 (CPR 9 SR 6)
FactoryTalk® View Site Edition Server 7.00.00 (CPR 9 SR 6)
FactoryTalk® View Studio Enterprise 7.00.00 (CPR 9 SR 6)
Free SMTP Server
Gemalto
GemPcCCID
Intel(R) Control Center
Intel(R) Network Connections 17.3.63.0
Intel(R) Rapid Storage Technology
Intel(R) USB 3.0 eXtensible Host Controller Driver
Junk Mail filter update
Malwarebytes Anti-Malware version 1.75.0.1300
Mesh Runtime
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Access database engine 2010 (English)
Microsoft Application Error Reporting
Microsoft Office Home and Business 2013 - en-us
Microsoft Silverlight
Microsoft SkyDrive
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2008 R2
Microsoft SQL Server 2008 R2 Native Client
Microsoft SQL Server 2008 R2 RsFx Driver
Microsoft SQL Server 2008 R2 Setup (English)
Microsoft SQL Server 2008 Setup Support Files
Microsoft SQL Server Browser
Microsoft SQL Server Compact 4.0 x64 ENU
Microsoft SQL Server VSS Writer
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Office 15 Click-to-Run Extensibility Component
Office 15 Click-to-Run Licensing Component
Office 15 Click-to-Run Localization Component
PBA Driver
Preboot Manager
Private Information Manager
Realtek High Definition Audio Driver
Rockwell Automation Driver Package x64
Rockwell Windows Firewall Configuration Utility 1.00.06
RSLinx Classic 3.60.00 CPR 9 SR 6
RSLinx Enterprise 5.60.00 (CPR 9 SR 6)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
SI TSS
SPBA (WBF) 5.9
SQL Server 2008 R2 Common Files
SQL Server 2008 R2 Database Engine Services
SQL Server 2008 R2 Database Engine Shared
Sql Server Customer Experience Improvement Program
toolkit32for64bit
Trusted Drive Manager
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Visual Basic for Applications (R) Core
Visual Basic for Applications (R) Core - English
Visual Studio 2010 x64 Redistributables
Wave Crypto Runtime 2.0.9.0 x64
Wave Crypto Runtime 2.0.9.0 x86
Wave Infrastructure Installer
Wave Support Software Installer
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
.
==== Event Viewer Messages From Past Week ========
.
5/24/2013 10:45:02 AM, Error: Microsoft-Windows-TerminalServices-Printers [1111] - Driver Send To Microsoft OneNote 2010 Driver required for printer Send To OneNote 2010 is unknown. Contact the administrator to install the driver before you log in again.
5/24/2013 10:44:58 AM, Error: Microsoft-Windows-TerminalServices-Printers [1111] - Driver HP Officejet Pro 8600 required for printer HP Officejet Pro 8600 (Network) is unknown. Contact the administrator to install the driver before you log in again.
5/24/2013 10:44:56 AM, Error: Microsoft-Windows-TerminalServices-Printers [1111] - Driver Bullzip PDF Printer required for printer Bullzip PDF Printer is unknown. Contact the administrator to install the driver before you log in again.
5/24/2013 10:44:56 AM, Error: Microsoft-Windows-TerminalServices-Printers [1111] - Driver Adobe PDF Converter required for printer Adobe PDF is unknown. Contact the administrator to install the driver before you log in again.
5/24/2013 10:44:54 AM, Error: Microsoft-Windows-TerminalServices-Printers [1111] - Driver Fax - HP Officejet Pro 8600 required for printer Fax - HP Officejet Pro 8600 (Network) is unknown. Contact the administrator to install the driver before you log in again.
5/23/2013 5:19:08 PM, Error: TermDD [56] - The Terminal Server security layer detected an error in the protocol stream and has disconnected the client. Client IP: 68.96.134.205.
5/23/2013 5:11:18 PM, Error: Service Control Manager [7034] - The Application Information service terminated unexpectedly. It has done this 1 time(s).
5/23/2013 5:11:18 PM, Error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
5/23/2013 5:11:18 PM, Error: Service Control Manager [7031] - The User Profile Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
5/23/2013 5:11:18 PM, Error: Service Control Manager [7031] - The Themes service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
5/23/2013 5:11:18 PM, Error: Service Control Manager [7031] - The Task Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
5/23/2013 5:11:18 PM, Error: Service Control Manager [7031] - The System Event Notification Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
5/23/2013 5:11:18 PM, Error: Service Control Manager [7031] - The Shell Hardware Detection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
5/23/2013 5:11:18 PM, Error: Service Control Manager [7031] - The Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
5/23/2013 5:11:18 PM, Error: Service Control Manager [7031] - The Remote Desktop Configuration service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
5/23/2013 5:11:18 PM, Error: Service Control Manager [7031] - The Group Policy Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
5/23/2013 5:11:18 PM, Error: Service Control Manager [7031] - The Certificate Propagation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
5/23/2013 5:11:18 PM, Error: Service Control Manager [7031] - The Application Experience service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
5/23/2013 3:33:09 PM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.
5/23/2013 3:33:08 PM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.
5/23/2013 3:33:07 PM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.
5/23/2013 3:33:06 PM, Error: Service Control Manager [7001] - The WvPCR service depends on the TPM Base Services service which failed to start because of the following error: The operation completed successfully.
5/23/2013 3:33:06 PM, Error: Service Control Manager [7001] - The SI TSS v1.2.1.41 TCS service depends on the TPM Base Services service which failed to start because of the following error: The operation completed successfully.
5/23/2013 3:00:09 PM, Error: TermDD [56] - The Terminal Server security layer detected an error in the protocol stream and has disconnected the client. Client IP: 68.226.76.92.
5/23/2013 10:38:55 AM, Error: Service Control Manager [7031] - The Windows Font Cache Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
5/23/2013 10:38:55 AM, Error: Service Control Manager [7031] - The SSDP Discovery service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
5/22/2013 9:37:22 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {DAA085E0-F341-11CE-B4B5-C46F03C10000} and APPID {DAA085E0-F341-11CE-B4B5-C46F03C10000} to the user LMPC-PC\LMPC SID (S-1-5-21-1236341281-62204155-2792960718-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
5/22/2013 10:45:26 AM, Error: Service Control Manager [7034] - The EmbassyService service terminated unexpectedly. It has done this 1 time(s).
.
==== End Of File ===========================
Thanks for your helpful article and support. It looks like my computer has a trojan horse that AVG can't get rid of. Not sure if these logs will show that or not. What's the next step for me to take?
Also, you should know that I think I clicked on a fake adobe flash player update which may have started all this. Not sure. Thanks!
Stephen
Logs are in the following order: Malwarebytes, DDS, Atttach
Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org
Database version: v2013.05.24.06
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
LMPC :: LMPC-PC [administrator]
Protection: Enabled
5/24/2013 11:12:01 AM
mbam-log-2013-05-24 (11-12-01).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 216809
Time elapsed: 2 minute(s),
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16483
Run by LMPC at 11:18:05 on 2013-05-24
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.8178.4653 [GMT -5:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Common Files\SPBA\upeksvr.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
C:\Program Files (x86)\Rockwell Software\RSView Enterprise\TagSrv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe
C:\Program Files (x86)\Common Files\Rockwell\EventServer.exe
C:\Program Files (x86)\Rockwell Software\FactoryTalk Activation\lmgrd.exe
C:\Program Files (x86)\Common Files\Rockwell\FTAEArchiver.exe
C:\Program Files (x86)\Rockwell Software\FactoryTalk Activation\lmgrd.exe
C:\Program Files (x86)\Common Files\Rockwell\FTAE_HistServ.exe
C:\Program Files (x86)\Common Files\Rockwell\FTSysDiagSvcHost.exe
C:\Windows\system32\hasplms.exe
c:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.FTVIEWX64TAGDB\MSSQL\Binn\sqlservr.exe
C:\Program Files (x86)\Rockwell Software\FactoryTalk Activation\flexsvr.exe
C:\Program Files (x86)\Common Files\Rockwell\NmspHost.exe
C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
C:\Program Files (x86)\Common Files\Rockwell\RdcyHost.exe
C:\Program Files (x86)\Common Files\Rockwell\RNADiagnosticsSrv.exe
C:\Program Files (x86)\Rockwell Software\RSView Enterprise\HMIDIAGNOSTICSLSTADAPT.exe
C:\Program Files (x86)\Rockwell Software\RSLinx Enterprise\RSLinxNG.exe
C:\Program Files (x86)\Common Files\Rockwell\RsvcHost.exe
c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Rockwell Software\FactoryTalk Activation\Tools\FTActivationBoost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Common Files\Rockwell\EventClientMultiplexer.exe
C:\Program Files (x86)\Common Files\Rockwell\RnaDirServer.exe
C:\Program Files (x86)\Common Files\Rockwell\RNADirMultiplexor.exe
C:\Program Files (x86)\Common Files\Rockwell\RnaAeServer.exe
C:\Program Files (x86)\Common Files\Rockwell\RnaAlarmMux.exe
C:\Program Files (x86)\Rockwell Software\RSView Enterprise\ServerFramework.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Realtek\Audio\HDA\RtDCpl64.exe
C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe
C:\dell\DBRM\Reminder\DbrmTrayicon.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Rockwell Automation\UsbCipDriver\UsbCipHelper\UsbCipHelper.exe
C:\Program Files (x86)\Rockwell Software\RSCommon\RSOBSERV.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\LogonUI.exe
C:\Windows\system32\atieclxx.exe
C:\Program Files\Common Files\SPBA\upeksvr.exe
C:\Windows\system32\rdpclip.exe
C:\Program Files (x86)\Rockwell Software\RSView Enterprise\HMIServer.exe
C:\Program Files (x86)\Rockwell Software\RSView Enterprise\HMITagsSCM.EXE
C:\Program Files (x86)\Rockwell Software\RSView Enterprise\HMITagsDDM.EXE
C:\Program Files (x86)\Rockwell Software\RSView Enterprise\HMITagsBTM.EXE
C:\Program Files (x86)\Rockwell Software\RSView Enterprise\SHDE.EXE
C:\Program Files (x86)\Rockwell Software\RSView Enterprise\RsAlarmLogServ.exe
C:\Program Files (x86)\Rockwell Software\RSView Enterprise\RsAlmLogExpServ.exe
C:\Windows\system32\IProsetMonitor.exe
C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe
C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\AVG\AVG2013\avgcfgex.exe
C:\Program Files (x86)\AVG\AVG2013\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Free SMTP Server\localsrv.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\notepad.exe
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://dell13-comm.msn.com
uDefault_Page_URL = hxxp://dell13-comm.msn.com
mWinlogon: Userinit = userinit.exe
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\15.2.0.5\AVG SafeGuard toolbar_toolbar.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL
TB: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\15.2.0.5\AVG SafeGuard toolbar_toolbar.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [UsbCipHelper] C:\Program Files (x86)\Rockwell Automation\UsbCipDriver\UsbCipHelper\UsbCipHelper.exe
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
mRun: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
StartupFolder: C:\Users\LMPC\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\RSLINX~1.LNK - C:\Program Files (x86)\Rockwell Software\RSLinx\RSLINX.EXE
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: DisableCAD = dword:1
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
LSP: mswsock.dll
TCP: Interfaces\{D0D41F40-34B2-4D6F-B3CF-CD34C01FE1E1} : NameServer = 66.172.200.11,66.172.201.11
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.2.0\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
LSA: Authentication Packages = msv1_0 wvauth
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtDCpl64.exe
x64-Run: [TdmNotify] C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe
x64-Run: [DBRMTray] C:\Dell\DBRM\Reminder\DbrmTrayIcon.exe
x64-RunOnce: [DBRMTray] C:\Dell\DBRM\Reminder\TrayApp.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: spba - C:\Program Files\Common Files\SPBA\homefus2.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-2-8 311096]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-2-8 116536]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-2-8 45880]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2013-4-2 20024]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-3-29 246072]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-2-8 206136]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-3-21 240952]
R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2013-5-23 45856]
R1 VirtualBackplane;A-B Virtual Backplane;C:\Windows\System32\drivers\VirtualBackplane.sys [2011-6-2 51200]
R2 aksdf;aksdf;C:\Windows\System32\drivers\aksdf.sys [2013-4-5 78208]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-4-2 204288]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-5-14 4937264]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-4-18 283136]
R2 EmbassyService;EmbassyService;C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe [2012-11-20 225720]
R2 FactoryTalk Activation Service;FactoryTalk Activation Service;C:\Program Files (x86)\Rockwell Software\FactoryTalk Activation\lmgrd.exe [2012-12-12 1407312]
R2 FTActivationBoost;FactoryTalk Activation Helper;C:\Program Files (x86)\Rockwell Software\FactoryTalk Activation\Tools\FTActivationBoost.exe [2012-12-21 145888]
R2 FTAE_Archiver;Rockwell Alarm History Archiver;C:\Program Files (x86)\Common Files\Rockwell\FTAEArchiver.exe [2012-12-20 62136]
R2 FTAE_HistServ;Rockwell Alarm Historian;C:\Program Files (x86)\Common Files\Rockwell\FTAE_HistServ.exe [2012-12-20 152248]
R2 FTSysDiagSvcHost;FTSysDiagSvcHost;C:\Program Files (x86)\Common Files\Rockwell\FTSysDiagSvcHost.exe [2012-12-17 69120]
R2 hasplms;Sentinel Local License Manager;C:\Windows\System32\hasplms.exe -run --> C:\Windows\System32\hasplms.exe -run [?]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-4-2 13632]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2012-7-27 170824]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-5-24 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-5-24 701512]
R2 MSSQL$FTVIEWX64TAGDB;SQL Server (FTVIEWX64TAGDB);C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.FTVIEWX64TAGDB\MSSQL\Binn\sqlservr.exe [2010-4-3 42884448]
R2 NmspHost;Rockwell Namespace Services;C:\Program Files (x86)\Common Files\Rockwell\NmspHost.exe [2012-12-19 226488]
R2 OfficeSvc;Microsoft Office Service;C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-4-11 1872568]
R2 PbaDrvSvc_x64;Dell PBA x64 Service;C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe [2012-11-23 20480]
R2 RdcyHost;Rockwell Redundancy Services;C:\Program Files (x86)\Common Files\Rockwell\RdcyHost.exe [2012-12-20 226488]
R2 RnaAeServer;Rockwell Alarm Server;C:\Program Files (x86)\Common Files\Rockwell\RnaAeServer.exe [2012-12-20 164024]
R2 RnaAlarmMux;Rockwell Alarm Multiplexer;C:\Program Files (x86)\Common Files\Rockwell\RnaAlarmMux.exe [2012-12-20 708280]
R2 Rockwell HMI Framework;Rockwell HMI Framework;C:\Program Files (x86)\Rockwell Software\RSView Enterprise\ServerFramework.exe [2013-1-5 889016]
R2 vToolbarUpdater15.2.0;vToolbarUpdater15.2.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe [2013-5-23 1015984]
R2 Wave Authentication Manager Service;Wave Authentication Manager Service;C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe [2012-11-19 1758720]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-4-2 95248]
R3 dcdbas;System Management Driver;C:\Windows\System32\drivers\dcdbas64.sys [2012-9-23 39016]
R3 EventServer;Rockwell Event Server;C:\Program Files (x86)\Common Files\Rockwell\EventServer.exe [2012-12-19 252600]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2013-4-2 358456]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2013-4-2 791608]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-5-24 25928]
R3 Rockwell HMI Alarm Logger;Rockwell HMI Alarm Logger;C:\Program Files (x86)\Rockwell Software\RSView Enterprise\RsAlarmLogServ.exe [2013-1-5 132792]
R3 SNXPCAMD;SUNIX Multi-I/O Card Driver;C:\Windows\System32\drivers\snxpcamd.sys [2013-4-2 53112]
R3 SNXPPAMD;SUNIX Parallel Port Driver;C:\Windows\System32\drivers\snxppamd.sys [2013-4-2 100728]
R3 SNXPSAMD;SUNIX Serial Port Driver;C:\Windows\System32\drivers\snxpsamd.sys [2013-4-2 97144]
S0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-2-8 71480]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 WvPCR;WvPCR;C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Common\WvPCR.exe [2012-11-8 254384]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 LogReceiver;LogReceiver;C:\Program Files (x86)\Rockwell Software\RSLinx Enterprise\LogReceiver.exe [2012-12-27 82616]
S3 netvsc;netvsc;C:\Windows\System32\drivers\netvsc60.sys [2010-11-21 168448]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 SynthVid;SynthVid;C:\Windows\System32\drivers\VMBusVideoM.sys [2010-11-21 22528]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-5-16 1255736]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files (x86)\Microsoft SQL Server\100\Shared\sqladhlp.exe [2010-4-3 44896]
S4 SQLAgent$FTVIEWX64TAGDB;SQL Server Agent (FTVIEWX64TAGDB);C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.FTVIEWX64TAGDB\MSSQL\Binn\SQLAGENT.EXE [2010-4-3 367456]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2013-05-24 16:11:06--------d-----w-C:\Users\LMPC\AppData\Roaming\Malwarebytes
2013-05-24 16:11:0325928----a-w-C:\Windows\System32\drivers\mbam.sys
2013-05-24 16:11:03--------d-----w-C:\ProgramData\Malwarebytes
2013-05-24 16:11:03--------d-----w-C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-05-24 16:10:48--------d-----w-C:\Users\LMPC\AppData\Local\Programs
2013-05-23 21:41:36--------d-----w-C:\Users\LMPC\AppData\Roaming\AVG2013
2013-05-23 21:41:04--------d-----w-C:\Users\LMPC\AppData\Roaming\TuneUp Software
2013-05-23 21:41:0045856----a-w-C:\Windows\System32\drivers\avgtpx64.sys
2013-05-23 21:40:58--------d-----w-C:\Program Files (x86)\Common Files\AVG Secure Search
2013-05-23 21:40:58--------d-----w-C:\Program Files (x86)\AVG SafeGuard toolbar
2013-05-23 21:40:28--------d--h--w-C:\$AVG
2013-05-23 21:40:28--------d-----w-C:\ProgramData\AVG2013
2013-05-23 21:40:00--------d-----w-C:\Program Files (x86)\AVG
2013-05-23 21:34:49--------d--h--w-C:\ProgramData\Common Files
2013-05-23 21:34:49--------d-----w-C:\Users\LMPC\AppData\Local\MFAData
2013-05-23 21:34:49--------d-----w-C:\Users\LMPC\AppData\Local\Avg2013
2013-05-23 21:34:49--------d-----w-C:\ProgramData\MFAData
2013-05-23 20:05:32--------d-sh--w-C:\Windows\SysWow64\%APPDATA%
2013-05-23 16:45:45--------d-----w-C:\Program Files (x86)\SysInternals
2013-05-21 13:38:28--------d-----w-C:\Users\LMPC\AppData\Local\{0A01D529-A43A-494C-ADB5-0FB00DB3A468}
2013-05-21 07:50:409460464----a-w-C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E5FDA868-20D1-4AC8-B3D6-E7B9395A4BD1}\mpengine.dll
2013-05-21 01:38:17--------d-----w-C:\Users\LMPC\AppData\Local\{6B509808-A99C-4191-9A32-5C1E97FC35BF}
2013-05-20 21:26:12101376----a-w-C:\Windows\System32\Spool\prtprocs\x64\HPZPPWN7.DLL
2013-05-20 13:38:05--------d-----w-C:\Users\LMPC\AppData\Local\{CCB0FDFF-F3CF-4EEF-975C-02CAFD34D73A}
2013-05-20 01:37:54--------d-----w-C:\Users\LMPC\AppData\Local\{7F2BE1C7-4C61-4F83-8ECF-D4232EA35927}
2013-05-19 13:37:42--------d-----w-C:\Users\LMPC\AppData\Local\{FBFB7710-CE86-4666-9092-B856C673430F}
2013-05-19 01:37:31--------d-----w-C:\Users\LMPC\AppData\Local\{1A1966B7-8CD3-480F-B51F-3412E055187C}
2013-05-18 13:37:19--------d-----w-C:\Users\LMPC\AppData\Local\{05134FA1-DC8D-453C-A701-13B208FD5F52}
2013-05-18 01:37:08--------d-----w-C:\Users\LMPC\AppData\Local\{DE700F8B-0FEA-407F-9B23-30A868EFB2D0}
2013-05-17 13:36:56--------d-----w-C:\Users\LMPC\AppData\Local\{7F8999CA-0C50-441B-8347-4EF0692941CE}
2013-05-17 01:36:45--------d-----w-C:\Users\LMPC\AppData\Local\{C46AE467-4907-4855-9B9F-329A3A10AB24}
2013-05-16 21:50:13--------d-----w-C:\Program Files (x86)\Free SMTP Server
2013-05-16 13:36:21--------d-----w-C:\Users\LMPC\AppData\Local\{19EF95DD-3C46-4B23-9C53-CA090B4C8524}
2013-05-16 13:36:08--------d-----w-C:\Users\LMPC\AppData\Roaming\Windows Live Writer
2013-05-16 13:36:08--------d-----w-C:\Users\LMPC\AppData\Local\Windows Live Writer
2013-05-16 12:39:27--------d-----w-C:\Program Files (x86)\MSXML 4.0
2013-05-16 08:33:05--------d-----w-C:\Windows\SysWow64\Wat
2013-05-16 08:33:05--------d-----w-C:\Windows\System32\Wat
2013-05-16 08:11:579728----a-w-C:\Windows\System32\Wdfres.dll
2013-05-16 08:11:57785512----a-w-C:\Windows\System32\drivers\Wdf01000.sys
2013-05-16 08:11:5754376----a-w-C:\Windows\System32\drivers\WdfLdr.sys
2013-05-16 08:11:572560----a-w-C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2013-05-16 08:03:562382848----a-w-C:\Windows\SysWow64\mshtml.tlb
2013-05-16 08:03:562382848----a-w-C:\Windows\System32\mshtml.tlb
2013-05-16 08:03:1987040----a-w-C:\Windows\System32\drivers\WUDFPf.sys
2013-05-16 08:03:1984992----a-w-C:\Windows\System32\WUDFSvc.dll
2013-05-16 08:03:19744448----a-w-C:\Windows\System32\WUDFx.dll
2013-05-16 08:03:1945056----a-w-C:\Windows\System32\WUDFCoinstaller.dll
2013-05-16 08:03:19229888----a-w-C:\Windows\System32\WUDFHost.exe
2013-05-16 08:03:19198656----a-w-C:\Windows\System32\drivers\WUDFRd.sys
2013-05-16 08:03:19194048----a-w-C:\Windows\System32\WUDFPlatform.dll
2013-05-15 21:30:0790624----a-w-C:\Windows\System32\drivers\bowser.sys
2013-05-15 21:30:06983400----a-w-C:\Windows\System32\drivers\dxgkrnl.sys
2013-05-15 21:30:06265064----a-w-C:\Windows\System32\drivers\dxgmms1.sys
2013-05-15 21:30:06144384----a-w-C:\Windows\System32\cdd.dll
2013-05-15 21:30:053717632----a-w-C:\Windows\System32\mstscax.dll
2013-05-15 21:30:053217408----a-w-C:\Windows\SysWow64\mstscax.dll
2013-05-15 21:30:0444032----a-w-C:\Windows\System32\tsgqec.dll
2013-05-15 21:30:0436864----a-w-C:\Windows\SysWow64\tsgqec.dll
2013-05-15 21:30:04158720----a-w-C:\Windows\System32\aaclient.dll
2013-05-15 21:30:04131584----a-w-C:\Windows\SysWow64\aaclient.dll
2013-05-15 17:56:14886784----a-w-C:\Program Files\Common Files\System\wab32.dll
2013-05-15 17:56:14708608----a-w-C:\Program Files (x86)\Common Files\System\wab32.dll
2013-05-15 17:56:13142336----a-w-C:\Windows\System32\poqexec.exe
2013-05-15 17:56:13123904----a-w-C:\Windows\SysWow64\poqexec.exe
2013-05-15 17:56:12395776----a-w-C:\Windows\System32\webio.dll
2013-05-15 17:56:12314880----a-w-C:\Windows\SysWow64\webio.dll
2013-05-15 17:56:1019968----a-w-C:\Windows\System32\drivers\usb8023.sys
2013-05-15 17:56:097680----a-w-C:\Windows\SysWow64\instnm.exe
2013-05-15 17:56:095120----a-w-C:\Windows\SysWow64\wow32.dll
2013-05-15 17:56:0925600----a-w-C:\Windows\SysWow64\setup16.exe
2013-05-15 17:56:09215040----a-w-C:\Windows\System32\winsrv.dll
2013-05-15 17:56:092048----a-w-C:\Windows\SysWow64\user.exe
2013-05-15 17:56:0914336----a-w-C:\Windows\SysWow64\ntvdm64.dll
2013-05-15 17:55:50288088----a-w-C:\Windows\System32\drivers\FWPKCLNT.SYS
2013-05-15 17:55:501913192----a-w-C:\Windows\System32\drivers\tcpip.sys
2013-05-15 17:55:34503808----a-w-C:\Windows\System32\srcore.dll
2013-05-15 17:55:3443008----a-w-C:\Windows\SysWow64\srclient.dll
2013-05-15 17:53:079460464----a-w-C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2013-05-15 14:09:59--------d-----w-C:\Program Files (x86)\MSECache
2013-05-02 18:18:3886016----a-r-C:\Users\LMPC\AppData\Roaming\Microsoft\Windows\Templates\F\LGUTchkdl.dll
2013-05-02 18:18:384608----a-r-C:\Users\LMPC\AppData\Roaming\Microsoft\Windows\Templates\F\LGEUSBAutorun.dll
2013-05-01 21:57:35--------d-----w-C:\Users\LMPC\AppData\Local\Adobe
.
==================== Find3M ====================
.
2013-05-02 07:06:08278800------w-C:\Windows\System32\MpSigStub.exe
2013-04-13 05:49:23135168----a-w-C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49:19350208----a-w-C:\Windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49:19308736----a-w-C:\Windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49:19111104----a-w-C:\Windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45:16474624----a-w-C:\Windows\apppatch\AcSpecfc.dll
2013-04-13 04:45:152176512----a-w-C:\Windows\apppatch\AcGenral.dll
2013-04-12 14:45:081656680----a-w-C:\Windows\System32\drivers\ntfs.sys
2013-04-10 03:30:503153920----a-w-C:\Windows\System32\win32k.sys
2013-04-05 20:19:131488----a-w-C:\Windows\SysWow64\Rsvchost.reg
2013-04-05 20:19:131488----a-w-C:\Windows\SysWow64\RdcyReg.reg
2013-04-05 20:04:100----a-w-C:\Windows\invcol.tmp
2013-04-05 01:08:442312704----a-w-C:\Windows\System32\jscript9.dll
2013-04-05 01:00:301392128----a-w-C:\Windows\System32\wininet.dll
2013-04-05 00:59:241494528----a-w-C:\Windows\System32\inetcpl.cpl
2013-04-05 00:56:16173056----a-w-C:\Windows\System32\ieUnatt.exe
2013-04-05 00:55:47599040----a-w-C:\Windows\System32\vbscript.dll
2013-04-04 22:11:341800704----a-w-C:\Windows\SysWow64\jscript9.dll
2013-04-04 22:02:591427968----a-w-C:\Windows\SysWow64\inetcpl.cpl
2013-04-04 22:02:171129472----a-w-C:\Windows\SysWow64\wininet.dll
2013-04-04 21:58:51142848----a-w-C:\Windows\SysWow64\ieUnatt.exe
2013-04-04 21:57:45420864----a-w-C:\Windows\SysWow64\vbscript.dll
2013-04-02 11:04:5391648----a-w-C:\Windows\System32\SetIEInstalledDate.exe
2013-04-02 09:53:230----a-w-C:\Windows\ativpsrm.bin
2013-04-02 09:25:5573656----a-w-C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-04-02 09:25:55697272----a-w-C:\Windows\SysWow64\FlashPlayerApp.exe
2013-03-29 07:53:48246072----a-w-C:\Windows\System32\drivers\avgidsdrivera.sys
2013-03-21 08:08:24240952----a-w-C:\Windows\System32\drivers\avgtdia.sys
2013-03-19 06:04:065550424----a-w-C:\Windows\System32\ntoskrnl.exe
2013-03-19 05:53:5848640----a-w-C:\Windows\System32\wwanprotdim.dll
2013-03-19 05:53:58230400----a-w-C:\Windows\System32\wwansvc.dll
2013-03-19 05:46:5643520----a-w-C:\Windows\System32\csrsrv.dll
2013-03-19 05:04:133968856----a-w-C:\Windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04:103913560----a-w-C:\Windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47:506656----a-w-C:\Windows\SysWow64\apisetschema.dll
2013-03-19 03:06:33112640----a-w-C:\Windows\System32\smss.exe
2013-02-27 06:02:44111448----a-w-C:\Windows\System32\consent.exe
2013-02-27 05:48:001930752----a-w-C:\Windows\System32\authui.dll
2013-02-27 05:47:1070144----a-w-C:\Windows\System32\appinfo.dll
2013-02-27 04:49:241796096----a-w-C:\Windows\SysWow64\authui.dll
.
============= FINISH: 11:18:19.03 ===============
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 4/5/2013 3:00:50 PM
System Uptime: 5/23/2013 3:32:46 PM (20 hours ago)
.
Motherboard: Dell Inc. | | 0KRC95
Processor: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz | CPU 1 | 1568/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 451 GiB total, 399.102 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP24: 4/26/2013 3:42:15 PM - Scheduled Checkpoint
RP25: 5/14/2013 7:38:45 PM - Scheduled Checkpoint
RP26: 5/15/2013 9:11:00 AM - Installed Microsoft Access database engine 2010 (English)
RP27: 5/15/2013 12:52:43 PM - Windows Update
RP28: 5/16/2013 3:00:14 AM - Windows Update
RP29: 5/16/2013 7:38:54 AM - Windows Update
RP30: 5/17/2013 3:00:12 AM - Windows Update
RP31: 5/17/2013 7:42:13 AM - Windows Update
RP32: 5/18/2013 3:00:10 AM - Windows Update
RP34: 5/23/2013 3:15:14 PM - Windows Defender Checkpoint
RP35: 5/23/2013 4:39:45 PM - Installed AVG 2013
RP36: 5/23/2013 4:40:04 PM - Installed AVG 2013
.
==== Installed Programs ======================
.
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.7)
AMD APP SDK Runtime
AMD Catalyst Install Manager
AVG 2013
Catalyst Control Center
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
Catalyst Control Center Profiles Desktop
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Custom
D3DX10
Dell Backup and Recovery Manager
Dell Client System Update
Dell Data Protection | Access
Dell Edoc Viewer
DellAccess
EMBASSY Client Core
ERAS Connector
FactoryTalk Activation Manager 3.60.00 (CPR 9 SR 6)
FactoryTalk Alarms and Events 2.60.00 (CPR 9 SR 6)
FactoryTalk Diagnostics 2.60.00 (CPR 9 SR 6)
FactoryTalk Services Platform 2.60.00 (CPR 9 SR 6)
FactoryTalk View Site Edition Client 7.00.00
FactoryTalk® View Site Edition Client 7.00.00 (CPR 9 SR 6)
FactoryTalk® View Site Edition Server 7.00.00 (CPR 9 SR 6)
FactoryTalk® View Studio Enterprise 7.00.00 (CPR 9 SR 6)
Free SMTP Server
Gemalto
GemPcCCID
Intel(R) Control Center
Intel(R) Network Connections 17.3.63.0
Intel(R) Rapid Storage Technology
Intel(R) USB 3.0 eXtensible Host Controller Driver
Junk Mail filter update
Malwarebytes Anti-Malware version 1.75.0.1300
Mesh Runtime
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Access database engine 2010 (English)
Microsoft Application Error Reporting
Microsoft Office Home and Business 2013 - en-us
Microsoft Silverlight
Microsoft SkyDrive
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2008 R2
Microsoft SQL Server 2008 R2 Native Client
Microsoft SQL Server 2008 R2 RsFx Driver
Microsoft SQL Server 2008 R2 Setup (English)
Microsoft SQL Server 2008 Setup Support Files
Microsoft SQL Server Browser
Microsoft SQL Server Compact 4.0 x64 ENU
Microsoft SQL Server VSS Writer
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Office 15 Click-to-Run Extensibility Component
Office 15 Click-to-Run Licensing Component
Office 15 Click-to-Run Localization Component
PBA Driver
Preboot Manager
Private Information Manager
Realtek High Definition Audio Driver
Rockwell Automation Driver Package x64
Rockwell Windows Firewall Configuration Utility 1.00.06
RSLinx Classic 3.60.00 CPR 9 SR 6
RSLinx Enterprise 5.60.00 (CPR 9 SR 6)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
SI TSS
SPBA (WBF) 5.9
SQL Server 2008 R2 Common Files
SQL Server 2008 R2 Database Engine Services
SQL Server 2008 R2 Database Engine Shared
Sql Server Customer Experience Improvement Program
toolkit32for64bit
Trusted Drive Manager
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Visual Basic for Applications (R) Core
Visual Basic for Applications (R) Core - English
Visual Studio 2010 x64 Redistributables
Wave Crypto Runtime 2.0.9.0 x64
Wave Crypto Runtime 2.0.9.0 x86
Wave Infrastructure Installer
Wave Support Software Installer
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
.
==== Event Viewer Messages From Past Week ========
.
5/24/2013 10:45:02 AM, Error: Microsoft-Windows-TerminalServices-Printers [1111] - Driver Send To Microsoft OneNote 2010 Driver required for printer Send To OneNote 2010 is unknown. Contact the administrator to install the driver before you log in again.
5/24/2013 10:44:58 AM, Error: Microsoft-Windows-TerminalServices-Printers [1111] - Driver HP Officejet Pro 8600 required for printer HP Officejet Pro 8600 (Network) is unknown. Contact the administrator to install the driver before you log in again.
5/24/2013 10:44:56 AM, Error: Microsoft-Windows-TerminalServices-Printers [1111] - Driver Bullzip PDF Printer required for printer Bullzip PDF Printer is unknown. Contact the administrator to install the driver before you log in again.
5/24/2013 10:44:56 AM, Error: Microsoft-Windows-TerminalServices-Printers [1111] - Driver Adobe PDF Converter required for printer Adobe PDF is unknown. Contact the administrator to install the driver before you log in again.
5/24/2013 10:44:54 AM, Error: Microsoft-Windows-TerminalServices-Printers [1111] - Driver Fax - HP Officejet Pro 8600 required for printer Fax - HP Officejet Pro 8600 (Network) is unknown. Contact the administrator to install the driver before you log in again.
5/23/2013 5:19:08 PM, Error: TermDD [56] - The Terminal Server security layer detected an error in the protocol stream and has disconnected the client. Client IP: 68.96.134.205.
5/23/2013 5:11:18 PM, Error: Service Control Manager [7034] - The Application Information service terminated unexpectedly. It has done this 1 time(s).
5/23/2013 5:11:18 PM, Error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
5/23/2013 5:11:18 PM, Error: Service Control Manager [7031] - The User Profile Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
5/23/2013 5:11:18 PM, Error: Service Control Manager [7031] - The Themes service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
5/23/2013 5:11:18 PM, Error: Service Control Manager [7031] - The Task Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
5/23/2013 5:11:18 PM, Error: Service Control Manager [7031] - The System Event Notification Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
5/23/2013 5:11:18 PM, Error: Service Control Manager [7031] - The Shell Hardware Detection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
5/23/2013 5:11:18 PM, Error: Service Control Manager [7031] - The Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
5/23/2013 5:11:18 PM, Error: Service Control Manager [7031] - The Remote Desktop Configuration service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
5/23/2013 5:11:18 PM, Error: Service Control Manager [7031] - The Group Policy Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
5/23/2013 5:11:18 PM, Error: Service Control Manager [7031] - The Certificate Propagation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
5/23/2013 5:11:18 PM, Error: Service Control Manager [7031] - The Application Experience service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
5/23/2013 3:33:09 PM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.
5/23/2013 3:33:08 PM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.
5/23/2013 3:33:07 PM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.
5/23/2013 3:33:06 PM, Error: Service Control Manager [7001] - The WvPCR service depends on the TPM Base Services service which failed to start because of the following error: The operation completed successfully.
5/23/2013 3:33:06 PM, Error: Service Control Manager [7001] - The SI TSS v1.2.1.41 TCS service depends on the TPM Base Services service which failed to start because of the following error: The operation completed successfully.
5/23/2013 3:00:09 PM, Error: TermDD [56] - The Terminal Server security layer detected an error in the protocol stream and has disconnected the client. Client IP: 68.226.76.92.
5/23/2013 10:38:55 AM, Error: Service Control Manager [7031] - The Windows Font Cache Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
5/23/2013 10:38:55 AM, Error: Service Control Manager [7031] - The SSDP Discovery service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
5/22/2013 9:37:22 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {DAA085E0-F341-11CE-B4B5-C46F03C10000} and APPID {DAA085E0-F341-11CE-B4B5-C46F03C10000} to the user LMPC-PC\LMPC SID (S-1-5-21-1236341281-62204155-2792960718-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
5/22/2013 10:45:26 AM, Error: Service Control Manager [7034] - The EmbassyService service terminated unexpectedly. It has done this 1 time(s).
.
==== End Of File ===========================