Jump to content

hunts

Members
  • Posts

    4
  • Joined

  • Last visited

Posts posted by hunts

  1. ComboFix 12-07-10.01 - Rich 07/10/2012 8:07.1.4 - x86

    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3503.2416 [GMT -4:00]

    Running from: c:\users\Rich\Desktop\Virus Utilities\ComboFix.exe

    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    .

    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

    .

    .

    c:\program files\explorer

    c:\program files\explorer\AddressParser\AddressParserConfiguration.xml

    c:\program files\explorer\AddressParser\parser_andorra.xml

    c:\program files\explorer\AddressParser\parser_austria.xml

    c:\program files\explorer\AddressParser\parser_belgium.xml

    c:\program files\explorer\AddressParser\parser_canada.xml

    c:\program files\explorer\AddressParser\parser_denmark.xml

    c:\program files\explorer\AddressParser\parser_france.xml

    c:\program files\explorer\AddressParser\parser_germany.xml

    c:\program files\explorer\AddressParser\parser_ireland.xml

    c:\program files\explorer\AddressParser\parser_italy.xml

    c:\program files\explorer\AddressParser\parser_liechtenstein.xml

    c:\program files\explorer\AddressParser\parser_luxembourg.xml

    c:\program files\explorer\AddressParser\parser_monaco.xml

    c:\program files\explorer\AddressParser\parser_netherlands.xml

    c:\program files\explorer\AddressParser\parser_norway.xml

    c:\program files\explorer\AddressParser\parser_portugal.xml

    c:\program files\explorer\AddressParser\parser_spain.xml

    c:\program files\explorer\AddressParser\parser_sweden.xml

    c:\program files\explorer\AddressParser\parser_switzerland.xml

    c:\program files\explorer\AddressParser\parser_uk.xml

    c:\program files\explorer\AddressParser\parser_usa.xml

    c:\program files\explorer\basemaps\basemaps.de.xml

    c:\program files\explorer\basemaps\basemaps.es.xml

    c:\program files\explorer\basemaps\basemaps.fr.xml

    c:\program files\explorer\basemaps\basemaps.ja-jp.xml

    c:\program files\explorer\basemaps\basemaps.xml

    c:\program files\explorer\basemaps\basemaps.zh-CN.xml

    c:\program files\explorer\basemaps\Server\basemap0.nmf

    c:\program files\explorer\basemaps\Server\basemap0.png

    c:\program files\explorer\basemaps\Server\basemap1.nmf

    c:\program files\explorer\basemaps\Server\basemap1.png

    c:\program files\explorer\basemaps\Server\basemap10.nmf

    c:\program files\explorer\basemaps\Server\basemap10.png

    c:\program files\explorer\basemaps\Server\basemap11.nmf

    c:\program files\explorer\basemaps\Server\basemap11.png

    c:\program files\explorer\basemaps\Server\basemap2.nmf

    c:\program files\explorer\basemaps\Server\basemap2.png

    c:\program files\explorer\basemaps\Server\basemap3.nmf

    c:\program files\explorer\basemaps\Server\basemap3.png

    c:\program files\explorer\basemaps\Server\basemap4.nmf

    c:\program files\explorer\basemaps\Server\basemap4.png

    c:\program files\explorer\basemaps\Server\basemap5.nmf

    c:\program files\explorer\basemaps\Server\basemap5.png

    c:\program files\explorer\basemaps\Server\basemap6.nmf

    c:\program files\explorer\basemaps\Server\basemap6.png

    c:\program files\explorer\basemaps\Server\basemap7.nmf

    c:\program files\explorer\basemaps\Server\basemap7.png

    c:\program files\explorer\basemaps\Server\basemap8.nmf

    c:\program files\explorer\basemaps\Server\basemap8.png

    c:\program files\explorer\basemaps\Server\basemap9.nmf

    c:\program files\explorer\basemaps\Server\basemap9.png

    c:\program files\explorer\basemaps\Server\basemaps.de.xml

    c:\program files\explorer\basemaps\Server\basemaps.es.xml

    c:\program files\explorer\basemaps\Server\basemaps.fr.xml

    c:\program files\explorer\basemaps\Server\basemaps.ja-jp.xml

    c:\program files\explorer\basemaps\Server\basemaps.xml

    c:\program files\explorer\basemaps\Server\basemaps.zh-CN.xml

    c:\program files\explorer\bin\3dAnalystUtil.dll

    c:\program files\explorer\bin\3DSymbols.dll

    c:\program files\explorer\bin\3DSymbolsLib.dll

    c:\program files\explorer\bin\AfCore.dll

    c:\program files\explorer\bin\AfUtil.dll

    c:\program files\explorer\bin\AGSClient.dll

    c:\program files\explorer\bin\aibase.dll

    c:\program files\explorer\bin\aifeat.dll

    c:\program files\explorer\bin\AISClient.dll

    c:\program files\explorer\bin\AISGlobalLib.dll

    c:\program files\explorer\bin\aishape.dll

    c:\program files\explorer\bin\Animation.dll

    c:\program files\explorer\bin\AnnoLayer.dll

    c:\program files\explorer\bin\Annotation.dll

    c:\program files\explorer\bin\AnnotationLib.dll

    c:\program files\explorer\bin\AoInitializer.dll

    c:\program files\explorer\bin\AppInitializerLib.dll

    c:\program files\explorer\bin\ApplicationConfigurationManager.exe

    c:\program files\explorer\bin\ArcGISExplorer.ISCConfig

    c:\program files\explorer\bin\atl71.dll

    c:\program files\explorer\bin\BasemapLayer.dll

    c:\program files\explorer\bin\BasicRasterPicture.dll

    c:\program files\explorer\bin\BGLAPI.dll

    c:\program files\explorer\bin\BGLAPILib.dll

    c:\program files\explorer\bin\BGLFontEngine.dll

    c:\program files\explorer\bin\BGLGeomChestLib.dll

    c:\program files\explorer\bin\BGLGeometricEffects.dll

    c:\program files\explorer\bin\BGLImageCoders.dll

    c:\program files\explorer\bin\BGLRasterizerLib.dll

    c:\program files\explorer\bin\BGLRasterizerSW.dll

    c:\program files\explorer\bin\BGLSymbols.dll

    c:\program files\explorer\bin\BGLSymbolsLib.dll

    c:\program files\explorer\bin\BGLToGDIHelper.dll

    c:\program files\explorer\bin\bin.zreg

    c:\program files\explorer\bin\CacheRasterDB.dll

    c:\program files\explorer\bin\CadastralFabric.dll

    c:\program files\explorer\bin\CadastralFabricLayer.dll

    c:\program files\explorer\bin\CadEngine.dll

    c:\program files\explorer\bin\CadFDB.dll

    c:\program files\explorer\bin\CadLayer.dll

    c:\program files\explorer\bin\CadWorkspaceFactory.dll

    c:\program files\explorer\bin\Camera.dll

    c:\program files\explorer\bin\CartoControlsLib.dll

    c:\program files\explorer\bin\CartoConverter.dll

    c:\program files\explorer\bin\CartoXLib.dll

    c:\program files\explorer\bin\CIM.dll

    c:\program files\explorer\bin\CIMLib.dll

    c:\program files\explorer\bin\Color.dll

    c:\program files\explorer\bin\ComplexSymbols.dll

    c:\program files\explorer\bin\CompressedDataFile.dll

    c:\program files\explorer\bin\Configuration\CATID\esri.catid.ecfg

    c:\program files\explorer\bin\Configuration\CLSID\esri.clsid.ecfg

    c:\program files\explorer\bin\DADFLib.dll

    c:\program files\explorer\bin\DaeLib.dll

    c:\program files\explorer\bin\DataConverterLib.dll

    c:\program files\explorer\bin\dbghelp.dll

    c:\program files\explorer\bin\de\ApplicationConfigurationManager.resources.dll

    c:\program files\explorer\bin\de\DADFRes.dll

    c:\program files\explorer\bin\de\ESRI.ArcGISExplorer.Application.resources.dll

    c:\program files\explorer\bin\de\ESRI.ArcGISExplorer.MapCenter.resources.dll

    c:\program files\explorer\bin\de\ESRI.ArcGISExplorer.resources.dll

    c:\program files\explorer\bin\de\ResToolkitPro.dll

    c:\program files\explorer\bin\DECoreLib.dll

    c:\program files\explorer\bin\DFORRT.DLL

    c:\program files\explorer\bin\Display.dll

    c:\program files\explorer\bin\DisplayFeedback.dll

    c:\program files\explorer\bin\DisplayGraph.dll

    c:\program files\explorer\bin\DisplayLib.dll

    c:\program files\explorer\bin\DistributedGeodbLib.dll

    c:\program files\explorer\bin\DynamicDisplay.dll

    c:\program files\explorer\bin\e3.config.xml

    c:\program files\explorer\bin\E3.exe

    c:\program files\explorer\bin\E3.exe.config

    c:\program files\explorer\bin\E3Control.dll

    c:\program files\explorer\bin\E3EmailHelper.exe

    c:\program files\explorer\bin\EngineGraphics.dll

    c:\program files\explorer\bin\EnginePackager.dll

    c:\program files\explorer\bin\es\ApplicationConfigurationManager.resources.dll

    c:\program files\explorer\bin\es\DADFRes.dll

    c:\program files\explorer\bin\es\ESRI.ArcGISExplorer.Application.resources.dll

    c:\program files\explorer\bin\es\ESRI.ArcGISExplorer.MapCenter.resources.dll

    c:\program files\explorer\bin\es\ESRI.ArcGISExplorer.resources.dll

    c:\program files\explorer\bin\es\ResToolkitPro.dll

    c:\program files\explorer\bin\ESRI.ArcGIS.Utilities.Compression.dll

    c:\program files\explorer\bin\ESRI.ArcGISExplorer.Application.dll

    c:\program files\explorer\bin\ESRI.ArcGISExplorer.dll

    c:\program files\explorer\bin\ESRI.ArcGISExplorer.MapCenter.dll

    c:\program files\explorer\bin\ESRI.DADF.Core.dll

    c:\program files\explorer\bin\ESRI.DADF.dll

    c:\program files\explorer\bin\esrizip.exe

    c:\program files\explorer\bin\Export.dll

    c:\program files\explorer\bin\ExtTopoEngine.dll

    c:\program files\explorer\bin\FdaCore.dll

    c:\program files\explorer\bin\FdaCoreLib.dll

    c:\program files\explorer\bin\FdaRel.dll

    c:\program files\explorer\bin\FeatureDataConverter.dll

    c:\program files\explorer\bin\FeatureDataElements.dll

    c:\program files\explorer\bin\FeatureLayer.dll

    c:\program files\explorer\bin\FeatureLayerLib.dll

    c:\program files\explorer\bin\FgdbRasterDB.dll

    c:\program files\explorer\bin\FgdbUtilLib.dll

    c:\program files\explorer\bin\FileDataElements.dll

    c:\program files\explorer\bin\FileDBCoreLib.dll

    c:\program files\explorer\bin\FileGDB.dll

    c:\program files\explorer\bin\FileGDBWorkspaceFactory.dll

    c:\program files\explorer\bin\fr\ApplicationConfigurationManager.resources.dll

    c:\program files\explorer\bin\fr\DADFRes.dll

    c:\program files\explorer\bin\fr\ESRI.ArcGISExplorer.Application.resources.dll

    c:\program files\explorer\bin\fr\ESRI.ArcGISExplorer.MapCenter.resources.dll

    c:\program files\explorer\bin\fr\ESRI.ArcGISExplorer.resources.dll

    c:\program files\explorer\bin\fr\ResToolkitPro.dll

    c:\program files\explorer\bin\FunctionRasterDB.dll

    c:\program files\explorer\bin\gdal16.dll

    c:\program files\explorer\bin\GdalRasterDB.dll

    c:\program files\explorer\bin\GdbCatalog.dll

    c:\program files\explorer\bin\GdbCore.dll

    c:\program files\explorer\bin\GdbCoreLib.dll

    c:\program files\explorer\bin\GdbNet.dll

    c:\program files\explorer\bin\GdbTopo.dll

    c:\program files\explorer\bin\GeoDataExtraction.dll

    c:\program files\explorer\bin\GeoDataServer.dll

    c:\program files\explorer\bin\GeoDataTransfer.dll

    c:\program files\explorer\bin\Geometry.dll

    c:\program files\explorer\bin\GeoprocessingLib.dll

    c:\program files\explorer\bin\GeoProcessor.dll

    c:\program files\explorer\bin\GeoRSSPlugin.dll

    c:\program files\explorer\bin\glew32.dll

    c:\program files\explorer\bin\Globe.dll

    c:\program files\explorer\bin\GlobeCamera.dll

    c:\program files\explorer\bin\GlobeClient.dll

    c:\program files\explorer\bin\GlobeCoreLib.dll

    c:\program files\explorer\bin\GlobeDisplay.dll

    c:\program files\explorer\bin\GlobeLayers.dll

    c:\program files\explorer\bin\GlobeServer.dll

    c:\program files\explorer\bin\GlobeServerLayer.dll

    c:\program files\explorer\bin\GlobeViewerCoreLib.dll

    c:\program files\explorer\bin\GPClient.dll

    c:\program files\explorer\bin\GpObjects.dll

    c:\program files\explorer\bin\GpPythonCore.dll

    c:\program files\explorer\bin\GPRasterFunctions.dll

    c:\program files\explorer\bin\GraphicElements.dll

    c:\program files\explorer\bin\hd420m.dll

    c:\program files\explorer\bin\hdf5dll.dll

    c:\program files\explorer\bin\hm420m.dll

    c:\program files\explorer\bin\icudt40.dll

    c:\program files\explorer\bin\icuin40.dll

    c:\program files\explorer\bin\icuio40.dll

    c:\program files\explorer\bin\icule40.dll

    c:\program files\explorer\bin\icuuc40.dll

    c:\program files\explorer\bin\ImageAccessLib.dll

    c:\program files\explorer\bin\ImageClient.dll

    c:\program files\explorer\bin\ImageServer.dll

    c:\program files\explorer\bin\ImageServerLayer.dll

    c:\program files\explorer\bin\IMSConnector.dll

    c:\program files\explorer\bin\ImsFDB.dll

    c:\program files\explorer\bin\IMSLayer.dll

    c:\program files\explorer\bin\IMSLayerLib.dll

    c:\program files\explorer\bin\IMSServiceLib.dll

    c:\program files\explorer\bin\ImsWorkspaceFactory.dll

    c:\program files\explorer\bin\InMemoryWorkspaceFactory.dll

    c:\program files\explorer\bin\InputDevice3Dx.dll

    c:\program files\explorer\bin\ja-JP\ApplicationConfigurationManager.resources.dll

    c:\program files\explorer\bin\ja-JP\DADFRes.dll

    c:\program files\explorer\bin\ja-JP\ESRI.ArcGISExplorer.Application.resources.dll

    c:\program files\explorer\bin\ja-JP\ESRI.ArcGISExplorer.MapCenter.resources.dll

    c:\program files\explorer\bin\ja-JP\ESRI.ArcGISExplorer.resources.dll

    c:\program files\explorer\bin\ja-JP\ResToolkitPro.dll

    c:\program files\explorer\bin\kdu61.dll

    c:\program files\explorer\bin\KmlLayer.dll

    c:\program files\explorer\bin\LabelPlacement.dll

    c:\program files\explorer\bin\Layer.dll

    c:\program files\explorer\bin\LayerLib.dll

    c:\program files\explorer\bin\lcms117lib.dll

    c:\program files\explorer\bin\libcollada14dom21.dll

    c:\program files\explorer\bin\libcurl.dll

    c:\program files\explorer\bin\lti_dsdk_dll.dll

    c:\program files\explorer\bin\Map.dll

    c:\program files\explorer\bin\MapClient.dll

    c:\program files\explorer\bin\MapDB.dll

    c:\program files\explorer\bin\MapElements.dll

    c:\program files\explorer\bin\MaplexEngineLib.dll

    c:\program files\explorer\bin\MapLib.dll

    c:\program files\explorer\bin\MappingCore.dll

    c:\program files\explorer\bin\MappingCoreLib.dll

    c:\program files\explorer\bin\MappingServicesLib.dll

    c:\program files\explorer\bin\MapServer.dll

    c:\program files\explorer\bin\MapServerLayer.dll

    c:\program files\explorer\bin\Marker3DFile.dll

    c:\program files\explorer\bin\MessageSupport.dll

    c:\program files\explorer\bin\Microsoft.VC90.ATL\atl90.dll

    c:\program files\explorer\bin\Microsoft.VC90.ATL\Microsoft.VC90.ATL.manifest

    c:\program files\explorer\bin\Microsoft.VC90.CRT\Microsoft.VC90.CRT.manifest

    c:\program files\explorer\bin\Microsoft.VC90.CRT\msvcm90.dll

    c:\program files\explorer\bin\Microsoft.VC90.CRT\msvcp90.dll

    c:\program files\explorer\bin\Microsoft.VC90.CRT\msvcr90.dll

    c:\program files\explorer\bin\Microsoft.VC90.MFC\mfc90.dll

    c:\program files\explorer\bin\Microsoft.VC90.MFC\mfc90u.dll

    c:\program files\explorer\bin\Microsoft.VC90.MFC\mfcm90.dll

    c:\program files\explorer\bin\Microsoft.VC90.MFC\mfcm90u.dll

    c:\program files\explorer\bin\Microsoft.VC90.MFC\Microsoft.VC90.MFC.manifest

    c:\program files\explorer\bin\Microsoft.VC90.MFCLOC\MFC90CHS.dll

    c:\program files\explorer\bin\Microsoft.VC90.MFCLOC\MFC90CHT.dll

    c:\program files\explorer\bin\Microsoft.VC90.MFCLOC\MFC90DEU.dll

    c:\program files\explorer\bin\Microsoft.VC90.MFCLOC\MFC90ENU.dll

    c:\program files\explorer\bin\Microsoft.VC90.MFCLOC\MFC90ESN.dll

    c:\program files\explorer\bin\Microsoft.VC90.MFCLOC\MFC90ESP.dll

    c:\program files\explorer\bin\Microsoft.VC90.MFCLOC\MFC90FRA.dll

    c:\program files\explorer\bin\Microsoft.VC90.MFCLOC\MFC90ITA.dll

    c:\program files\explorer\bin\Microsoft.VC90.MFCLOC\MFC90JPN.dll

    c:\program files\explorer\bin\Microsoft.VC90.MFCLOC\MFC90KOR.dll

    c:\program files\explorer\bin\Microsoft.VC90.MFCLOC\Microsoft.VC90.MFCLOC.manifest

    c:\program files\explorer\bin\Microsoft.VC90.OPENMP\Microsoft.VC90.OpenMP.manifest

    c:\program files\explorer\bin\Microsoft.VC90.OPENMP\vcomp90.dll

    c:\program files\explorer\bin\MosaicDB.dll

    c:\program files\explorer\bin\msvcp71.dll

    c:\program files\explorer\bin\msvcr71.dll

    c:\program files\explorer\bin\Navigation.dll

    c:\program files\explorer\bin\NetEngine80.dll

    c:\program files\explorer\bin\Network.dll

    c:\program files\explorer\bin\NetworkAnalystSolvers.dll

    c:\program files\explorer\bin\NetworkDataset.dll

    c:\program files\explorer\bin\OGCClient.dll

    c:\program files\explorer\bin\OleFDB.dll

    c:\program files\explorer\bin\OutputLib.dll

    c:\program files\explorer\bin\PageLayout.dll

    c:\program files\explorer\bin\pe.dll

    c:\program files\explorer\bin\PlugInDataSource.dll

    c:\program files\explorer\bin\PlugInWorkspaceFactory.dll

    c:\program files\explorer\bin\PrintOut.dll

    c:\program files\explorer\bin\RasterAnalysisUtilLib.dll

    c:\program files\explorer\bin\RasterCatalog.dll

    c:\program files\explorer\bin\RasterCoreLib.dll

    c:\program files\explorer\bin\RasterDB.dll

    c:\program files\explorer\bin\RasterEngine.dll

    c:\program files\explorer\bin\RasterFormats.dat

    c:\program files\explorer\bin\RasterGraphicElements.dll

    c:\program files\explorer\bin\RasterIO.dll

    c:\program files\explorer\bin\RasterLayer.dll

    c:\program files\explorer\bin\RasterRenderer.dll

    c:\program files\explorer\bin\RasterWorkspaceFactory.dll

    c:\program files\explorer\bin\Renderers.dll

    c:\program files\explorer\bin\RepresentationDB.dll

    c:\program files\explorer\bin\RepresentationEffects.dll

    c:\program files\explorer\bin\RepresentationLayer.dll

    c:\program files\explorer\bin\RepresentationLib.dll

    c:\program files\explorer\bin\RepresentationSymbols.dll

    c:\program files\explorer\bin\SceneFilters.dll

    c:\program files\explorer\bin\SceneGraph.dll

    c:\program files\explorer\bin\sdcdbx.dll

    c:\program files\explorer\bin\SDCPlugIn.dll

    c:\program files\explorer\bin\sde.dll

    c:\program files\explorer\bin\SdeFDB.dll

    c:\program files\explorer\bin\SdeRasterDB.dll

    c:\program files\explorer\bin\sdesetup.dll

    c:\program files\explorer\bin\SdeWorkspaceFactory.dll

    c:\program files\explorer\bin\ServerStyleGallery.dll

    c:\program files\explorer\bin\sg.dll

    c:\program files\explorer\bin\ShapefileFDB.dll

    c:\program files\explorer\bin\ShapefileWorkspaceFactory.dll

    c:\program files\explorer\bin\SimpleDataConverter.dll

    c:\program files\explorer\bin\StyleGalleryClasses.dll

    c:\program files\explorer\bin\SystemUIUtil.dll

    c:\program files\explorer\bin\Terrain.dll

    c:\program files\explorer\bin\TerrainLayer.dll

    c:\program files\explorer\bin\TextFileWorkspaceFactory.dll

    c:\program files\explorer\bin\TextureCookerService.exe

    c:\program files\explorer\bin\TinDb.dll

    c:\program files\explorer\bin\TinEngine.dll

    c:\program files\explorer\bin\TinLayer.dll

    c:\program files\explorer\bin\TinRenderer.dll

    c:\program files\explorer\bin\TinWorkspaceFactory.dll

    c:\program files\explorer\bin\ViewerCoreLib.dll

    c:\program files\explorer\bin\VpfFDB.dll

    c:\program files\explorer\bin\VpfWorkspaceFactory.dll

    c:\program files\explorer\bin\WebServices.dll

    c:\program files\explorer\bin\WMSLayer.dll

    c:\program files\explorer\bin\xerces-c_2_7.dll

    c:\program files\explorer\bin\XmlSupport.dat

    c:\program files\explorer\bin\XMLSupport.dll

    c:\program files\explorer\bin\XYEvents.dll

    c:\program files\explorer\bin\zh-CN\applicationconfigurationmanager.resources.dll

    c:\program files\explorer\bin\zh-CN\DADFRes.dll

    c:\program files\explorer\bin\zh-CN\ESRI.ArcGISExplorer.Application.resources.dll

    c:\program files\explorer\bin\zh-CN\ESRI.ArcGISExplorer.MapCenter.resources.dll

    c:\program files\explorer\bin\zh-CN\ESRI.ArcGISExplorer.resources.dll

    c:\program files\explorer\bin\zh-CN\ResToolkitPro.dll

    c:\program files\explorer\bin\zlib1.dll

    c:\program files\explorer\bin\zlibwapi.dll

    c:\program files\explorer\ColorProfiles\esriGray22.icc

    c:\program files\explorer\ColorProfiles\Lab2Lab.icm

    c:\program files\explorer\ColorProfiles\sRGB_IEC61966-2-1_noBPC.icc

    c:\program files\explorer\ColorProfiles\USWebCoatedSWOP.icc

    c:\program files\explorer\ColorProfiles\Xyz2Xyz.icm

    c:\program files\explorer\com\com.zreg

    c:\program files\explorer\com\esriE3.olb

    c:\program files\explorer\license\ExplorerEnglishLicense.pdf

    c:\program files\explorer\license\ExplorerFrenchLicense.pdf

    c:\program files\explorer\license\ExplorerGermanLicense.pdf

    c:\program files\explorer\license\ExplorerJapaneseLicense.pdf

    c:\program files\explorer\license\ExplorerSimplChineseLicense.pdf

    c:\program files\explorer\license\ExplorerSpanishLicense.pdf

    c:\program files\explorer\PackageTemplates\ArcGISExplorer.stylesheet

    c:\program files\explorer\PackageTemplates\Package931.template

    c:\program files\explorer\pedata\gdaldata\coordinate_axis.csv

    c:\program files\explorer\pedata\gdaldata\cubewerx_extra.wkt

    c:\program files\explorer\pedata\gdaldata\ecw_cs.dat

    c:\program files\explorer\pedata\gdaldata\ellipsoid.csv

    c:\program files\explorer\pedata\gdaldata\epsg.wkt

    c:\program files\explorer\pedata\gdaldata\esri_extra.wkt

    c:\program files\explorer\pedata\gdaldata\gcs.csv

    c:\program files\explorer\pedata\gdaldata\gdal_datum.csv

    c:\program files\explorer\pedata\gdaldata\gdalicon.png

    c:\program files\explorer\pedata\gdaldata\pcs.csv

    c:\program files\explorer\pedata\gdaldata\prime_meridian.csv

    c:\program files\explorer\pedata\gdaldata\projop_wparm.csv

    c:\program files\explorer\pedata\gdaldata\s57attributes.csv

    c:\program files\explorer\pedata\gdaldata\s57expectedinput.csv

    c:\program files\explorer\pedata\gdaldata\s57objectclasses.csv

    c:\program files\explorer\pedata\gdaldata\seed_2d.dgn

    c:\program files\explorer\pedata\gdaldata\seed_3d.dgn

    c:\program files\explorer\pedata\gdaldata\stateplane.csv

    c:\program files\explorer\pedata\gdaldata\unit_of_measure.csv

    c:\program files\explorer\plugins\explorerCore.ecfg

    c:\program files\explorer\schemas\ExplorerAddIn.xsd

    c:\program files\explorer\schemas\ExplorerGeometry.xsd

    c:\program files\explorer\schemas\NmfDocument.xsd

    c:\program files\explorer\Styles\default.css

    c:\program files\explorer\Styles\Directions\CheckeredFlag16.png

    c:\program files\explorer\Styles\Directions\GreenFlag16.png

    c:\program files\explorer\Styles\Directions\Print16.png

    c:\program files\explorer\Styles\ExplorerColors.de.xml

    c:\program files\explorer\Styles\ExplorerColors.es.xml

    c:\program files\explorer\Styles\ExplorerColors.fr.xml

    c:\program files\explorer\Styles\ExplorerColors.ja-JP.xml

    c:\program files\explorer\Styles\ExplorerColors.xml

    c:\program files\explorer\Styles\ExplorerColors.zh-CN.xml

    c:\program files\explorer\Styles\ExplorerSymbols.de.xml

    c:\program files\explorer\Styles\ExplorerSymbols.es.xml

    c:\program files\explorer\Styles\ExplorerSymbols.fr.xml

    c:\program files\explorer\Styles\ExplorerSymbols.ja-JP.xml

    c:\program files\explorer\Styles\ExplorerSymbols.xml

    c:\program files\explorer\Styles\ExplorerSymbols.zh-CN.xml

    c:\program files\explorer\Styles\kml.css

    c:\program files\explorer\Styles\KMLIcons\american-flag.png

    c:\program files\explorer\Styles\KMLIcons\arrow.png

    c:\program files\explorer\Styles\KMLIcons\asian-flag.png

    c:\program files\explorer\Styles\KMLIcons\auto-service.png

    c:\program files\explorer\Styles\KMLIcons\auto.png

    c:\program files\explorer\Styles\KMLIcons\bang.png

    c:\program files\explorer\Styles\KMLIcons\bars.png

    c:\program files\explorer\Styles\KMLIcons\building.png

    c:\program files\explorer\Styles\KMLIcons\coffee_house_16.png

    c:\program files\explorer\Styles\KMLIcons\crosshair.png

    c:\program files\explorer\Styles\KMLIcons\dining.png

    c:\program files\explorer\Styles\KMLIcons\dining_16.png

    c:\program files\explorer\Styles\KMLIcons\dot.png

    c:\program files\explorer\Styles\KMLIcons\fast-food.png

    c:\program files\explorer\Styles\KMLIcons\four-dollars.png

    c:\program files\explorer\Styles\KMLIcons\french-flag.png

    c:\program files\explorer\Styles\KMLIcons\hand.png

    c:\program files\explorer\Styles\KMLIcons\high_res_places.png

    c:\program files\explorer\Styles\KMLIcons\highway_16.png

    c:\program files\explorer\Styles\KMLIcons\italian-flag.png

    c:\program files\explorer\Styles\KMLIcons\large_traffic_count_16.png

    c:\program files\explorer\Styles\KMLIcons\mexican-flag.png

    c:\program files\explorer\Styles\KMLIcons\misc_dining.png

    c:\program files\explorer\Styles\KMLIcons\note.png

    c:\program files\explorer\Styles\KMLIcons\one-dollar.png

    c:\program files\explorer\Styles\KMLIcons\palette-2.png

    c:\program files\explorer\Styles\KMLIcons\palette-3.png

    c:\program files\explorer\Styles\KMLIcons\palette-4.png

    c:\program files\explorer\Styles\KMLIcons\palette-5.png

    c:\program files\explorer\Styles\KMLIcons\parks.png

    c:\program files\explorer\Styles\KMLIcons\recreation.png

    c:\program files\explorer\Styles\KMLIcons\school_16.png

    c:\program files\explorer\Styles\KMLIcons\search.png

    c:\program files\explorer\Styles\KMLIcons\streamed_layer.png

    c:\program files\explorer\Styles\KMLIcons\streamed_layers.png

    c:\program files\explorer\Styles\KMLIcons\terrain_16.png

    c:\program files\explorer\Styles\KMLIcons\three-dollars.png

    c:\program files\explorer\Styles\KMLIcons\transportation.png

    c:\program files\explorer\Styles\KMLIcons\two-dollars.png

    c:\program files\explorer\Styles\KMLIcons\webcam_16.png

    c:\program files\explorer\Styles\SlideTitleStyles.de.xml

    c:\program files\explorer\Styles\SlideTitleStyles.es.xml

    c:\program files\explorer\Styles\SlideTitleStyles.fr.xml

    c:\program files\explorer\Styles\SlideTitleStyles.ja-JP.xml

    c:\program files\explorer\Styles\SlideTitleStyles.xml

    c:\program files\explorer\Styles\SlideTitleStyles.zh-CN.xml

    c:\program files\explorer\Styles\StyleSheet.xsl

    c:\program files\explorer\Styles\SymbolImages\Civic\ATM.png

    c:\program files\explorer\Styles\SymbolImages\Civic\Bank.png

    c:\program files\explorer\Styles\SymbolImages\Civic\Bell.png

    c:\program files\explorer\Styles\SymbolImages\Civic\Cemetery.png

    c:\program files\explorer\Styles\SymbolImages\Civic\City.png

    c:\program files\explorer\Styles\SymbolImages\Civic\Clue.png

    c:\program files\explorer\Styles\SymbolImages\Civic\Crowd.png

    c:\program files\explorer\Styles\SymbolImages\Civic\GhostTown.png

    c:\program files\explorer\Styles\SymbolImages\Civic\Horn.png

    c:\program files\explorer\Styles\SymbolImages\Civic\Housing.png

    c:\program files\explorer\Styles\SymbolImages\Civic\MailPost.png

    c:\program files\explorer\Styles\SymbolImages\Civic\Office.png

    c:\program files\explorer\Styles\SymbolImages\Civic\Radioactive.png

    c:\program files\explorer\Styles\SymbolImages\Civic\School.png

    c:\program files\explorer\Styles\SymbolImages\Civic\StarsStripes.png

    c:\program files\explorer\Styles\SymbolImages\Flag\CheckeredFlag.png

    c:\program files\explorer\Styles\SymbolImages\Flag\GreenFlag.png

    c:\program files\explorer\Styles\SymbolImages\Flag\RedFlag.png

    c:\program files\explorer\Styles\SymbolImages\Flag\WhiteFlag.png

    c:\program files\explorer\Styles\SymbolImages\Flag\YellowFlag.png

    c:\program files\explorer\Styles\SymbolImages\Health\AidStation.png

    c:\program files\explorer\Styles\SymbolImages\Health\Ambulance.png

    c:\program files\explorer\Styles\SymbolImages\Health\Doctor.png

    c:\program files\explorer\Styles\SymbolImages\Health\Health.png

    c:\program files\explorer\Styles\SymbolImages\Health\Hospital.png

    c:\program files\explorer\Styles\SymbolImages\Health\Pharmacy.png

    c:\program files\explorer\Styles\SymbolImages\Marine\AmberBeacon.png

    c:\program files\explorer\Styles\SymbolImages\Marine\BlackBeacon.png

    c:\program files\explorer\Styles\SymbolImages\Marine\BlueBeacon.png

    c:\program files\explorer\Styles\SymbolImages\Marine\BoatsKeepOut.png

    c:\program files\explorer\Styles\SymbolImages\Marine\ControlledArea.png

    c:\program files\explorer\Styles\SymbolImages\Marine\Danger.png

    c:\program files\explorer\Styles\SymbolImages\Marine\DiverDown.png

    c:\program files\explorer\Styles\SymbolImages\Marine\GreenBeacon.png

    c:\program files\explorer\Styles\SymbolImages\Marine\GreenDiamondDaymark.png

    c:\program files\explorer\Styles\SymbolImages\Marine\GreenRedBeacon.png

    c:\program files\explorer\Styles\SymbolImages\Marine\GreenSquareDaymark.png

    c:\program files\explorer\Styles\SymbolImages\Marine\GreenWhiteBeacon.png

    c:\program files\explorer\Styles\SymbolImages\Marine\OrangeBeacon.png

    c:\program files\explorer\Styles\SymbolImages\Marine\PersonOverboard.png

    c:\program files\explorer\Styles\SymbolImages\Marine\RadioBeacon.png

    c:\program files\explorer\Styles\SymbolImages\Marine\RedBeacon.png

    c:\program files\explorer\Styles\SymbolImages\Marine\RedDiamondDaymark.png

    c:\program files\explorer\Styles\SymbolImages\Marine\RedGreenBeacon.png

    c:\program files\explorer\Styles\SymbolImages\Marine\RedSquareDaymark.png

    c:\program files\explorer\Styles\SymbolImages\Marine\RedTriangleDaymark.png

    c:\program files\explorer\Styles\SymbolImages\Marine\RedWhiteBeacon.png

    c:\program files\explorer\Styles\SymbolImages\Marine\SkullandCrossbones.png

    c:\program files\explorer\Styles\SymbolImages\Marine\UnderwaterOperations.png

    c:\program files\explorer\Styles\SymbolImages\Marine\VioletBeacon.png

    c:\program files\explorer\Styles\SymbolImages\Marine\WhiteBeacon.png

    c:\program files\explorer\Styles\SymbolImages\Marine\WhiteDiamondDaymark.png

    c:\program files\explorer\Styles\SymbolImages\Marine\WhiteGreenBeacon.png

    c:\program files\explorer\Styles\SymbolImages\Marine\WhiteRedBeacon.png

    c:\program files\explorer\Styles\SymbolImages\Marine\Wreck.png

    c:\program files\explorer\Styles\SymbolImages\Placemark\ArrowYellow.png

    c:\program files\explorer\Styles\SymbolImages\Placemark\Capital1.png

    c:\program files\explorer\Styles\SymbolImages\Placemark\Capital2.png

    c:\program files\explorer\Styles\SymbolImages\Placemark\CircleX.png

    c:\program files\explorer\Styles\SymbolImages\Placemark\CrossHair.png

    c:\program files\explorer\Styles\SymbolImages\Placemark\Populated1.png

    c:\program files\explorer\Styles\SymbolImages\Placemark\Populated2.png

    c:\program files\explorer\Styles\SymbolImages\Placemark\Populated3.png

    c:\program files\explorer\Styles\SymbolImages\Placemark\Populated4.png

    c:\program files\explorer\Styles\SymbolImages\Placemark\Populated5.png

    c:\program files\explorer\Styles\SymbolImages\Placemark\Populated6.png

    c:\program files\explorer\Styles\SymbolImages\Placemark\Populated7.png

    c:\program files\explorer\Styles\SymbolImages\Placemark\Star.png

    c:\program files\explorer\Styles\SymbolImages\Points of Interest\AmusementPark.png

    c:\program files\explorer\Styles\SymbolImages\Points of Interest\Bar.png

    c:\program files\explorer\Styles\SymbolImages\Points of Interest\Camera.png

    c:\program files\explorer\Styles\SymbolImages\Points of Interest\CameraWeb.png

    c:\program files\explorer\Styles\SymbolImages\Points of Interest\CellPhone.png

    c:\program files\explorer\Styles\SymbolImages\Points of Interest\Coffee.png

    c:\program files\explorer\Styles\SymbolImages\Points of Interest\Dam.png

    c:\program files\explorer\Styles\SymbolImages\Points of Interest\DepartmentStore.png

    c:\program files\explorer\Styles\SymbolImages\Points of Interest\Dining.png

    c:\program files\explorer\Styles\SymbolImages\Points of Interest\DrinkingWater.png

    c:\program files\explorer\Styles\SymbolImages\Points of Interest\FastFood.png

    c:\program files\explorer\Styles\SymbolImages\Points of Interest\FitnessCenter.png

    c:\program files\explorer\Styles\SymbolImages\Points of Interest\Forest.png

    c:\program files\explorer\Styles\SymbolImages\Points of Interest\Globe.png

    c:\program files\explorer\Styles\SymbolImages\Points of Interest\Information.png

    c:\program files\explorer\Styles\SymbolImages\Points of Interest\InformationQuestion.png

    c:\program files\explorer\Styles\SymbolImages\Points of Interest\LandLine.png

    c:\program files\explorer\Styles\SymbolImages\Points of Interest\Light.png

    c:\program files\explorer\Styles\SymbolImages\Points of Interest\LiveShow.png

    c:\program files\explorer\Styles\SymbolImages\Points of Interest\Mine.png

    c:\program files\explorer\Styles\SymbolImages\Points of Interest\MovieTheater.png

    c:\program files\explorer\Styles\SymbolImages\Points of Interest\Museum.png

    c:\program files\explorer\Styles\SymbolImages\Points of Interest\News.png

    c:\program files\explorer\Styles\SymbolImages\Points of Interest\Note.png

    c:\program files\explorer\Styles\SymbolImages\Points of Interest\OilWell.png

    c:\program files\explorer\Styles\SymbolImages\Points of Interest\Pizza.png

    c:\program files\explorer\Styles\SymbolImages\Points of Interest\Pub.png

    c:\program files\explorer\Styles\SymbolImages\Points of Interest\Question.png

    c:\program files\explorer\Styles\SymbolImages\Points of Interest\RealEstate.png

    c:\program files\explorer\Styles\SymbolImages\Points of Interest\Reservoir.png

    c:\program files\explorer\Styles\SymbolImages\Points of Interest\Restroom.png

    c:\program files\explorer\Styles\SymbolImages\Points of Interest\Shopping.png

    c:\program files\explorer\Styles\SymbolImages\Points of Interest\Shower.png

    c:\program files\explorer\Styles\SymbolImages\Points of Interest\Stadium.png

    c:\program files\explorer\Styles\SymbolImages\Points of Interest\TowerShort.png

    c:\program files\explorer\Styles\SymbolImages\Points of Interest\TowerTall.png

    c:\program files\explorer\Styles\SymbolImages\Points of Interest\Zoo.png

    c:\program files\explorer\Styles\SymbolImages\Public Safety\Burglary.png

    c:\program files\explorer\Styles\SymbolImages\Public Safety\FireFighter.png

    c:\program files\explorer\Styles\SymbolImages\Public Safety\FireStation.png

    c:\program files\explorer\Styles\SymbolImages\Public Safety\FireTruck.png

    c:\program files\explorer\Styles\SymbolImages\Public Safety\Homicide.png

    c:\program files\explorer\Styles\SymbolImages\Public Safety\Police.png

    c:\program files\explorer\Styles\SymbolImages\Public Safety\PoliceCar.png

    c:\program files\explorer\Styles\SymbolImages\Public Safety\PoliceOfficer.png

    c:\program files\explorer\Styles\SymbolImages\Public Safety\PoliceStation.png

    c:\program files\explorer\Styles\SymbolImages\Public Safety\Theft.png

    c:\program files\explorer\Styles\SymbolImages\Pushpin\BlackPushpin.png

    c:\program files\explorer\Styles\SymbolImages\Pushpin\BluePushpin.png

    c:\program files\explorer\Styles\SymbolImages\Pushpin\BrownPushpin.png

    c:\program files\explorer\Styles\SymbolImages\Pushpin\GrayPushpin.png

    c:\program files\explorer\Styles\SymbolImages\Pushpin\GreenPushpin.png

    c:\program files\explorer\Styles\SymbolImages\Pushpin\LightBluePushpin.png

    c:\program files\explorer\Styles\SymbolImages\Pushpin\OrangePushpin.png

    c:\program files\explorer\Styles\SymbolImages\Pushpin\PinkPushpin.png

    c:\program files\explorer\Styles\SymbolImages\Pushpin\PurplePushpin.png

    c:\program files\explorer\Styles\SymbolImages\Pushpin\RedPushpin.png

    c:\program files\explorer\Styles\SymbolImages\Pushpin\SpringGreenPushpin.png

    c:\program files\explorer\Styles\SymbolImages\Pushpin\WhitePushpin.png

    c:\program files\explorer\Styles\SymbolImages\Pushpin\YellowPushpin.png

    c:\program files\explorer\Styles\SymbolImages\Recreation\Beach.png

    c:\program files\explorer\Styles\SymbolImages\Recreation\BoatLaunch.png

    c:\program files\explorer\Styles\SymbolImages\Recreation\Bowling.png

    c:\program files\explorer\Styles\SymbolImages\Recreation\Camping.png

    c:\program files\explorer\Styles\SymbolImages\Recreation\Deer.png

    c:\program files\explorer\Styles\SymbolImages\Recreation\Fishing.png

    c:\program files\explorer\Styles\SymbolImages\Recreation\Geocache.png

    c:\program files\explorer\Styles\SymbolImages\Recreation\GeocacheFound.png

    c:\program files\explorer\Styles\SymbolImages\Recreation\Gliding.png

    c:\program files\explorer\Styles\SymbolImages\Recreation\Golf.png

    c:\program files\explorer\Styles\SymbolImages\Recreation\Hiking.png

    c:\program files\explorer\Styles\SymbolImages\Recreation\Mountain.png

    c:\program files\explorer\Styles\SymbolImages\Recreation\Park.png

    c:\program files\explorer\Styles\SymbolImages\Recreation\RestArea.png

    c:\program files\explorer\Styles\SymbolImages\Recreation\RVPark.png

    c:\program files\explorer\Styles\SymbolImages\Recreation\SkyDiving.png

    c:\program files\explorer\Styles\SymbolImages\Recreation\Sports.png

    c:\program files\explorer\Styles\SymbolImages\Recreation\Swimming.png

    c:\program files\explorer\Styles\SymbolImages\Recreation\TrackBack.png

    c:\program files\explorer\Styles\SymbolImages\Recreation\WaterSkiing.png

    c:\program files\explorer\Styles\SymbolImages\Sphere\BlueSphere.png

    c:\program files\explorer\Styles\SymbolImages\Sphere\GreenSphere.png

    c:\program files\explorer\Styles\SymbolImages\Sphere\OrangeSphere.png

    c:\program files\explorer\Styles\SymbolImages\Sphere\PurpleSphere.png

    c:\program files\explorer\Styles\SymbolImages\Sphere\RedSphere.png

    c:\program files\explorer\Styles\SymbolImages\Sphere\YellowSphere.png

    c:\program files\explorer\Styles\SymbolImages\Square\BlackWaypoint.png

    c:\program files\explorer\Styles\SymbolImages\Square\BlueWaypoint.png

    c:\program files\explorer\Styles\SymbolImages\Square\WhiteWaypoint.png

    c:\program files\explorer\Styles\SymbolImages\Stickpin\BlackStickpin.png

    c:\program files\explorer\Styles\SymbolImages\Stickpin\BlueStickpin.png

    c:\program files\explorer\Styles\SymbolImages\Stickpin\BrownStickpin.png

    c:\program files\explorer\Styles\SymbolImages\Stickpin\GrayStickpin.png

    c:\program files\explorer\Styles\SymbolImages\Stickpin\GreenStickpin.png

    c:\program files\explorer\Styles\SymbolImages\Stickpin\LightBlueStickpin.png

    c:\program files\explorer\Styles\SymbolImages\Stickpin\OrangeStickpin.png

    c:\program files\explorer\Styles\SymbolImages\Stickpin\PinkStickpin.png

    c:\program files\explorer\Styles\SymbolImages\Stickpin\PurpleStickpin.png

    c:\program files\explorer\Styles\SymbolImages\Stickpin\RedStickpin.png

    c:\program files\explorer\Styles\SymbolImages\Stickpin\SpringGreenStickpin.png

    c:\program files\explorer\Styles\SymbolImages\Stickpin\WhiteStickpin.png

    c:\program files\explorer\Styles\SymbolImages\Stickpin\YellowStickpin.png

    c:\program files\explorer\Styles\SymbolImages\Transparent\Transparent.png

    c:\program files\explorer\Styles\SymbolImages\Transportation\Airplane.png

    c:\program files\explorer\Styles\SymbolImages\Transportation\AirStrip.png

    c:\program files\explorer\Styles\SymbolImages\Transportation\Breakdown.png

    c:\program files\explorer\Styles\SymbolImages\Transportation\Bus.png

    c:\program files\explorer\Styles\SymbolImages\Transportation\CarGreenBack.png

    c:\program files\explorer\Styles\SymbolImages\Transportation\CarGreenFront.png

    c:\program files\explorer\Styles\SymbolImages\Transportation\CarRedBack.png

    c:\program files\explorer\Styles\SymbolImages\Transportation\CarRedFront.png

    c:\program files\explorer\Styles\SymbolImages\Transportation\CarRental.png

    c:\program files\explorer\Styles\SymbolImages\Transportation\CarRepair.png

    c:\program files\explorer\Styles\SymbolImages\Transportation\CarYellowBack.png

    c:\program files\explorer\Styles\SymbolImages\Transportation\CarYellowFront.png

    c:\program files\explorer\Styles\SymbolImages\Transportation\ConvenienceStore.png

    c:\program files\explorer\Styles\SymbolImages\Transportation\Crossing.png

    c:\program files\explorer\Styles\SymbolImages\Transportation\Fuel.png

    c:\program files\explorer\Styles\SymbolImages\Transportation\HelicopterGreen.png

    c:\program files\explorer\Styles\SymbolImages\Transportation\HelicopterRed.png

    c:\program files\explorer\Styles\SymbolImages\Transportation\HelicopterYellow.png

    c:\program files\explorer\Styles\SymbolImages\Transportation\Landingpad.png

    c:\program files\explorer\Styles\SymbolImages\Transportation\Lodging.png

    c:\program files\explorer\Styles\SymbolImages\Transportation\MileMarker.png

    c:\program files\explorer\Styles\SymbolImages\Transportation\MountainPass.png

    c:\program files\explorer\Styles\SymbolImages\Transportation\Overpass.png

    c:\program files\explorer\Styles\SymbolImages\Transportation\Parking.png

    c:\program files\explorer\Styles\SymbolImages\Transportation\PrivateField.png

    c:\program files\explorer\Styles\SymbolImages\Transportation\RoadClosure.png

    c:\program files\explorer\Styles\SymbolImages\Transportation\RoadWork.png

    c:\program files\explorer\Styles\SymbolImages\Transportation\Sailing.png

    c:\program files\explorer\Styles\SymbolImages\Transportation\Scales.png

    c:\program files\explorer\Styles\SymbolImages\Transportation\Seaplane.png

    c:\program files\explorer\Styles\SymbolImages\Transportation\Tank.png

    c:\program files\explorer\Styles\SymbolImages\Transportation\Toll.png

    c:\program files\explorer\Styles\SymbolImages\Transportation\TrafficAccident.png

    c:\program files\explorer\Styles\SymbolImages\Transportation\Tunnel.png

    c:\program files\explorer\Styles\SymbolImages\Transportation\Ultralight.png

    c:\program files\explorer\Styles\SymbolImages\Transportation\WarningRed.png

    c:\program files\explorer\Styles\SymbolImages\Transportation\WarningYellow.png

    c:\program files\explorer\Styles\SymbolImages\Transportation\YellowSemiTractor.png

    c:\program files\explorer\Styles\SymbolImages\Weather\Cloudy.png

    c:\program files\explorer\Styles\SymbolImages\Weather\HeatAdvisory.png

    c:\program files\explorer\Styles\SymbolImages\Weather\Lightning.png

    c:\program files\explorer\Styles\SymbolImages\Weather\PartlySunny.png

    c:\program files\explorer\Styles\SymbolImages\Weather\Rain.png

    c:\program files\explorer\Styles\SymbolImages\Weather\Snow.png

    c:\program files\explorer\Styles\SymbolImages\Weather\Sunny.png

    c:\program files\explorer\Styles\Template.ncfg

    c:\program files\explorer\TilingSchemes\ArcGIS_Online_Bing_Maps_Google_Maps.xml

    c:\program files\explorer\TilingSchemes\GoogleMapsVersions.xml

    c:\program files\explorer\TilingSchemes\Yahoo.xml

    c:\users\Public\Lightroom_4_LS11.exe

    c:\users\Rich\g2mdlhlpx.exe

    c:\windows\assembly\GAC\Desktop.ini

    D:\Autorun.inf

    .

    Infected copy of c:\windows\system32\Services.exe was found and disinfected

    Restored copy from - c:\windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe

    .

    .

    ((((((((((((((((((((((((( Files Created from 2012-06-10 to 2012-07-10 )))))))))))))))))))))))))))))))

    .

    .

    2012-07-10 12:16 . 2012-07-10 12:16 -------- d-----w- c:\users\Default\AppData\Local\temp

    2012-07-09 19:30 . 2012-07-09 19:30 -------- d-----w- C:\_OTL

    2012-07-07 17:12 . 2012-07-07 17:12 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

    2012-07-06 22:32 . 2012-04-28 03:17 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys

    2012-07-06 22:32 . 2012-04-07 11:26 2342400 ----a-w- c:\windows\system32\msi.dll

    2012-07-06 22:32 . 2012-05-15 01:05 2343936 ----a-w- c:\windows\system32\win32k.sys

    2012-07-06 22:31 . 2012-05-01 04:44 164352 ----a-w- c:\windows\system32\profsvc.dll

    2012-07-06 22:31 . 2012-04-24 04:36 140288 ----a-w- c:\windows\system32\cryptsvc.dll

    2012-07-06 22:31 . 2012-04-24 04:36 1158656 ----a-w- c:\windows\system32\crypt32.dll

    2012-07-06 22:31 . 2012-04-24 04:36 103936 ----a-w- c:\windows\system32\cryptnet.dll

    2012-07-06 22:29 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe

    2012-07-06 22:29 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll

    2012-07-06 22:29 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll

    2012-07-06 22:29 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll

    2012-07-06 22:29 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll

    2012-07-06 22:29 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll

    2012-07-06 22:29 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll

    2012-07-06 22:28 . 2012-06-02 19:19 171904 ----a-w- c:\windows\system32\wuwebv.dll

    2012-07-06 22:28 . 2012-06-02 19:12 33792 ----a-w- c:\windows\system32\wuapp.exe

    2012-07-06 22:21 . 2012-07-06 22:21 -------- d-----w- C:\TDSSKiller_Quarantine

    2012-07-05 21:59 . 2012-07-05 21:59 -------- d-----w- c:\program files\ESET

    2012-07-03 23:10 . 2012-07-03 23:10 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

    2012-07-03 23:10 . 2012-04-04 19:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys

    2012-07-03 22:30 . 2012-07-03 22:30 -------- d-sh--w- c:\windows\system32\%APPDATA%

    2012-06-26 09:10 . 2012-06-18 07:14 6762896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C18E7156-8E6B-492B-A744-92DFD4179302}\mpengine.dll

    2012-06-19 18:40 . 2012-06-19 18:40 -------- d-----w- c:\users\Rich\AppData\Roaming\SUPERAntiSpyware.com

    2012-06-19 18:40 . 2012-06-25 19:20 -------- d-----w- c:\program files\SUPERAntiSpyware

    2012-06-19 18:40 . 2012-06-19 18:40 -------- d-----w- c:\programdata\SUPERAntiSpyware.com

    2012-06-13 07:00 . 2012-04-26 04:45 58880 ----a-w- c:\windows\system32\rdpwsx.dll

    2012-06-13 07:00 . 2012-04-26 04:45 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll

    2012-06-13 07:00 . 2012-04-26 04:41 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe

    2012-06-10 21:06 . 2000-03-07 03:00 278581 ----a-w- c:\windows\system32\temp.010

    2012-06-10 21:06 . 1999-10-27 04:00 995383 ----a-w- c:\windows\system32\temp.00F

    2012-06-10 21:06 . 1998-06-17 03:00 77878 ----a-w- c:\windows\system32\temp.011

    2012-06-10 21:05 . 2006-08-31 19:56 1208320 ----a-w- c:\windows\system32\spr32d70.dll

    2012-06-10 21:04 . 1996-04-14 16:55 14336 ----a-w- c:\windows\system32\WEBDIAL.EXE

    .

    .

    .

    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    2012-07-10 12:18 . 2011-06-22 23:08 17488 ----a-w- c:\windows\gdrv.sys

    2012-06-05 01:49 . 2012-06-05 01:49 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe

    2012-06-05 01:49 . 2011-06-22 23:12 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

    2012-05-21 18:26 . 2012-05-21 18:26 10 ----a-w- c:\windows\Fonts\wfonts.key

    .

    .

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    .

    *Note* empty entries & legit default entries are not shown

    REGEDIT4

    .

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{c20391ee-b6fd-4a35-9f1b-2892dda5b107}]

    2010-11-20 21:29 297808 ----a-w- c:\windows\System32\mscoree.dll

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

    "{a011d643-4a67-4934-a775-46139847d7f2}"= "mscoree.dll" [2010-11-20 297808]

    .

    [HKEY_CLASSES_ROOT\clsid\{a011d643-4a67-4934-a775-46139847d7f2}]

    [HKEY_CLASSES_ROOT\tGBandObj.tGBandObjClass]

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

    2011-02-18 05:12 94208 ----a-w- c:\users\Rich\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

    2011-02-18 05:12 94208 ----a-w- c:\users\Rich\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

    2011-02-18 05:12 94208 ----a-w- c:\users\Rich\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]

    @="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"

    [HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]

    2012-03-19 20:29 365648 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]

    @="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"

    [HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]

    2012-03-19 20:29 365648 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]

    @="{A759AFF6-5851-457D-A540-F4ECED148351}"

    [HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]

    2012-03-19 20:29 365648 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]

    @="{1574C9EF-7D58-488F-B358-8B78C1538F51}"

    [HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]

    2012-03-19 20:29 365648 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

    "RPMKickstart"="c:\program files\GIGABYTE\SMART6\Recovery\RPMKickstart.exe" [2010-08-24 1750528]

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

    "ConsentPromptBehaviorAdmin"= 5 (0x5)

    "ConsentPromptBehaviorUser"= 3 (0x3)

    "EnableUIADesktopToggle"= 0 (0x0)

    .

    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

    "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]

    2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]

    2011-06-17 07:33 66328 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll

    .

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

    Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u msoidssp

    .

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

    @=""

    .

    [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]

    path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk

    backup=c:\windows\pss\Adobe Gamma Loader.lnk.CommonStartup

    backupExtension=.CommonStartup

    .

    [HKLM\~\startupfolder\C:^Users^Rich^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]

    path=c:\users\Rich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

    backup=c:\windows\pss\Dropbox.lnk.Startup

    backupExtension=.Startup

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]

    2012-04-04 05:53 815512 ----a-w- c:\program files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher]

    2012-04-04 05:53 36760 ----a-w- c:\program files\Adobe\Acrobat 10.0\Acrobat\acrobat_sl.exe

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Synchronizer]

    2012-04-04 05:54 1261472 ----a-w- c:\program files\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

    2012-01-03 07:37 843712 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]

    2011-03-30 12:46 499608 ------w- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5.5ServiceManager]

    2011-01-12 11:08 1523360 ----a-w- c:\program files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApplePhotoStreams]

    2012-02-24 07:29 59240 ----a-w- c:\program files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]

    2012-02-21 01:28 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]

    2010-03-13 18:54 91520 ----a-w- c:\program files\Microsoft Office\Office14\BCSSync.exe

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ConnectionCenter]

    2010-05-12 21:03 300472 ----a-w- c:\program files\Citrix\ICA Client\concentr.exe

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager]

    2010-10-12 18:56 979328 ----a-w- c:\program files\Epson Software\Event Manager\EEventManager.exe

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EvtMgr6]

    2011-06-23 23:44 1386776 ----a-w- c:\program files\Logitech\SetPointP\SetPoint.exe

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]

    2011-03-26 05:29 176664 ----a-w- c:\windows\System32\hkcmd.exe

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iCloudServices]

    2012-02-23 16:22 59240 ----a-w- c:\program files\Common Files\Apple\Internet Services\iCloudServices.exe

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]

    2011-03-26 05:30 143384 ----a-w- c:\windows\System32\igfxtray.exe

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

    2011-12-08 06:36 421736 ----a-w- c:\program files\iTunes\iTunesHelper.exe

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Download Assistant]

    2010-11-04 01:50 1246544 ----a-w- c:\windows\System32\LogiLDA.DLL

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MobileDocuments]

    2012-02-23 16:30 59240 ----a-w- c:\program files\Common Files\Apple\Internet Services\ubd.exe

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]

    2011-03-26 05:30 178200 ----a-w- c:\windows\System32\igfxpers.exe

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

    2011-10-24 19:28 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]

    2011-02-11 06:06 10025576 ------w- c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]

    2010-11-20 21:29 1174016 ----a-w- c:\program files\Windows Sidebar\sidebar.exe

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SugarSync]

    2012-03-19 20:32 9413712 ----a-w- c:\program files\SugarSync\SugarSyncManager.exe

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

    2011-06-09 18:06 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]

    2012-05-21 20:38 3905920 ----a-w- c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]

    2010-02-19 17:37 517096 ----a-w- c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

    .

    R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe [x]

    R3 GVTDrv;GVTDrv;c:\windows\system32\Drivers\GVTDrv.sys [x]

    R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [x]

    R3 MRV6X32U;Marvell TOPDOG 802.11n WLAN Driver for Vista x86 (USB8x);c:\windows\system32\DRIVERS\WN111.sys [x]

    R3 Mrvleap;MARVELL EAP Driver;c:\windows\system32\DRIVERS\mrveap32.sys [x]

    R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [x]

    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

    R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]

    R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

    R4 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [x]

    R4 AdobeActiveFileMonitor;Adobe Active File Monitor;c:\program files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe [x]

    R4 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]

    R4 EPSON_PM_RPCV4_05;EPSON V3 Service4(05);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_JT50RP.EXE [x]

    R4 EpsonCustomerParticipation;EpsonCustomerParticipation;c:\program files\EPSON\EpsonCustomerParticipation\EPCP.exe [x]

    R4 FlipShareServer;FlipShare Server;c:\program files\Flip Video\FlipShareServer\FlipShareServer.exe [x]

    R4 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x]

    R4 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [x]

    R4 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [x]

    R4 PhotoshopElementsDeviceConnect;Photoshop Elements Device Connect;c:\program files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe [x]

    R4 Smart TimeLock;Smart TimeLock Service;c:\program files\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [x]

    R4 SwitchBoard;Adobe SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]

    R4 UNS;Intel® Management and Security Application User Notification Service;c:\program files\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]

    S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys [x]

    S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [x]

    S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [x]

    S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]

    S2 msoidsvc;Microsoft Online Services Sign-in Assistant;c:\program files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE [x]

    S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys [x]

    S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys [x]

    S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]

    S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\Drivers\LEqdUsb.Sys [x]

    S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\Drivers\LHidEqd.Sys [x]

    S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]

    S3 MEI;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECI.sys [x]

    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]

    .

    .

    --- Other Services/Drivers In Memory ---

    .

    *NewlyCreated* - WS2IFSL

    .

    Contents of the 'Scheduled Tasks' folder

    .

    2012-07-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

    - c:\program files\Google\Update\GoogleUpdate.exe [2011-06-27 13:10]

    .

    2012-07-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

    - c:\program files\Google\Update\GoogleUpdate.exe [2011-06-27 13:10]

    .

    .

    ------- Supplementary Scan -------

    .

    uStart Page = hxxp://www.google.com/

    uInternet Settings,ProxyOverride = *.local

    IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

    IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

    IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

    IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

    IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000

    IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105

    Trusted Zone: intuit.com\ttlc

    TCP: DhcpNameServer = 192.168.1.1

    .

    - - - - ORPHANS REMOVED - - - -

    .

    HKCU-Run-AdobeBridge - (no file)

    MSConfigStartUp-Google Update - c:\users\Rich\AppData\Local\Google\Update\GoogleUpdate.exe

    MSConfigStartUp-swg - c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

    .

    .

    .

    --------------------- LOCKED REGISTRY KEYS ---------------------

    .

    [HKEY_USERS\S-1-5-21-2541698021-2910038252-4145046732-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.download\UserChoice]

    @Denied: (2) (S-1-5-21-2541698021-2910038252-4145046732-1000)

    @Denied: (2) (LocalSystem)

    "Progid"="SafariDownload"

    .

    [HKEY_USERS\S-1-5-21-2541698021-2910038252-4145046732-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]

    @Denied: (2) (S-1-5-21-2541698021-2910038252-4145046732-1000)

    @Denied: (2) (LocalSystem)

    "Progid"="ChromeHTML"

    .

    [HKEY_USERS\S-1-5-21-2541698021-2910038252-4145046732-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]

    @Denied: (2) (S-1-5-21-2541698021-2910038252-4145046732-1000)

    @Denied: (2) (LocalSystem)

    "Progid"="ChromeHTML"

    .

    [HKEY_USERS\S-1-5-21-2541698021-2910038252-4145046732-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.safariextz\UserChoice]

    @Denied: (2) (S-1-5-21-2541698021-2910038252-4145046732-1000)

    @Denied: (2) (LocalSystem)

    "Progid"="SafariExtension"

    .

    [HKEY_USERS\S-1-5-21-2541698021-2910038252-4145046732-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]

    @Denied: (2) (S-1-5-21-2541698021-2910038252-4145046732-1000)

    @Denied: (2) (LocalSystem)

    "Progid"="ChromeHTML"

    .

    [HKEY_USERS\S-1-5-21-2541698021-2910038252-4145046732-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.svg\UserChoice]

    @Denied: (2) (S-1-5-21-2541698021-2910038252-4145046732-1000)

    @Denied: (2) (LocalSystem)

    "Progid"="SafariHTML"

    .

    [HKEY_USERS\S-1-5-21-2541698021-2910038252-4145046732-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.webarchive\UserChoice]

    @Denied: (2) (S-1-5-21-2541698021-2910038252-4145046732-1000)

    @Denied: (2) (LocalSystem)

    "Progid"="SafariHTML"

    .

    [HKEY_USERS\S-1-5-21-2541698021-2910038252-4145046732-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]

    @Denied: (2) (S-1-5-21-2541698021-2910038252-4145046732-1000)

    @Denied: (2) (LocalSystem)

    "Progid"="ChromeHTML"

    .

    [HKEY_USERS\S-1-5-21-2541698021-2910038252-4145046732-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]

    @Denied: (2) (S-1-5-21-2541698021-2910038252-4145046732-1000)

    @Denied: (2) (LocalSystem)

    "Progid"="ChromeHTML"

    .

    [HKEY_USERS\S-1-5-21-2541698021-2910038252-4145046732-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\UserChoice]

    @Denied: (2) (S-1-5-21-2541698021-2910038252-4145046732-1000)

    @Denied: (2) (LocalSystem)

    "Progid"="SafariHTML"

    .

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

    @Denied: (Full) (Everyone)

    .

    --------------------- DLLs Loaded Under Running Processes ---------------------

    .

    - - - - - - - > 'Explorer.exe'(2716)

    c:\users\Rich\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

    c:\program files\SugarSync\SugarSyncShellExt.dll

    .

    ------------------------ Other Running Processes ------------------------

    .

    c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

    c:\windows\system32\taskhost.exe

    c:\program files\Bonjour\mDNSResponder.exe

    c:\windows\system32\msiexec.exe

    c:\program files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSvcm.exe

    c:\windows\system32\WUDFHost.exe

    c:\windows\system32\conhost.exe

    c:\windows\System32\rundll32.exe

    c:\program files\GIGABYTE\SMART6\Recovery\RPMDaemon.exe

    c:\windows\system32\sppsvc.exe

    c:\program files\Windows Media Player\wmpnetwk.exe

    c:\\?\c:\windows\system32\wbem\WMIADAP.EXE

    .

    **************************************************************************

    .

    Completion time: 2012-07-10 08:25:39 - machine was rebooted

    ComboFix-quarantined-files.txt 2012-07-10 12:25

    .

    Pre-Run: 56,901,214,208 bytes free

    Post-Run: 57,503,571,968 bytes free

    .

    - - End Of File - - 06A7E47BBCD6F57304D3F8FC465180E8

  2. OTL Fix log as requested:

    All processes killed

    ========== OTL ==========

    C:\Windows\Installer\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}\U\80000000.@ moved successfully.

    C:\Windows\Installer\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}\U\00000008.@ moved successfully.

    C:\Windows\Installer\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}\U\80000032.@ moved successfully.

    C:\Windows\Installer\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}\U\00000004.@ moved successfully.

    C:\Windows\Installer\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}\L\00000004.@ moved successfully.

    C:\Windows\Installer\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}\U\000000cb.@ moved successfully.

    C:\Windows\System32\config\systemprofile\AppData\Local\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}\@ moved successfully.

    C:\Windows\Installer\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}\@ moved successfully.

    ========== FILES ==========

    C:\Windows\Installer\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}\U folder moved successfully.

    C:\Windows\Installer\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}\L folder moved successfully.

    Folder move failed. C:\Windows\Installer\{ff24043d-55f8-5ce9-a20a-8337d9b4b888} scheduled to be moved on reboot.

    C:\Windows\System32\config\systemprofile\AppData\Local\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}\U folder moved successfully.

    C:\Windows\System32\config\systemprofile\AppData\Local\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}\L folder moved successfully.

    C:\Windows\System32\config\systemprofile\AppData\Local\{ff24043d-55f8-5ce9-a20a-8337d9b4b888} folder moved successfully.

    < ipconfig /flushdns /c >

    Windows IP Configuration

    Successfully flushed the DNS Resolver Cache.

    C:\Users\Rich\Desktop\cmd.bat deleted successfully.

    C:\Users\Rich\Desktop\cmd.txt deleted successfully.

    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: Default

    ->Temp folder emptied: 0 bytes

    ->Temporary Internet Files folder emptied: 0 bytes

    ->Flash cache emptied: 56475 bytes

    User: Default User

    ->Temp folder emptied: 0 bytes

    ->Temporary Internet Files folder emptied: 0 bytes

    ->Flash cache emptied: 0 bytes

    User: Public

    User: Rich

    ->Temp folder emptied: 1521663944 bytes

    ->Temporary Internet Files folder emptied: 330027303 bytes

    ->Java cache emptied: 11081663 bytes

    ->Apple Safari cache emptied: 60134400 bytes

    ->Flash cache emptied: 57673 bytes

    %systemdrive% .tmp files removed: 0 bytes

    %systemroot% .tmp files removed: 0 bytes

    %systemroot%\System32 .tmp files removed: 0 bytes

    %systemroot%\System32\drivers .tmp files removed: 0 bytes

    Windows Temp folder emptied: 678450936 bytes

    %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes

    RecycleBin emptied: 651630195 bytes

    Total Files Cleaned = 3,102.00 mb

    Restore point Set: OTL Restore Point

    OTL by OldTimer - Version 3.2.53.1 log created on 07092012_153056

    Files\Folders moved on Reboot...

    C:\Windows\Installer\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}\U folder moved successfully.

    C:\Windows\Installer\{ff24043d-55f8-5ce9-a20a-8337d9b4b888} folder moved successfully.

    PendingFileRenameOperations files...

    File C:\Windows\Installer\{ff24043d-55f8-5ce9-a20a-8337d9b4b888} not found!

    Registry entries deleted on Reboot...

  3. Here's the files requested:

    OTL logfile created on: 7/7/2012 9:58:39 AM - Run 1

    OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\Rich\Desktop

    Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

    Internet Explorer (Version = 9.0.8112.16421)

    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    3.42 Gb Total Physical Memory | 1.74 Gb Available Physical Memory | 50.79% Memory free

    6.84 Gb Paging File | 5.09 Gb Available in Paging File | 74.40% Paging File free

    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

    Drive C: | 224.38 Gb Total Space | 59.72 Gb Free Space | 26.62% Space Free | Partition Type: NTFS

    Drive D: | 8.49 Gb Total Space | 0.42 Gb Free Space | 5.00% Space Free | Partition Type: FAT32

    Unable to calculate disk information.

    Computer Name: GIGABYTEGAZ68 | User Name: Rich | Logged in as Administrator.

    Boot Mode: Normal | Scan Mode: All users

    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2012/07/07 09:42:46 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Rich\Desktop\OTL.exe

    PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

    PRC - [2012/04/04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

    PRC - [2012/02/20 21:28:54 | 000,014,184 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe

    PRC - [2012/02/20 21:28:32 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe

    PRC - [2011/11/10 18:19:40 | 002,388,848 | ---- | M] (Apple Inc.) -- C:\Program Files\Safari\Safari.exe

    PRC - [2011/06/24 00:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe

    PRC - [2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

    PRC - [2010/11/20 17:29:19 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe

    PRC - [2010/08/12 14:38:58 | 001,841,504 | ---- | M] (Gigabyte Technology CO.) -- C:\Program Files\GIGABYTE\SMART6\Recovery\RPMDaemon.exe

    ========== Modules (No Company Name) ==========

    MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

    MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

    MOD - [2010/11/20 17:29:12 | 000,232,448 | ---- | M] () -- \\.\globalroot\systemroot\system32\mswsock.dll

    ========== Win32 Services (SafeList) ==========

    SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

    SRV - [2012/01/03 09:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)

    SRV - [2011/08/25 17:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)

    SRV - [2011/08/11 19:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Disabled | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)

    SRV - [2011/07/06 18:50:50 | 001,044,816 | ---- | M] (Flexera Software, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)

    SRV - [2011/06/23 08:42:31 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)

    SRV - [2011/06/17 03:33:46 | 000,295,192 | ---- | M] (Logitech, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)

    SRV - [2011/06/09 14:01:00 | 000,521,600 | ---- | M] (SEIKO EPSON CORPORATION) [Disabled | Stopped] -- C:\Program Files\epson\EpsonCustomerParticipation\EPCP.exe -- (EpsonCustomerParticipation)

    SRV - [2011/05/06 13:07:18 | 000,460,144 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Flip Video\FlipShare\FlipShareService.exe -- (FlipShare Service)

    SRV - [2011/05/06 12:58:52 | 001,085,440 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Flip Video\FlipShareServer\FlipShareServer.exe -- (FlipShareServer)

    SRV - [2011/04/24 19:00:00 | 000,130,944 | ---- | M] (SEIKO EPSON CORPORATION) [Disabled | Stopped] -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_JT50RP.EXE -- (EPSON_PM_RPCV4_05) EPSON V3 Service4(05)

    SRV - [2010/10/05 21:04:12 | 002,655,768 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®

    SRV - [2010/10/05 21:04:08 | 000,325,656 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®

    SRV - [2010/08/23 20:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)

    SRV - [2010/04/06 16:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\System32\AppleChargerSrv.exe -- (AppleChargerSrv)

    SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)

    SRV - [2009/10/13 16:39:46 | 000,114,688 | ---- | M] (Gigabyte Technology CO., LTD.) [Disabled | Stopped] -- C:\Program Files\GIGABYTE\SMART6\timelock\TimeMgmtDaemon.exe -- (Smart TimeLock)

    SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)

    SRV - [2004/10/04 04:47:04 | 000,098,304 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor)

    SRV - [2004/10/04 03:40:50 | 000,118,784 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe -- (PhotoshopElementsDeviceConnect)

    ========== Driver Services (SafeList) ==========

    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\WN111.sys -- (MRV6X32U) Marvell TOPDOG 802.11n WLAN Driver for Vista x86 (USB8x)

    DRV - [2012/07/07 09:25:34 | 000,017,488 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\gdrv.sys -- (gdrv)

    DRV - [2012/04/04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)

    DRV - [2011/07/22 12:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)

    DRV - [2011/07/12 17:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)

    DRV - [2011/06/23 08:51:34 | 000,024,944 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\GVTDrv.sys -- (GVTDrv)

    DRV - [2011/04/30 08:00:18 | 000,039,064 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)

    DRV - [2011/04/30 08:00:06 | 000,042,648 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LEqdUsb.sys -- (LEqdUsb)

    DRV - [2011/04/30 08:00:06 | 000,041,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)

    DRV - [2011/04/30 08:00:06 | 000,012,184 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidEqd.sys -- (LHidEqd)

    DRV - [2011/03/07 05:22:00 | 000,052,992 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\EtronXHCI.sys -- (EtronXHCI)

    DRV - [2011/03/07 05:22:00 | 000,033,152 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\EtronHub3.sys -- (EtronHub3)

    DRV - [2011/01/10 18:16:16 | 000,018,544 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AppleCharger.sys -- (AppleCharger)

    DRV - [2010/12/18 13:42:00 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)

    DRV - [2010/12/18 13:42:00 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)

    DRV - [2010/11/20 17:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)

    DRV - [2010/11/20 17:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)

    DRV - [2010/11/20 17:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)

    DRV - [2010/10/14 12:27:18 | 000,269,824 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcDAud.sys -- (IntcDAud) Intel®

    DRV - [2010/09/21 09:59:02 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (MEI) Intel®

    DRV - [2007/09/11 03:23:46 | 000,015,360 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mrveap32.sys -- (Mrvleap)

    ========== Standard Registry (SafeList) ==========

    ========== Internet Explorer ==========

    IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}

    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

    IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7'>http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-21-2541698021-2910038252-4145046732-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/

    IE - HKU\S-1-5-21-2541698021-2910038252-4145046732-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp

    IE - HKU\S-1-5-21-2541698021-2910038252-4145046732-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US

    IE - HKU\S-1-5-21-2541698021-2910038252-4145046732-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 99 0C 81 64 31 31 CC 01 [binary data]

    IE - HKU\S-1-5-21-2541698021-2910038252-4145046732-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}

    IE - HKU\S-1-5-21-2541698021-2910038252-4145046732-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7'>http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGHP_enUS438

    IE - HKU\S-1-5-21-2541698021-2910038252-4145046732-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-21-2541698021-2910038252-4145046732-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

    ========== FireFox ==========

    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()

    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found

    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

    FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

    FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)

    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

    FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)

    FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)

    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

    FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)

    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012/06/05 00:15:36 | 000,000,000 | ---D | M]

    O1 HOSTS File: ([2009/06/10 17:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

    O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

    O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

    O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

    O2 - BHO: (WeCareReminder Class) - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll (We-Care.com)

    O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

    O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

    O3 - HKU\S-1-5-21-2541698021-2910038252-4145046732-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.

    O3 - HKU\S-1-5-21-2541698021-2910038252-4145046732-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

    O4 - HKLM..\Run: [] File not found

    O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

    O4 - HKU\S-1-5-21-2541698021-2910038252-4145046732-1000..\Run: [AdobeBridge] File not found

    O4 - HKLM..\RunOnce: [RPMKickstart] C:\Program Files\GIGABYTE\SMART6\Recovery\RPMKickstart.exe (Gigabyte Technology CO., LTD.)

    O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)

    O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)

    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

    O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)

    O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

    O8 - Extra context menu item: Append to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

    O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

    O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

    O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)

    O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

    O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

    O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

    O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)

    O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)

    O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

    O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Bonjour\mdnsNSP.dll File not found

    O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Bonjour\mdnsNSP.dll File not found

    O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Bonjour\mdnsNSP.dll File not found

    O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Bonjour\mdnsNSP.dll File not found

    O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Bonjour\mdnsNSP.dll File not found

    O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Bonjour\mdnsNSP.dll File not found

    O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Bonjour\mdnsNSP.dll File not found

    O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Bonjour\mdnsNSP.dll File not found

    O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Bonjour\mdnsNSP.dll File not found

    O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Bonjour\mdnsNSP.dll File not found

    O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Bonjour\mdnsNSP.dll File not found

    O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Bonjour\mdnsNSP.dll File not found

    O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Bonjour\mdnsNSP.dll File not found

    O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Bonjour\mdnsNSP.dll File not found

    O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Bonjour\mdnsNSP.dll File not found

    O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\Bonjour\mdnsNSP.dll File not found

    O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Bonjour\mdnsNSP.dll File not found

    O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\Bonjour\mdnsNSP.dll File not found

    O13 - gopher Prefix: missing

    O15 - HKU\S-1-5-21-2541698021-2910038252-4145046732-1000\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)

    O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.6.0.cab (DLM Control)

    O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} http://www.nationalgeomatica.com/mgaxctrl.cab (Autodesk MapGuide ActiveX Control)

    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)

    O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)

    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)

    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{877155DC-C721-4C11-81CE-8E40FE96C4E1}: DhcpNameServer = 192.168.1.1

    O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

    O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

    O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)

    O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)

    O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

    O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)

    O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)

    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

    O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)

    O30 - LSA: Security Packages - (msoidssp) - C:\Windows\System32\msoidssp.dll (Microsoft Corp.)

    O32 - HKLM CDRom: AutoRun - 1

    O32 - AutoRun File - [2011/05/20 16:05:51 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]

    O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

    O32 - AutoRun File - [2001/07/27 15:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]

    O32 - AutoRun File - [2004/04/30 07:01:14 | 000,000,053 | -HS- | M] () - D:\Autorun.inf -- [ FAT32 ]

    O33 - MountPoints2\E\Shell - "" = AutoRun

    O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\setup.exe

    O34 - HKLM BootExecute: (autocheck autochk *)

    O35 - HKLM\..comfile [open] -- "%1" %*

    O35 - HKLM\..exefile [open] -- "%1" %*

    O37 - HKLM\...com [@ = comfile] -- "%1" %*

    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

    ========== Files/Folders - Created Within 30 Days ==========

    [2012/07/07 09:42:42 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Rich\Desktop\OTL.exe

    [2012/07/07 09:39:48 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Rich\Desktop\dds.com

    [2012/07/06 18:32:02 | 002,343,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys

    [2012/07/06 18:29:45 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll

    [2012/07/06 18:29:45 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll

    [2012/07/06 18:29:17 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll

    [2012/07/06 18:29:17 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll

    [2012/07/06 18:29:17 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll

    [2012/07/06 18:28:54 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll

    [2012/07/06 18:28:54 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe

    [2012/07/06 18:21:31 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine

    [2012/07/05 17:59:00 | 000,000,000 | ---D | C] -- C:\Program Files\ESET

    [2012/07/03 19:10:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

    [2012/07/03 19:10:14 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

    [2012/07/03 19:10:14 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

    [2012/07/03 18:30:52 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA%

    [2012/07/03 18:11:24 | 000,000,000 | ---D | C] -- C:\Windows\pss

    [2012/06/19 14:40:34 | 000,000,000 | ---D | C] -- C:\Users\Rich\AppData\Roaming\SUPERAntiSpyware.com

    [2012/06/19 14:40:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware

    [2012/06/19 14:40:10 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com

    [2012/06/19 14:40:10 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware

    [2012/06/18 16:26:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TurboTax 2011

    [2012/06/13 03:01:24 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb

    [2012/06/13 03:01:21 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll

    [2012/06/13 03:01:21 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe

    [2012/06/13 03:01:21 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll

    [2012/06/13 03:01:20 | 001,800,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll

    [2012/06/13 03:01:20 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl

    [2012/06/13 03:01:20 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll

    [2012/06/13 03:00:38 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorekmts.dll

    [2012/06/13 03:00:38 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll

    [2012/06/13 03:00:38 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdrmemptylst.exe

    [2012/06/10 17:13:54 | 000,000,000 | ---D | C] -- C:\Users\Rich\Documents\Wrightsoft HVAC

    [2012/06/10 17:06:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wrightsoft HVAC

    [2012/06/10 17:06:15 | 000,995,383 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\temp.00F

    [2012/06/10 17:06:15 | 000,278,581 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\temp.010

    [2012/06/10 17:06:15 | 000,077,878 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\temp.011

    [2012/06/10 17:05:48 | 001,208,320 | ---- | C] (FarPoint Technologies, Inc.) -- C:\Windows\System32\spr32d70.dll

    [2012/06/10 17:03:30 | 001,045,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSJET35.DLL

    [2012/06/10 17:03:30 | 000,368,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Vbar332.dll

    [2012/06/10 17:03:30 | 000,252,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Msrd2x35.dll

    [2012/06/10 17:03:30 | 000,246,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\temp.00A

    [2012/06/10 17:03:30 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\temp.00D

    [2012/06/10 17:03:30 | 000,123,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Msjint35.dll

    [2012/06/10 17:03:30 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Odbctl32.dll

    [2012/06/10 17:03:30 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\temp.00C

    [2012/06/10 17:03:30 | 000,024,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Msjter35.dll

    [2012/06/10 17:03:30 | 000,018,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\temp.00E

    [2012/06/10 17:03:30 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\temp.00B

    [2012/06/10 17:03:30 | 000,000,000 | ---D | C] -- C:\Program Files\Wrightsoft HVAC

    [2012/06/10 17:03:29 | 000,326,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\temp.003

    [2012/06/10 17:03:29 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\temp.007

    [2012/06/10 17:03:29 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\temp.008

    [2012/06/10 17:03:29 | 000,093,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\temp.006

    [2012/06/10 17:03:29 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\temp.000

    [2012/06/10 17:03:29 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\temp.009

    [2012/06/10 17:03:29 | 000,026,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\temp.004

    [2012/06/10 17:03:29 | 000,008,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ODBCCP32.CPL

    [2012/06/10 17:03:29 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\temp.005

    [2012/06/10 17:03:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\temp.002

    [2012/06/10 17:03:29 | 000,004,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\temp.001

    [2012/06/07 15:50:45 | 000,000,000 | ---D | C] -- C:\Users\Rich\AppData\Roaming\Malwarebytes

    [2012/06/07 15:50:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

    [2012/06/07 15:21:10 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2012

    ========== Files - Modified Within 30 Days ==========

    [2012/07/07 09:42:46 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Rich\Desktop\OTL.exe

    [2012/07/07 09:41:30 | 000,050,477 | ---- | M] () -- C:\Users\Rich\Desktop\Defogger.exe

    [2012/07/07 09:41:11 | 000,881,475 | ---- | M] () -- C:\Users\Rich\Desktop\SecurityCheck.exe

    [2012/07/07 09:39:55 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Rich\Desktop\dds.com

    [2012/07/07 09:37:36 | 000,000,000 | ---- | M] () -- C:\Users\Rich\defogger_reenable

    [2012/07/07 09:32:28 | 000,020,496 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

    [2012/07/07 09:32:28 | 000,020,496 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

    [2012/07/07 09:29:31 | 000,660,068 | ---- | M] () -- C:\Windows\System32\perfh009.dat

    [2012/07/07 09:29:31 | 000,120,996 | ---- | M] () -- C:\Windows\System32\perfc009.dat

    [2012/07/07 09:29:00 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

    [2012/07/07 09:25:34 | 000,017,488 | ---- | M] (Windows ® 2000 DDK provider) -- C:\Windows\gdrv.sys

    [2012/07/07 09:25:25 | 000,000,878 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

    [2012/07/07 09:25:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

    [2012/07/07 09:25:04 | 2754,961,408 | -HS- | M] () -- C:\hiberfil.sys

    [2012/07/06 18:41:57 | 000,000,600 | ---- | M] () -- C:\Users\Rich\AppData\Roaming\winscp.rnd

    [2012/07/06 18:37:55 | 003,713,376 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

    [2012/07/06 18:16:12 | 268,164,445 | ---- | M] () -- C:\Windows\MEMORY.DMP

    [2012/07/05 18:51:31 | 000,001,908 | ---- | M] () -- C:\Windows\diagwrn.xml

    [2012/07/05 18:51:31 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml

    [2012/07/03 19:10:15 | 000,001,082 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

    [2012/07/03 18:45:01 | 000,001,422 | ---- | M] () -- C:\Users\Rich\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

    [2012/06/19 14:40:13 | 000,001,976 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk

    [2012/06/18 16:26:46 | 000,002,501 | ---- | M] () -- C:\Users\Public\Desktop\TurboTax 2011.lnk

    [2012/06/18 16:25:31 | 000,000,574 | ---- | M] () -- C:\Users\Rich\Desktop\Division of Revenue Business Records Service.website

    [2012/06/12 17:08:37 | 000,095,774 | ---- | M] () -- C:\Users\Rich\Desktop\New Home ENERGY STAR Builder Agreement.pdf

    [2012/06/10 17:06:16 | 000,001,914 | ---- | M] () -- C:\Users\Public\Desktop\Right-Suite® Universal.lnk

    [2012/06/10 17:03:30 | 000,000,209 | ---- | M] () -- C:\Windows\ODBCINST.INI

    ========== Files Created - No Company Name ==========

    [2012/07/07 09:41:30 | 000,050,477 | ---- | C] () -- C:\Users\Rich\Desktop\Defogger.exe

    [2012/07/07 09:41:04 | 000,881,475 | ---- | C] () -- C:\Users\Rich\Desktop\SecurityCheck.exe

    [2012/07/07 09:37:36 | 000,000,000 | ---- | C] () -- C:\Users\Rich\defogger_reenable

    [2012/07/07 09:34:11 | 000,012,288 | ---- | C] () -- C:\Windows\Installer\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}\U\80000000.@

    [2012/07/07 09:29:42 | 000,232,960 | ---- | C] () -- C:\Windows\Installer\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}\U\00000008.@

    [2012/07/05 18:50:49 | 000,001,908 | ---- | C] () -- C:\Windows\diagwrn.xml

    [2012/07/05 18:50:49 | 000,001,908 | ---- | C] () -- C:\Windows\diagerr.xml

    [2012/07/03 19:10:15 | 000,001,082 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

    [2012/07/03 18:18:48 | 000,095,744 | ---- | C] () -- C:\Windows\Installer\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}\U\80000032.@

    [2012/07/03 18:18:48 | 000,002,048 | ---- | C] () -- C:\Windows\Installer\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}\U\00000004.@

    [2012/07/03 18:18:48 | 000,000,804 | ---- | C] () -- C:\Windows\Installer\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}\L\00000004.@

    [2012/07/03 18:18:47 | 000,001,632 | ---- | C] () -- C:\Windows\Installer\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}\U\000000cb.@

    [2012/06/19 14:40:13 | 000,001,976 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk

    [2012/06/18 16:26:46 | 000,002,501 | ---- | C] () -- C:\Users\Public\Desktop\TurboTax 2011.lnk

    [2012/06/12 17:08:36 | 000,095,774 | ---- | C] () -- C:\Users\Rich\Desktop\New Home ENERGY STAR Builder Agreement.pdf

    [2012/06/10 17:06:16 | 000,001,914 | ---- | C] () -- C:\Users\Public\Desktop\Right-Suite® Universal.lnk

    [2012/06/10 17:04:35 | 000,014,336 | ---- | C] () -- C:\Windows\System32\WEBDIAL.EXE

    [2012/06/05 20:31:54 | 000,007,613 | -H-- | C] () -- C:\Users\Rich\AppData\Local\Resmon.ResmonCfg

    [2012/04/10 22:17:41 | 000,000,451 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

    [2012/02/03 18:56:03 | 000,000,600 | ---- | C] () -- C:\Users\Rich\AppData\Roaming\winscp.rnd

    [2012/01/31 13:55:44 | 000,072,080 | -H-- | C] () -- C:\Users\Rich\g2mdlhlpx.exe

    [2012/01/24 19:01:28 | 000,000,107 | ---- | C] () -- C:\Windows\EWF845.ini

    [2012/01/11 22:02:27 | 000,002,048 | -HS- | C] () -- C:\Windows\System32\config\systemprofile\AppData\Local\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}\@

    [2012/01/11 22:02:27 | 000,002,048 | -HS- | C] () -- C:\Windows\Installer\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}\@

    [2011/12/29 18:44:17 | 000,160,392 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat

    [2011/12/19 14:27:38 | 000,000,000 | -H-- | C] () -- C:\Users\Rich\AppData\Local\{74E551CB-4C23-484D-933E-39DDAA7DAC06}

    [2011/10/21 18:44:13 | 000,000,182 | ---- | C] () -- C:\Users\Rich\AppData\Roaming\burnaware.ini

    [2011/06/27 11:35:52 | 000,030,720 | -H-- | C] () -- C:\Users\Rich\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

    [2011/06/24 09:04:31 | 000,000,091 | ---- | C] () -- C:\Windows\QBChanUtil_Trigger.ini

    [2011/06/23 15:03:34 | 000,000,132 | ---- | C] () -- C:\Users\Rich\AppData\Roaming\Adobe PNG Format CS5 Prefs

    [2011/06/23 11:57:24 | 000,000,132 | ---- | C] () -- C:\Users\Rich\AppData\Roaming\Adobe GIF Format CS5 Prefs

    [2011/06/22 19:08:10 | 000,024,944 | ---- | C] () -- C:\Windows\System32\drivers\GVTDrv.sys

    [2011/06/22 16:29:57 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI

    [2011/06/22 15:42:28 | 000,008,192 | ---- | C] () -- C:\Windows\System32\drivers\IntelMEFWVer.dll

    [2011/06/22 15:42:12 | 000,031,272 | ---- | C] () -- C:\Windows\System32\AppleChargerSrv.exe

    [2011/06/22 15:42:12 | 000,018,544 | ---- | C] () -- C:\Windows\System32\drivers\AppleCharger.sys

    [2011/06/22 15:40:11 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll

    [2011/06/22 15:38:59 | 000,094,208 | ---- | C] () -- C:\Windows\System32\IccLibDll.dll

    [2011/06/22 15:38:58 | 000,963,116 | ---- | C] () -- C:\Windows\System32\igkrng600.bin

    [2011/06/22 15:38:58 | 000,145,804 | ---- | C] () -- C:\Windows\System32\igcompkrng600.bin

    [2011/06/22 15:38:58 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config

    [2011/06/22 15:15:35 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini

    [2011/03/26 01:10:22 | 000,216,876 | ---- | C] () -- C:\Windows\System32\igfcg600m.bin

    [2011/03/26 00:33:52 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll

    < End of report >

    OTL Extras logfile created on: 7/7/2012 9:58:39 AM - Run 1

    OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\Rich\Desktop

    Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

    Internet Explorer (Version = 9.0.8112.16421)

    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    3.42 Gb Total Physical Memory | 1.74 Gb Available Physical Memory | 50.79% Memory free

    6.84 Gb Paging File | 5.09 Gb Available in Paging File | 74.40% Paging File free

    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

    Drive C: | 224.38 Gb Total Space | 59.72 Gb Free Space | 26.62% Space Free | Partition Type: NTFS

    Drive D: | 8.49 Gb Total Space | 0.42 Gb Free Space | 5.00% Space Free | Partition Type: FAT32

    Unable to calculate disk information.

    Computer Name: GIGABYTEGAZ68 | User Name: Rich | Logged in as Administrator.

    Boot Mode: Normal | Scan Mode: All users

    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========

    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

    .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

    .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

    [HKEY_USERS\S-1-5-21-2541698021-2910038252-4145046732-1000\SOFTWARE\Classes\<extension>]

    .html [@ = ChromeHTML] -- Reg Error: Key error. File not found

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

    batfile [open] -- "%1" %*

    cmdfile [open] -- "%1" %*

    comfile [open] -- "%1" %*

    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

    exefile [open] -- "%1" %*

    helpfile [open] -- Reg Error: Key error.

    hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

    htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)

    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

    piffile [open] -- "%1" %*

    regfile [merge] -- Reg Error: Key error.

    scrfile [config] -- "%1"

    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

    scrfile [open] -- "%1" /S

    txtfile [edit] -- Reg Error: Key error.

    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

    Directory [bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)

    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    Folder [explore] -- Reg Error: Value error.

    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

    "cval" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

    "VistaSp1" = Reg Error: Unknown registry data type -- File not found

    "AntiVirusOverride" = 0

    "AntiSpywareOverride" = 0

    "FirewallOverride" = 0

    ========== Firewall Settings ==========

    ========== Authorized Applications List ==========

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

    "{0215A652-E081-4B09-9333-DC85AAB67FFA}" = Adobe Dreamweaver CS5.5

    "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86

    "{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}" = Microsoft Visual C++ 2008 x86 ATL Runtime 9.0.30729

    "{05BDC796-3451-4F81-B91D-E98F7ADA76C2}" = TurboTax 2010 WinPerTaxSupport

    "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86

    "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended

    "{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86

    "{14866AAD-1F23-39AC-A62B-7091ED1ADE64}" = Microsoft Visual C++ 2008 x86 CRT Runtime 9.0.30729

    "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer

    "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319

    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

    "{24FF088D-CDCF-480C-8A4B-98F14A54CAA8}" = Autodesk Material Library Low Resolution Image Library 2012

    "{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java 6 Update 30

    "{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime

    "{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help

    "{3782EC09-4000-475E-8A59-9CABD6F03B4C}" = TurboTax 2010 WinPerFedFormset

    "{3B35725F-C623-4A1E-B5CC-99C0868679E3}" = Smart 6 B10.1221.1

    "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

    "{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B11.0110.1

    "{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg

    "{44715246-18E9-4EDF-AA03-94E4B4F80EA8}" = Download Navigator

    "{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B11.0323.1

    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

    "{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}" = Microsoft Visual C++ 2008 x86 OpenMP Runtime 9.0.30729

    "{4E33D05D-76CF-5D3C-4D5D-7727530FA161}" = Adobe Content Viewer

    "{4F2FCCCF-29F3-44B9-886F-6D16F8417522}" = TurboTax 2010 wrapper

    "{53CF3920-648B-4F99-8D05-6A6C5298F57B}" = Adobe Creative Suite 5.5 Design Standard

    "{5866F83F-5347-4324-A15E-070502A65866}" = TurboTax 2010 WinBizReleaseEngine

    "{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth

    "{6334BBB0-8A2E-4679-B845-9CE27E72DBDA}" = TurboTax 2010 WinBizTaxSupport

    "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86

    "{64BA551C-9AF6-495C-93F3-D1270E0045FC}" = Epson Connect

    "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components

    "{65420DC9-306E-4371-905F-F4DC3B418E52}" = Autodesk Material Library Base Resolution Image Library 2012

    "{70F1348F-F94F-4FFB-A5D0-CE5575312A88}" = TurboTax 2011 wnjpbpm

    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

    "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK

    "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

    "{7346B4A0-1200-0100-0409-705C0D862004}" = Revit Architecture 2012

    "{7346B4A0-1200-0101-0409-705C0D862004}" = Revit Architecture 2012 Language Pack - English

    "{73C213C0-DD1F-4A71-9F5F-896838953DD1}" = Cause of the Month Reminder by We-Care.com v5.0.6.2

    "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

    "{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour

    "{7B18E7E2-AFCA-4CBE-8CD5-3613315AB262}" = ArcGIS Explorer Desktop

    "{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime

    "{80A17ED7-059E-40FF-B5D6-F37C737CA693}" = Adobe Photoshop Lightroom 4

    "{814FA673-A085-403C-9545-747FC1495069}" = Epson Customer Participation

    "{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support

    "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

    "{84C176F9-1DAE-803C-5993-CF8703AE5841}" = Adobe Download Assistant

    "{851C67EF-068A-4060-9EF5-2E3DDCD68382}" = Adobe Photoshop Elements 3.0

    "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver

    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

    "{8A6BB58D-82A9-4FC7-B65F-A4EA87A4C138}" = Microsoft Online Services Sign-in Assistant

    "{8BA2648C-B0E5-4EAD-9789-22F807478D1E}" = TurboTax 2011 wrapper

    "{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}" = Autodesk Material Library 2012

    "{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010

    "{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

    "{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010

    "{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

    "{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010

    "{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

    "{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010

    "{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

    "{90140000-001A-0000-0000-0000000FF1CE}" = Microsoft Office Outlook 2010

    "{90140000-001A-0000-0000-0000000FF1CE}_Office14.OUTLOOK_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)

    "{90140000-001A-0000-0000-0000000FF1CE}_Office14.OUTLOOK_{3AED81FF-F443-4D34-A103-5EB05C954265}" =

    "{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010

    "{90140000-001A-0409-0000-0000000FF1CE}_Office14.OUTLOOK_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

    "{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

    "{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010

    "{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

    "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010

    "{90140000-001F-0409-0000-0000000FF1CE}_Office14.OUTLOOK_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)

    "{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)

    "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010

    "{90140000-001F-040C-0000-0000000FF1CE}_Office14.OUTLOOK_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)

    "{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)

    "{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010

    "{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.OUTLOOK_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)

    "{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)

    "{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010

    "{90140000-002C-0409-0000-0000000FF1CE}_Office14.OUTLOOK_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)

    "{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)

    "{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010

    "{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)

    "{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010

    "{90140000-006E-0409-0000-0000000FF1CE}_Office14.OUTLOOK_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)

    "{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)

    "{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010

    "{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

    "{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010

    "{90140000-0115-0409-0000-0000000FF1CE}_Office14.OUTLOOK_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)

    "{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)

    "{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010

    "{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

    "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86

    "{949DBB22-2FB7-4de1-804C-23D495A988D8}" = CuteFTP 8 Home

    "{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}" = FARO LS 1.1.406.58

    "{97C658D2-61FB-027F-0D76-E9CDC84AFEC7}" = FlipShare

    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

    "{9E3CDA4E-6522-43EB-AF6F-C8CA318A0772}" = TurboTax 2011 WinBizReleaseEngine

    "{A004ACC6-A33D-4083-9775-139C76852C49}" = TurboTax 2011 WinBizFedFormset

    "{A525E00B-6609-442E-9DCD-64453C233E8D}" = TurboTax 2010 WinPerReleaseEngine

    "{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5

    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

    "{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU

    "{ABD650AB-CF97-4FD8-837A-3EFBE3924BB1}" = TurboTax 2010 wnjpbpm

    "{AC76BA86-1033-F400-7760-000000000005}" = Adobe Acrobat X Pro - English, Français, Deutsch

    "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)

    "{B124E6D3-91B4-4E3C-AD03-BA959B223537}" = Citrix online plug-in (Web)

    "{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS

    "{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}" = Microsoft Visual C++ 2008 x86 MFC Runtime 9.0.30729

    "{B5751715-EC10-43D9-8C95-62E1368433EF}" = Autodesk Material Library Medium Resolution Image Library 2012

    "{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86

    "{B7DBF6E8-0D17-4BE4-853B-ACD6EFBD4A1F}" = iTunes

    "{B8ECD0D3-AE08-4891-B6C7-32F96B75EB6C}" = EPSON Printer Finder

    "{BDE646E8-86E0-50E1-37BC-0AEBB2185D76}" = Adobe Widget Browser

    "{C3ADD937-FD5F-4CC6-AE15-AEDEE2A20165}" = TurboTax 2010 wrapper

    "{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B10.1021.1

    "{CA19AEA3-B949-41DA-AFBA-692356230F6E}" = TurboTax 2010 wnjiper

    "{CAF5B770-082F-40C4-853D-3973BB81BDAA}" = TurboTax 2011 WinPerTaxSupport

    "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware

    "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86

    "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86

    "{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}" = Epson Connect Printer Setup

    "{DA7DF8E2-4B8F-4286-97FE-DE3FFFE9B728}" = iCloud

    "{DB9AB084-C93E-4D07-8BB9-0EC5CA5467BC}" = TurboTax 2011 WinBizTaxSupport

    "{DCED0AD4-784D-4667-B4A0-6FE953FAC4BB}" = TurboTax 2011 wnjiper

    "{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller

    "{E463E171-4082-4744-A466-F7CBE8502789}" = TurboTax 2011 WinPerReleaseEngine

    "{E6C0F926-446B-4450-8D15-4405A9431EB7}" = TurboTax 2010 WinBizFedFormset

    "{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support

    "{EE556A3E-EB37-4392-9637-BAA8EC2F47FA}" = TurboTax 2011 wrapper

    "{F03DFD59-5FFB-4306-9731-BD2863545EEB}}_is1" = OptiMiser v2.0.5710

    "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics

    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

    "{F2AF3E5D-9697-485C-A5AC-E2B9468C446A}" = Safari

    "{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center

    "{FA9D303D-0FB2-49C7-9397-8E6B11EA892D}" = Epson Event Manager

    "{FAD3D68B-2F9C-459B-AA79-C04B9090FD72}" = TurboTax 2011 WinPerFedFormset

    "{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR

    "Adobe AIR" = Adobe AIR

    "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

    "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

    "ArcGIS Explorer Desktop" = ArcGIS Explorer Desktop

    "Autodesk Revit Architecture 2012" = Autodesk Revit Architecture 2012

    "BurnAware Free_is1" = BurnAware Free 3.5

    "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help

    "com.adobe.dmp.contentviewer" = Adobe Content Viewer

    "com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant

    "com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1" = Adobe Widget Browser

    "EPSON Scanner" = EPSON Scan

    "EPSON WorkForce 845 Series" = EPSON WorkForce 845 Series Printer Uninstall

    "InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B11.0323.1

    "InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B10.1021.1

    "InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller

    "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400

    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

    "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended

    "Office14.OUTLOOK" = Microsoft Outlook 2010

    "Office14.SingleImage" = Microsoft Office Home and Student 2010

    "Picasa 3" = Picasa 3

    "Right-Suite Universal" = Right-Suite Universal

    "sp6" = Logitech SetPoint 6.30

    "SugarSync" = SugarSync Manager

    "TurboTax 2010" = TurboTax 2010

    "TurboTax 2011" = TurboTax 2011

    "TurboTax Business 2010" = TurboTax Business 2010

    "TurboTax Business 2011" = TurboTax Business 2011

    ========== HKEY_USERS Uninstall List ==========

    [HKEY_USERS\S-1-5-21-2541698021-2910038252-4145046732-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

    "Dropbox" = Dropbox

    ========== Last 20 Event Log Errors ==========

    [ Application Events ]

    Error - 7/5/2012 6:35:59 PM | Computer Name = GigabyteGAZ68 | Source = WinMgmt | ID = 10

    Description =

    Error - 7/5/2012 7:32:54 PM | Computer Name = GigabyteGAZ68 | Source = WinMgmt | ID = 10

    Description =

    Error - 7/5/2012 9:15:41 PM | Computer Name = GigabyteGAZ68 | Source = WinMgmt | ID = 10

    Description =

    Error - 7/6/2012 5:48:30 PM | Computer Name = GigabyteGAZ68 | Source = WinMgmt | ID = 10

    Description =

    Error - 7/6/2012 6:17:47 PM | Computer Name = GigabyteGAZ68 | Source = WinMgmt | ID = 10

    Description =

    Error - 7/6/2012 6:24:18 PM | Computer Name = GigabyteGAZ68 | Source = WinMgmt | ID = 10

    Description =

    Error - 7/6/2012 6:27:11 PM | Computer Name = GigabyteGAZ68 | Source = WinMgmt | ID = 10

    Description =

    Error - 7/6/2012 6:37:25 PM | Computer Name = GigabyteGAZ68 | Source = WinMgmt | ID = 10

    Description =

    Error - 7/6/2012 8:13:09 PM | Computer Name = GigabyteGAZ68 | Source = SideBySide | ID = 16842785

    Description = Activation context generation failed for "C:\Program Files\EPSON Software\Download

    Navigator\Resource01\E_UPBW01.EXE". Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"

    could not be found. Please use sxstrace.exe for detailed diagnosis.

    Error - 7/6/2012 9:30:08 PM | Computer Name = GigabyteGAZ68 | Source = WinMgmt | ID = 10

    Description =

    Error - 7/7/2012 9:26:49 AM | Computer Name = GigabyteGAZ68 | Source = WinMgmt | ID = 10

    Description =

    [ System Events ]

    Error - 6/25/2012 7:50:37 PM | Computer Name = GigabyteGAZ68 | Source = Service Control Manager | ID = 7001

    Description = The Computer Browser service depends on the Server service which failed

    to start because of the following error: %%1068

    Error - 6/25/2012 7:50:37 PM | Computer Name = GigabyteGAZ68 | Source = Service Control Manager | ID = 7001

    Description = The Computer Browser service depends on the Server service which failed

    to start because of the following error: %%1068

    Error - 6/25/2012 7:50:37 PM | Computer Name = GigabyteGAZ68 | Source = Service Control Manager | ID = 7001

    Description = The Computer Browser service depends on the Server service which failed

    to start because of the following error: %%1068

    Error - 6/25/2012 7:55:37 PM | Computer Name = GigabyteGAZ68 | Source = Service Control Manager | ID = 7001

    Description = The Computer Browser service depends on the Server service which failed

    to start because of the following error: %%1068

    Error - 6/25/2012 7:55:37 PM | Computer Name = GigabyteGAZ68 | Source = Service Control Manager | ID = 7001

    Description = The Computer Browser service depends on the Server service which failed

    to start because of the following error: %%1068

    Error - 6/25/2012 7:55:37 PM | Computer Name = GigabyteGAZ68 | Source = Service Control Manager | ID = 7001

    Description = The Computer Browser service depends on the Server service which failed

    to start because of the following error: %%1068

    Error - 6/25/2012 7:57:45 PM | Computer Name = GigabyteGAZ68 | Source = Service Control Manager | ID = 7001

    Description = The Computer Browser service depends on the Server service which failed

    to start because of the following error: %%1068

    Error - 6/25/2012 7:57:45 PM | Computer Name = GigabyteGAZ68 | Source = Service Control Manager | ID = 7001

    Description = The Computer Browser service depends on the Server service which failed

    to start because of the following error: %%1068

    Error - 6/25/2012 7:57:45 PM | Computer Name = GigabyteGAZ68 | Source = Service Control Manager | ID = 7001

    Description = The Computer Browser service depends on the Server service which failed

    to start because of the following error: %%1068

    Error - 6/25/2012 8:02:45 PM | Computer Name = GigabyteGAZ68 | Source = Service Control Manager | ID = 7001

    Description = The Computer Browser service depends on the Server service which failed

    to start because of the following error: %%1068

    < End of report >

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.