DKap

No, not that or ComboFox. No problem. Thanks again!!

Thanks, TDK. Yes, I'll make sure to follow your suggestions going forward. One final question: Some of the uninstall instructions are for tools we didn't use, such as adwcleaner.exe. Am I correct that this is a more extensive list and not limited to the tools we used? I'm very grateful for your terrific support! I may even have learned something.

Good afternoon TDK, I ran "Check for Updates" in my Adobe Reader X (Version 10.1.4) .... response was "No Updates Available." I thought the Screen317's checkup.txt warning was strange ... I had updated Adobe Reader very recently. Not sure what prompted the warning. In any event, do I dare say it, I don't believe I have any issues remaining. What do you think ... are we done? If so, do I need to uninstall or delete any of the files left by the multiple scanners I used? I noticed, for example, that ESET saved an uninstaller.exe in the folder it created in Program Files (x86).

Thanks, TDK. I ran ESET online scanner as directed. I found the log.txt in the Program Files (x86) directory since this is a 64 bit machine. the log file was time-stamped for the time I originally set up for online scanning and allowed download installation of the ActiveX control. I did not run the scan until sometime later pending your response, above. The log file does not seem to be updated with the results of the scan. I'm quite sure I clicked all the right buttons after the scan completed. The scan did find one potential threat, which I copied from the ESET screen since I did not see it in the log.txt: C:\Users\David\Documents\David's old docs\Archive to CD\DOS Apps and Utilities\xTree\VSCHECK.ZIP probably unknown TSR.COM.EXE virus This is an archived file among those I had copied from my old computer and definitely was not opened or run, either on the old or new computer. Here is the ESET log.txt ESETSmartInstaller@High as CAB hook log: OnlineScanner64.ocx - registred OK OnlineScanner.ocx - registred OK Is it possible that the ESET online scanner saved a second log somewhere else on the computer? ... I certainly can't find one. --------------------------------------------------------------- Screen317's checkup.txt: Results of screen317's Security Check version 0.99.56 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! McAfee Anti-Virus and Anti-Spyware WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.65.1.1000 Adobe Reader 10.1.4 Adobe Reader out of Date! ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe Malwarebytes' Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 0% ````````````````````End of Log``````````````````````

Glad the scans were OK. Question about ESET Online scanner: It alerts me that McAfee is active and that results may be affected. Do I need to shut it down? I hate to leave the computer unprotected for the duration of the scan.

Hi TDK, Update: I was able to restore the proper "graphic" icons to (I think) all the icons that had reverted to generic white rectangles (there may be some I haven't thought to check). The Microsoft "fixes" which didn't work all focused on deleting and rebuilding the icon cache. I finally realized that the all files with generic icons had lost their default program associations, so I reestablished them and the proper icons were restored (embarassingly obvious fix, I suppose). I would have thought that common file types should display the proper icons even with no default program associations, so I don't know that I have fixed an underlying issue or not. Just wanted to let you know as added info to the logs I posted yesterday.

<p>Thanks, TDK.</p> <p> </p> <p>I ran OTL.exe Run Fix. Observable result was that OTL reset Windows Explorer to default views (no file extensions, hide system files, etc). However same Issues remain with file icons. </p> <p> </p> <p>OTL fix log (11292012_081338.log):</p> <p> </p> <p> All processes killed</p> <div>========== OTL ==========</div> <div>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!</div> <div>HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!</div> <div>64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.</div> <div>Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.</div> <div>========== COMMANDS ==========</div> <div> </div> <div>[EMPTYTEMP]</div> <div> </div> <div>User: All Users</div> <div> </div> <div>User: David</div> <div>->Temp folder emptied: 23307443 bytes</div> <div>->Temporary Internet Files folder emptied: 176098565 bytes</div> <div>->Flash cache emptied: 2667 bytes</div> <div> </div> <div>User: Default</div> <div>->Temp folder emptied: 0 bytes</div> <div>->Temporary Internet Files folder emptied: 0 bytes</div> <div> </div> <div>User: Default User</div> <div>->Temp folder emptied: 0 bytes</div> <div>->Temporary Internet Files folder emptied: 0 bytes</div> <div> </div> <div>User: Public</div> <div>->Temp folder emptied: 0 bytes</div> <div> </div> <div>%systemdrive% .tmp files removed: 0 bytes</div> <div>%systemroot% .tmp files removed: 0 bytes</div> <div>%systemroot%\System32 .tmp files removed: 0 bytes</div> <div>%systemroot%\System32 (64bit) .tmp files removed: 0 bytes</div> <div>%systemroot%\System32\drivers .tmp files removed: 0 bytes</div> <div>Windows Temp folder emptied: 12102030 bytes</div> <div>%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67563 bytes</div> <div>RecycleBin emptied: 10926006 bytes</div> <div> </div> <div>Total Files Cleaned = 212.00 mb</div> <div> </div> <div> </div> <div>OTL by OldTimer - Version 3.2.69.0 log created on 11292012_081338</div> <div> </div> <div>Files\Folders moved on Reboot...</div> <div>C:\Users\David\AppData\Local\Temp\7zS16F7\HPSLPSVC64.DLL moved successfully.</div> <div>C:\Users\David\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.</div> <div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\fa9e3c814aa32db2ad5f17bdfbc22746\attributes.dll not found!</div> <div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\f233f63b6654362865c7577442edb9e3\Win32.dll not found!</div> <div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\eb138ef0e4282611dbf485a302784646\LibYAML.dll not found!</div> <div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\eaeabd54205de2f10c00aea80bbf0d83\Registry.dll not found!</div> <div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\e56c61f7248672819579325af3387035\POSIX.dll not found!</div> <div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\e2e81dd6b3e5a36f0bdae076393cc11d\icudt46.dll not found!</div> <div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\e2e81dd6b3e5a36f0bdae076393cc11d\icuin46.dll not found!</div> <div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\e2e81dd6b3e5a36f0bdae076393cc11d\icuuc46.dll not found!</div> <div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\e2e81dd6b3e5a36f0bdae076393cc11d\SQLite.dll not found!</div> <div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\df1ba73f49c38cbbc7a11c779c3506d2\OLE.dll not found!</div> <div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\de446fdd1ae335c7d2b9e62bb8cdf765\B.dll not found!</div> <div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\dacfd0ab9b5fd029ed8d29e4482b0775\XS.dll not found!</div> <div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\d1e7c33431cd8713f2ce3582829a8b14\Socket.dll not found!</div> <div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\d1c77e404b5c4b954fa537ed63c8fb7b\File.dll not found!</div> <div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\d10c2c06ba2044cccc247c4315f5c7d3\Process.dll not found!</div> <div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\d0bf009923f29116535c26d228271d6d\Scan.dll not found!</div> <div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\cf5fe81e2f5dcbfecfd0495e1648c991\Unicode.dll not found!</div> <div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\c668a322917d32a5ea22894518aa9897\Base64.dll not found!</div> <div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\c5cce8d16a1bd48692b421dcf46d3396\Util.dll not found!</div> <div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\c344fd5536724b2af2e6453833b60203\SHA1.dll not found!</div> <div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\c19d5e3dc664d9f4ce700001e2621cee\MD5.dll not found!</div> <div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\c199d3c1960e7aeeecb599487952bed2\HiRes.dll not found!</div> <div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\bd5179a413bc0c4b82eedc22c6cab101\re.dll not found!</div> <div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\bc147d83c7c868eeee67082dcf55430c\File.dll not found!</div> <div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\b979ace6da01e63d651cce9ee2474fdc\Name.dll not found!</div> <div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\b6bd87c968599725b8ab2e5c25d3046a\API.dll not found!</div> <div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\aff7ee779ea184f884ed432c30a58f5d\Scale.dll not found!</div> <div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\961b0d62fa52b1dd29c795a822fbf1cf\DBI.dll not found!</div> <div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\8fedeb86a4a984edfc1fb255d4ea965c\XS.dll not found!</div> <div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\7f2598c08178217a0e2c754f3d568f28\Byte.dll not found!</div> <div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\7f177c338672436e01c4f0bdbcf94491\EV.dll not found!</div> <div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\7ef0d901bf4203fbcf7a0fff0e82aa5f\Encode.dll not found!</div> <div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\60ff464e01c2cd5526dbdad5a125081d\Dumper.dll not found!</div> <div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\5ffd05b2cbd58528e56519784ca9c869\Hostname.dll not found!</div> <div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\4f2c03383aab0133b8dc0a3fa2dd92fa\Storable.dll not found!</div> <div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\44727051c604ef6b79894b64d4c63832\Expat.dll not found!</div> <div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\4461f48e31bde5c56b31b973b773de09\List.dll not found!</div> <div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\3b7106dd14676048b10bbb09a990f74c\XS.dll not found!</div> <div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\3a8764e0d7c5d453e01d9ad08cf7fb58\IO.dll not found!</div> <div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\3a7ccbf8181ee5a145227a6dfce3594c\WinError.dll not found!</div> <div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\38a10ee333cf1a9afec3f0acdf1bbebc\Scan.dll not found!</div> <div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\32785c19dc6898fbbbf06f3b776edd08\Fcntl.dll not found!</div> <div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\31638f63e39b38d3e250a9a57cb9d1c5\Cwd.dll not found!</div> <div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\2b1fc61b36a6711ea149b18bf3b41500\Parser.dll not found!</div> <div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\19febd96672ffdb7ea244cef36aaa062\Zlib.dll not found!</div> <div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\17d0b152e63e6bfe81b4b19588538896\mro.dll not found!</div> <div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\0665c25e931c1ac0151b062449e91028\XSAccessor.dll not found!</div> <div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\perl514.dll not found!</div> <div> </div> <div>PendingFileRenameOperations files...</div> <div> </div> <div>Registry entries deleted on Reboot...</div>

OTL.txt part 2: [2012/11/02 16:49:18 | 000,080,984 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBWrp64.dll [2012/11/02 16:49:18 | 000,065,112 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBppld64.dll [2012/11/02 16:49:18 | 000,060,504 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBPPCn64.dll [2012/11/02 16:49:17 | 005,996,376 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek.dll [2012/11/02 16:49:17 | 002,131,288 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll [2012/11/02 16:49:17 | 001,247,576 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek264.dll [2012/11/02 16:49:17 | 000,955,736 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll [2012/11/02 16:49:17 | 000,569,688 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO4064.dll [2012/11/02 16:49:17 | 000,341,336 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll [2012/11/02 16:49:17 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll [2012/11/02 16:49:15 | 002,528,832 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll [2012/11/02 16:49:15 | 001,756,264 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll [2012/11/02 16:49:15 | 001,568,360 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll [2012/11/02 16:49:15 | 001,486,952 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll [2012/11/02 16:49:15 | 000,728,680 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll [2012/11/02 16:49:15 | 000,712,296 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll [2012/11/02 16:49:15 | 000,693,352 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll [2012/11/02 16:49:15 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll [2012/11/02 16:49:15 | 000,432,744 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll [2012/11/02 16:49:15 | 000,428,648 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll [2012/11/02 16:49:15 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll [2012/11/02 16:49:15 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll [2012/11/02 16:49:15 | 000,241,768 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll [2012/11/02 16:49:15 | 000,108,960 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll [2012/11/02 16:49:14 | 000,200,800 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll [2012/11/02 16:49:10 | 004,353,536 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdag.dll [2012/11/02 16:49:10 | 004,189,184 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdva.dll [2012/11/02 16:49:10 | 001,828,864 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdmv.dll [2012/11/02 16:49:10 | 001,113,088 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6v.dll [2012/11/02 16:49:10 | 000,278,528 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\Oemdspif.dll [2012/11/02 16:49:10 | 000,093,712 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\AtihdW76.sys [2012/11/02 16:49:10 | 000,058,880 | ---- | C] (AMD) -- C:\Windows\SysNative\coinst.dll [2012/11/02 16:49:10 | 000,040,960 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiuxp64.dll [2012/11/02 16:49:10 | 000,031,744 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiuxpag.dll [2012/11/02 16:49:09 | 018,757,120 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atioglxx.dll [2012/11/02 16:49:09 | 005,510,144 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd64.dll [2012/11/02 16:49:09 | 004,044,288 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6a.dll [2012/11/02 16:49:09 | 000,423,424 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atipdl64.dll [2012/11/02 16:49:09 | 000,356,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\atipdlxx.dll [2012/11/02 16:49:09 | 000,332,800 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\ATIODE.exe [2012/11/02 16:49:09 | 000,120,320 | ---- | C] (AMD) -- C:\Windows\SysNative\atitmm64.dll [2012/11/02 16:49:09 | 000,051,200 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\ATIODCLI.exe [2012/11/02 16:49:09 | 000,038,912 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiu9p64.dll [2012/11/02 16:49:09 | 000,029,184 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiu9pag.dll [2012/11/02 16:49:08 | 024,866,816 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atio6axx.dll [2012/11/02 16:49:08 | 000,326,656 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpag.sys [2012/11/02 16:49:08 | 000,054,784 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atimpc64.dll [2012/11/02 16:49:08 | 000,054,784 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdpcom64.dll [2012/11/02 16:49:08 | 000,053,760 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atimpc32.dll [2012/11/02 16:49:08 | 000,053,760 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdpcom32.dll [2012/11/02 16:49:08 | 000,021,504 | ---- | C] (AMD) -- C:\Windows\SysNative\atimuixx.dll [2012/11/02 16:49:07 | 010,496,512 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\atikmdag.sys [2012/11/02 16:49:07 | 000,517,120 | ---- | C] (AMD) -- C:\Windows\SysNative\atieclxx.exe [2012/11/02 16:49:07 | 000,204,288 | ---- | C] (AMD) -- C:\Windows\SysNative\atiesrxx.exe [2012/11/02 16:49:07 | 000,059,392 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atiedu64.dll [2012/11/02 16:49:07 | 000,039,936 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6txx.dll [2012/11/02 16:49:07 | 000,032,768 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atigktxx.dll [2012/11/02 16:49:07 | 000,017,408 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6pxx.dll [2012/11/02 16:49:07 | 000,014,336 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiglpxx.dll [2012/11/02 16:49:07 | 000,014,336 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiglpxx.dll [2012/11/02 16:49:06 | 005,041,664 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atidxx64.dll [2012/11/02 16:49:06 | 004,292,096 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atidxx32.dll [2012/11/02 16:49:06 | 000,892,416 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\aticfx64.dll [2012/11/02 16:49:06 | 000,748,544 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\aticfx32.dll [2012/11/02 16:49:06 | 000,466,944 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\ATIDEMGX.dll [2012/11/02 16:49:06 | 000,051,200 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalrt64.dll [2012/11/02 16:49:06 | 000,046,080 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalrt.dll [2012/11/02 16:49:05 | 009,978,880 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticaldd64.dll [2012/11/02 16:49:05 | 008,449,024 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticaldd.dll [2012/11/02 16:49:05 | 000,486,912 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiadlxx.dll [2012/11/02 16:49:05 | 000,339,968 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxy.dll [2012/11/02 16:49:05 | 000,159,744 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiapfxx.exe [2012/11/02 16:49:05 | 000,118,784 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atibtmon.exe [2012/11/02 16:49:05 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\ati2erec.dll [2012/11/02 16:49:05 | 000,044,544 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalcl64.dll [2012/11/02 16:49:05 | 000,044,032 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalcl.dll [2012/11/02 16:49:05 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\ati2edxx.dll [2012/11/02 16:47:54 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2012/11/02 16:47:54 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2012/11/02 16:47:54 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2012/11/02 16:47:54 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2012/11/02 16:47:54 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2012/11/02 16:47:54 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2012/11/02 16:47:54 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2012/11/02 16:47:54 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2012/11/02 16:47:54 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll [2012/11/02 16:47:54 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll [2012/11/02 16:47:54 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2012/11/02 16:47:54 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2012/11/02 16:47:54 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2012/11/02 16:47:54 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll [2012/11/02 16:47:54 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll [2012/11/02 16:47:54 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2012/11/02 16:47:54 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2012/11/02 16:47:54 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll [2012/11/02 16:47:54 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2012/11/02 16:47:54 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2012/11/02 16:47:54 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2012/11/02 16:47:54 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2012/11/02 16:47:54 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2012/11/02 16:47:54 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll [2012/11/02 16:47:54 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2012/11/02 16:47:54 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2012/11/02 16:47:54 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll [2012/11/02 16:47:54 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2012/11/02 16:47:54 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2012/11/02 16:47:54 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2012/11/02 16:47:54 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll [2012/11/02 16:47:54 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2012/11/02 16:47:54 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2012/11/02 16:47:54 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2012/11/02 16:47:54 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2012/11/02 16:47:54 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2012/11/02 16:47:54 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2012/11/02 16:47:54 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2012/11/02 16:47:54 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2012/11/02 16:47:54 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2012/11/02 16:47:54 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2012/11/02 16:47:54 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2012/11/02 16:47:54 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe [2012/11/02 16:47:54 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2012/11/02 16:47:54 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2012/11/02 16:47:54 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2012/11/02 16:47:54 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2012/11/02 16:47:54 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2012/11/02 16:47:54 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2012/11/02 16:47:54 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2012/11/02 16:47:54 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2012/11/02 16:47:54 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2012/11/02 16:47:54 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2012/11/02 16:47:54 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2012/11/02 16:47:54 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2012/11/02 16:47:54 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2012/11/02 16:47:54 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2012/11/02 16:45:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\oem [2012/11/02 16:45:50 | 000,000,000 | ---D | C] -- C:\Drivers [2012/11/02 15:46:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Atheros [2012/11/02 15:40:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel Corporation [2012/11/02 15:37:29 | 000,010,288 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfeclnk.sys [2012/11/02 15:37:27 | 000,177,144 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\mfevtps.exe [2012/11/02 15:37:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\mcafee.com [2012/11/02 15:37:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\mcafee [2012/11/02 15:37:22 | 000,000,000 | ---D | C] -- C:\Program Files\mcafee.com [2012/11/02 15:37:22 | 000,000,000 | ---D | C] -- C:\Program Files\mcafee [2012/11/02 15:37:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee [2012/11/02 15:37:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\mcafee [2012/11/02 15:37:21 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee [2012/11/02 15:37:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2012/11/02 15:37:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe [2012/11/02 15:37:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe [2012/11/02 15:36:02 | 000,000,000 | ---D | C] -- C:\Windows\en [2012/11/02 15:35:42 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live [2012/11/02 15:35:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition [2012/11/02 15:35:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live [2012/11/02 15:35:04 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2012/11/02 15:34:38 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live [2012/11/02 15:34:35 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll [2012/11/02 15:34:35 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll [2012/11/02 15:34:35 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll [2012/11/02 15:34:35 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll [2012/11/02 15:33:36 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll [2012/11/02 15:33:36 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll [2012/11/02 15:32:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2012/11/02 15:32:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight [2012/11/02 15:32:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live [2012/11/02 15:31:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office [2012/11/02 15:31:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\eBay [2012/11/02 15:31:14 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype [2012/11/02 15:31:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2012/11/02 15:31:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2012/11/02 15:30:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2012/11/02 15:28:44 | 000,151,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WimFltr.sys [2012/11/02 15:28:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell [2012/11/02 15:28:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HotSpot [2012/11/02 15:28:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atheros Smart Net [2012/11/02 15:26:14 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BT Program [2012/11/02 15:26:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Atheros [2012/11/02 15:25:57 | 002,797,056 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\athrx.sys [2012/11/02 15:25:57 | 002,797,056 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\athrx.sys [2012/11/02 15:25:57 | 000,442,528 | ---- | C] (Atheros) -- C:\Windows\SysNative\athihvs.dll [2012/11/02 15:25:57 | 000,063,648 | ---- | C] (Atheros) -- C:\Windows\SysNative\athihvui.dll [2012/11/02 15:25:57 | 000,000,000 | ---D | C] -- C:\Windows\Options [2012/11/02 15:25:57 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\nn-NO [2012/11/02 15:25:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dell Wireless [2012/11/02 15:25:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco [2012/11/02 15:25:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Dell [2012/11/02 15:25:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Multimedia Card Reader(9106) [2012/11/02 15:24:17 | 000,041,984 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\USB3Ver.dll [2012/11/02 15:24:16 | 001,721,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WdfCoInstaller01009.dll [2012/11/02 15:24:16 | 000,787,736 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iusb3xhc.sys [2012/11/02 15:24:16 | 000,356,120 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iusb3hub.sys [2012/11/02 15:24:16 | 000,016,152 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iusb3hcs.sys [2012/11/02 15:24:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel [2012/11/02 15:23:34 | 000,000,000 | ---D | C] -- C:\Program Files\Intel [2012/11/02 15:23:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent [2012/11/02 15:23:28 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel [2012/11/02 15:21:05 | 000,000,000 | ---D | C] -- C:\Intel [2012/11/02 15:21:04 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information [2012/11/02 15:21:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel [2012/11/02 15:21:03 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2012/11/02 15:21:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP [2012/11/02 15:21:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center [2012/11/02 15:20:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies [2012/11/02 15:20:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies [2012/11/02 15:20:44 | 000,000,000 | ---D | C] -- C:\Program Files\ATI [2012/11/02 15:11:05 | 000,426,184 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012/11/02 15:11:05 | 000,070,344 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012/11/02 15:11:05 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed [2012/11/02 15:11:04 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed [2012/11/02 15:11:03 | 000,000,000 | ---D | C] -- C:\Program Files\Dell Inc [2012/11/02 15:08:54 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe [2012/11/02 15:08:54 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe [2012/11/02 15:08:43 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2012/10/31 15:10:00 | 000,829,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcr100.dll [2012/10/31 15:10:00 | 000,773,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr100.dll [2012/10/31 15:10:00 | 000,421,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp100.dll [2012/10/31 15:10:00 | 000,158,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\atl100.dll [2012/10/31 15:10:00 | 000,138,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\atl100.dll ========== Files - Modified Within 30 Days ========== [2012/11/28 08:04:58 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012/11/28 08:04:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/11/28 08:02:24 | 012,961,620 | ---- | M] () -- C:\Users\David\Desktop\mbar-1.01.0.1009.zip [2012/11/28 08:02:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\David\Desktop\OTL.exe [2012/11/27 09:34:02 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/11/27 09:34:02 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/11/27 09:31:01 | 000,782,986 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012/11/27 09:31:01 | 000,663,010 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012/11/27 09:31:01 | 000,121,878 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012/11/27 09:26:29 | 2116,730,879 | -HS- | M] () -- C:\hiberfil.sys [2012/11/27 01:45:02 | 000,752,128 | ---- | M] () -- C:\Users\David\Desktop\RogueKiller.exe [2012/11/26 17:42:45 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012/11/26 13:46:43 | 000,292,213 | ---- | M] () -- C:\Users\David\Desktop\12402(023)D Kaplan 11-20-12 annotated.pdf [2012/11/26 13:10:00 | 000,288,172 | ---- | M] () -- C:\Users\David\Desktop\12402(023)D Kaplan 11-20-12.pdf [2012/11/26 12:59:42 | 000,314,487 | ---- | M] () -- C:\Users\David\Desktop\Eudoxie_Intake_pdf.pdf [2012/11/26 06:19:59 | 000,002,066 | ---- | M] () -- C:\Users\David\Desktop\Logitech Control Panel.lnk [2012/11/26 06:02:42 | 000,001,558 | ---- | M] () -- C:\Users\David\Desktop\Receipts 2012.lnk [2012/11/26 06:02:42 | 000,001,445 | ---- | M] () -- C:\Users\David\Desktop\DVD Copy software.lnk [2012/11/26 06:02:42 | 000,001,436 | ---- | M] () -- C:\Users\David\Desktop\System Utilities.lnk [2012/11/26 06:02:42 | 000,001,373 | ---- | M] () -- C:\Users\David\Desktop\home tech.lnk [2012/11/26 06:02:42 | 000,001,344 | ---- | M] () -- C:\Users\David\Desktop\Travel.lnk [2012/11/26 06:02:42 | 000,001,335 | ---- | M] () -- C:\Users\David\Desktop\To Do.lnk [2012/11/26 06:02:42 | 000,001,333 | ---- | M] () -- C:\Users\David\Desktop\Music.lnk [2012/11/26 06:02:42 | 000,001,211 | ---- | M] () -- C:\Users\David\Desktop\Downloads.lnk [2012/11/25 12:01:35 | 000,000,862 | ---- | M] () -- C:\Users\Public\Desktop\FreeFileSync.lnk [2012/11/24 23:18:59 | 000,000,846 | ---- | M] () -- C:\Users\David\Desktop\RarZilla.lnk [2012/11/24 17:22:46 | 000,000,259 | ---- | M] () -- C:\Users\David\Desktop\associate Edit with Notepad.url [2012/11/24 09:35:04 | 000,001,340 | ---- | M] () -- C:\Users\David\Desktop\Everything Indexer.lnk [2012/11/20 15:52:36 | 000,001,687 | ---- | M] () -- C:\Users\David\Desktop\recently played music.lnk [2012/11/19 23:02:00 | 000,000,787 | ---- | M] () -- C:\Users\David\Desktop\mp3DirectCut.lnk [2012/11/19 20:39:46 | 000,000,126 | ---- | M] () -- C:\Users\David\Desktop\RareWares.url [2012/11/19 19:48:56 | 000,001,013 | ---- | M] () -- C:\Users\David\Desktop\Audacity.lnk [2012/11/19 18:41:19 | 000,000,683 | ---- | M] () -- C:\Users\David\Desktop\pathlen.exe.lnk [2012/11/19 18:35:35 | 000,001,134 | ---- | M] () -- C:\Users\David\Desktop\UniExtractor.lnk [2012/11/19 18:32:07 | 000,001,193 | ---- | M] () -- C:\Users\David\Desktop\CDWav.exe.lnk [2012/11/18 23:55:43 | 000,001,153 | ---- | M] () -- C:\Users\David\Desktop\Tagscan.exe.lnk [2012/11/18 23:14:36 | 000,001,896 | ---- | M] () -- C:\Users\David\Desktop\IrfanView Thumbnails.lnk [2012/11/18 23:14:36 | 000,001,004 | ---- | M] () -- C:\Users\David\Desktop\IrfanView.lnk [2012/11/18 22:29:11 | 000,001,076 | ---- | M] () -- C:\Users\Public\Desktop\Exact Audio Copy.lnk [2012/11/18 11:35:00 | 000,795,928 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012/11/17 11:11:57 | 003,845,654 | ---- | M] () -- C:\Users\Public\Documents\abutters.pdf [2012/11/15 00:27:02 | 000,001,139 | ---- | M] () -- C:\Users\David\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk [2012/11/15 00:11:53 | 000,413,312 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012/11/14 15:00:31 | 000,001,269 | ---- | M] () -- C:\Users\David\Desktop\Local - App Data.lnk [2012/11/14 00:56:02 | 000,001,058 | ---- | M] () -- C:\Users\David\Desktop\Logitech Media Server.lnk [2012/11/14 00:41:27 | 000,001,060 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech Media Server Tray Tool.lnk [2012/11/13 19:56:09 | 000,002,216 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Google Calendar Sync.lnk [2012/11/12 17:16:08 | 014,492,672 | ---- | M] () -- C:\Users\David\Documents\calendar.pst [2012/11/12 10:45:48 | 000,170,095 | ---- | M] () -- C:\Users\Public\Documents\bookmarks_11_12_12.html [2012/11/11 17:51:50 | 000,002,977 | ---- | M] () -- C:\Users\David\Desktop\Family.lnk [2012/11/11 17:24:41 | 000,001,013 | ---- | M] () -- C:\Users\David\Desktop\David.lnk [2012/11/10 18:09:42 | 000,001,443 | ---- | M] () -- C:\Users\David\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2012/11/10 17:42:44 | 000,108,227 | ---- | M] () -- C:\Windows\SysWow64\license.rtf [2012/11/10 17:42:44 | 000,108,227 | ---- | M] () -- C:\Windows\SysNative\license.rtf [2012/11/02 17:06:20 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin [2012/11/02 17:06:05 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2012/11/02 17:03:41 | 000,030,752 | RH-- | M] () -- C:\dell.sdr [2012/11/02 17:01:02 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe [2012/11/02 17:01:02 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe [2012/11/02 17:01:01 | 002,315,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll [2012/11/02 17:01:01 | 002,223,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll [2012/11/02 17:01:01 | 001,549,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll [2012/11/02 17:01:01 | 001,401,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll [2012/11/02 17:01:01 | 000,778,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll [2012/11/02 17:01:01 | 000,666,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll [2012/11/02 17:01:01 | 000,491,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll [2012/11/02 17:01:01 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll [2012/11/02 17:01:01 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll [2012/11/02 17:01:01 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe [2012/11/02 17:01:01 | 000,113,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe [2012/11/02 17:01:01 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll [2012/11/02 17:01:01 | 000,059,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll [2012/11/02 17:01:00 | 000,476,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2012/11/02 17:01:00 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2012/11/02 17:00:59 | 001,395,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll [2012/11/02 17:00:59 | 001,359,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll [2012/11/02 17:00:59 | 001,164,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll [2012/11/02 17:00:59 | 001,137,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll [2012/11/02 17:00:59 | 000,613,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll [2012/11/02 17:00:59 | 000,465,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll [2012/11/02 17:00:59 | 000,108,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax [2012/11/02 17:00:59 | 000,075,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax [2012/11/02 17:00:59 | 000,027,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys [2012/11/02 17:00:58 | 000,509,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll [2012/11/02 17:00:58 | 000,367,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2012/11/02 17:00:58 | 000,294,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2012/11/02 17:00:58 | 000,252,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe [2012/11/02 17:00:58 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll [2012/11/02 17:00:58 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll [2012/11/02 17:00:58 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll [2012/11/02 17:00:58 | 000,070,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll [2012/11/02 17:00:58 | 000,046,080 | ---- | M] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2012/11/02 17:00:58 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll [2012/11/02 17:00:58 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2012/11/02 17:00:58 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll [2012/11/02 17:00:58 | 000,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll [2012/11/02 17:00:57 | 002,871,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe [2012/11/02 17:00:57 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe [2012/11/02 17:00:57 | 000,902,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [2012/11/02 17:00:57 | 000,723,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll [2012/11/02 17:00:57 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll [2012/11/02 17:00:57 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll [2012/11/02 17:00:57 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll [2012/11/02 17:00:56 | 003,216,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll [2012/11/02 17:00:55 | 000,515,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl [2012/11/02 17:00:55 | 000,478,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl [2012/11/02 17:00:55 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll [2012/11/02 17:00:55 | 000,023,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys [2012/11/02 17:00:54 | 001,133,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll [2012/11/02 17:00:54 | 000,805,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll [2012/11/02 17:00:53 | 001,731,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll [2012/11/02 17:00:53 | 001,572,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll [2012/11/02 17:00:53 | 001,328,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll [2012/11/02 17:00:53 | 001,118,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll [2012/11/02 17:00:53 | 000,961,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll [2012/11/02 17:00:53 | 000,861,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll [2012/11/02 17:00:53 | 000,850,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll [2012/11/02 17:00:53 | 000,642,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll [2012/11/02 17:00:53 | 000,331,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll [2012/11/02 17:00:53 | 000,319,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll [2012/11/02 17:00:53 | 000,259,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax [2012/11/02 17:00:53 | 000,212,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll [2012/11/02 17:00:53 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax [2012/11/02 17:00:53 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll [2012/11/02 17:00:53 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll [2012/11/02 17:00:53 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll [2012/11/02 17:00:53 | 000,122,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll [2012/11/02 17:00:53 | 000,106,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll [2012/11/02 17:00:53 | 000,106,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll [2012/11/02 17:00:53 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll [2012/11/02 17:00:53 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll [2012/11/02 17:00:53 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll [2012/11/02 17:00:53 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe [2012/11/02 17:00:52 | 002,565,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll [2012/11/02 17:00:52 | 001,699,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll [2012/11/02 17:00:52 | 001,544,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2012/11/02 17:00:52 | 000,634,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll [2012/11/02 17:00:52 | 000,189,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys [2012/11/02 17:00:52 | 000,107,904 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys [2012/11/02 17:00:52 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe [2012/11/02 17:00:52 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe [2012/11/02 17:00:52 | 000,027,008 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys [2012/11/02 17:00:52 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll [2012/11/02 17:00:52 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll [2012/11/02 17:00:51 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys [2012/11/02 17:00:51 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe [2012/11/02 17:00:51 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll [2012/11/02 17:00:51 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll [2012/11/02 17:00:51 | 000,007,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys [2012/11/02 17:00:50 | 003,958,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WinSAT.exe [2012/11/02 17:00:50 | 000,642,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi [2012/11/02 17:00:50 | 000,605,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe [2012/11/02 17:00:50 | 000,566,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi [2012/11/02 17:00:50 | 000,518,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe [2012/11/02 17:00:50 | 000,357,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll [2012/11/02 17:00:50 | 000,257,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll [2012/11/02 17:00:50 | 000,246,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\input.dll [2012/11/02 17:00:50 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\input.dll [2012/11/02 17:00:50 | 000,196,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll [2012/11/02 17:00:50 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe [2012/11/02 17:00:50 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe [2012/11/02 17:00:50 | 000,020,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll [2012/11/02 17:00:50 | 000,019,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll [2012/11/02 17:00:50 | 000,017,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll [2012/11/02 17:00:49 | 000,800,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll [2012/11/02 17:00:49 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINTAM.DLL [2012/11/02 17:00:49 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINMAL.DLL [2012/11/02 17:00:49 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINDEV.DLL [2012/11/02 17:00:49 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINBEN.DLL [2012/11/02 17:00:49 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINTEL.DLL [2012/11/02 17:00:49 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINTAM.DLL [2012/11/02 17:00:49 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINPUN.DLL [2012/11/02 17:00:49 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINORI.DLL [2012/11/02 17:00:49 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINORI.DLL [2012/11/02 17:00:49 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINMAR.DLL [2012/11/02 17:00:49 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINMAR.DLL [2012/11/02 17:00:49 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINMAL.DLL [2012/11/02 17:00:49 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINKAN.DLL [2012/11/02 17:00:49 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINKAN.DLL [2012/11/02 17:00:49 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINHIN.DLL [2012/11/02 17:00:49 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINHIN.DLL [2012/11/02 17:00:49 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINGUJ.DLL [2012/11/02 17:00:49 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINEN.DLL [2012/11/02 17:00:49 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINDEV.DLL [2012/11/02 17:00:49 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINBEN.DLL [2012/11/02 17:00:49 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINBE2.DLL [2012/11/02 17:00:49 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINBE1.DLL [2012/11/02 17:00:49 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINASA.DLL [2012/11/02 17:00:49 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINTEL.DLL [2012/11/02 17:00:49 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINPUN.DLL [2012/11/02 17:00:49 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINGUJ.DLL [2012/11/02 17:00:49 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINBE2.DLL [2012/11/02 17:00:49 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINBE1.DLL [2012/11/02 17:00:49 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINASA.DLL [2012/11/02 17:00:47 | 001,031,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll [2012/11/02 17:00:47 | 000,826,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll [2012/11/02 16:48:21 | 000,003,412 | ---- | M] () -- C:\Windows\SysWow64\drivers\1028_Dell_XPS_8500.mrk [2012/11/02 16:48:21 | 000,003,412 | ---- | M] () -- C:\Windows\SysNative\drivers\1028_Dell_XPS_8500.mrk [2012/11/02 16:47:54 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2012/11/02 16:47:54 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2012/11/02 16:47:54 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2012/11/02 16:47:54 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2012/11/02 16:47:54 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2012/11/02 16:47:54 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2012/11/02 16:47:54 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2012/11/02 16:47:54 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2012/11/02 16:47:54 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll [2012/11/02 16:47:54 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll [2012/11/02 16:47:54 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2012/11/02 16:47:54 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2012/11/02 16:47:54 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2012/11/02 16:47:54 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll [2012/11/02 16:47:54 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll [2012/11/02 16:47:54 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2012/11/02 16:47:54 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2012/11/02 16:47:54 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll [2012/11/02 16:47:54 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2012/11/02 16:47:54 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2012/11/02 16:47:54 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2012/11/02 16:47:54 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2012/11/02 16:47:54 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2012/11/02 16:47:54 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll [2012/11/02 16:47:54 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2012/11/02 16:47:54 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2012/11/02 16:47:54 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll [2012/11/02 16:47:54 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2012/11/02 16:47:54 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2012/11/02 16:47:54 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2012/11/02 16:47:54 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll [2012/11/02 16:47:54 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2012/11/02 16:47:54 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2012/11/02 16:47:54 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2012/11/02 16:47:54 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2012/11/02 16:47:54 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2012/11/02 16:47:54 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2012/11/02 16:47:54 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2012/11/02 16:47:54 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2012/11/02 16:47:54 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2012/11/02 16:47:54 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2012/11/02 16:47:54 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2012/11/02 16:47:54 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe [2012/11/02 16:47:54 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2012/11/02 16:47:54 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2012/11/02 16:47:54 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2012/11/02 16:47:54 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2012/11/02 16:47:54 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2012/11/02 16:47:54 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2012/11/02 16:47:54 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2012/11/02 16:47:54 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2012/11/02 16:47:54 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2012/11/02 16:47:54 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2012/11/02 16:47:54 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2012/11/02 16:47:54 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2012/11/02 16:47:54 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2012/11/02 16:47:54 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2012/11/02 16:47:54 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2012/11/02 16:47:54 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2012/11/02 15:40:24 | 001,070,632 | ---- | M] () -- C:\Windows\SysNative\chklogo6.wtl [2012/11/02 15:27:42 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_btath_hcrp_01009.Wdf [2012/11/02 15:26:18 | 000,246,804 | ---- | M] () -- C:\Windows\SysNative\drivers\AtherosBt.bin [2012/11/02 15:26:18 | 000,001,796 | ---- | M] () -- C:\Windows\SysNative\drivers\ramps_0x11020000_40.dfu [2012/11/02 15:26:18 | 000,001,242 | ---- | M] () -- C:\Windows\SysNative\drivers\ramps_0x01020200_40_0x01.dfu [2012/11/02 15:26:18 | 000,001,214 | ---- | M] () -- C:\Windows\SysNative\drivers\ramps_0x01020200_40_0x03.dfu [2012/11/02 15:26:18 | 000,001,204 | ---- | M] () -- C:\Windows\SysNative\drivers\ramps_0x01020200_40_0x02.dfu [2012/11/02 15:26:18 | 000,001,204 | ---- | M] () -- C:\Windows\SysNative\drivers\ramps_0x01020200_40.dfu [2012/11/02 15:26:18 | 000,001,198 | ---- | M] () -- C:\Windows\SysNative\drivers\ramps_0x01020200_26.dfu [2012/11/02 15:26:18 | 000,001,192 | ---- | M] () -- C:\Windows\SysNative\drivers\ramps_0x01020200_26_0x01.dfu [2012/11/02 15:24:24 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iusb3hcs_01009.Wdf [2012/11/02 15:11:05 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012/11/02 15:11:05 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012/11/02 15:07:55 | 000,164,480 | ---- | M] () -- C:\Windows\SysNative\drivers\RTWAVES40.dat [2012/10/31 15:10:00 | 000,829,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msvcr100.dll [2012/10/31 15:10:00 | 000,773,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr100.dll [2012/10/31 15:10:00 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp100.dll [2012/10/31 15:10:00 | 000,158,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\atl100.dll [2012/10/31 15:10:00 | 000,138,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\atl100.dll ========== Files Created - No Company Name ========== [2012/11/28 08:37:13 | 012,961,620 | ---- | C] () -- C:\Users\David\Desktop\mbar-1.01.0.1009.zip [2012/11/27 09:27:26 | 000,752,128 | ---- | C] () -- C:\Users\David\Desktop\RogueKiller.exe [2012/11/26 17:42:45 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012/11/26 13:46:43 | 000,292,213 | ---- | C] () -- C:\Users\David\Desktop\12402(023)D Kaplan 11-20-12 annotated.pdf [2012/11/26 13:10:00 | 000,288,172 | ---- | C] () -- C:\Users\David\Desktop\12402(023)D Kaplan 11-20-12.pdf [2012/11/26 12:59:42 | 000,314,487 | ---- | C] () -- C:\Users\David\Desktop\Eudoxie_Intake_pdf.pdf [2012/11/25 12:01:35 | 000,000,862 | ---- | C] () -- C:\Users\Public\Desktop\FreeFileSync.lnk [2012/11/24 23:17:11 | 000,000,846 | ---- | C] () -- C:\Users\David\Desktop\RarZilla.lnk [2012/11/24 17:22:46 | 000,000,259 | ---- | C] () -- C:\Users\David\Desktop\associate Edit with Notepad.url [2012/11/24 09:33:33 | 000,001,340 | ---- | C] () -- C:\Users\David\Desktop\Everything Indexer.lnk [2012/11/19 20:39:46 | 000,000,126 | ---- | C] () -- C:\Users\David\Desktop\RareWares.url [2012/11/19 19:48:56 | 000,001,025 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk [2012/11/19 19:48:56 | 000,001,013 | ---- | C] () -- C:\Users\David\Desktop\Audacity.lnk [2012/11/19 19:29:08 | 000,000,787 | ---- | C] () -- C:\Users\David\Desktop\mp3DirectCut.lnk [2012/11/19 18:41:19 | 000,000,683 | ---- | C] () -- C:\Users\David\Desktop\pathlen.exe.lnk [2012/11/19 18:35:35 | 000,001,134 | ---- | C] () -- C:\Users\David\Desktop\UniExtractor.lnk [2012/11/19 18:32:07 | 000,001,193 | ---- | C] () -- C:\Users\David\Desktop\CDWav.exe.lnk [2012/11/18 23:55:43 | 000,001,153 | ---- | C] () -- C:\Users\David\Desktop\Tagscan.exe.lnk [2012/11/18 23:14:36 | 000,001,896 | ---- | C] () -- C:\Users\David\Desktop\IrfanView Thumbnails.lnk [2012/11/18 23:14:36 | 000,001,004 | ---- | C] () -- C:\Users\David\Desktop\IrfanView.lnk [2012/11/18 22:29:11 | 000,001,076 | ---- | C] () -- C:\Users\Public\Desktop\Exact Audio Copy.lnk [2012/11/17 11:18:41 | 003,845,654 | ---- | C] () -- C:\Users\Public\Documents\abutters.pdf [2012/11/16 09:30:11 | 000,002,066 | ---- | C] () -- C:\Users\David\Desktop\Logitech Control Panel.lnk [2012/11/15 14:01:51 | 000,087,152 | ---- | C] () -- C:\Windows\SysNative\cpwmon64.dll [2012/11/15 00:09:09 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf [2012/11/15 00:05:20 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf [2012/11/14 20:50:08 | 000,001,119 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\foobar2000.lnk [2012/11/14 15:00:31 | 000,001,269 | ---- | C] () -- C:\Users\David\Desktop\Local - App Data.lnk [2012/11/14 00:41:27 | 000,001,060 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech Media Server Tray Tool.lnk [2012/11/14 00:41:27 | 000,001,058 | ---- | C] () -- C:\Users\David\Desktop\Logitech Media Server.lnk [2012/11/13 19:56:09 | 000,002,216 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Google Calendar Sync.lnk [2012/11/12 15:38:24 | 014,492,672 | ---- | C] () -- C:\Users\David\Documents\calendar.pst [2012/11/12 12:58:13 | 000,001,139 | ---- | C] () -- C:\Users\David\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk [2012/11/12 12:44:55 | 000,015,360 | ---- | C] () -- C:\Windows\SysWow64\CNC1743D.TBL [2012/11/12 10:45:39 | 000,170,095 | ---- | C] () -- C:\Users\Public\Documents\bookmarks_11_12_12.html [2012/11/11 17:51:50 | 000,002,977 | ---- | C] () -- C:\Users\David\Desktop\Family.lnk [2012/11/11 17:24:41 | 000,001,013 | ---- | C] () -- C:\Users\David\Desktop\David.lnk [2012/11/11 17:24:09 | 000,001,211 | ---- | C] () -- C:\Users\David\Desktop\Downloads.lnk [2012/11/11 17:07:16 | 000,001,373 | ---- | C] () -- C:\Users\David\Desktop\home tech.lnk [2012/11/11 17:02:38 | 000,001,445 | ---- | C] () -- C:\Users\David\Desktop\DVD Copy software.lnk [2012/11/11 17:02:21 | 000,001,344 | ---- | C] () -- C:\Users\David\Desktop\Travel.lnk [2012/11/11 17:02:12 | 000,001,335 | ---- | C] () -- C:\Users\David\Desktop\To Do.lnk [2012/11/11 17:01:48 | 000,001,436 | ---- | C] () -- C:\Users\David\Desktop\System Utilities.lnk [2012/11/11 17:01:36 | 000,001,558 | ---- | C] () -- C:\Users\David\Desktop\Receipts 2012.lnk [2012/11/11 17:01:04 | 000,001,687 | ---- | C] () -- C:\Users\David\Desktop\recently played music.lnk [2012/11/11 17:00:11 | 000,001,333 | ---- | C] () -- C:\Users\David\Desktop\Music.lnk [2012/11/11 08:23:59 | 000,065,645 | ---- | C] () -- C:\Users\David\Documents\1126 Oakhurst St..pdf [2012/11/11 08:23:59 | 000,005,759 | ---- | C] () -- C:\Users\David\Documents\as of Jan 22 10.Theme [2012/11/11 08:23:59 | 000,005,747 | ---- | C] () -- C:\Users\David\Documents\Lara1.Theme [2012/11/11 08:23:59 | 000,005,742 | ---- | C] () -- C:\Users\David\Documents\Lara.theme [2012/11/10 22:37:08 | 000,000,487 | ---- | C] () -- C:\Users\David\Documents\old D4600 deskktop.lnk [2012/11/10 18:09:42 | 000,001,443 | ---- | C] () -- C:\Users\David\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2012/11/10 18:00:31 | 000,001,415 | ---- | C] () -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk [2012/11/10 18:00:29 | 000,001,449 | ---- | C] () -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2012/11/10 17:55:53 | 000,001,979 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Help Documentation.lnk [2012/11/10 17:55:45 | 000,000,290 | ---- | C] () -- C:\Users\David\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk [2012/11/10 17:55:45 | 000,000,272 | ---- | C] () -- C:\Users\David\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk [2012/11/02 17:06:20 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2012/11/02 17:06:05 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2012/11/02 17:05:50 | 000,164,480 | ---- | C] () -- C:\Windows\SysNative\drivers\RTWAVES40.dat [2012/11/02 17:04:53 | 2116,730,879 | -HS- | C] () -- C:\hiberfil.sys [2012/11/02 17:03:41 | 000,030,752 | RH-- | C] () -- C:\dell.sdr [2012/11/02 16:49:19 | 000,204,940 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT [2012/11/02 16:49:10 | 001,988,768 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.cap [2012/11/02 16:49:10 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2012/11/02 16:49:10 | 000,204,952 | ---- | C] () -- C:\Windows\SysNative\ativvsvl.dat [2012/11/02 16:49:10 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2012/11/02 16:49:10 | 000,157,144 | ---- | C] () -- C:\Windows\SysNative\ativvsva.dat [2012/11/02 16:49:09 | 001,987,040 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap [2012/11/02 16:49:09 | 000,036,194 | ---- | C] () -- C:\Windows\atiogl.xml [2012/11/02 16:49:09 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2012/11/02 16:49:09 | 000,003,917 | ---- | C] () -- C:\Windows\SysNative\atipblag.dat [2012/11/02 16:49:07 | 000,239,869 | ---- | C] () -- C:\Windows\SysNative\atiicdxx.dat [2012/11/02 16:49:05 | 000,205,712 | ---- | C] () -- C:\Windows\SysWow64\atiapfxx.blb [2012/11/02 16:49:05 | 000,205,712 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb [2012/11/02 16:48:21 | 000,003,412 | ---- | C] () -- C:\Windows\SysWow64\drivers\1028_Dell_XPS_8500.mrk [2012/11/02 16:48:21 | 000,003,412 | ---- | C] () -- C:\Windows\SysNative\drivers\1028_Dell_XPS_8500.mrk [2012/11/02 16:47:54 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2012/11/02 16:47:54 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2012/11/02 15:40:24 | 001,070,632 | ---- | C] () -- C:\Windows\SysNative\chklogo6.wtl [2012/11/02 15:37:09 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2012/11/02 15:35:40 | 000,001,307 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk [2012/11/02 15:35:37 | 000,001,376 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk [2012/11/02 15:35:22 | 000,001,460 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk [2012/11/02 15:35:18 | 000,002,488 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk [2012/11/02 15:32:06 | 000,000,970 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Digital Delivery.lnk [2012/11/02 15:31:39 | 000,002,435 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk [2012/11/02 15:27:42 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_btath_hcrp_01009.Wdf [2012/11/02 15:25:57 | 000,018,199 | ---- | C] () -- C:\Windows\SysNative\netathrx.inf [2012/11/02 15:25:57 | 000,008,318 | ---- | C] () -- C:\Windows\SysNative\athrextx.cat [2012/11/02 15:24:24 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iusb3hcs_01009.Wdf [2012/11/02 15:24:12 | 000,015,128 | ---- | C] () -- C:\Windows\SysNative\drivers\IntelMEFWVer.dll [2012/11/02 15:11:06 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012/01/10 20:39:16 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll [2011/10/25 21:21:48 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll [2011/10/25 21:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll [2011/02/10 11:10:51 | 000,795,928 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI ========== ZeroAccess Check ========== [2009/07/13 23:55:00 | 000,000,227 | ---- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012/11/02 17:00:55 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012/11/02 17:00:55 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2012/11/02 17:03:41 | 000,030,752 | RH-- | M] () -- C:\dell.sdr [2012/11/27 09:26:29 | 2116,730,879 | -HS- | M] () -- C:\hiberfil.sys [2012/11/27 09:26:30 | 4253,966,335 | -HS- | M] () -- C:\pagefile.sys [2012/11/13 23:51:10 | 000,042,330 | ---- | M] () -- C:\RPSetup.exe.log < %systemroot%\*. /mp /s > < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > < End of report >

Here goes: OTL.txt part 1: OTL logfile created on: 11/28/2012 8:42:11 AM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\David\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 7.96 Gb Total Physical Memory | 6.00 Gb Available Physical Memory | 75.41% Memory free 15.92 Gb Paging File | 12.93 Gb Available in Paging File | 81.23% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 1850.72 Gb Total Space | 1726.14 Gb Free Space | 93.27% Space Free | Partition Type: NTFS Drive I: | 30.20 Gb Total Space | 29.62 Gb Free Space | 98.07% Space Free | Partition Type: FAT32 Drive U: | 1863.01 Gb Total Space | 1033.07 Gb Free Space | 55.45% Space Free | Partition Type: NTFS Computer Name: DAVID-OFFICE | User Name: David | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012/11/28 08:02:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\David\Desktop\OTL.exe PRC - [2012/11/11 02:06:52 | 014,032,993 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Squeezebox\server\SqueezeSvr.exe PRC - [2012/09/29 19:54:26 | 000,766,536 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2012/09/29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012/09/29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe PRC - [2012/07/27 13:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012/02/17 01:33:34 | 000,291,608 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe PRC - [2012/02/01 16:29:58 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2012/02/01 16:29:56 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe PRC - [2012/01/21 11:35:24 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe PRC - [2012/01/21 11:35:22 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe PRC - [2011/12/29 18:12:06 | 000,158,880 | ---- | M] (Atheros) -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe PRC - [2011/12/26 20:53:00 | 000,076,960 | ---- | M] (Atheros) -- C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe PRC - [2011/04/08 07:50:02 | 000,542,264 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe PRC - [2010/08/23 09:11:28 | 000,206,240 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe PRC - [2010/03/10 16:26:30 | 000,237,568 | ---- | M] (Alcor Micro Corp.) -- C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe ========== Modules (No Company Name) ========== MOD - [2012/11/15 00:57:12 | 000,489,472 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\8bb44e1dd221cada48308ce5f5d20561\IAStorUtil.ni.dll MOD - [2012/11/15 00:57:12 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\0461c2bf4c5b235c0ca1d923c10d6849\IAStorCommon.ni.dll MOD - [2012/11/15 00:14:37 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\413288993ff690e8251d2dbe32bee01f\System.Runtime.Remoting.ni.dll MOD - [2012/11/15 00:14:25 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll MOD - [2012/11/15 00:14:21 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll MOD - [2012/11/15 00:14:14 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b311b783e1efaa9527f4c2c9680c44d1\WindowsBase.ni.dll MOD - [2012/11/15 00:14:12 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll MOD - [2012/11/15 00:14:10 | 007,988,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll MOD - [2012/11/15 00:14:10 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll MOD - [2012/11/15 00:14:06 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll ========== Services (SafeList) ========== SRV:64bit: - [2012/09/10 17:47:50 | 000,383,608 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\mcafee\virusscan\mcods.exe -- (McODS) SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service) SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McProxy) SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McOobeSv) SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNASvc) SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn) SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc) SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc) SRV:64bit: - [2012/07/17 14:52:28 | 000,177,144 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp) SRV:64bit: - [2012/07/17 14:49:24 | 000,218,320 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire) SRV:64bit: - [2012/07/17 14:47:42 | 000,237,920 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield) SRV:64bit: - [2012/01/10 21:01:52 | 000,627,936 | ---- | M] (Intel® Corporation) [Auto | Running] -- c:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel® SRV:64bit: - [2011/10/26 14:01:00 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2011/03/08 17:00:50 | 000,224,704 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- c:\Program Files\mcafee\msc\McAWFwk.exe -- (McAWFwk) SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV:64bit: - [2009/11/17 21:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters) SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2012/11/11 02:06:52 | 014,032,993 | ---- | M] () [Auto | Running] -- C:/PROGRA~2/SQUEEZ~1/server/SqueezeSvr.exe -- (squeezesvc) SRV - [2012/11/02 15:11:05 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012/10/09 10:22:48 | 000,173,568 | ---- | M] (Dell Products, LP.) [Auto | Stopped] -- C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe -- (DellDigitalDelivery) SRV - [2012/09/29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012/09/29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2012/08/27 06:32:34 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Users\David\AppData\Local\Temp\7zS16F7\HPSLPSVC64.DLL -- (HPSLPSVC) SRV - [2012/07/27 13:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012/02/01 16:29:58 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) SRV - [2012/01/21 11:35:24 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2012/01/21 11:35:22 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2011/12/29 18:12:06 | 000,158,880 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe -- (ZAtheros Bt&Wlan Coex Agent) SRV - [2011/12/29 17:53:48 | 000,106,144 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe -- (AtherosSvc) SRV - [2011/12/26 20:53:00 | 000,076,960 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe -- (ZAtheros Wlan Agent) SRV - [2010/03/18 16:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012/11/02 17:00:55 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012/11/02 17:00:52 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2012/11/02 17:00:52 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2012/09/29 19:54:26 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2012/09/04 00:50:20 | 000,025,584 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Running] -- c:\Program Files\Dell Support Center\pcdsrvc_x64.pkms -- (PCDSRVC{1E208CE0-FB7451FF-06020200}_0) DRV:64bit: - [2012/07/17 18:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:64bit: - [2012/07/17 14:55:40 | 000,069,672 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids) DRV:64bit: - [2012/07/17 14:52:38 | 000,335,784 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk) DRV:64bit: - [2012/07/17 14:51:16 | 000,106,112 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet) DRV:64bit: - [2012/07/17 14:50:36 | 000,752,672 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk) DRV:64bit: - [2012/07/17 14:49:36 | 000,513,456 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek) DRV:64bit: - [2012/07/17 14:48:54 | 000,300,392 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk) DRV:64bit: - [2012/07/17 14:48:34 | 000,169,320 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk) DRV:64bit: - [2012/04/20 16:40:58 | 000,196,440 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HipShieldK.sys -- (HipShieldK) DRV:64bit: - [2012/02/01 18:16:40 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2012/01/27 02:39:34 | 000,787,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc) DRV:64bit: - [2012/01/27 02:39:34 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub) DRV:64bit: - [2012/01/27 02:39:34 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs) DRV:64bit: - [2011/12/29 18:02:50 | 000,548,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter) DRV:64bit: - [2011/12/29 18:02:24 | 000,280,992 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP) DRV:64bit: - [2011/12/29 18:02:12 | 000,068,256 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT) DRV:64bit: - [2011/12/29 18:01:42 | 000,167,584 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP) DRV:64bit: - [2011/12/29 18:01:24 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort) DRV:64bit: - [2011/12/29 18:01:12 | 000,030,368 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS) DRV:64bit: - [2011/12/29 18:00:54 | 000,110,752 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt) DRV:64bit: - [2011/12/29 18:00:42 | 000,338,592 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP) DRV:64bit: - [2011/12/13 11:32:22 | 002,797,056 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2011/12/06 06:23:08 | 000,331,264 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) DRV:64bit: - [2011/11/24 02:02:20 | 000,648,808 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2011/10/26 15:05:12 | 010,496,512 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2011/10/26 13:22:00 | 000,326,656 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2011/10/18 05:40:50 | 000,093,712 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService) DRV:64bit: - [2010/11/20 22:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010/11/20 22:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2006/11/01 04:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr) DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {4B859847-F617-49DD-9DB7-B8746DBA5905} IE:64bit: - HKLM\..\SearchScopes\{4B859847-F617-49DD-9DB7-B8746DBA5905}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MDDCJS IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {4B859847-F617-49DD-9DB7-B8746DBA5905} IE - HKLM\..\SearchScopes\{4B859847-F617-49DD-9DB7-B8746DBA5905}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MDDCJS IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = about:Tabs [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig IE - HKCU\..\SearchScopes,DefaultScope = {4B859847-F617-49DD-9DB7-B8746DBA5905} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL () FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL () FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2012/11/13 09:23:28 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2012/11/13 21:35:47 | 000,000,000 | ---D | M] O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\mcafee\systemcore\ScriptSn.20121110234248.dll (McAfee, Inc.) O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.) O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\mcafee\SystemCore\ScriptSn.20121110234248.dll (McAfee, Inc.) O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations) O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe (Atheros Commnucations) O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.) O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation) O4 - HKLM..\Run: [iJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe (CANON INC.) O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.) O4 - HKLM..\Run: [shwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe (Alcor Micro Corp.) O4 - HKLM..\Run: [startCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [uSB3MON] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = [binary data] O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C708C6C8-AA35-497C-9F47-265D94DEE69F}: DhcpNameServer = 192.168.1.254 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.) O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2012/11/28 08:37:14 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\David\Desktop\OTL.exe [2012/11/28 08:37:13 | 000,000,000 | ---D | C] -- C:\Users\David\Desktop\repair 11-28-12 [2012/11/27 20:02:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee [2012/11/27 12:22:05 | 000,000,000 | ---D | C] -- C:\FRST [2012/11/27 09:27:50 | 000,000,000 | ---D | C] -- C:\Users\David\Desktop\RK_Quarantine [2012/11/27 09:26:48 | 000,000,000 | R--D | C] -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices [2012/11/26 19:37:00 | 000,000,000 | ---D | C] -- C:\Users\David\Desktop\Trojan Ransom [2012/11/26 17:42:52 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Malwarebytes [2012/11/26 17:42:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012/11/26 17:42:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012/11/26 17:42:41 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012/11/26 17:42:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012/11/26 17:06:26 | 000,000,000 | ---D | C] -- C:\Qoobox [2012/11/26 17:06:18 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2012/11/26 12:07:21 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\My SureThing Projects [2012/11/26 12:06:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Staples CD Labeler v5 [2012/11/26 11:58:04 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\MicroVision Applications [2012/11/26 11:45:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SureThing Shared [2012/11/26 11:45:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Staples CD Labeler [2012/11/25 15:00:52 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\FreeFileSync [2012/11/25 12:03:08 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\FreeFileSync [2012/11/25 12:01:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeFileSync [2012/11/25 12:01:35 | 000,000,000 | ---D | C] -- C:\Program Files\FreeFileSync [2012/11/25 12:01:34 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\CrashDumps [2012/11/25 08:59:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip [2012/11/25 08:59:52 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip [2012/11/24 17:25:35 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Apps [2012/11/24 13:47:46 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJScan [2012/11/24 13:47:39 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Canon [2012/11/24 13:28:19 | 000,000,000 | ---D | C] -- C:\Users\David\Desktop\Trio Kinsky,Quatuor Prazak - Musique de chambre - vol.3 [2012/11/24 12:26:30 | 000,000,000 | ---D | C] -- C:\Users\David\Desktop\Chandos CHSA 5094-Delius VC Little [2012/11/19 20:04:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ffmpeg For Audacity [2012/11/19 20:03:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lame For Audacity [2012/11/19 19:49:13 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Audacity [2012/11/19 19:48:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Audacity [2012/11/18 23:55:02 | 000,000,000 | ---D | C] -- C:\Programs [2012/11/18 23:14:33 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView [2012/11/18 23:14:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IrfanView [2012/11/18 22:29:19 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\EAC [2012/11/18 22:29:17 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\AccurateRip [2012/11/18 22:29:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exact Audio Copy [2012/11/18 22:29:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Exact Audio Copy [2012/11/18 20:53:48 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Support Center [2012/11/18 20:53:48 | 000,000,000 | ---D | C] -- C:\ProgramData\PC-Doctor for Windows [2012/11/18 20:53:33 | 000,000,000 | ---D | C] -- C:\Program Files\Dell Support Center [2012/11/18 19:15:40 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Dell [2012/11/18 19:15:37 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\PCDr [2012/11/18 19:15:13 | 000,000,000 | ---D | C] -- C:\ProgramData\PCDr [2012/11/18 19:09:06 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Dell Edoc Viewer [2012/11/15 16:02:22 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\CutePDF Writer [2012/11/15 14:02:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GPLGS [2012/11/15 14:01:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CutePDF [2012/11/15 14:01:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Acro Software [2012/11/15 10:42:17 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\Style Manuals [2012/11/15 08:34:01 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\ElevatedDiagnostics [2012/11/15 08:07:28 | 000,000,000 | ---D | C] -- C:\ProgramData\HP [2012/11/15 00:09:08 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys [2012/11/15 00:09:08 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll [2012/11/15 00:06:39 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012/11/15 00:06:39 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012/11/15 00:06:39 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012/11/15 00:06:39 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012/11/15 00:06:39 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2012/11/15 00:06:39 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012/11/15 00:06:39 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012/11/15 00:06:39 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012/11/15 00:06:38 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012/11/15 00:06:38 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012/11/15 00:06:38 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012/11/15 00:06:38 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012/11/15 00:06:38 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2012/11/15 00:06:38 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012/11/15 00:06:38 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2012/11/15 00:05:20 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll [2012/11/15 00:05:20 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe [2012/11/15 00:05:20 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll [2012/11/15 00:05:20 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll [2012/11/15 00:04:38 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2012/11/15 00:04:37 | 001,448,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll [2012/11/15 00:04:35 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll [2012/11/15 00:04:35 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll [2012/11/14 20:50:12 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\foobar2000 [2012/11/14 20:50:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\foobar2000 [2012/11/14 08:56:50 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll [2012/11/14 08:56:50 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll [2012/11/14 08:56:50 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll [2012/11/14 08:56:44 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll [2012/11/14 08:56:44 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll [2012/11/14 08:56:44 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll [2012/11/14 08:56:44 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll [2012/11/14 08:56:44 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll [2012/11/14 08:56:44 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll [2012/11/14 08:56:32 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll [2012/11/14 08:56:32 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll [2012/11/14 00:59:56 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Diagnostics [2012/11/14 00:41:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech Media Server [2012/11/14 00:41:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Squeezebox [2012/11/14 00:41:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Squeezebox [2012/11/13 21:48:58 | 000,000,000 | ---D | C] -- C:\updates [2012/11/13 19:56:09 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Google [2012/11/13 19:56:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google [2012/11/13 09:23:58 | 000,196,440 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\HipShieldK.sys [2012/11/12 13:07:12 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Adobe [2012/11/12 12:48:36 | 000,000,000 | ---D | C] -- C:\Users\David\Desktop\Cannon [2012/11/12 12:47:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\CANON [2012/11/12 12:46:14 | 000,000,000 | ---D | C] -- C:\Program Files\Canon [2012/11/12 12:45:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX870 series [2012/11/12 12:44:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities [2012/11/12 12:44:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon IJ Network Utilities [2012/11/12 12:44:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Canon IJ Network Tool [2012/11/12 12:44:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Canon [2012/11/12 12:44:55 | 000,307,200 | ---- | C] (CANON INC.) -- C:\Windows\SysWow64\CNC870L.dll [2012/11/12 12:44:55 | 000,102,400 | ---- | C] (CANON INC.) -- C:\Windows\SysWow64\CNC870U.dll [2012/11/12 12:44:55 | 000,015,872 | ---- | C] (CANON INC.) -- C:\Windows\SysWow64\CNHMCA.dll [2012/11/12 12:41:02 | 000,366,592 | ---- | C] (CANON INC.) -- C:\Windows\SysWow64\CNMNPPM.DLL [2012/11/12 12:41:02 | 000,359,936 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNMN6PPM.DLL [2012/11/12 12:41:02 | 000,039,424 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNMN6UI.DLL [2012/11/12 12:41:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\STRING [2012/11/12 12:40:27 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ [2012/11/12 12:40:18 | 000,000,000 | -H-D | C] -- C:\Windows\SysNative\CanonIJ Uninstaller Information [2012/11/12 12:40:05 | 000,385,024 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNMLMA7.DLL [2012/11/12 12:40:00 | 000,002,560 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLmTH.DLL [2012/11/12 12:40:00 | 000,002,560 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLmKR.DLL [2012/11/12 12:40:00 | 000,002,048 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLmTW.DLL [2012/11/12 12:39:59 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLmUS.DLL [2012/11/12 12:39:59 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLmSE.DLL [2012/11/12 12:39:59 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLmRU.DLL [2012/11/12 12:39:59 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLmPT.DLL [2012/11/12 12:39:59 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLmPL.DLL [2012/11/12 12:39:59 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLmNL.DLL [2012/11/12 12:39:59 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLmIT.DLL [2012/11/12 12:39:59 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLmID.DLL [2012/11/12 12:39:59 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLmGR.DLL [2012/11/12 12:39:59 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLmFR.DLL [2012/11/12 12:39:59 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLmFI.DLL [2012/11/12 12:39:59 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLmES.DLL [2012/11/12 12:39:59 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLmDE.DLL [2012/11/12 12:39:59 | 000,002,560 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLmTR.DLL [2012/11/12 12:39:59 | 000,002,560 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLmNO.DLL [2012/11/12 12:39:59 | 000,002,560 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLmJP.DLL [2012/11/12 12:39:59 | 000,002,560 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLmHU.DLL [2012/11/12 12:39:59 | 000,002,560 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLmDK.DLL [2012/11/12 12:39:59 | 000,002,560 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLmCZ.DLL [2012/11/12 12:39:59 | 000,002,560 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLmAR.DLL [2012/11/12 12:39:59 | 000,002,048 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLmCN.DLL [2012/11/12 12:39:58 | 000,343,552 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCF2Lm.DLL [2012/11/12 12:39:58 | 000,182,272 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFMSm.EXE [2012/11/12 12:39:56 | 000,245,760 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNMIUA7.DLL [2012/11/12 12:39:52 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ [2012/11/12 03:31:08 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat [2012/11/12 03:31:08 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat [2012/11/12 03:04:22 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Skype [2012/11/11 19:44:13 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\new computer [2012/11/11 19:43:40 | 004,762,471 | R--- | C] (Swearware) -- C:\Users\David\Desktop\ComboFix.exe [2012/11/11 09:26:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dell Digital Delivery [2012/11/11 07:58:27 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\Word Processing [2012/11/11 07:56:30 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\Travel [2012/11/11 07:54:42 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\TomTom [2012/11/11 07:54:31 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\To Do [2012/11/11 07:54:30 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\to deskktop [2012/11/11 07:53:13 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\System Utilities [2012/11/11 07:53:12 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\Sony PMB [2012/11/11 07:53:12 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\Reflect [2012/11/11 07:52:43 | 000,000,000 | R--D | C] -- C:\Users\David\Documents\Receipts [2012/11/11 07:52:24 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\PW [2012/11/11 07:47:58 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\My Scans [2012/11/11 07:31:02 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll [2012/11/11 07:31:02 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll [2012/11/11 07:31:01 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2012/11/11 07:31:00 | 003,968,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2012/11/11 07:31:00 | 003,914,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2012/11/11 07:30:58 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll [2012/11/11 07:30:58 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll [2012/11/11 07:30:53 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll [2012/11/11 07:30:53 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll [2012/11/11 07:30:53 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe [2012/11/11 07:30:53 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2012/11/11 07:30:50 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll [2012/11/11 07:30:50 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2012/11/11 07:30:50 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll [2012/11/11 07:30:49 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll [2012/11/11 07:30:49 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2012/11/11 07:30:49 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll [2012/11/11 07:30:49 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2012/11/11 07:30:49 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll [2012/11/11 07:30:49 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll [2012/11/11 07:30:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll [2012/11/11 07:30:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll [2012/11/11 07:30:48 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll [2012/11/11 07:30:48 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll [2012/11/11 07:30:48 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll [2012/11/11 07:30:48 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll [2012/11/11 07:30:48 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll [2012/11/11 07:30:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll [2012/11/11 07:30:47 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2012/11/11 07:30:47 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll [2012/11/11 07:30:47 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll [2012/11/11 07:30:47 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll [2012/11/11 07:30:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll [2012/11/11 07:30:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll [2012/11/11 07:30:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll [2012/11/11 07:30:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll [2012/11/11 07:30:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll [2012/11/11 07:30:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll [2012/11/11 07:30:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll [2012/11/11 07:30:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll [2012/11/11 07:30:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll [2012/11/11 07:30:45 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll [2012/11/11 07:30:45 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll [2012/11/11 07:30:45 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll [2012/11/11 07:30:45 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll [2012/11/11 07:30:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll [2012/11/11 07:30:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll [2012/11/11 07:30:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll [2012/11/11 07:30:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll [2012/11/11 07:30:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll [2012/11/11 07:30:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll [2012/11/11 07:30:43 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll [2012/11/11 07:30:43 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll [2012/11/11 07:30:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll [2012/11/11 07:30:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll [2012/11/11 07:30:42 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll [2012/11/11 07:30:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll [2012/11/11 07:30:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll [2012/11/11 07:30:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll [2012/11/11 07:30:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll [2012/11/11 07:30:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll [2012/11/11 07:30:41 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll [2012/11/11 07:30:41 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll [2012/11/11 07:30:41 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll [2012/11/11 07:30:41 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll [2012/11/11 07:30:41 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll [2012/11/11 07:30:41 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll [2012/11/11 07:30:40 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll [2012/11/11 07:30:40 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll [2012/11/11 07:30:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll [2012/11/11 07:30:39 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll [2012/11/11 07:30:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll [2012/11/11 07:30:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll [2012/11/11 07:30:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll [2012/11/11 07:30:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll [2012/11/11 07:30:38 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2012/11/11 07:30:26 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys [2012/11/11 07:30:25 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll [2012/11/11 07:30:24 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys [2012/11/11 07:30:24 | 000,288,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS [2012/11/11 07:30:18 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll [2012/11/11 07:28:38 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe [2012/11/11 07:28:18 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll [2012/11/11 07:28:18 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll [2012/11/11 07:28:18 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll [2012/11/11 07:28:17 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll [2012/11/11 07:28:07 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll [2012/11/11 07:28:03 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll [2012/11/11 07:28:03 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll [2012/11/11 07:28:03 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe [2012/11/11 07:28:00 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll [2012/11/11 07:28:00 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll [2012/11/10 23:13:32 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\My Digital Editions [2012/11/10 22:45:57 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\Music [2012/11/10 22:43:13 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\Install programs [2012/11/10 22:42:51 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\InfoSelect [2012/11/10 22:42:49 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\Info Select_8 [2012/11/10 22:39:13 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\home tech [2012/11/10 22:39:03 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\gardening [2012/11/10 22:37:08 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\Audio [2012/11/10 22:37:02 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\fonts [2012/11/10 22:37:01 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\Everio MediaBrowser 4 [2012/11/10 22:34:34 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\Elissa's Music [2012/11/10 22:34:10 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\DVD Copy software [2012/11/10 22:33:35 | 000,000,000 | R--D | C] -- C:\Users\David\Documents\Dropbox [2012/11/10 22:22:27 | 000,000,000 | R--D | C] -- C:\Users\David\Documents\David's old docs [2012/11/10 22:21:39 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\Corel User Files [2012/11/10 22:21:39 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\Blackberry backups [2012/11/10 22:20:27 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\Avery Templates [2012/11/10 22:19:30 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\AntiVirus stuff [2012/11/10 22:19:30 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\Anti-Malware [2012/11/10 22:19:23 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\Amazon Downloads [2012/11/10 20:48:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [2012/11/10 20:48:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works [2012/11/10 20:48:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio [2012/11/10 20:48:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER [2012/11/10 20:46:38 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2012/11/10 20:46:18 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Microsoft Help [2012/11/10 20:46:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help [2012/11/10 20:45:49 | 000,000,000 | RH-D | C] -- C:\MSOCache [2012/11/10 18:10:03 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Macromedia [2012/11/10 18:10:01 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Adobe [2012/11/10 18:03:53 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\MigWiz [2012/11/10 18:01:34 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Intel Corporation [2012/11/10 18:00:40 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\BMExplorer [2012/11/10 18:00:40 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\Bluetooth Folder [2012/11/10 18:00:34 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\ATI [2012/11/10 18:00:34 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\ATI [2012/11/10 18:00:34 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Atheros [2012/11/10 18:00:29 | 000,000,000 | R--D | C] -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2012/11/10 18:00:28 | 000,000,000 | R--D | C] -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2012/11/10 18:00:28 | 000,000,000 | R--D | C] -- C:\Users\David\Searches [2012/11/10 18:00:28 | 000,000,000 | -H-D | C] -- C:\Users\David\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned [2012/11/10 18:00:22 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Identities [2012/11/10 18:00:21 | 000,000,000 | R--D | C] -- C:\Users\David\Contacts [2012/11/10 18:00:20 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\VirtualStore [2012/11/10 17:56:50 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe [2012/11/10 17:56:50 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll [2012/11/10 17:56:49 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll [2012/11/10 17:56:10 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll [2012/11/10 17:56:10 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll [2012/11/10 17:56:10 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll [2012/11/10 17:56:09 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll [2012/11/10 17:56:09 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe [2012/11/10 17:55:45 | 000,000,000 | --SD | C] -- C:\Users\David\AppData\Roaming\Microsoft [2012/11/10 17:55:45 | 000,000,000 | R--D | C] -- C:\Users\David\Videos [2012/11/10 17:55:45 | 000,000,000 | R--D | C] -- C:\Users\David\Saved Games [2012/11/10 17:55:45 | 000,000,000 | R--D | C] -- C:\Users\David\Pictures [2012/11/10 17:55:45 | 000,000,000 | R--D | C] -- C:\Users\David\Music [2012/11/10 17:55:45 | 000,000,000 | R--D | C] -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2012/11/10 17:55:45 | 000,000,000 | R--D | C] -- C:\Users\David\Links [2012/11/10 17:55:45 | 000,000,000 | R--D | C] -- C:\Users\David\Favorites [2012/11/10 17:55:45 | 000,000,000 | R--D | C] -- C:\Users\David\Downloads [2012/11/10 17:55:45 | 000,000,000 | R--D | C] -- C:\Users\David\Documents [2012/11/10 17:55:45 | 000,000,000 | R--D | C] -- C:\Users\David\Desktop [2012/11/10 17:55:45 | 000,000,000 | R--D | C] -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2012/11/10 17:55:45 | 000,000,000 | -HSD | C] -- C:\Users\David\AppData\Local\Temporary Internet Files [2012/11/10 17:55:45 | 000,000,000 | -HSD | C] -- C:\Users\David\Templates [2012/11/10 17:55:45 | 000,000,000 | -HSD | C] -- C:\Users\David\Start Menu [2012/11/10 17:55:45 | 000,000,000 | -HSD | C] -- C:\Users\David\SendTo [2012/11/10 17:55:45 | 000,000,000 | -HSD | C] -- C:\Users\David\Recent [2012/11/10 17:55:45 | 000,000,000 | -HSD | C] -- C:\Users\David\PrintHood [2012/11/10 17:55:45 | 000,000,000 | -HSD | C] -- C:\Users\David\NetHood [2012/11/10 17:55:45 | 000,000,000 | -HSD | C] -- C:\Users\David\Documents\My Videos [2012/11/10 17:55:45 | 000,000,000 | -HSD | C] -- C:\Users\David\Documents\My Pictures [2012/11/10 17:55:45 | 000,000,000 | -HSD | C] -- C:\Users\David\Documents\My Music [2012/11/10 17:55:45 | 000,000,000 | -HSD | C] -- C:\Users\David\My Documents [2012/11/10 17:55:45 | 000,000,000 | -HSD | C] -- C:\Users\David\Local Settings [2012/11/10 17:55:45 | 000,000,000 | -HSD | C] -- C:\Users\David\AppData\Local\History [2012/11/10 17:55:45 | 000,000,000 | -HSD | C] -- C:\Users\David\Cookies [2012/11/10 17:55:45 | 000,000,000 | -HSD | C] -- C:\Users\David\Application Data [2012/11/10 17:55:45 | 000,000,000 | -HSD | C] -- C:\Users\David\AppData\Local\Application Data [2012/11/10 17:55:45 | 000,000,000 | -H-D | C] -- C:\Users\David\AppData [2012/11/10 17:55:45 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Temp [2012/11/10 17:55:45 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\SoftThinks [2012/11/10 17:55:45 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Microsoft [2012/11/10 17:55:45 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Media Center Programs [2012/11/02 17:05:45 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SRSLabs [2012/11/02 17:05:24 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2012/11/02 17:05:23 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM [2012/11/02 17:04:53 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2012/11/02 17:01:02 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe [2012/11/02 17:01:02 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe [2012/11/02 17:01:01 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll [2012/11/02 17:01:01 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll [2012/11/02 17:01:01 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll [2012/11/02 17:01:01 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll [2012/11/02 17:01:01 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll [2012/11/02 17:01:01 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll [2012/11/02 17:01:01 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll [2012/11/02 17:01:01 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll [2012/11/02 17:01:01 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll [2012/11/02 17:01:01 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe [2012/11/02 17:01:01 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe [2012/11/02 17:01:01 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll [2012/11/02 17:01:01 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll [2012/11/02 17:01:00 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2012/11/02 17:01:00 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2012/11/02 17:00:59 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll [2012/11/02 17:00:59 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll [2012/11/02 17:00:59 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll [2012/11/02 17:00:59 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll [2012/11/02 17:00:59 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll [2012/11/02 17:00:59 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll [2012/11/02 17:00:59 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax [2012/11/02 17:00:59 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax [2012/11/02 17:00:59 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys [2012/11/02 17:00:58 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll [2012/11/02 17:00:58 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2012/11/02 17:00:58 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2012/11/02 17:00:58 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe [2012/11/02 17:00:58 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll [2012/11/02 17:00:58 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll [2012/11/02 17:00:58 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll [2012/11/02 17:00:58 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll [2012/11/02 17:00:58 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2012/11/02 17:00:58 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll [2012/11/02 17:00:58 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2012/11/02 17:00:58 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll [2012/11/02 17:00:58 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll [2012/11/02 17:00:57 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe [2012/11/02 17:00:57 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe [2012/11/02 17:00:57 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [2012/11/02 17:00:57 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll [2012/11/02 17:00:57 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll [2012/11/02 17:00:57 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll [2012/11/02 17:00:57 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll [2012/11/02 17:00:56 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll [2012/11/02 17:00:55 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl [2012/11/02 17:00:55 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl [2012/11/02 17:00:55 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll [2012/11/02 17:00:55 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys [2012/11/02 17:00:54 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll [2012/11/02 17:00:54 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll [2012/11/02 17:00:53 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll [2012/11/02 17:00:53 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll [2012/11/02 17:00:53 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll [2012/11/02 17:00:53 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll [2012/11/02 17:00:53 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll [2012/11/02 17:00:53 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll [2012/11/02 17:00:53 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll [2012/11/02 17:00:53 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll [2012/11/02 17:00:53 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll [2012/11/02 17:00:53 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll [2012/11/02 17:00:53 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax [2012/11/02 17:00:53 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll [2012/11/02 17:00:53 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax [2012/11/02 17:00:53 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll [2012/11/02 17:00:53 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll [2012/11/02 17:00:53 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll [2012/11/02 17:00:53 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll [2012/11/02 17:00:53 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll [2012/11/02 17:00:53 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll [2012/11/02 17:00:53 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll [2012/11/02 17:00:53 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll [2012/11/02 17:00:53 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll [2012/11/02 17:00:53 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe [2012/11/02 17:00:52 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll [2012/11/02 17:00:52 | 001,699,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll [2012/11/02 17:00:52 | 001,544,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2012/11/02 17:00:52 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll [2012/11/02 17:00:52 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys [2012/11/02 17:00:52 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys [2012/11/02 17:00:52 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe [2012/11/02 17:00:52 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe [2012/11/02 17:00:52 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys [2012/11/02 17:00:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll [2012/11/02 17:00:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll [2012/11/02 17:00:51 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys [2012/11/02 17:00:51 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe [2012/11/02 17:00:51 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll [2012/11/02 17:00:51 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll [2012/11/02 17:00:51 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys [2012/11/02 17:00:50 | 003,958,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSAT.exe [2012/11/02 17:00:50 | 000,642,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi [2012/11/02 17:00:50 | 000,605,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe [2012/11/02 17:00:50 | 000,566,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi [2012/11/02 17:00:50 | 000,518,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe [2012/11/02 17:00:50 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll [2012/11/02 17:00:50 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll [2012/11/02 17:00:50 | 000,246,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\input.dll [2012/11/02 17:00:50 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\input.dll [2012/11/02 17:00:50 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll [2012/11/02 17:00:50 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe [2012/11/02 17:00:50 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe [2012/11/02 17:00:50 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll [2012/11/02 17:00:50 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll [2012/11/02 17:00:50 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll [2012/11/02 17:00:49 | 000,800,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll [2012/11/02 17:00:49 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINTAM.DLL [2012/11/02 17:00:49 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINMAL.DLL [2012/11/02 17:00:49 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINDEV.DLL [2012/11/02 17:00:49 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINBEN.DLL [2012/11/02 17:00:49 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINTEL.DLL [2012/11/02 17:00:49 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINTAM.DLL [2012/11/02 17:00:49 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINPUN.DLL [2012/11/02 17:00:49 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINORI.DLL [2012/11/02 17:00:49 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINORI.DLL [2012/11/02 17:00:49 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINMAR.DLL [2012/11/02 17:00:49 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINMAR.DLL [2012/11/02 17:00:49 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINMAL.DLL [2012/11/02 17:00:49 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINKAN.DLL [2012/11/02 17:00:49 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINKAN.DLL [2012/11/02 17:00:49 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINHIN.DLL [2012/11/02 17:00:49 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINHIN.DLL [2012/11/02 17:00:49 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINGUJ.DLL [2012/11/02 17:00:49 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINEN.DLL [2012/11/02 17:00:49 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINDEV.DLL [2012/11/02 17:00:49 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINBEN.DLL [2012/11/02 17:00:49 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINBE2.DLL [2012/11/02 17:00:49 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINBE1.DLL [2012/11/02 17:00:49 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINASA.DLL [2012/11/02 17:00:49 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINTEL.DLL [2012/11/02 17:00:49 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINPUN.DLL [2012/11/02 17:00:49 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINGUJ.DLL [2012/11/02 17:00:49 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINBE2.DLL [2012/11/02 17:00:49 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINBE1.DLL [2012/11/02 17:00:49 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINASA.DLL [2012/11/02 17:00:47 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll [2012/11/02 17:00:47 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll [2012/11/02 16:57:24 | 000,000,000 | ---D | C] -- C:\Apps [2012/11/02 16:50:03 | 000,568,600 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStor.sys [2012/11/02 16:50:00 | 000,331,264 | ---- | C] (Intel® Corporation) -- C:\Windows\SysNative\drivers\IntcDAud.sys [2012/11/02 16:50:00 | 000,014,848 | ---- | C] (Intel® Corporation) -- C:\Windows\SysNative\IntcDAuC.dll [2012/11/02 16:49:22 | 000,648,808 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys [2012/11/02 16:49:22 | 000,107,552 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RTNUninst64.dll [2012/11/02 16:49:22 | 000,074,344 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RtNicProp64.dll [2012/11/02 16:49:20 | 002,615,400 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll [2012/11/02 16:49:20 | 002,603,864 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll [2012/11/02 16:49:20 | 001,560,168 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl [2012/11/02 16:49:20 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll [2012/11/02 16:49:20 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll [2012/11/02 16:49:20 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll [2012/11/02 16:49:20 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll [2012/11/02 16:49:19 | 003,745,384 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll [2012/11/02 16:49:19 | 001,247,848 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll [2012/11/02 16:49:19 | 000,823,912 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll [2012/11/02 16:49:19 | 000,376,936 | ---- | C] (Realtek Semiconductor) -- C:\Windows\SysNative\RtkGuiCompLib.dll [2012/11/02 16:49:19 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll [2012/11/02 16:49:19 | 000,331,880 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll [2012/11/02 16:49:19 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll [2012/11/02 16:49:19 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll [2012/11/02 16:49:19 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll [2012/11/02 16:49:19 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll [2012/11/02 16:49:19 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll [2012/11/02 16:49:19 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll [2012/11/02 16:49:19 | 000,014,952 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCoLDR64.dll [2012/11/02 16:49:18 | 002,765,312 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCORES64.dat [2012/11/02 16:49:18 | 000,894,040 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBAPO64.dll [2012/11/02 16:49:18 | 000,750,680 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\MBAPO32.dll [2012/11/02 16:49:18 | 000,626,264 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBTHX64.dll [2012/11/02 16:49:18 | 000,561,240 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\MBTHX32.dll [2012/11/02 16:49:18 | 000,334,680 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll [2012/11/02 16:49:18 | 000,100,968 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInstII64.dll

MBAR log files: mbar-log-2012-11-28 (12-40-58).txt: Malwarebytes Anti-Rootkit 1.1.0.1009 www.malwarebytes.org Database version: v2012.11.28.07 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 David :: DAVID-OFFICE [administrator] 11/28/2012 12:40:58 PM mbar-log-2012-11-28 (12-40-58).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken Scan options disabled: PUP | PUM | P2P Objects scanned: 25027 Time elapsed: 2 minute(s), 33 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) ======================================================================================================= system-log.txt: --------------------------------------- Malwarebytes Anti-Rootkit BETA 1.01.0.1009 © Malwarebytes Corporation 2011-2012 OS version: 6.1.7601 Windows 7 Service Pack 1 x64 Account is Administrative Internet Explorer version: 9.0.8112.16421 File system is: NTFS Disk drives: C:\ DRIVE_FIXED CPU speed: 3.395000 GHz Memory total: 8548933632, free: 6982688768 ------------ Kernel report ------------ 11/28/2012 12:34:43 ------------ Loaded modules ----------- \SystemRoot\system32\ntoskrnl.exe \SystemRoot\system32\hal.dll \SystemRoot\system32\kdcom.dll \SystemRoot\system32\mcupdate_GenuineIntel.dll \SystemRoot\system32\PSHED.dll \SystemRoot\system32\CLFS.SYS \SystemRoot\system32\CI.dll \SystemRoot\system32\drivers\Wdf01000.sys \SystemRoot\system32\drivers\WDFLDR.SYS \SystemRoot\system32\drivers\ACPI.sys \SystemRoot\system32\drivers\WMILIB.SYS \SystemRoot\system32\drivers\msisadrv.sys \SystemRoot\system32\drivers\pci.sys \SystemRoot\system32\drivers\vdrvroot.sys \SystemRoot\system32\DRIVERS\iusb3hcs.sys \SystemRoot\System32\drivers\partmgr.sys \SystemRoot\system32\drivers\volmgr.sys \SystemRoot\System32\drivers\volmgrx.sys \SystemRoot\System32\drivers\mountmgr.sys \SystemRoot\system32\drivers\iaStor.sys \SystemRoot\system32\drivers\amdxata.sys \SystemRoot\system32\drivers\fltmgr.sys \SystemRoot\system32\drivers\fileinfo.sys \SystemRoot\system32\drivers\mfehidk.sys \SystemRoot\System32\Drivers\Ntfs.sys \SystemRoot\System32\Drivers\msrpc.sys \SystemRoot\System32\Drivers\ksecdd.sys \SystemRoot\System32\Drivers\cng.sys \SystemRoot\System32\drivers\pcw.sys \SystemRoot\System32\Drivers\Fs_Rec.sys \SystemRoot\system32\drivers\ndis.sys \SystemRoot\system32\drivers\NETIO.SYS \SystemRoot\System32\Drivers\ksecpkg.sys \SystemRoot\System32\drivers\tcpip.sys \SystemRoot\System32\drivers\fwpkclnt.sys \SystemRoot\system32\drivers\mfewfpk.sys \SystemRoot\system32\drivers\volsnap.sys \SystemRoot\System32\Drivers\spldr.sys \SystemRoot\System32\drivers\rdyboost.sys \SystemRoot\System32\Drivers\mup.sys \SystemRoot\System32\drivers\hwpolicy.sys \SystemRoot\System32\DRIVERS\fvevol.sys \SystemRoot\system32\drivers\disk.sys \SystemRoot\system32\drivers\CLASSPNP.SYS \SystemRoot\system32\DRIVERS\cdrom.sys \SystemRoot\System32\Drivers\Null.SYS \SystemRoot\System32\Drivers\Beep.SYS \SystemRoot\System32\drivers\vga.sys \SystemRoot\System32\drivers\VIDEOPRT.SYS \SystemRoot\System32\drivers\watchdog.sys \SystemRoot\System32\DRIVERS\RDPCDD.sys \SystemRoot\system32\drivers\rdpencdd.sys \SystemRoot\system32\drivers\rdprefmp.sys \SystemRoot\System32\Drivers\Msfs.SYS \SystemRoot\System32\Drivers\Npfs.SYS \SystemRoot\system32\DRIVERS\tdx.sys \SystemRoot\system32\DRIVERS\TDI.SYS \SystemRoot\System32\DRIVERS\netbt.sys \SystemRoot\system32\drivers\afd.sys \SystemRoot\system32\DRIVERS\wfplwf.sys \SystemRoot\system32\DRIVERS\pacer.sys \SystemRoot\system32\DRIVERS\vwififlt.sys \SystemRoot\system32\DRIVERS\netbios.sys \SystemRoot\system32\DRIVERS\wanarp.sys \SystemRoot\system32\DRIVERS\termdd.sys \SystemRoot\system32\DRIVERS\rdbss.sys \SystemRoot\system32\drivers\nsiproxy.sys \SystemRoot\system32\DRIVERS\mssmbios.sys \SystemRoot\System32\drivers\discache.sys \SystemRoot\System32\Drivers\dfsc.sys \SystemRoot\system32\DRIVERS\blbdrive.sys \SystemRoot\system32\DRIVERS\tunnel.sys \SystemRoot\system32\DRIVERS\atikmpag.sys \SystemRoot\system32\DRIVERS\atikmdag.sys \SystemRoot\System32\drivers\dxgkrnl.sys \SystemRoot\System32\drivers\dxgmms1.sys \SystemRoot\system32\DRIVERS\HDAudBus.sys \SystemRoot\system32\DRIVERS\iusb3xhc.sys \SystemRoot\system32\DRIVERS\USBD.SYS \SystemRoot\system32\DRIVERS\HECIx64.sys \SystemRoot\system32\DRIVERS\usbehci.sys \SystemRoot\system32\DRIVERS\USBPORT.SYS \SystemRoot\system32\DRIVERS\athrx.sys \SystemRoot\system32\DRIVERS\vwifibus.sys \SystemRoot\system32\DRIVERS\Rt64win7.sys \SystemRoot\system32\DRIVERS\intelppm.sys \SystemRoot\system32\DRIVERS\CompositeBus.sys \SystemRoot\system32\DRIVERS\AgileVpn.sys \SystemRoot\system32\DRIVERS\rasl2tp.sys \SystemRoot\system32\DRIVERS\ndistapi.sys \SystemRoot\system32\DRIVERS\ndiswan.sys \SystemRoot\system32\DRIVERS\raspppoe.sys \SystemRoot\system32\DRIVERS\raspptp.sys \SystemRoot\system32\DRIVERS\rassstp.sys \SystemRoot\system32\DRIVERS\kbdclass.sys \SystemRoot\system32\DRIVERS\mouclass.sys \SystemRoot\system32\DRIVERS\swenum.sys \SystemRoot\system32\DRIVERS\ks.sys \SystemRoot\system32\DRIVERS\btath_bus.sys \SystemRoot\system32\DRIVERS\umbus.sys \SystemRoot\system32\DRIVERS\usbhub.sys \SystemRoot\System32\Drivers\NDProxy.SYS \SystemRoot\system32\drivers\AtihdW76.sys \SystemRoot\system32\drivers\portcls.sys \SystemRoot\system32\drivers\drmk.sys \SystemRoot\system32\drivers\ksthunk.sys \SystemRoot\system32\DRIVERS\iusb3hub.sys \SystemRoot\system32\drivers\RTKVHD64.sys \SystemRoot\system32\DRIVERS\IntcDAud.sys \SystemRoot\system32\drivers\mfeavfk.sys \SystemRoot\system32\drivers\mfefirek.sys \SystemRoot\System32\win32k.sys \SystemRoot\System32\drivers\Dxapi.sys \SystemRoot\system32\DRIVERS\monitor.sys \SystemRoot\System32\Drivers\crashdmp.sys \SystemRoot\system32\DRIVERS\USBSTOR.SYS \SystemRoot\System32\Drivers\dump_iaStor.sys \SystemRoot\System32\Drivers\dump_dumpfve.sys \SystemRoot\system32\DRIVERS\btfilter.sys \SystemRoot\System32\Drivers\BTHUSB.sys \SystemRoot\System32\Drivers\bthport.sys \SystemRoot\system32\DRIVERS\usbccgp.sys \SystemRoot\system32\DRIVERS\hidusb.sys \SystemRoot\system32\DRIVERS\HIDCLASS.SYS \SystemRoot\system32\DRIVERS\HIDPARSE.SYS \SystemRoot\system32\DRIVERS\mouhid.sys \SystemRoot\system32\DRIVERS\kbdhid.sys \SystemRoot\system32\DRIVERS\rfcomm.sys \SystemRoot\system32\drivers\BthEnum.sys \SystemRoot\system32\DRIVERS\bthpan.sys \SystemRoot\system32\DRIVERS\btath_rcp.sys \SystemRoot\system32\drivers\btath_avdt.sys \SystemRoot\system32\drivers\btath_a2dp.sys \SystemRoot\system32\DRIVERS\btath_hcrp.sys \SystemRoot\system32\DRIVERS\btath_flt.sys \SystemRoot\system32\DRIVERS\btath_lwflt.sys \SystemRoot\System32\TSDDD.dll \SystemRoot\System32\cdd.dll \SystemRoot\system32\drivers\luafv.sys \SystemRoot\system32\DRIVERS\lltdio.sys \SystemRoot\system32\DRIVERS\nwifi.sys \SystemRoot\system32\DRIVERS\ndisuio.sys \SystemRoot\system32\DRIVERS\rspndr.sys \SystemRoot\system32\drivers\HTTP.sys \SystemRoot\system32\DRIVERS\bowser.sys \SystemRoot\System32\drivers\mpsdrv.sys \SystemRoot\system32\DRIVERS\mrxsmb.sys \SystemRoot\system32\DRIVERS\mrxsmb10.sys \SystemRoot\system32\DRIVERS\mrxsmb20.sys \SystemRoot\system32\drivers\peauth.sys \SystemRoot\System32\Drivers\secdrv.SYS \SystemRoot\System32\DRIVERS\srvnet.sys \SystemRoot\System32\drivers\tcpipreg.sys \SystemRoot\System32\DRIVERS\srv2.sys \SystemRoot\System32\DRIVERS\srv.sys \SystemRoot\system32\drivers\cfwids.sys \SystemRoot\System32\Drivers\fastfat.SYS \SystemRoot\system32\drivers\WudfPf.sys \SystemRoot\system32\DRIVERS\WUDFRd.sys \??\c:\program files\dell support center\pcdsrvc_x64.pkms \SystemRoot\system32\DRIVERS\asyncmac.sys \SystemRoot\system32\drivers\mfeapfk.sys \??\C:\Windows\system32\drivers\mbamchameleon.sys \??\C:\Windows\system32\drivers\mbamswissarmy.sys \Windows\System32\ntdll.dll \Windows\System32\smss.exe \Windows\System32\apisetschema.dll \Windows\System32\autochk.exe \Windows\System32\urlmon.dll \Windows\System32\msvcrt.dll \Windows\System32\normaliz.dll \Windows\System32\difxapi.dll \Windows\System32\wininet.dll \Windows\System32\shell32.dll \Windows\System32\comdlg32.dll \Windows\System32\Wldap32.dll \Windows\System32\gdi32.dll \Windows\System32\user32.dll \Windows\System32\iertutil.dll \Windows\System32\psapi.dll \Windows\System32\lpk.dll \Windows\System32\nsi.dll \Windows\System32\imagehlp.dll \Windows\System32\advapi32.dll \Windows\System32\rpcrt4.dll \Windows\System32\clbcatq.dll \Windows\System32\usp10.dll \Windows\System32\ole32.dll \Windows\System32\oleaut32.dll \Windows\System32\kernel32.dll \Windows\System32\imm32.dll \Windows\System32\shlwapi.dll \Windows\System32\ws2_32.dll \Windows\System32\sechost.dll \Windows\System32\msctf.dll \Windows\System32\setupapi.dll \Windows\System32\KernelBase.dll \Windows\System32\cfgmgr32.dll \Windows\System32\crypt32.dll \Windows\System32\comctl32.dll \Windows\System32\wintrust.dll \Windows\System32\devobj.dll \Windows\System32\msasn1.dll \Windows\SysWOW64\normaliz.dll ----------- End ----------- <<<1>>> Upper Device Name: \Device\Harddisk1\DR9 Upper Device Object: 0xfffffa80169d0060 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\000000a7\ Lower Device Object: 0xfffffa801668a060 Lower Device Driver Name: \Driver\USBSTOR\ Driver name found: USBSTOR DriverEntry returned 0x0 Function returned 0x0 <<<1>>> Upper Device Name: \Device\Harddisk8\DR8 Upper Device Object: 0xfffffa80135b8060 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\00000090\ Lower Device Object: 0xfffffa8013478b60 Lower Device Driver Name: \Driver\USBSTOR\ Driver name found: USBSTOR <<<1>>> Upper Device Name: \Device\Harddisk7\DR7 Upper Device Object: 0xfffffa80135b7060 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\0000008f\ Lower Device Object: 0xfffffa80135b4b60 Lower Device Driver Name: \Driver\USBSTOR\ Driver name found: USBSTOR <<<1>>> Upper Device Name: \Device\Harddisk6\DR6 Upper Device Object: 0xfffffa80135b3060 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\0000008e\ Lower Device Object: 0xfffffa801347eb60 Lower Device Driver Name: \Driver\USBSTOR\ Driver name found: USBSTOR <<<1>>> Upper Device Name: \Device\Harddisk5\DR5 Upper Device Object: 0xfffffa80135b6060 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\0000008d\ Lower Device Object: 0xfffffa801346eb60 Lower Device Driver Name: \Driver\USBSTOR\ Driver name found: USBSTOR <<<1>>> Upper Device Name: \Device\Harddisk0\DR0 Upper Device Object: 0xfffffa8010a0c060 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\Ide\IAAStorageDevice-1\ Lower Device Object: 0xfffffa800715d050 Lower Device Driver Name: \Driver\iaStor\ Driver name found: iaStor DriverEntry returned 0x0 Function returned 0x0 Downloaded database version: v2012.11.28.07 Downloaded database version: v2012.11.27.01 Initializing... Done! Scanning directory: C:\Windows\system32\drivers... <<<2>>> Device number: 0, partition: 3 Physical Sector Size: 512 Drive: 0, DevicePointer: 0xfffffa8010a0c060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xfffffa80076aab90, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xfffffa8010a0c060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ DevicePointer: 0xfffffa800715d050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\ ------------ End ---------- Upper DeviceData: 0xfffff8a00997ad60, 0xfffffa8010a0c060, 0xfffffa8017647290 Lower DeviceData: 0xfffff8a0208534e0, 0xfffffa800715d050, 0xfffffa8017b98a90 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Done! Drive 0 Scanning MBR on drive 0... Inspecting partition table: MBR Signature: 55AA Disk Signature: 37B198F1 Partition information: Partition 0 type is Other (0xde) Partition is NOT ACTIVE. Partition starts at LBA: 63 Numsec = 80262 Partition 1 type is Primary (0x7) Partition is ACTIVE. Partition starts at LBA: 81920 Numsec = 25690112 Partition file system is NTFS Partition is bootable Partition 2 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 25772032 Numsec = 3881246720 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 2000396619264 bytes Sector size: 512 bytes Scanning physical sectors of unpartitioned space on drive 0 (1-62-3907004647-3907024647)... Physical Sector Size: 0 Drive: 1, DevicePointer: 0xfffffa80169d0060, DeviceName: \Device\Harddisk1\DR9\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xfffffa8013ead0e0, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xfffffa80169d0060, DeviceName: \Device\Harddisk1\DR9\, DriverName: \Driver\Disk\ DevicePointer: 0xfffffa801668a060, DeviceName: \Device\000000a7\, DriverName: \Driver\USBSTOR\ ------------ End ---------- Physical Sector Size: 0 Drive: 5, DevicePointer: 0xfffffa80135b6060, DeviceName: \Device\Harddisk5\DR5\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xfffffa80135b6b90, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xfffffa80135b6060, DeviceName: \Device\Harddisk5\DR5\, DriverName: \Driver\Disk\ DevicePointer: 0xfffffa801346eb60, DeviceName: \Device\0000008d\, DriverName: \Driver\USBSTOR\ ------------ End ---------- Physical Sector Size: 0 Drive: 6, DevicePointer: 0xfffffa80135b3060, DeviceName: \Device\Harddisk6\DR6\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xfffffa80135b3b90, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xfffffa80135b3060, DeviceName: \Device\Harddisk6\DR6\, DriverName: \Driver\Disk\ DevicePointer: 0xfffffa801347eb60, DeviceName: \Device\0000008e\, DriverName: \Driver\USBSTOR\ ------------ End ---------- Physical Sector Size: 0 Drive: 7, DevicePointer: 0xfffffa80135b7060, DeviceName: \Device\Harddisk7\DR7\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xfffffa80135b7b90, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xfffffa80135b7060, DeviceName: \Device\Harddisk7\DR7\, DriverName: \Driver\Disk\ DevicePointer: 0xfffffa80135b4b60, DeviceName: \Device\0000008f\, DriverName: \Driver\USBSTOR\ ------------ End ---------- Physical Sector Size: 0 Drive: 8, DevicePointer: 0xfffffa80135b8060, DeviceName: \Device\Harddisk8\DR8\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xfffffa80135b8b90, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xfffffa80135b8060, DeviceName: \Device\Harddisk8\DR8\, DriverName: \Driver\Disk\ DevicePointer: 0xfffffa8013478b60, DeviceName: \Device\00000090\, DriverName: \Driver\USBSTOR\ ------------ End ---------- Done! Performing system, memory and registry scan... Done! Scan finished =======================================

Thanks, TBK. Exras.txt. is below. OTL.txt is attached (post was too long even with only OTL.txt pasted as text). I'll send MBAR logs in a follow-on post. Question: Could Explorer.exe registry errors identified in Extras.txt be related to my issue with replacement of some icons with generic white rectangles on desktop, start menu, and windows explorer (mp3, wav, flac, etc)? --------------------------------------------- Extras.txt: OTL Extras logfile created on: 11/28/2012 8:42:15 AM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\David\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 7.96 Gb Total Physical Memory | 6.00 Gb Available Physical Memory | 75.41% Memory free 15.92 Gb Paging File | 12.93 Gb Available in Paging File | 81.23% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 1850.72 Gb Total Space | 1726.14 Gb Free Space | 93.27% Space Free | Partition Type: NTFS Drive I: | 30.20 Gb Total Space | 29.62 Gb Free Space | 98.07% Space Free | Partition Type: FAT32 Drive U: | 1863.01 Gb Total Space | 1033.07 Gb Free Space | 55.45% Space Free | Partition Type: NTFS Computer Name: DAVID-OFFICE | User Name: David | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "9000:TCP" = 9000:TCP:*:Enabled:Logitech Media Server 9000 tcp (UI) "9001:TCP" = 9001:TCP:*:Enabled:Logitech Media Server 9001 tcp (UI) "9002:TCP" = 9002:TCP:*:Enabled:Logitech Media Server 9002 tcp (UI) "9003:TCP" = 9003:TCP:*:Enabled:Logitech Media Server 9003 tcp (UI) "9004:TCP" = 9004:TCP:*:Enabled:Logitech Media Server 9004 tcp (UI) "9005:TCP" = 9005:TCP:*:Enabled:Logitech Media Server 9005 tcp (UI) "9006:TCP" = 9006:TCP:*:Enabled:Logitech Media Server 9006 tcp (UI) "9007:TCP" = 9007:TCP:*:Enabled:Logitech Media Server 9007 tcp (UI) "9008:TCP" = 9008:TCP:*:Enabled:Logitech Media Server 9008 tcp (UI) "9009:TCP" = 9009:TCP:*:Enabled:Logitech Media Server 9009 tcp (UI) "9010:TCP" = 9010:TCP:*:Enabled:Logitech Media Server 9010 tcp (UI) "9100:TCP" = 9100:TCP:*:Enabled:Logitech Media Server 9100 tcp (UI) "8000:TCP" = 8000:TCP:*:Enabled:Logitech Media Server 8000 tcp (UI) "10000:TCP" = 10000:TCP:*:Enabled:Logitech Media Server 10000 tcp (UI) "9090:TCP" = 9090:TCP:*:Enabled:Logitech Media Server 9090 tcp (UI) "3483:UDP" = 3483:UDP:*:Enabled:Logitech Media Server 3483 udp "3483:TCP" = 3483:TCP:*:Enabled:Logitech Media Server 3483 tcp [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "9000:TCP" = 9000:TCP:*:Enabled:Logitech Media Server 9000 tcp (UI) "9001:TCP" = 9001:TCP:*:Enabled:Logitech Media Server 9001 tcp (UI) "9002:TCP" = 9002:TCP:*:Enabled:Logitech Media Server 9002 tcp (UI) "9003:TCP" = 9003:TCP:*:Enabled:Logitech Media Server 9003 tcp (UI) "9004:TCP" = 9004:TCP:*:Enabled:Logitech Media Server 9004 tcp (UI) "9005:TCP" = 9005:TCP:*:Enabled:Logitech Media Server 9005 tcp (UI) "9006:TCP" = 9006:TCP:*:Enabled:Logitech Media Server 9006 tcp (UI) "9007:TCP" = 9007:TCP:*:Enabled:Logitech Media Server 9007 tcp (UI) "9008:TCP" = 9008:TCP:*:Enabled:Logitech Media Server 9008 tcp (UI) "9009:TCP" = 9009:TCP:*:Enabled:Logitech Media Server 9009 tcp (UI) "9010:TCP" = 9010:TCP:*:Enabled:Logitech Media Server 9010 tcp (UI) "9100:TCP" = 9100:TCP:*:Enabled:Logitech Media Server 9100 tcp (UI) "8000:TCP" = 8000:TCP:*:Enabled:Logitech Media Server 8000 tcp (UI) "10000:TCP" = 10000:TCP:*:Enabled:Logitech Media Server 10000 tcp (UI) "9090:TCP" = 9090:TCP:*:Enabled:Logitech Media Server 9090 tcp (UI) "3483:UDP" = 3483:UDP:*:Enabled:Logitech Media Server 3483 udp "3483:TCP" = 3483:TCP:*:Enabled:Logitech Media Server 3483 tcp [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{016D8585-0137-401B-A02C-002908CFB2F7}" = lport=139 | protocol=6 | dir=in | app=system | "{092ADF16-69D4-42EB-961A-8511A3B229E5}" = rport=139 | protocol=6 | dir=out | app=system | "{10FBFBFF-92C9-4D43-A055-64AD25D7F13D}" = rport=137 | protocol=17 | dir=out | app=system | "{13099058-29A4-4DFC-B81E-CD1D4489185B}" = lport=2869 | protocol=6 | dir=in | app=system | "{1F6FC048-A400-4673-969F-A2639D91AEBA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{203874B8-C0FD-4D5F-A380-55B609FD31B2}" = lport=10243 | protocol=6 | dir=in | app=system | "{29703D81-787A-4D1E-8535-7A5CA495A988}" = lport=137 | protocol=17 | dir=in | app=system | "{35503C42-F297-4851-819C-69804A751196}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{397E9A56-8593-403E-BED7-863473C970C2}" = rport=10243 | protocol=6 | dir=out | app=system | "{3AE84DD1-834B-4C61-9AB5-73338F6B5BB9}" = rport=445 | protocol=6 | dir=out | app=system | "{43D3C266-9EFB-4F3A-ADC2-80D3DA90E23C}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{4DE74282-58D6-4645-BCA2-9DFBFDC230EA}" = lport=445 | protocol=6 | dir=in | app=system | "{55B88218-377D-4139-9A4D-83E0D58D335C}" = lport=138 | protocol=17 | dir=in | app=system | "{6D49427E-0336-4154-9306-3504C06BC492}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{782719FC-708D-4EEF-B94B-4BBB8D640C98}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{9A169ED0-B22E-4233-BF46-66EB2138FDFC}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{B794E388-35FC-495D-88EB-5AD420C746DF}" = rport=138 | protocol=17 | dir=out | app=system | "{C07ED11B-ABC7-4AA4-966C-BAC73C7CB14F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{C38DA476-07F3-4424-8BFF-EA126893D636}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe | "{CD711EAC-6FA8-46C3-9B6F-DDC37A0882F2}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{CE0ADA1C-2E01-4778-B2F1-8064F9488FFF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{D2F64948-4940-4A4D-B15F-E1A9772383DE}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{EF14EE58-0AEF-4637-A8D0-DB93908C2C1D}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{F6322410-8FC3-4501-B209-85F1B9EE26E6}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{075831A9-2E5D-4A6D-B85A-66E5DD1EC963}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | "{08ABFDCC-74A7-4EDC-AFD3-EA2EB6CE42B8}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{1ACE02D6-B4CD-40F0-A00B-5565165DCDBD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{1DAE53A6-B5B3-4B36-9B2F-05B895B0A841}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{1F506B1F-2929-4530-BA68-16BA5BA736AE}" = protocol=17 | dir=in | app=c:\users\david\appdata\local\temp\7zs16f7\hppiw.exe | "{280D1EF0-4FA0-4854-A532-A0EB425F60DC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{3029B265-66D3-4F71-BC91-D5EE2DFC71DA}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{34E51F09-BC09-431A-9C35-473954CEDB37}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{38BE1285-500B-4EBB-B767-29303546D5DB}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{3EC604E1-84F7-4C93-A3C9-55A2B38CB8CE}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{46AE9073-12A3-4D9E-A9ED-DA75D883AB5C}" = protocol=17 | dir=in | app=c:\users\david\appdata\local\temp\7zs2e46\hppiw.exe | "{4BFE54DD-9817-4317-BBFB-DA0E92F53514}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{68AF9366-0F6B-43F2-9006-21E40C2750A9}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{6BB421F6-B47A-4F9F-B5D4-DC1A6FD9594B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{6D6E3CC5-26CB-4898-AF8B-51E243230A90}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{886D69ED-F144-41E8-8317-C04385206E4C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{8A66E927-FCD4-4C51-B949-2D367D882F5C}" = dir=in | app=c:\program files (x86)\squeezebox\server\squeezesvr.exe | "{8BAC93E8-A3DF-4FD3-9948-0E734516EEB8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{8C023313-3D5A-495F-9946-3E1AEB04AB05}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{8EC2891D-7011-49AA-9F86-36FEB46DA26F}" = protocol=6 | dir=out | app=system | "{9539B8C2-F5C3-4883-9BA4-427F21FC075F}" = protocol=6 | dir=in | app=c:\users\david\appdata\local\temp\7zs2e46\hppiw.exe | "{9883A783-6AA0-40A8-9859-4EAD1CBDABEF}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | "{9B595D27-5806-475E-943C-2888DA1E8165}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | "{9D89966C-B81A-4E21-B63B-ABE0E7641651}" = dir=in | app=c:\program files (x86)\squeezebox\server\squeezesvr.exe | "{B3F137C6-4D15-4045-9545-3A8B405340F2}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | "{BC150E02-BF19-4A24-90E3-64BBD4769665}" = protocol=6 | dir=in | app=c:\users\david\appdata\local\temp\7zs16f7\hppiw.exe | "{CFC37D30-BC9B-44B6-A749-4AB4CB33D47E}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | "{E22018E0-46A2-4122-AD67-A75BD546AF98}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{EFBAED35-F0AB-4FA2-A216-E3E9ED9E2082}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{F5848F0D-E1F4-42AD-AF24-28AC989577B5}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{F5AC07F0-FA44-44D0-9495-1418AAA75A26}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{FACAAED1-EA5A-4673-9281-8D7637BEF8A5}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{FDF01D52-86F3-4D8F-91D1-26AFB3BF00A1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "TCP Query User{D927638D-507E-45D1-9C80-A0564815B7F4}C:\program files (x86)\dell\dell datasafe online\nobuclient.exe" = protocol=6 | dir=in | app=c:\program files (x86)\dell\dell datasafe online\nobuclient.exe | "UDP Query User{5B204574-474D-48AF-9821-72BD71CF3F1E}C:\program files (x86)\dell\dell datasafe online\nobuclient.exe" = protocol=17 | dir=in | app=c:\program files (x86)\dell\dell datasafe online\nobuclient.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0E262CBA-A8C6-3BE1-A812-D7490B4F2B09}" = AMD Catalyst Install Manager "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX870_series" = Canon MX870 series MP Drivers "{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant "{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Atheros Bluetooth Suite (64) "{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition) "{44302C2F-11BD-FC0C-555C-4A3616E8D927}" = ccc-utility64 "{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime "{538B98C3-773F-4F20-9C66-802D104DCBE2}" = Intel® Trusted Connect Service Client "{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources "{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007 "{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64) "{C9270CB8-7F02-D437-EF1D-3924DB369CFE}" = AMD AVIVO64 Codecs "{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service "{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "CutePDF Writer Installation" = CutePDF Writer 3.0 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "PC-Doctor for Windows" = Dell Support Center [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00CC71D6-D10E-CD8C-9987-2B21CD89F3B8}" = CCC Help Korean "{08957908-A58B-21C2-2FF4-CCDC302C319C}" = Catalyst Control Center InstallProxy "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{153286B6-8551-645B-B1AE-C90744899465}" = CCC Help Thai "{1865CA20-6CA0-2B47-10FB-079D442A0AC4}" = CCC Help Czech "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{1FAC373D-3564-698C-520D-F0E5E5447514}" = Catalyst Control Center "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel® USB 3.0 eXtensible Host Controller Driver "{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Dell WLAN and Bluetooth Client Installation "{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections "{2E2C9814-436A-A62D-65B4-5B282B2433E3}" = CCC Help Italian "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{34363EEA-096F-5942-7AB8-71035D22CBEF}" = CCC Help English "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology "{41068A8C-3F30-46B6-978A-EA692F28D1AF}" = Multimedia Card Reader "{4554C679-5E8A-736B-2077-BCB6FE44F444}" = CCC Help German "{517FBD21-11B8-C5C6-A117-407A92ADBF21}" = CCC Help Greek "{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack "{583D68F8-9D9A-76CB-DDCB-5B135CFA73C1}" = CCC Help Portuguese "{5D9E8D1D-9C13-4EA3-2FBF-5BC16B309859}" = CCC Help Swedish "{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{70F7F759-6F96-490A-7C83-87F7B3E6DE59}" = CCC Help Chinese Standard "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{76BD5955-2A21-A049-4B25-241E107B5D1E}" = CCC Help Turkish "{7A036E28-AE5C-4662-B24F-8D8B65116F3C}" = Catalyst Control Center - Branding "{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger "{810ADC23-569C-EBB9-015F-DA6658FDC380}" = CCC Help Chinese Traditional "{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{84F52EFF-C6BB-80E5-0294-3FF7927054E1}" = CCC Help Norwegian "{856D3E24-0DB4-1C23-8196-3F899C866259}" = Catalyst Control Center Localization All "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8DED2990-A33F-E54F-7F8A-8B7622E19D0D}" = CCC Help Polish "{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007 "{90120000-0015-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0016-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-0018-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007 "{90120000-0019-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007 "{90120000-001A-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_PROR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_PROR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_PROR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-002A-0000-1000-0000000FF1CE}_PROR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002A-0409-1000-0000000FF1CE}_PROR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}_PROR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}_PROR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0116-0409-1000-0000000FF1CE}_PROR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007 "{90120000-0117-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{903679E8-44C8-4C07-9600-05C92654FC50}" = QualxServ Service Agreement "{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007 "{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3) "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{9DEAF9B4-3967-DEC7-4721-2624D7A52330}" = CCC Help French "{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh "{A69F04D1-01E7-F06E-BD5C-AA5BB72A5124}" = CCC Help Japanese "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A8B88634-7F90-402F-B66A-86429755F6A5}" = eBay "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer "{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.4) MUI "{ADF06D43-D3D3-C38F-4627-177BAC9D4C76}" = CCC Help Spanish "{B9C42CED-B790-78F6-3C25-6C3EE07EE765}" = CCC Help Hungarian "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail "{CD144FE2-58C1-603B-9BD8-A39096D1D9A3}" = CCC Help Danish "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D5EB832B-F953-A1BC-B9B4-9EBEBD17D3FB}" = CCC Help Russian "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{DEFD0E9E-5A6D-34C8-8338-DF2E7770D0FA}" = CCC Help Finnish "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10 "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center "{F9145944-F223-777C-CBBE-FF35ED649ACE}" = CCC Help Dutch "{F91BF1B5-4213-440C-8539-C6EB2F1D1734}" = Dell Digital Delivery "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Audacity_is1" = Audacity 2.0.2 "Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility "Canon_IJ_Network_UTILITY" = Canon IJ Network Tool "CanonSolutionMenu" = Canon Utilities Solution Menu "Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX "Easy-WebPrint EX" = Canon Easy-WebPrint EX "Exact Audio Copy" = Exact Audio Copy 1.0beta3 "FFmpeg for Audacity_is1" = FFmpeg v0.6.2 for Audacity "foobar2000" = foobar2000 v1.1.17 beta 1 "FreeFileSync" = FreeFileSync 5.9 "Google Calendar Sync" = Google Calendar Sync "InstallShield_{41068A8C-3F30-46B6-978A-EA692F28D1AF}" = Multimedia Card Reader "IrfanView" = IrfanView (remove only) "LADSPA_plugins-win_is1" = LADSPA_plugins-win-0.4.15 "LAME_is1" = LAME v3.99.3 (for Windows) "Logitech Media Server_is1" = Logitech Media Server 7.7.3 "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.1.1000 "MP Navigator EX 3.1" = Canon MP Navigator EX 3.1 "MSC" = McAfee SecurityCenter "PROR" = Microsoft Office Professional 2007 "WinLiveSuite" = Windows Live Essentials "YTdetect" = Yahoo! Detect ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 11/11/2012 10:15:24 AM | Computer Name = David-Office | Source = WinMgmt | ID = 10 Description = Error - 11/12/2012 4:14:36 AM | Computer Name = David-Office | Source = MsiInstaller | ID = 11935 Description = Error - 11/12/2012 4:33:43 AM | Computer Name = David-Office | Source = WinMgmt | ID = 10 Description = Error - 11/12/2012 5:02:15 AM | Computer Name = David-Office | Source = DellDigitalDelivery | ID = 0 Description = Failed in handling the PowerEvent. The error that occurred was: System.InvalidOperationException: Collection was modified; enumeration operation may not execute. at System.ThrowHelper.ThrowInvalidOperationException(ExceptionResource resource) at Dell.Svdc.ClientFulfillmentService.UiWcfSession.ShutDownTrayAppAndDisposeOfClients() at Dell.Svdc.ClientFulfillmentService.ClientFulfillmentService.OnPowerEvent(PowerBroadcastStatus powerStatus) at System.ServiceProcess.ServiceBase.DeferredPowerEvent(Int32 eventType, IntPtr eventData). [ System Events ] Error - 11/25/2012 11:54:57 PM | Computer Name = David-Office | Source = Service Control Manager | ID = 7031 Description = The McAfee McShield service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service. Error - 11/26/2012 12:39:57 AM | Computer Name = David-Office | Source = Service Control Manager | ID = 7034 Description = The Dell Digital Delivery Service service terminated unexpectedly. It has done this 1 time(s). Error - 11/26/2012 6:01:57 AM | Computer Name = David-Office | Source = Service Control Manager | ID = 7034 Description = The Dell Digital Delivery Service service terminated unexpectedly. It has done this 1 time(s). Error - 11/26/2012 5:38:59 PM | Computer Name = David-Office | Source = Service Control Manager | ID = 7034 Description = The Dell Digital Delivery Service service terminated unexpectedly. It has done this 1 time(s). Error - 11/26/2012 5:46:06 PM | Computer Name = David-Office | Source = Service Control Manager | ID = 7034 Description = The Dell Digital Delivery Service service terminated unexpectedly. It has done this 1 time(s). Error - 11/26/2012 6:10:12 PM | Computer Name = David-Office | Source = Service Control Manager | ID = 7030 Description = The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error - 11/26/2012 6:11:50 PM | Computer Name = David-Office | Source = Service Control Manager | ID = 7030 Description = The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error - 11/26/2012 6:11:54 PM | Computer Name = David-Office | Source = Service Control Manager | ID = 7030 Description = The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error - 11/26/2012 6:14:58 PM | Computer Name = David-Office | Source = Service Control Manager | ID = 7034 Description = The Dell Digital Delivery Service service terminated unexpectedly. It has done this 1 time(s). < End of report >

Oops, forgot to include FRST.txt. I'm attaching the file since I get an error message that my post is too long if I paste into the body of this post. FRST.txt

Thanks for your quick response...really appreciate your help! Here are the logs you requested: FIRST.txt RogueKiller V8.3.1 [Nov 26 2012] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : David [Admin rights] Mode : Scan -- Date : 11/27/2012 09:28:37 ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 6 ¤¤¤ [HJPOL] HKLM\[...]\System : DisableTaskMgr (0) -> FOUND [HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND [HJPOL] HKLM\[...]\Wow6432Node\System : DisableTaskMgr (0) -> FOUND [HJPOL] HKLM\[...]\Wow6432Node\System : DisableRegistryTools (0) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED] ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: 1W1ELLDN +++++ --- User --- [MBR] 6f896d60972a9120b6119a4aa04f8bf1 [bSP] add3a3c021d31e2f1fd31cce66ea33aa : Windows Vista MBR Code Partition table: 0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 12544 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 25772032 | Size: 1895140 Mo User = LL1 ... OK! Error reading LL2 MBR! +++++ PhysicalDrive1: Fantom External HDD USB Device +++++ --- User --- [MBR] 7742485611119950435883489a1ff3fa [bSP] eca0422a871376a7d10cb98dea59eac3 : Windows XP MBR Code Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 1907726 Mo User = LL1 ... OK! Error reading LL2 MBR! +++++ PhysicalDrive2: JetFlash Transcend 32GB USB Device +++++ --- User --- [MBR] 56142f7d3cfeaa687d47756b2c9093e3 [bSP] 33a07a59d299ab4ea9f4ab0156f9d86f : Windows XP MBR Code Partition table: 0 - [ACTIVE] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 18160 | Size: 30939 Mo User = LL1 ... OK! Error reading LL2 MBR! +++++ PhysicalDrive3: Initio WD7500AAKS-00RBA USB Device +++++ --- User --- [MBR] 33778a7431a6b4744c14a30fc7e785ca [bSP] 60e6a503683e98127ac809b6ffc02f92 : Windows XP MBR Code Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 715402 Mo User = LL1 ... OK! Error reading LL2 MBR! +++++ PhysicalDrive4: DMI External HDD USB Device +++++ --- User --- [MBR] a89ac0e6f3e2e749d7e3e0e7b7b5c1da [bSP] acfb4f17c24d80280252d29e9551be73 : Windows XP MBR Code Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 953867 Mo User = LL1 ... OK! Error reading LL2 MBR! Finished : << RKreport[1]_S_11272012_02d0928.txt >> RKreport[1]_S_11272012_02d0928.txt ======================================================================================================== RogueKiller log RogueKiller V8.3.1 [Nov 26 2012] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : David [Admin rights] Mode : Scan -- Date : 11/27/2012 09:28:37 ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 6 ¤¤¤ [HJPOL] HKLM\[...]\System : DisableTaskMgr (0) -> FOUND [HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND [HJPOL] HKLM\[...]\Wow6432Node\System : DisableTaskMgr (0) -> FOUND [HJPOL] HKLM\[...]\Wow6432Node\System : DisableRegistryTools (0) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED] ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: 1W1ELLDN +++++ --- User --- [MBR] 6f896d60972a9120b6119a4aa04f8bf1 [bSP] add3a3c021d31e2f1fd31cce66ea33aa : Windows Vista MBR Code Partition table: 0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 12544 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 25772032 | Size: 1895140 Mo User = LL1 ... OK! Error reading LL2 MBR! +++++ PhysicalDrive1: Fantom External HDD USB Device +++++ --- User --- [MBR] 7742485611119950435883489a1ff3fa [bSP] eca0422a871376a7d10cb98dea59eac3 : Windows XP MBR Code Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 1907726 Mo User = LL1 ... OK! Error reading LL2 MBR! +++++ PhysicalDrive2: JetFlash Transcend 32GB USB Device +++++ --- User --- [MBR] 56142f7d3cfeaa687d47756b2c9093e3 [bSP] 33a07a59d299ab4ea9f4ab0156f9d86f : Windows XP MBR Code Partition table: 0 - [ACTIVE] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 18160 | Size: 30939 Mo User = LL1 ... OK! Error reading LL2 MBR! +++++ PhysicalDrive3: Initio WD7500AAKS-00RBA USB Device +++++ --- User --- [MBR] 33778a7431a6b4744c14a30fc7e785ca [bSP] 60e6a503683e98127ac809b6ffc02f92 : Windows XP MBR Code Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 715402 Mo User = LL1 ... OK! Error reading LL2 MBR! +++++ PhysicalDrive4: DMI External HDD USB Device +++++ --- User --- [MBR] a89ac0e6f3e2e749d7e3e0e7b7b5c1da [bSP] acfb4f17c24d80280252d29e9551be73 : Windows XP MBR Code Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 953867 Mo User = LL1 ... OK! Error reading LL2 MBR! Finished : << RKreport[1]_S_11272012_02d0928.txt >> RKreport[1]_S_11272012_02d0928.txt

Hello! I'm new to the forum and hope you can help. My week-old Win7 computer started showing suspicious behavior two days ago. Some of the system icons, such as .mp3 changed to a generic white rectangle, though the files still work. Various "fixes" posted on Microsoft failed. I downloaded Malwarebytes which discovered Trojan-Ransom and removed it (McAfee which is running on the system did not find it). I've rebooted several times and re-scanned with Malwarebytes, which does not see any further infection. I'm concerned that the Trojan may still be lurking, based on other reports of recurrent infection. Can you help me investigate further? THX DDS: DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16455 Run by David at 20:10:40 on 2012-11-26 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8153.5675 [GMT -5:00] . AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892} SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: McAfee Firewall *Disabled* {959DA8E2-3527-57D1-4915-924367AD4FE9} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe C:\Windows\system32\atieclxx.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation c:\Program Files\Intel\iCLS Client\HeciServer.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Windows\system32\mfevtps.exe C:\PROGRA~2\SQUEEZ~1\server\SqueezeSvr.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Program Files\mcafee.com\agent\mcagent.exe C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Windows\System32\WUDFHost.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Windows\system32\svchost.exe -k HPService C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Program Files\Common Files\McAfee\Core\mchost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ig uDefault_Page_URL = hxxp://dell13.msn.com mWinlogon: Userinit = userinit.exe, BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\mcafee\SystemCore\ScriptSn.20121110234248.dll BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll mRun: [startCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60 mRun: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" mRun: [shwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey mRun: [iJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\GOOGLE~1.LNK - C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\LOGITE~1.LNK - C:\Program Files (x86)\Squeezebox\SqueezeTray.exe mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} TCP: NameServer = 192.168.1.254 TCP: Interfaces\{C708C6C8-AA35-497C-9F47-265D94DEE69F} : DHCPNameServer = 192.168.1.254 Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> x64-BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\mcafee\SystemCore\ScriptSn.20121110234248.dll x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX4 x64-Run: [AtherosBtStack] "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe" x64-Run: [AthBtTray] "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe" x64-Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-SSODL: WebCheck - <orphaned> . ============= SERVICES / DRIVERS =============== . R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2012-11-2 16152] R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2011-3-13 752672] R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2011-3-13 335784] R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2012-11-2 98208] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-11-2 204288] R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe [2011-12-29 106144] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-11-2 13592] R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-1-10 627936] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-11-26 399432] R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-11-13 201304] R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-11-13 201304] R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-11-13 201304] R2 McShield;McAfee McShield;C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe [2012-11-2 237920] R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe [2012-11-2 218320] R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2012-11-2 177144] R2 squeezesvc;Logitech Media Server;C:\PROGRA~2\SQUEEZ~1\server\SqueezeSvr.exe [2012-11-14 14032993] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-11-2 363800] R2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe [2011-12-29 158880] R2 ZAtheros Wlan Agent;ZAtheros Wlan Agent;C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [2012-11-2 76960] R3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2011-12-29 36000] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-11-2 93712] R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2011-12-29 338592] R3 btath_avdt;Atheros Bluetooth AVDT Service;C:\Windows\System32\drivers\btath_avdt.sys [2011-12-29 110752] R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2011-12-29 30368] R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2011-12-29 167584] R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers\btath_lwflt.sys [2011-12-29 68256] R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2011-12-29 280992] R3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2011-12-29 548000] R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2011-3-13 69672] R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-11-2 331264] R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2012-11-2 356120] R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2012-11-2 787736] R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2011-3-13 300392] R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2011-3-13 513456] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-11-2 648808] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2012-10-9 173568] S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-11-26 676936] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944] S3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\System32\drivers\HipShieldK.sys [2012-11-13 196440] S3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-11-26 25928] S3 McAWFwk;McAfee Activation Service;C:\PROGRA~1\mcafee\msc\mcawfwk.exe [2012-11-2 224704] S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\System32\drivers\mferkdet.sys [2011-3-13 106112] S3 PCDSRVC{1E208CE0-FB7451FF-06020200}_0;PCDSRVC{1E208CE0-FB7451FF-06020200}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\Dell Support Center\pcdsrvc_x64.pkms [2012-9-4 25584] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-11-12 1255736] S4 McOobeSv;McAfee OOBE Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-11-13 201304] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2012-11-26 22:42:52 -------- d-----w- C:\Users\David\AppData\Roaming\Malwarebytes 2012-11-26 22:42:43 -------- d-----w- C:\ProgramData\Malwarebytes 2012-11-26 22:42:41 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-11-26 22:42:41 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-11-26 17:06:46 -------- d-----w- C:\Program Files (x86)\Staples CD Labeler v5 2012-11-26 16:58:04 -------- d-----w- C:\Users\David\AppData\Local\MicroVision Applications 2012-11-26 16:45:45 -------- d-----w- C:\Program Files (x86)\Staples CD Labeler 2012-11-26 16:45:45 -------- d-----w- C:\Program Files (x86)\Common Files\SureThing Shared 2012-11-25 17:03:08 -------- d-----w- C:\Users\David\AppData\Roaming\FreeFileSync 2012-11-25 17:01:35 -------- d-----w- C:\Program Files\FreeFileSync 2012-11-25 17:01:34 -------- d-----w- C:\Users\David\AppData\Local\CrashDumps 2012-11-24 22:25:35 -------- d-----w- C:\Users\David\AppData\Local\Apps 2012-11-24 18:47:46 -------- d--h--w- C:\ProgramData\CanonIJScan 2012-11-20 01:04:55 -------- d-----w- C:\Program Files (x86)\Ffmpeg For Audacity 2012-11-20 01:03:25 -------- d-----w- C:\Program Files (x86)\Lame For Audacity 2012-11-20 00:48:51 -------- d-----w- C:\Program Files (x86)\Audacity 2012-11-19 04:55:02 -------- d-----w- C:\Programs 2012-11-19 04:14:33 -------- d-----w- C:\Program Files (x86)\IrfanView 2012-11-19 03:29:19 -------- d-----w- C:\Users\David\AppData\Roaming\EAC 2012-11-19 03:29:17 -------- d-----w- C:\Users\David\AppData\Roaming\AccurateRip 2012-11-19 03:29:10 -------- d-----w- C:\Program Files (x86)\Exact Audio Copy 2012-11-19 01:53:48 -------- d-----w- C:\ProgramData\PC-Doctor for Windows 2012-11-19 01:53:33 -------- d-----w- C:\Program Files\Dell Support Center 2012-11-19 00:15:40 -------- d-----w- C:\Users\David\AppData\Roaming\Dell 2012-11-19 00:15:37 -------- d-----w- C:\Users\David\AppData\Roaming\PCDr 2012-11-19 00:15:13 -------- d-----w- C:\ProgramData\PCDr 2012-11-19 00:09:06 -------- d-----w- C:\Users\David\AppData\Local\Dell Edoc Viewer 2012-11-15 21:02:22 -------- d-----w- C:\Users\David\AppData\Local\CutePDF Writer 2012-11-15 19:02:48 -------- d-----w- C:\Program Files (x86)\GPLGS 2012-11-15 19:01:51 87152 ----a-w- C:\Windows\System32\cpwmon64.dll 2012-11-15 19:01:50 -------- d-----w- C:\Program Files (x86)\Acro Software 2012-11-15 13:34:01 -------- d-----w- C:\Users\David\AppData\Local\ElevatedDiagnostics 2012-11-15 05:09:08 9728 ----a-w- C:\Windows\System32\Wdfres.dll 2012-11-15 05:09:08 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys 2012-11-15 05:09:08 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys 2012-11-15 05:09:08 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui 2012-11-15 05:05:20 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys 2012-11-15 05:05:20 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll 2012-11-15 05:05:20 744448 ----a-w- C:\Windows\System32\WUDFx.dll 2012-11-15 05:05:20 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll 2012-11-15 05:05:20 229888 ----a-w- C:\Windows\System32\WUDFHost.exe 2012-11-15 05:05:20 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys 2012-11-15 05:05:20 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll 2012-11-15 05:04:38 458712 ----a-w- C:\Windows\System32\drivers\cng.sys 2012-11-15 05:04:38 340992 ----a-w- C:\Windows\System32\schannel.dll 2012-11-15 05:04:38 307200 ----a-w- C:\Windows\System32\ncrypt.dll 2012-11-15 05:04:38 247808 ----a-w- C:\Windows\SysWow64\schannel.dll 2012-11-15 05:04:37 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll 2012-11-15 05:04:37 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll 2012-11-15 05:04:37 22016 ----a-w- C:\Windows\SysWow64\secur32.dll 2012-11-15 05:04:37 154480 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2012-11-15 05:04:37 1448448 ----a-w- C:\Windows\System32\lsasrv.dll 2012-11-15 05:04:35 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll 2012-11-15 05:04:35 366592 ----a-w- C:\Windows\System32\qdvd.dll 2012-11-15 01:50:12 -------- d-----w- C:\Users\David\AppData\Roaming\foobar2000 2012-11-15 01:50:07 -------- d-----w- C:\Program Files (x86)\foobar2000 2012-11-14 05:59:56 -------- d-----w- C:\Users\David\AppData\Local\Diagnostics 2012-11-14 05:41:19 -------- d-----w- C:\ProgramData\Squeezebox 2012-11-14 05:41:19 -------- d-----w- C:\Program Files (x86)\Squeezebox 2012-11-14 02:48:58 -------- d-----w- C:\updates 2012-11-14 00:56:09 -------- d-----w- C:\Users\David\AppData\Local\Google 2012-11-13 14:23:58 196440 ----a-w- C:\Windows\System32\drivers\HipShieldK.sys 2012-11-12 18:07:12 -------- d-----w- C:\Users\David\AppData\Local\Adobe 2012-11-12 17:47:54 -------- d-----w- C:\Program Files\Common Files\CANON 2012-11-12 17:46:14 -------- d-----w- C:\Program Files\Canon 2012-11-12 17:44:57 -------- d-----w- C:\ProgramData\Canon IJ Network Tool 2012-11-12 17:44:56 -------- d-----w- C:\Program Files (x86)\Canon 2012-11-12 17:44:55 307200 ----a-w- C:\Windows\SysWow64\CNC870L.dll 2012-11-12 17:44:55 15872 ----a-w- C:\Windows\SysWow64\CNHMCA.dll 2012-11-12 17:44:55 102400 ----a-w- C:\Windows\SysWow64\CNC870U.dll 2012-11-12 17:41:02 39424 ----a-w- C:\Windows\System32\CNMN6UI.DLL 2012-11-12 17:41:02 366592 ----a-w- C:\Windows\SysWow64\CNMNPPM.DLL 2012-11-12 17:41:02 359936 ----a-w- C:\Windows\System32\CNMN6PPM.DLL 2012-11-12 17:41:02 -------- d-----w- C:\Windows\System32\STRING 2012-11-12 17:40:24 99840 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\CNMPPA7.DLL 2012-11-12 17:40:24 30208 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\CNMPDA7.DLL 2012-11-12 17:40:05 385024 ----a-w- C:\Windows\System32\CNMLMA7.DLL 2012-11-12 17:40:00 2560 ----a-w- C:\Windows\System32\CNCFLmTH.DLL 2012-11-12 17:40:00 2560 ----a-w- C:\Windows\System32\CNCFLmKR.DLL 2012-11-12 17:40:00 2048 ----a-w- C:\Windows\System32\CNCFLmTW.DLL 2012-11-12 08:31:08 -------- d-----w- C:\Windows\SysWow64\Wat 2012-11-12 08:31:08 -------- d-----w- C:\Windows\System32\Wat 2012-11-11 14:26:48 -------- d-----w- C:\Program Files (x86)\Dell Digital Delivery 2012-11-11 12:31:26 1659760 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2012-11-11 12:31:20 886784 ----a-w- C:\Program Files\Common Files\System\wab32.dll 2012-11-11 12:31:20 708608 ----a-w- C:\Program Files (x86)\Common Files\System\wab32.dll 2012-11-11 12:31:02 395776 ----a-w- C:\Windows\System32\webio.dll 2012-11-11 12:31:02 314880 ----a-w- C:\Windows\SysWow64\webio.dll 2012-11-11 12:31:01 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-11-11 12:31:00 3968880 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-11-11 12:31:00 3914096 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-11-11 12:28:51 2048 ----a-w- C:\Windows\SysWow64\tzres.dll 2012-11-11 12:27:59 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll 2012-11-11 12:27:59 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll 2012-11-11 01:46:18 -------- d-----w- C:\Users\David\AppData\Local\Microsoft Help 2012-11-10 23:03:53 -------- dc----w- C:\Users\David\AppData\Local\MigWiz 2012-11-10 23:01:34 -------- d-----w- C:\Users\David\AppData\Roaming\Intel Corporation 2012-11-10 23:00:40 -------- d-----w- C:\Users\David\AppData\Local\BMExplorer 2012-11-10 23:00:34 -------- d-----w- C:\Users\David\AppData\Roaming\Atheros 2012-11-10 23:00:34 -------- d-----w- C:\Users\David\AppData\Local\ATI 2012-11-10 23:00:20 -------- d-----w- C:\Users\David\AppData\Local\VirtualStore 2012-11-10 22:58:54 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys 2012-11-10 22:56:49 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2012-11-10 22:56:10 99840 ----a-w- C:\Windows\System32\wudriver.dll 2012-11-10 22:56:09 36864 ----a-w- C:\Windows\System32\wuapp.exe 2012-11-10 22:56:09 186752 ----a-w- C:\Windows\System32\wuwebv.dll 2012-11-02 22:06:20 0 ----a-w- C:\Windows\ativpsrm.bin 2012-11-02 22:05:45 -------- d-----w- C:\Windows\System32\SRSLabs 2012-11-02 22:05:24 -------- d-----w- C:\Program Files\Realtek 2012-11-02 22:05:23 -------- d-----w- C:\Windows\SysWow64\RTCOM 2012-11-02 22:00:59 976896 ----a-w- C:\Windows\System32\inetcomm.dll 2012-11-02 21:57:24 -------- d-----w- C:\Apps 2012-11-02 21:50:03 568600 ----a-w- C:\Windows\System32\drivers\iaStor.sys 2012-11-02 21:50:00 331264 ----a-w- C:\Windows\System32\drivers\IntcDAud.sys 2012-11-02 21:50:00 14848 ----a-w- C:\Windows\System32\IntcDAuC.dll 2012-11-02 21:47:54 995328 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll 2012-11-02 21:45:51 -------- d-----w- C:\Windows\System32\oem 2012-11-02 21:45:50 -------- d-----w- C:\Drivers 2012-11-02 20:46:16 -------- d-----w- C:\ProgramData\Atheros 2012-11-02 20:40:48 -------- d-----w- C:\Program Files (x86)\Common Files\Intel Corporation 2012-11-02 20:37:29 10288 ----a-w- C:\Windows\System32\drivers\mfeclnk.sys 2012-11-02 20:37:27 177144 ----a-w- C:\Windows\System32\mfevtps.exe 2012-11-02 20:37:23 -------- d-----w- C:\Program Files\Common Files\mcafee 2012-11-02 20:37:23 -------- d-----w- C:\Program Files (x86)\mcafee.com 2012-11-02 20:37:22 -------- d-----w- C:\Program Files\mcafee.com 2012-11-02 20:37:22 -------- d-----w- C:\Program Files\mcafee 2012-11-02 20:37:22 -------- d-----w- C:\Program Files (x86)\McAfee 2012-11-02 20:37:22 -------- d-----w- C:\Program Files (x86)\Common Files\mcafee 2012-11-02 20:36:02 -------- d-----w- C:\Windows\en 2012-11-02 20:35:35 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition 2012-11-02 20:35:04 -------- d-----w- C:\Windows\PCHEALTH 2012-11-02 20:34:35 69464 ----a-w- C:\Windows\SysWow64\XAPOFX1_3.dll 2012-11-02 20:34:35 523088 ----a-w- C:\Windows\System32\d3dx10_42.dll 2012-11-02 20:34:35 515416 ----a-w- C:\Windows\SysWow64\XAudio2_5.dll 2012-11-02 20:34:35 453456 ----a-w- C:\Windows\SysWow64\d3dx10_42.dll 2012-11-02 20:33:36 4398360 ----a-w- C:\Windows\System32\d3dx9_32.dll 2012-11-02 20:33:36 3426072 ----a-w- C:\Windows\SysWow64\d3dx9_32.dll 2012-11-02 20:32:08 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\20f355d21cdb93903\DSETUP.dll 2012-11-02 20:32:08 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\20f355d21cdb93903\DXSETUP.exe 2012-11-02 20:32:08 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\20f355d21cdb93903\dsetup32.dll 2012-11-02 20:32:08 15712 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\210b23941cdb93904\MeshBetaRemover.exe 2012-11-02 20:32:07 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\20cd3fcd1cdb93902\DSETUP.dll 2012-11-02 20:32:07 6260088 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\20a4c8691cdb93901\Silverlight.4.0.exe 2012-11-02 20:32:07 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\20cd3fcd1cdb93902\DXSETUP.exe 2012-11-02 20:32:07 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\20cd3fcd1cdb93902\dsetup32.dll 2012-11-02 20:32:07 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live 2012-11-02 20:28:44 151656 ----a-w- C:\Windows\System32\drivers\WimFltr.sys 2012-11-02 20:26:14 -------- d-----w- C:\Program Files (x86)\Common Files\Atheros 2012-11-02 20:25:57 63648 ----a-w- C:\Windows\System32\athihvui.dll 2012-11-02 20:25:57 442528 ----a-w- C:\Windows\System32\athihvs.dll 2012-11-02 20:25:57 2797056 ----a-w- C:\Windows\System32\drivers\athrx.sys 2012-11-02 20:25:57 2797056 ----a-w- C:\Windows\System32\athrx.sys 2012-11-02 20:25:57 -------- d-----w- C:\Windows\System32\nn-NO 2012-11-02 20:25:57 -------- d-----w- C:\Windows\Options 2012-11-02 20:25:55 -------- d-----w- C:\Program Files (x86)\Dell Wireless 2012-11-02 20:25:54 -------- d-----w- C:\Program Files (x86)\Cisco 2012-11-02 20:25:05 -------- d-----w- C:\Program Files (x86)\Multimedia Card Reader(9106) 2012-11-02 20:24:17 41984 ----a-w- C:\Windows\System32\drivers\USB3Ver.dll 2012-11-02 20:24:16 787736 ----a-w- C:\Windows\System32\drivers\iusb3xhc.sys 2012-11-02 20:24:16 356120 ----a-w- C:\Windows\System32\drivers\iusb3hub.sys 2012-11-02 20:24:16 1721576 ----a-w- C:\Windows\System32\WdfCoInstaller01009.dll 2012-11-02 20:24:16 16152 ----a-w- C:\Windows\System32\drivers\iusb3hcs.sys 2012-11-02 20:24:12 15128 ----a-w- C:\Windows\System32\drivers\IntelMEFWVer.dll 2012-11-02 20:23:29 -------- d-----w- C:\Program Files (x86)\Common Files\postureAgent 2012-11-02 20:21:05 -------- d-----w- C:\Intel 2012-11-02 20:21:02 -------- d-----w- C:\Program Files (x86)\AMD APP 2012-11-02 20:20:53 -------- d-----w- C:\Program Files\Common Files\ATI Technologies 2012-11-02 20:20:44 -------- d-----w- C:\Program Files\ATI 2012-11-02 20:20:44 -------- d-----w- C:\Program Files (x86)\ATI Technologies 2012-11-02 20:11:05 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-11-02 20:11:05 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-11-02 20:11:03 -------- d-----w- C:\Program Files\Dell Inc 2012-11-02 20:08:54 142336 ----a-w- C:\Windows\System32\poqexec.exe 2012-11-02 20:08:54 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe 2012-10-31 20:10:00 829264 ----a-w- C:\Windows\System32\msvcr100.dll 2012-10-31 20:10:00 773968 ----a-w- C:\Windows\SysWow64\msvcr100.dll 2012-10-31 20:10:00 421200 ----a-w- C:\Windows\SysWow64\msvcp100.dll 2012-10-31 20:10:00 158536 ----a-w- C:\Windows\System32\atl100.dll 2012-10-31 20:10:00 138056 ----a-w- C:\Windows\SysWow64\atl100.dll . ==================== Find3M ==================== . 2012-11-02 22:00:59 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2012-11-02 21:47:54 91648 ----a-w- C:\Windows\System32\SetIEInstalledDate.exe 2012-10-18 18:25:58 3149824 ----a-w- C:\Windows\System32\win32k.sys 2012-10-09 18:17:13 55296 ----a-w- C:\\Windows\System32\dhcpcsvc6.dll 2012-10-09 18:17:13 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll 2012-10-09 17:40:31 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll 2012-10-09 17:40:31 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll 2012-10-08 11:31:03 2312704 ----a-w- C:\Windows\System32\jscript9.dll 2012-10-08 11:23:52 1392128 ----a-w- C:\Windows\System32\wininet.dll 2012-10-08 11:22:55 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-10-08 11:18:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-10-08 11:17:35 599040 ----a-w- C:\Windows\System32\vbscript.dll 2012-10-08 11:13:33 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-10-08 07:56:24 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-10-08 07:48:03 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-10-08 07:47:44 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-10-08 07:44:05 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-10-08 07:43:21 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll 2012-10-08 07:40:56 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-10-03 17:56:54 1914248 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2012-10-03 17:44:21 70656 ----a-w- C:\Windows\System32\nlaapi.dll 2012-10-03 17:44:21 303104 ----a-w- C:\Windows\System32\nlasvc.dll 2012-10-03 17:44:17 246272 ----a-w- C:\Windows\System32\netcorehc.dll 2012-10-03 17:44:17 18944 ----a-w- C:\Windows\System32\netevent.dll 2012-10-03 17:44:16 216576 ----a-w- C:\Windows\System32\ncsi.dll 2012-10-03 17:42:16 569344 ----a-w- C:\Windows\System32\iphlpsvc.dll 2012-10-03 16:42:24 18944 ----a-w- C:\Windows\SysWow64\netevent.dll 2012-10-03 16:42:24 175104 ----a-w- C:\Windows\SysWow64\netcorehc.dll 2012-10-03 16:42:23 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll 2012-10-03 16:07:26 45568 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys 2012-09-25 22:47:43 78336 ----a-w- C:\Windows\SysWow64\synceng.dll 2012-09-25 22:46:17 95744 ----a-w- C:\Windows\System32\synceng.dll 2012-09-14 19:19:29 2048 ----a-w- C:\Windows\System32\tzres.dll . ============= FINISH: 20:10:49.10 =============== ATTACH Text DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 11/10/2012 5:55:37 PM System Uptime: 11/26/2012 6:22:50 PM (2 hours ago) . Motherboard: Dell Inc. | | 0YJPT1 Processor: Intel® Core™ i7-3770 CPU @ 3.40GHz | CPU 1 | 3401/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 1851 GiB total, 1724.585 GiB free. D: is CDROM () E: is Removable F: is FIXED (NTFS) - 932 GiB total, 222.093 GiB free. G: is Removable H: is Removable S: is Removable T: is FIXED (NTFS) - 699 GiB total, 332.423 GiB free. . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP20: 11/15/2012 12:24:39 AM - Windows Update RP21: 11/15/2012 2:18:09 PM - office bulk win7 updates & foobar RP22: 11/16/2012 3:00:22 AM - Windows Update RP23: 11/18/2012 4:56:10 PM - Windows Backup RP24: 11/19/2012 7:46:47 PM - before audacity install RP25: 11/25/2012 8:59:26 AM - Installed 7-Zip 9.20 (x64 edition) RP26: 11/26/2012 11:20:27 AM - Windows Backup RP27: 11/26/2012 5:25:28 PM - Restore Operation . ==== Installed Programs ====================== . 7-Zip 9.20 (x64 edition) Adobe Flash Player 11 ActiveX Adobe Reader X (10.1.4) MUI AMD APP SDK Runtime AMD AVIVO64 Codecs AMD Catalyst Install Manager Atheros Bluetooth Suite (64) Audacity 2.0.2 Canon Easy-PhotoPrint EX Canon Easy-WebPrint EX Canon IJ Network Scan Utility Canon IJ Network Tool Canon MP Navigator EX 3.1 Canon MX870 series MP Drivers Canon Utilities Solution Menu Catalyst Control Center Catalyst Control Center - Branding Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish Cisco EAP-FAST Module Cisco LEAP Module Cisco PEAP Module CutePDF Writer 3.0 D3DX10 Dell Digital Delivery Dell Edoc Viewer Dell Support Center Dell WLAN and Bluetooth Client Installation eBay Exact Audio Copy 1.0beta3 FFmpeg v0.6.2 for Audacity foobar2000 v1.1.17 beta 1 FreeFileSync 5.9 Google Calendar Sync Intel® Control Center Intel® Management Engine Components Intel® Rapid Storage Technology Intel® USB 3.0 eXtensible Host Controller Driver Intel® Trusted Connect Service Client IrfanView (remove only) Junk Mail filter update LADSPA_plugins-win-0.4.15 LAME v3.99.3 (for Windows) Logitech Media Server 7.7.3 Malwarebytes Anti-Malware version 1.65.1.1000 McAfee SecurityCenter Mesh Runtime Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Application Error Reporting Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office 2010 Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Office 64-bit Components 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Professional 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared 64-bit MUI (English) 2007 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 MSVCRT MSVCRT_amd64 Multimedia Card Reader QualxServ Service Agreement Realtek High Definition Audio Driver Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687314) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2687315) 32-Bit Edition Shared C Run-time for x64 Skype™ 5.10 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Update for Microsoft Office Access 2007 Help (KB963663) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760413) 32-Bit Edition Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Yahoo! Detect . ==== Event Viewer Messages From Past Week ======== . 11/26/2012 6:25:21 PM, Error: Service Control Manager [7034] - The Dell Digital Delivery Service service terminated unexpectedly. It has done this 1 time(s). 11/26/2012 5:32:19 PM, Error: Service Control Manager [7024] - The HomeGroup Listener service terminated with service-specific error %%-2147023143. 11/26/2012 5:28:17 PM, Error: Service Control Manager [7024] - The Windows Firewall service terminated with service-specific error Access is denied.. 11/26/2012 5:11:54 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. 11/25/2012 10:54:57 PM, Error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service. . ==== End Of File ===========================