DKap
-
Posts
14 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by DKap
-
-
Thanks, TDK.
Yes, I'll make sure to follow your suggestions going forward.
One final question: Some of the uninstall instructions are for tools we didn't use, such as adwcleaner.exe. Am I correct that this is a more extensive list and not limited to the tools we used?
I'm very grateful for your terrific support! I may even have learned something.
-
Good afternoon TDK,
I ran "Check for Updates" in my Adobe Reader X (Version 10.1.4) .... response was "No Updates Available." I thought the Screen317's checkup.txt warning was strange ... I had updated Adobe Reader very recently. Not sure what prompted the warning.
In any event, do I dare say it, I don't believe I have any issues remaining. What do you think ... are we done?
If so, do I need to uninstall or delete any of the files left by the multiple scanners I used? I noticed, for example, that ESET saved an uninstaller.exe in the folder it created in Program Files (x86).
-
Thanks, TDK.
I ran ESET online scanner as directed. I found the log.txt in the Program Files (x86) directory since this is a 64 bit machine. the log file was time-stamped for the time I originally set up for online scanning and allowed download installation of the ActiveX control. I did not run the scan until sometime later pending your response, above. The log file does not seem to be updated with the results of the scan. I'm quite sure I clicked all the right buttons after the scan completed. The scan did find one potential threat, which I copied from the ESET screen since I did not see it in the log.txt:
C:\Users\David\Documents\David's old docs\Archive to CD\DOS Apps and Utilities\xTree\VSCHECK.ZIP probably unknown TSR.COM.EXE virus
This is an archived file among those I had copied from my old computer and definitely was not opened or run, either on the old or new computer.
Here is the ESET log.txt
ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
Is it possible that the ESET online scanner saved a second log somewhere else on the computer? ... I certainly can't find one.
---------------------------------------------------------------
Screen317's checkup.txt:
Results of screen317's Security Check version 0.99.56
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
McAfee Anti-Virus and Anti-Spyware
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.65.1.1000
Adobe Reader 10.1.4 Adobe Reader out of Date!
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````
-
Glad the scans were OK. Question about ESET Online scanner: It alerts me that McAfee is active and that results may be affected. Do I need to shut it down? I hate to leave the computer unprotected for the duration of the scan.
-
Hi TDK,
Update: I was able to restore the proper "graphic" icons to (I think) all the icons that had reverted to generic white rectangles (there may be some I haven't thought to check). The Microsoft "fixes" which didn't work all focused on deleting and rebuilding the icon cache. I finally realized that the all files with generic icons had lost their default program associations, so I reestablished them and the proper icons were restored (embarassingly obvious fix, I suppose). I would have thought that common file types should display the proper icons even with no default program associations, so I don't know that I have fixed an underlying issue or not. Just wanted to let you know as added info to the logs I posted yesterday.
-
<p>Thanks, TDK.</p>
<p> </p>
<p>I ran OTL.exe Run Fix. Observable result was that OTL reset Windows Explorer to default views (no file extensions, hide system files, etc). However same Issues remain with file icons. </p>
<p> </p>
<p>OTL fix log (11292012_081338.log):</p>
<p> </p>
<p> All processes killed</p>
<div>========== OTL ==========</div>
<div>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!</div>
<div>HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!</div>
<div>64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.</div>
<div>Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.</div>
<div>========== COMMANDS ==========</div>
<div> </div>
<div>[EMPTYTEMP]</div>
<div> </div>
<div>User: All Users</div>
<div> </div>
<div>User: David</div>
<div>->Temp folder emptied: 23307443 bytes</div>
<div>->Temporary Internet Files folder emptied: 176098565 bytes</div>
<div>->Flash cache emptied: 2667 bytes</div>
<div> </div>
<div>User: Default</div>
<div>->Temp folder emptied: 0 bytes</div>
<div>->Temporary Internet Files folder emptied: 0 bytes</div>
<div> </div>
<div>User: Default User</div>
<div>->Temp folder emptied: 0 bytes</div>
<div>->Temporary Internet Files folder emptied: 0 bytes</div>
<div> </div>
<div>User: Public</div>
<div>->Temp folder emptied: 0 bytes</div>
<div> </div>
<div>%systemdrive% .tmp files removed: 0 bytes</div>
<div>%systemroot% .tmp files removed: 0 bytes</div>
<div>%systemroot%\System32 .tmp files removed: 0 bytes</div>
<div>%systemroot%\System32 (64bit) .tmp files removed: 0 bytes</div>
<div>%systemroot%\System32\drivers .tmp files removed: 0 bytes</div>
<div>Windows Temp folder emptied: 12102030 bytes</div>
<div>%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67563 bytes</div>
<div>RecycleBin emptied: 10926006 bytes</div>
<div> </div>
<div>Total Files Cleaned = 212.00 mb</div>
<div> </div>
<div> </div>
<div>OTL by OldTimer - Version 3.2.69.0 log created on 11292012_081338</div>
<div> </div>
<div>Files\Folders moved on Reboot...</div>
<div>C:\Users\David\AppData\Local\Temp\7zS16F7\HPSLPSVC64.DLL moved successfully.</div>
<div>C:\Users\David\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.</div>
<div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\fa9e3c814aa32db2ad5f17bdfbc22746\attributes.dll not found!</div>
<div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\f233f63b6654362865c7577442edb9e3\Win32.dll not found!</div>
<div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\eb138ef0e4282611dbf485a302784646\LibYAML.dll not found!</div>
<div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\eaeabd54205de2f10c00aea80bbf0d83\Registry.dll not found!</div>
<div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\e56c61f7248672819579325af3387035\POSIX.dll not found!</div>
<div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\e2e81dd6b3e5a36f0bdae076393cc11d\icudt46.dll not found!</div>
<div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\e2e81dd6b3e5a36f0bdae076393cc11d\icuin46.dll not found!</div>
<div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\e2e81dd6b3e5a36f0bdae076393cc11d\icuuc46.dll not found!</div>
<div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\e2e81dd6b3e5a36f0bdae076393cc11d\SQLite.dll not found!</div>
<div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\df1ba73f49c38cbbc7a11c779c3506d2\OLE.dll not found!</div>
<div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\de446fdd1ae335c7d2b9e62bb8cdf765\B.dll not found!</div>
<div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\dacfd0ab9b5fd029ed8d29e4482b0775\XS.dll not found!</div>
<div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\d1e7c33431cd8713f2ce3582829a8b14\Socket.dll not found!</div>
<div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\d1c77e404b5c4b954fa537ed63c8fb7b\File.dll not found!</div>
<div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\d10c2c06ba2044cccc247c4315f5c7d3\Process.dll not found!</div>
<div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\d0bf009923f29116535c26d228271d6d\Scan.dll not found!</div>
<div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\cf5fe81e2f5dcbfecfd0495e1648c991\Unicode.dll not found!</div>
<div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\c668a322917d32a5ea22894518aa9897\Base64.dll not found!</div>
<div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\c5cce8d16a1bd48692b421dcf46d3396\Util.dll not found!</div>
<div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\c344fd5536724b2af2e6453833b60203\SHA1.dll not found!</div>
<div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\c19d5e3dc664d9f4ce700001e2621cee\MD5.dll not found!</div>
<div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\c199d3c1960e7aeeecb599487952bed2\HiRes.dll not found!</div>
<div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\bd5179a413bc0c4b82eedc22c6cab101\re.dll not found!</div>
<div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\bc147d83c7c868eeee67082dcf55430c\File.dll not found!</div>
<div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\b979ace6da01e63d651cce9ee2474fdc\Name.dll not found!</div>
<div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\b6bd87c968599725b8ab2e5c25d3046a\API.dll not found!</div>
<div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\aff7ee779ea184f884ed432c30a58f5d\Scale.dll not found!</div>
<div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\961b0d62fa52b1dd29c795a822fbf1cf\DBI.dll not found!</div>
<div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\8fedeb86a4a984edfc1fb255d4ea965c\XS.dll not found!</div>
<div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\7f2598c08178217a0e2c754f3d568f28\Byte.dll not found!</div>
<div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\7f177c338672436e01c4f0bdbcf94491\EV.dll not found!</div>
<div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\7ef0d901bf4203fbcf7a0fff0e82aa5f\Encode.dll not found!</div>
<div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\60ff464e01c2cd5526dbdad5a125081d\Dumper.dll not found!</div>
<div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\5ffd05b2cbd58528e56519784ca9c869\Hostname.dll not found!</div>
<div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\4f2c03383aab0133b8dc0a3fa2dd92fa\Storable.dll not found!</div>
<div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\44727051c604ef6b79894b64d4c63832\Expat.dll not found!</div>
<div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\4461f48e31bde5c56b31b973b773de09\List.dll not found!</div>
<div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\3b7106dd14676048b10bbb09a990f74c\XS.dll not found!</div>
<div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\3a8764e0d7c5d453e01d9ad08cf7fb58\IO.dll not found!</div>
<div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\3a7ccbf8181ee5a145227a6dfce3594c\WinError.dll not found!</div>
<div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\38a10ee333cf1a9afec3f0acdf1bbebc\Scan.dll not found!</div>
<div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\32785c19dc6898fbbbf06f3b776edd08\Fcntl.dll not found!</div>
<div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\31638f63e39b38d3e250a9a57cb9d1c5\Cwd.dll not found!</div>
<div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\2b1fc61b36a6711ea149b18bf3b41500\Parser.dll not found!</div>
<div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\19febd96672ffdb7ea244cef36aaa062\Zlib.dll not found!</div>
<div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\17d0b152e63e6bfe81b4b19588538896\mro.dll not found!</div>
<div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\0665c25e931c1ac0151b062449e91028\XSAccessor.dll not found!</div>
<div>File\Folder C:\Windows\temp\pdk-SYSTEM-1288\perl514.dll not found!</div>
<div> </div>
<div>PendingFileRenameOperations files...</div>
<div> </div>
<div>Registry entries deleted on Reboot...</div>
-
OTL.txt part 2:
[2012/11/02 16:49:18 | 000,080,984 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBWrp64.dll
[2012/11/02 16:49:18 | 000,065,112 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBppld64.dll
[2012/11/02 16:49:18 | 000,060,504 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBPPCn64.dll
[2012/11/02 16:49:17 | 005,996,376 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek.dll
[2012/11/02 16:49:17 | 002,131,288 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2012/11/02 16:49:17 | 001,247,576 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek264.dll
[2012/11/02 16:49:17 | 000,955,736 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll
[2012/11/02 16:49:17 | 000,569,688 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO4064.dll
[2012/11/02 16:49:17 | 000,341,336 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll
[2012/11/02 16:49:17 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2012/11/02 16:49:15 | 002,528,832 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2012/11/02 16:49:15 | 001,756,264 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
[2012/11/02 16:49:15 | 001,568,360 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
[2012/11/02 16:49:15 | 001,486,952 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
[2012/11/02 16:49:15 | 000,728,680 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
[2012/11/02 16:49:15 | 000,712,296 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll
[2012/11/02 16:49:15 | 000,693,352 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
[2012/11/02 16:49:15 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
[2012/11/02 16:49:15 | 000,432,744 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
[2012/11/02 16:49:15 | 000,428,648 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
[2012/11/02 16:49:15 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
[2012/11/02 16:49:15 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
[2012/11/02 16:49:15 | 000,241,768 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll
[2012/11/02 16:49:15 | 000,108,960 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll
[2012/11/02 16:49:14 | 000,200,800 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
[2012/11/02 16:49:10 | 004,353,536 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdag.dll
[2012/11/02 16:49:10 | 004,189,184 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdva.dll
[2012/11/02 16:49:10 | 001,828,864 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdmv.dll
[2012/11/02 16:49:10 | 001,113,088 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6v.dll
[2012/11/02 16:49:10 | 000,278,528 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\Oemdspif.dll
[2012/11/02 16:49:10 | 000,093,712 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\AtihdW76.sys
[2012/11/02 16:49:10 | 000,058,880 | ---- | C] (AMD) -- C:\Windows\SysNative\coinst.dll
[2012/11/02 16:49:10 | 000,040,960 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiuxp64.dll
[2012/11/02 16:49:10 | 000,031,744 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiuxpag.dll
[2012/11/02 16:49:09 | 018,757,120 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atioglxx.dll
[2012/11/02 16:49:09 | 005,510,144 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd64.dll
[2012/11/02 16:49:09 | 004,044,288 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6a.dll
[2012/11/02 16:49:09 | 000,423,424 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atipdl64.dll
[2012/11/02 16:49:09 | 000,356,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\atipdlxx.dll
[2012/11/02 16:49:09 | 000,332,800 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\ATIODE.exe
[2012/11/02 16:49:09 | 000,120,320 | ---- | C] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2012/11/02 16:49:09 | 000,051,200 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\ATIODCLI.exe
[2012/11/02 16:49:09 | 000,038,912 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiu9p64.dll
[2012/11/02 16:49:09 | 000,029,184 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiu9pag.dll
[2012/11/02 16:49:08 | 024,866,816 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atio6axx.dll
[2012/11/02 16:49:08 | 000,326,656 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpag.sys
[2012/11/02 16:49:08 | 000,054,784 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atimpc64.dll
[2012/11/02 16:49:08 | 000,054,784 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdpcom64.dll
[2012/11/02 16:49:08 | 000,053,760 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atimpc32.dll
[2012/11/02 16:49:08 | 000,053,760 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdpcom32.dll
[2012/11/02 16:49:08 | 000,021,504 | ---- | C] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2012/11/02 16:49:07 | 010,496,512 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\atikmdag.sys
[2012/11/02 16:49:07 | 000,517,120 | ---- | C] (AMD) -- C:\Windows\SysNative\atieclxx.exe
[2012/11/02 16:49:07 | 000,204,288 | ---- | C] (AMD) -- C:\Windows\SysNative\atiesrxx.exe
[2012/11/02 16:49:07 | 000,059,392 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atiedu64.dll
[2012/11/02 16:49:07 | 000,039,936 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6txx.dll
[2012/11/02 16:49:07 | 000,032,768 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atigktxx.dll
[2012/11/02 16:49:07 | 000,017,408 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6pxx.dll
[2012/11/02 16:49:07 | 000,014,336 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiglpxx.dll
[2012/11/02 16:49:07 | 000,014,336 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiglpxx.dll
[2012/11/02 16:49:06 | 005,041,664 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atidxx64.dll
[2012/11/02 16:49:06 | 004,292,096 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atidxx32.dll
[2012/11/02 16:49:06 | 000,892,416 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\aticfx64.dll
[2012/11/02 16:49:06 | 000,748,544 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\aticfx32.dll
[2012/11/02 16:49:06 | 000,466,944 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\ATIDEMGX.dll
[2012/11/02 16:49:06 | 000,051,200 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalrt64.dll
[2012/11/02 16:49:06 | 000,046,080 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalrt.dll
[2012/11/02 16:49:05 | 009,978,880 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticaldd64.dll
[2012/11/02 16:49:05 | 008,449,024 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticaldd.dll
[2012/11/02 16:49:05 | 000,486,912 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiadlxx.dll
[2012/11/02 16:49:05 | 000,339,968 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxy.dll
[2012/11/02 16:49:05 | 000,159,744 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiapfxx.exe
[2012/11/02 16:49:05 | 000,118,784 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atibtmon.exe
[2012/11/02 16:49:05 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\ati2erec.dll
[2012/11/02 16:49:05 | 000,044,544 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalcl64.dll
[2012/11/02 16:49:05 | 000,044,032 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalcl.dll
[2012/11/02 16:49:05 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\ati2edxx.dll
[2012/11/02 16:47:54 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012/11/02 16:47:54 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012/11/02 16:47:54 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012/11/02 16:47:54 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012/11/02 16:47:54 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012/11/02 16:47:54 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012/11/02 16:47:54 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012/11/02 16:47:54 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012/11/02 16:47:54 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012/11/02 16:47:54 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012/11/02 16:47:54 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012/11/02 16:47:54 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012/11/02 16:47:54 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012/11/02 16:47:54 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012/11/02 16:47:54 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012/11/02 16:47:54 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012/11/02 16:47:54 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012/11/02 16:47:54 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012/11/02 16:47:54 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012/11/02 16:47:54 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012/11/02 16:47:54 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012/11/02 16:47:54 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012/11/02 16:47:54 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012/11/02 16:47:54 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012/11/02 16:47:54 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012/11/02 16:47:54 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012/11/02 16:47:54 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012/11/02 16:47:54 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012/11/02 16:47:54 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012/11/02 16:47:54 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012/11/02 16:47:54 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012/11/02 16:47:54 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012/11/02 16:47:54 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012/11/02 16:47:54 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012/11/02 16:47:54 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012/11/02 16:47:54 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012/11/02 16:47:54 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012/11/02 16:47:54 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012/11/02 16:47:54 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012/11/02 16:47:54 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012/11/02 16:47:54 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012/11/02 16:47:54 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012/11/02 16:47:54 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012/11/02 16:47:54 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012/11/02 16:47:54 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012/11/02 16:47:54 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012/11/02 16:47:54 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012/11/02 16:47:54 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012/11/02 16:47:54 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012/11/02 16:47:54 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012/11/02 16:47:54 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012/11/02 16:47:54 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012/11/02 16:47:54 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012/11/02 16:47:54 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012/11/02 16:47:54 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012/11/02 16:47:54 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012/11/02 16:47:54 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012/11/02 16:45:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\oem
[2012/11/02 16:45:50 | 000,000,000 | ---D | C] -- C:\Drivers
[2012/11/02 15:46:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Atheros
[2012/11/02 15:40:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel Corporation
[2012/11/02 15:37:29 | 000,010,288 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfeclnk.sys
[2012/11/02 15:37:27 | 000,177,144 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\mfevtps.exe
[2012/11/02 15:37:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\mcafee.com
[2012/11/02 15:37:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\mcafee
[2012/11/02 15:37:22 | 000,000,000 | ---D | C] -- C:\Program Files\mcafee.com
[2012/11/02 15:37:22 | 000,000,000 | ---D | C] -- C:\Program Files\mcafee
[2012/11/02 15:37:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee
[2012/11/02 15:37:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\mcafee
[2012/11/02 15:37:21 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2012/11/02 15:37:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012/11/02 15:37:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2012/11/02 15:37:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2012/11/02 15:36:02 | 000,000,000 | ---D | C] -- C:\Windows\en
[2012/11/02 15:35:42 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[2012/11/02 15:35:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2012/11/02 15:35:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2012/11/02 15:35:04 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2012/11/02 15:34:38 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2012/11/02 15:34:35 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2012/11/02 15:34:35 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2012/11/02 15:34:35 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2012/11/02 15:34:35 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2012/11/02 15:33:36 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2012/11/02 15:33:36 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2012/11/02 15:32:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012/11/02 15:32:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2012/11/02 15:32:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2012/11/02 15:31:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2012/11/02 15:31:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\eBay
[2012/11/02 15:31:14 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2012/11/02 15:31:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/11/02 15:31:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012/11/02 15:30:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012/11/02 15:28:44 | 000,151,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WimFltr.sys
[2012/11/02 15:28:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
[2012/11/02 15:28:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HotSpot
[2012/11/02 15:28:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atheros Smart Net
[2012/11/02 15:26:14 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BT Program
[2012/11/02 15:26:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Atheros
[2012/11/02 15:25:57 | 002,797,056 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\athrx.sys
[2012/11/02 15:25:57 | 002,797,056 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\athrx.sys
[2012/11/02 15:25:57 | 000,442,528 | ---- | C] (Atheros) -- C:\Windows\SysNative\athihvs.dll
[2012/11/02 15:25:57 | 000,063,648 | ---- | C] (Atheros) -- C:\Windows\SysNative\athihvui.dll
[2012/11/02 15:25:57 | 000,000,000 | ---D | C] -- C:\Windows\Options
[2012/11/02 15:25:57 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\nn-NO
[2012/11/02 15:25:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dell Wireless
[2012/11/02 15:25:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco
[2012/11/02 15:25:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Dell
[2012/11/02 15:25:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Multimedia Card Reader(9106)
[2012/11/02 15:24:17 | 000,041,984 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\USB3Ver.dll
[2012/11/02 15:24:16 | 001,721,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WdfCoInstaller01009.dll
[2012/11/02 15:24:16 | 000,787,736 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iusb3xhc.sys
[2012/11/02 15:24:16 | 000,356,120 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iusb3hub.sys
[2012/11/02 15:24:16 | 000,016,152 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iusb3hcs.sys
[2012/11/02 15:24:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2012/11/02 15:23:34 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2012/11/02 15:23:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent
[2012/11/02 15:23:28 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
[2012/11/02 15:21:05 | 000,000,000 | ---D | C] -- C:\Intel
[2012/11/02 15:21:04 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2012/11/02 15:21:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2012/11/02 15:21:03 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012/11/02 15:21:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2012/11/02 15:21:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2012/11/02 15:20:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2012/11/02 15:20:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2012/11/02 15:20:44 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2012/11/02 15:11:05 | 000,426,184 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/11/02 15:11:05 | 000,070,344 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/11/02 15:11:05 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2012/11/02 15:11:04 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012/11/02 15:11:03 | 000,000,000 | ---D | C] -- C:\Program Files\Dell Inc
[2012/11/02 15:08:54 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2012/11/02 15:08:54 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2012/11/02 15:08:43 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012/10/31 15:10:00 | 000,829,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcr100.dll
[2012/10/31 15:10:00 | 000,773,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr100.dll
[2012/10/31 15:10:00 | 000,421,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp100.dll
[2012/10/31 15:10:00 | 000,158,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\atl100.dll
[2012/10/31 15:10:00 | 000,138,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\atl100.dll
========== Files - Modified Within 30 Days ==========
[2012/11/28 08:04:58 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/11/28 08:04:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/11/28 08:02:24 | 012,961,620 | ---- | M] () -- C:\Users\David\Desktop\mbar-1.01.0.1009.zip
[2012/11/28 08:02:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\David\Desktop\OTL.exe
[2012/11/27 09:34:02 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/11/27 09:34:02 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/11/27 09:31:01 | 000,782,986 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/11/27 09:31:01 | 000,663,010 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/11/27 09:31:01 | 000,121,878 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/11/27 09:26:29 | 2116,730,879 | -HS- | M] () -- C:\hiberfil.sys
[2012/11/27 01:45:02 | 000,752,128 | ---- | M] () -- C:\Users\David\Desktop\RogueKiller.exe
[2012/11/26 17:42:45 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/11/26 13:46:43 | 000,292,213 | ---- | M] () -- C:\Users\David\Desktop\12402(023)D Kaplan 11-20-12 annotated.pdf
[2012/11/26 13:10:00 | 000,288,172 | ---- | M] () -- C:\Users\David\Desktop\12402(023)D Kaplan 11-20-12.pdf
[2012/11/26 12:59:42 | 000,314,487 | ---- | M] () -- C:\Users\David\Desktop\Eudoxie_Intake_pdf.pdf
[2012/11/26 06:19:59 | 000,002,066 | ---- | M] () -- C:\Users\David\Desktop\Logitech Control Panel.lnk
[2012/11/26 06:02:42 | 000,001,558 | ---- | M] () -- C:\Users\David\Desktop\Receipts 2012.lnk
[2012/11/26 06:02:42 | 000,001,445 | ---- | M] () -- C:\Users\David\Desktop\DVD Copy software.lnk
[2012/11/26 06:02:42 | 000,001,436 | ---- | M] () -- C:\Users\David\Desktop\System Utilities.lnk
[2012/11/26 06:02:42 | 000,001,373 | ---- | M] () -- C:\Users\David\Desktop\home tech.lnk
[2012/11/26 06:02:42 | 000,001,344 | ---- | M] () -- C:\Users\David\Desktop\Travel.lnk
[2012/11/26 06:02:42 | 000,001,335 | ---- | M] () -- C:\Users\David\Desktop\To Do.lnk
[2012/11/26 06:02:42 | 000,001,333 | ---- | M] () -- C:\Users\David\Desktop\Music.lnk
[2012/11/26 06:02:42 | 000,001,211 | ---- | M] () -- C:\Users\David\Desktop\Downloads.lnk
[2012/11/25 12:01:35 | 000,000,862 | ---- | M] () -- C:\Users\Public\Desktop\FreeFileSync.lnk
[2012/11/24 23:18:59 | 000,000,846 | ---- | M] () -- C:\Users\David\Desktop\RarZilla.lnk
[2012/11/24 17:22:46 | 000,000,259 | ---- | M] () -- C:\Users\David\Desktop\associate Edit with Notepad.url
[2012/11/24 09:35:04 | 000,001,340 | ---- | M] () -- C:\Users\David\Desktop\Everything Indexer.lnk
[2012/11/20 15:52:36 | 000,001,687 | ---- | M] () -- C:\Users\David\Desktop\recently played music.lnk
[2012/11/19 23:02:00 | 000,000,787 | ---- | M] () -- C:\Users\David\Desktop\mp3DirectCut.lnk
[2012/11/19 20:39:46 | 000,000,126 | ---- | M] () -- C:\Users\David\Desktop\RareWares.url
[2012/11/19 19:48:56 | 000,001,013 | ---- | M] () -- C:\Users\David\Desktop\Audacity.lnk
[2012/11/19 18:41:19 | 000,000,683 | ---- | M] () -- C:\Users\David\Desktop\pathlen.exe.lnk
[2012/11/19 18:35:35 | 000,001,134 | ---- | M] () -- C:\Users\David\Desktop\UniExtractor.lnk
[2012/11/19 18:32:07 | 000,001,193 | ---- | M] () -- C:\Users\David\Desktop\CDWav.exe.lnk
[2012/11/18 23:55:43 | 000,001,153 | ---- | M] () -- C:\Users\David\Desktop\Tagscan.exe.lnk
[2012/11/18 23:14:36 | 000,001,896 | ---- | M] () -- C:\Users\David\Desktop\IrfanView Thumbnails.lnk
[2012/11/18 23:14:36 | 000,001,004 | ---- | M] () -- C:\Users\David\Desktop\IrfanView.lnk
[2012/11/18 22:29:11 | 000,001,076 | ---- | M] () -- C:\Users\Public\Desktop\Exact Audio Copy.lnk
[2012/11/18 11:35:00 | 000,795,928 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/11/17 11:11:57 | 003,845,654 | ---- | M] () -- C:\Users\Public\Documents\abutters.pdf
[2012/11/15 00:27:02 | 000,001,139 | ---- | M] () -- C:\Users\David\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk
[2012/11/15 00:11:53 | 000,413,312 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/11/14 15:00:31 | 000,001,269 | ---- | M] () -- C:\Users\David\Desktop\Local - App Data.lnk
[2012/11/14 00:56:02 | 000,001,058 | ---- | M] () -- C:\Users\David\Desktop\Logitech Media Server.lnk
[2012/11/14 00:41:27 | 000,001,060 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech Media Server Tray Tool.lnk
[2012/11/13 19:56:09 | 000,002,216 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Google Calendar Sync.lnk
[2012/11/12 17:16:08 | 014,492,672 | ---- | M] () -- C:\Users\David\Documents\calendar.pst
[2012/11/12 10:45:48 | 000,170,095 | ---- | M] () -- C:\Users\Public\Documents\bookmarks_11_12_12.html
[2012/11/11 17:51:50 | 000,002,977 | ---- | M] () -- C:\Users\David\Desktop\Family.lnk
[2012/11/11 17:24:41 | 000,001,013 | ---- | M] () -- C:\Users\David\Desktop\David.lnk
[2012/11/10 18:09:42 | 000,001,443 | ---- | M] () -- C:\Users\David\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/11/10 17:42:44 | 000,108,227 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012/11/10 17:42:44 | 000,108,227 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2012/11/02 17:06:20 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2012/11/02 17:06:05 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012/11/02 17:03:41 | 000,030,752 | RH-- | M] () -- C:\dell.sdr
[2012/11/02 17:01:02 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2012/11/02 17:01:02 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2012/11/02 17:01:01 | 002,315,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2012/11/02 17:01:01 | 002,223,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2012/11/02 17:01:01 | 001,549,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2012/11/02 17:01:01 | 001,401,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2012/11/02 17:01:01 | 000,778,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2012/11/02 17:01:01 | 000,666,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2012/11/02 17:01:01 | 000,491,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2012/11/02 17:01:01 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2012/11/02 17:01:01 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2012/11/02 17:01:01 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2012/11/02 17:01:01 | 000,113,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2012/11/02 17:01:01 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2012/11/02 17:01:01 | 000,059,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2012/11/02 17:01:00 | 000,476,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2012/11/02 17:01:00 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2012/11/02 17:00:59 | 001,395,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2012/11/02 17:00:59 | 001,359,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2012/11/02 17:00:59 | 001,164,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2012/11/02 17:00:59 | 001,137,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2012/11/02 17:00:59 | 000,613,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2012/11/02 17:00:59 | 000,465,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2012/11/02 17:00:59 | 000,108,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2012/11/02 17:00:59 | 000,075,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2012/11/02 17:00:59 | 000,027,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2012/11/02 17:00:58 | 000,509,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2012/11/02 17:00:58 | 000,367,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2012/11/02 17:00:58 | 000,294,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2012/11/02 17:00:58 | 000,252,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2012/11/02 17:00:58 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2012/11/02 17:00:58 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2012/11/02 17:00:58 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2012/11/02 17:00:58 | 000,070,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2012/11/02 17:00:58 | 000,046,080 | ---- | M] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2012/11/02 17:00:58 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2012/11/02 17:00:58 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2012/11/02 17:00:58 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2012/11/02 17:00:58 | 000,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012/11/02 17:00:57 | 002,871,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2012/11/02 17:00:57 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2012/11/02 17:00:57 | 000,902,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2012/11/02 17:00:57 | 000,723,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2012/11/02 17:00:57 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2012/11/02 17:00:57 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012/11/02 17:00:57 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012/11/02 17:00:56 | 003,216,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2012/11/02 17:00:55 | 000,515,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2012/11/02 17:00:55 | 000,478,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2012/11/02 17:00:55 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012/11/02 17:00:55 | 000,023,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012/11/02 17:00:54 | 001,133,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012/11/02 17:00:54 | 000,805,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012/11/02 17:00:53 | 001,731,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012/11/02 17:00:53 | 001,572,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012/11/02 17:00:53 | 001,328,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012/11/02 17:00:53 | 001,118,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2012/11/02 17:00:53 | 000,961,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2012/11/02 17:00:53 | 000,861,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2012/11/02 17:00:53 | 000,850,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2012/11/02 17:00:53 | 000,642,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2012/11/02 17:00:53 | 000,331,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2012/11/02 17:00:53 | 000,319,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2012/11/02 17:00:53 | 000,259,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2012/11/02 17:00:53 | 000,212,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2012/11/02 17:00:53 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2012/11/02 17:00:53 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2012/11/02 17:00:53 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2012/11/02 17:00:53 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012/11/02 17:00:53 | 000,122,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2012/11/02 17:00:53 | 000,106,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2012/11/02 17:00:53 | 000,106,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2012/11/02 17:00:53 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2012/11/02 17:00:53 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2012/11/02 17:00:53 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012/11/02 17:00:53 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012/11/02 17:00:52 | 002,565,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2012/11/02 17:00:52 | 001,699,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2012/11/02 17:00:52 | 001,544,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012/11/02 17:00:52 | 000,634,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012/11/02 17:00:52 | 000,189,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2012/11/02 17:00:52 | 000,107,904 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2012/11/02 17:00:52 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2012/11/02 17:00:52 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2012/11/02 17:00:52 | 000,027,008 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2012/11/02 17:00:52 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2012/11/02 17:00:52 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2012/11/02 17:00:51 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2012/11/02 17:00:51 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2012/11/02 17:00:51 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
[2012/11/02 17:00:51 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2012/11/02 17:00:51 | 000,007,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2012/11/02 17:00:50 | 003,958,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WinSAT.exe
[2012/11/02 17:00:50 | 000,642,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2012/11/02 17:00:50 | 000,605,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2012/11/02 17:00:50 | 000,566,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2012/11/02 17:00:50 | 000,518,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2012/11/02 17:00:50 | 000,357,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2012/11/02 17:00:50 | 000,257,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll
[2012/11/02 17:00:50 | 000,246,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\input.dll
[2012/11/02 17:00:50 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\input.dll
[2012/11/02 17:00:50 | 000,196,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll
[2012/11/02 17:00:50 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2012/11/02 17:00:50 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2012/11/02 17:00:50 | 000,020,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2012/11/02 17:00:50 | 000,019,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2012/11/02 17:00:50 | 000,017,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2012/11/02 17:00:49 | 000,800,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2012/11/02 17:00:49 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINTAM.DLL
[2012/11/02 17:00:49 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINMAL.DLL
[2012/11/02 17:00:49 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINDEV.DLL
[2012/11/02 17:00:49 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINBEN.DLL
[2012/11/02 17:00:49 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINTEL.DLL
[2012/11/02 17:00:49 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINTAM.DLL
[2012/11/02 17:00:49 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINPUN.DLL
[2012/11/02 17:00:49 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINORI.DLL
[2012/11/02 17:00:49 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINORI.DLL
[2012/11/02 17:00:49 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINMAR.DLL
[2012/11/02 17:00:49 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINMAR.DLL
[2012/11/02 17:00:49 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINMAL.DLL
[2012/11/02 17:00:49 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINKAN.DLL
[2012/11/02 17:00:49 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINKAN.DLL
[2012/11/02 17:00:49 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINHIN.DLL
[2012/11/02 17:00:49 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINHIN.DLL
[2012/11/02 17:00:49 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINGUJ.DLL
[2012/11/02 17:00:49 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINEN.DLL
[2012/11/02 17:00:49 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINDEV.DLL
[2012/11/02 17:00:49 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINBEN.DLL
[2012/11/02 17:00:49 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINBE2.DLL
[2012/11/02 17:00:49 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINBE1.DLL
[2012/11/02 17:00:49 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINASA.DLL
[2012/11/02 17:00:49 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINTEL.DLL
[2012/11/02 17:00:49 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINPUN.DLL
[2012/11/02 17:00:49 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINGUJ.DLL
[2012/11/02 17:00:49 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINBE2.DLL
[2012/11/02 17:00:49 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINBE1.DLL
[2012/11/02 17:00:49 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINASA.DLL
[2012/11/02 17:00:47 | 001,031,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012/11/02 17:00:47 | 000,826,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012/11/02 16:48:21 | 000,003,412 | ---- | M] () -- C:\Windows\SysWow64\drivers\1028_Dell_XPS_8500.mrk
[2012/11/02 16:48:21 | 000,003,412 | ---- | M] () -- C:\Windows\SysNative\drivers\1028_Dell_XPS_8500.mrk
[2012/11/02 16:47:54 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012/11/02 16:47:54 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012/11/02 16:47:54 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012/11/02 16:47:54 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012/11/02 16:47:54 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012/11/02 16:47:54 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012/11/02 16:47:54 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012/11/02 16:47:54 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012/11/02 16:47:54 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012/11/02 16:47:54 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012/11/02 16:47:54 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012/11/02 16:47:54 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012/11/02 16:47:54 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012/11/02 16:47:54 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012/11/02 16:47:54 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012/11/02 16:47:54 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012/11/02 16:47:54 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012/11/02 16:47:54 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012/11/02 16:47:54 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012/11/02 16:47:54 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012/11/02 16:47:54 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012/11/02 16:47:54 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012/11/02 16:47:54 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012/11/02 16:47:54 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012/11/02 16:47:54 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012/11/02 16:47:54 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012/11/02 16:47:54 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012/11/02 16:47:54 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012/11/02 16:47:54 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012/11/02 16:47:54 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012/11/02 16:47:54 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012/11/02 16:47:54 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012/11/02 16:47:54 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012/11/02 16:47:54 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012/11/02 16:47:54 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012/11/02 16:47:54 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012/11/02 16:47:54 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012/11/02 16:47:54 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012/11/02 16:47:54 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012/11/02 16:47:54 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012/11/02 16:47:54 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012/11/02 16:47:54 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012/11/02 16:47:54 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012/11/02 16:47:54 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/11/02 16:47:54 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2012/11/02 16:47:54 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012/11/02 16:47:54 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012/11/02 16:47:54 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012/11/02 16:47:54 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012/11/02 16:47:54 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012/11/02 16:47:54 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012/11/02 16:47:54 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012/11/02 16:47:54 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012/11/02 16:47:54 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012/11/02 16:47:54 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012/11/02 16:47:54 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012/11/02 16:47:54 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012/11/02 16:47:54 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012/11/02 16:47:54 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012/11/02 15:40:24 | 001,070,632 | ---- | M] () -- C:\Windows\SysNative\chklogo6.wtl
[2012/11/02 15:27:42 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_btath_hcrp_01009.Wdf
[2012/11/02 15:26:18 | 000,246,804 | ---- | M] () -- C:\Windows\SysNative\drivers\AtherosBt.bin
[2012/11/02 15:26:18 | 000,001,796 | ---- | M] () -- C:\Windows\SysNative\drivers\ramps_0x11020000_40.dfu
[2012/11/02 15:26:18 | 000,001,242 | ---- | M] () -- C:\Windows\SysNative\drivers\ramps_0x01020200_40_0x01.dfu
[2012/11/02 15:26:18 | 000,001,214 | ---- | M] () -- C:\Windows\SysNative\drivers\ramps_0x01020200_40_0x03.dfu
[2012/11/02 15:26:18 | 000,001,204 | ---- | M] () -- C:\Windows\SysNative\drivers\ramps_0x01020200_40_0x02.dfu
[2012/11/02 15:26:18 | 000,001,204 | ---- | M] () -- C:\Windows\SysNative\drivers\ramps_0x01020200_40.dfu
[2012/11/02 15:26:18 | 000,001,198 | ---- | M] () -- C:\Windows\SysNative\drivers\ramps_0x01020200_26.dfu
[2012/11/02 15:26:18 | 000,001,192 | ---- | M] () -- C:\Windows\SysNative\drivers\ramps_0x01020200_26_0x01.dfu
[2012/11/02 15:24:24 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iusb3hcs_01009.Wdf
[2012/11/02 15:11:05 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/11/02 15:11:05 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/11/02 15:07:55 | 000,164,480 | ---- | M] () -- C:\Windows\SysNative\drivers\RTWAVES40.dat
[2012/10/31 15:10:00 | 000,829,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msvcr100.dll
[2012/10/31 15:10:00 | 000,773,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr100.dll
[2012/10/31 15:10:00 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp100.dll
[2012/10/31 15:10:00 | 000,158,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\atl100.dll
[2012/10/31 15:10:00 | 000,138,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\atl100.dll
========== Files Created - No Company Name ==========
[2012/11/28 08:37:13 | 012,961,620 | ---- | C] () -- C:\Users\David\Desktop\mbar-1.01.0.1009.zip
[2012/11/27 09:27:26 | 000,752,128 | ---- | C] () -- C:\Users\David\Desktop\RogueKiller.exe
[2012/11/26 17:42:45 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/11/26 13:46:43 | 000,292,213 | ---- | C] () -- C:\Users\David\Desktop\12402(023)D Kaplan 11-20-12 annotated.pdf
[2012/11/26 13:10:00 | 000,288,172 | ---- | C] () -- C:\Users\David\Desktop\12402(023)D Kaplan 11-20-12.pdf
[2012/11/26 12:59:42 | 000,314,487 | ---- | C] () -- C:\Users\David\Desktop\Eudoxie_Intake_pdf.pdf
[2012/11/25 12:01:35 | 000,000,862 | ---- | C] () -- C:\Users\Public\Desktop\FreeFileSync.lnk
[2012/11/24 23:17:11 | 000,000,846 | ---- | C] () -- C:\Users\David\Desktop\RarZilla.lnk
[2012/11/24 17:22:46 | 000,000,259 | ---- | C] () -- C:\Users\David\Desktop\associate Edit with Notepad.url
[2012/11/24 09:33:33 | 000,001,340 | ---- | C] () -- C:\Users\David\Desktop\Everything Indexer.lnk
[2012/11/19 20:39:46 | 000,000,126 | ---- | C] () -- C:\Users\David\Desktop\RareWares.url
[2012/11/19 19:48:56 | 000,001,025 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
[2012/11/19 19:48:56 | 000,001,013 | ---- | C] () -- C:\Users\David\Desktop\Audacity.lnk
[2012/11/19 19:29:08 | 000,000,787 | ---- | C] () -- C:\Users\David\Desktop\mp3DirectCut.lnk
[2012/11/19 18:41:19 | 000,000,683 | ---- | C] () -- C:\Users\David\Desktop\pathlen.exe.lnk
[2012/11/19 18:35:35 | 000,001,134 | ---- | C] () -- C:\Users\David\Desktop\UniExtractor.lnk
[2012/11/19 18:32:07 | 000,001,193 | ---- | C] () -- C:\Users\David\Desktop\CDWav.exe.lnk
[2012/11/18 23:55:43 | 000,001,153 | ---- | C] () -- C:\Users\David\Desktop\Tagscan.exe.lnk
[2012/11/18 23:14:36 | 000,001,896 | ---- | C] () -- C:\Users\David\Desktop\IrfanView Thumbnails.lnk
[2012/11/18 23:14:36 | 000,001,004 | ---- | C] () -- C:\Users\David\Desktop\IrfanView.lnk
[2012/11/18 22:29:11 | 000,001,076 | ---- | C] () -- C:\Users\Public\Desktop\Exact Audio Copy.lnk
[2012/11/17 11:18:41 | 003,845,654 | ---- | C] () -- C:\Users\Public\Documents\abutters.pdf
[2012/11/16 09:30:11 | 000,002,066 | ---- | C] () -- C:\Users\David\Desktop\Logitech Control Panel.lnk
[2012/11/15 14:01:51 | 000,087,152 | ---- | C] () -- C:\Windows\SysNative\cpwmon64.dll
[2012/11/15 00:09:09 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012/11/15 00:05:20 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012/11/14 20:50:08 | 000,001,119 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\foobar2000.lnk
[2012/11/14 15:00:31 | 000,001,269 | ---- | C] () -- C:\Users\David\Desktop\Local - App Data.lnk
[2012/11/14 00:41:27 | 000,001,060 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech Media Server Tray Tool.lnk
[2012/11/14 00:41:27 | 000,001,058 | ---- | C] () -- C:\Users\David\Desktop\Logitech Media Server.lnk
[2012/11/13 19:56:09 | 000,002,216 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Google Calendar Sync.lnk
[2012/11/12 15:38:24 | 014,492,672 | ---- | C] () -- C:\Users\David\Documents\calendar.pst
[2012/11/12 12:58:13 | 000,001,139 | ---- | C] () -- C:\Users\David\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk
[2012/11/12 12:44:55 | 000,015,360 | ---- | C] () -- C:\Windows\SysWow64\CNC1743D.TBL
[2012/11/12 10:45:39 | 000,170,095 | ---- | C] () -- C:\Users\Public\Documents\bookmarks_11_12_12.html
[2012/11/11 17:51:50 | 000,002,977 | ---- | C] () -- C:\Users\David\Desktop\Family.lnk
[2012/11/11 17:24:41 | 000,001,013 | ---- | C] () -- C:\Users\David\Desktop\David.lnk
[2012/11/11 17:24:09 | 000,001,211 | ---- | C] () -- C:\Users\David\Desktop\Downloads.lnk
[2012/11/11 17:07:16 | 000,001,373 | ---- | C] () -- C:\Users\David\Desktop\home tech.lnk
[2012/11/11 17:02:38 | 000,001,445 | ---- | C] () -- C:\Users\David\Desktop\DVD Copy software.lnk
[2012/11/11 17:02:21 | 000,001,344 | ---- | C] () -- C:\Users\David\Desktop\Travel.lnk
[2012/11/11 17:02:12 | 000,001,335 | ---- | C] () -- C:\Users\David\Desktop\To Do.lnk
[2012/11/11 17:01:48 | 000,001,436 | ---- | C] () -- C:\Users\David\Desktop\System Utilities.lnk
[2012/11/11 17:01:36 | 000,001,558 | ---- | C] () -- C:\Users\David\Desktop\Receipts 2012.lnk
[2012/11/11 17:01:04 | 000,001,687 | ---- | C] () -- C:\Users\David\Desktop\recently played music.lnk
[2012/11/11 17:00:11 | 000,001,333 | ---- | C] () -- C:\Users\David\Desktop\Music.lnk
[2012/11/11 08:23:59 | 000,065,645 | ---- | C] () -- C:\Users\David\Documents\1126 Oakhurst St..pdf
[2012/11/11 08:23:59 | 000,005,759 | ---- | C] () -- C:\Users\David\Documents\as of Jan 22 10.Theme
[2012/11/11 08:23:59 | 000,005,747 | ---- | C] () -- C:\Users\David\Documents\Lara1.Theme
[2012/11/11 08:23:59 | 000,005,742 | ---- | C] () -- C:\Users\David\Documents\Lara.theme
[2012/11/10 22:37:08 | 000,000,487 | ---- | C] () -- C:\Users\David\Documents\old D4600 deskktop.lnk
[2012/11/10 18:09:42 | 000,001,443 | ---- | C] () -- C:\Users\David\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/11/10 18:00:31 | 000,001,415 | ---- | C] () -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012/11/10 18:00:29 | 000,001,449 | ---- | C] () -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/11/10 17:55:53 | 000,001,979 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Help Documentation.lnk
[2012/11/10 17:55:45 | 000,000,290 | ---- | C] () -- C:\Users\David\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/11/10 17:55:45 | 000,000,272 | ---- | C] () -- C:\Users\David\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/11/02 17:06:20 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012/11/02 17:06:05 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012/11/02 17:05:50 | 000,164,480 | ---- | C] () -- C:\Windows\SysNative\drivers\RTWAVES40.dat
[2012/11/02 17:04:53 | 2116,730,879 | -HS- | C] () -- C:\hiberfil.sys
[2012/11/02 17:03:41 | 000,030,752 | RH-- | C] () -- C:\dell.sdr
[2012/11/02 16:49:19 | 000,204,940 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2012/11/02 16:49:10 | 001,988,768 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.cap
[2012/11/02 16:49:10 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/11/02 16:49:10 | 000,204,952 | ---- | C] () -- C:\Windows\SysNative\ativvsvl.dat
[2012/11/02 16:49:10 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012/11/02 16:49:10 | 000,157,144 | ---- | C] () -- C:\Windows\SysNative\ativvsva.dat
[2012/11/02 16:49:09 | 001,987,040 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap
[2012/11/02 16:49:09 | 000,036,194 | ---- | C] () -- C:\Windows\atiogl.xml
[2012/11/02 16:49:09 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2012/11/02 16:49:09 | 000,003,917 | ---- | C] () -- C:\Windows\SysNative\atipblag.dat
[2012/11/02 16:49:07 | 000,239,869 | ---- | C] () -- C:\Windows\SysNative\atiicdxx.dat
[2012/11/02 16:49:05 | 000,205,712 | ---- | C] () -- C:\Windows\SysWow64\atiapfxx.blb
[2012/11/02 16:49:05 | 000,205,712 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb
[2012/11/02 16:48:21 | 000,003,412 | ---- | C] () -- C:\Windows\SysWow64\drivers\1028_Dell_XPS_8500.mrk
[2012/11/02 16:48:21 | 000,003,412 | ---- | C] () -- C:\Windows\SysNative\drivers\1028_Dell_XPS_8500.mrk
[2012/11/02 16:47:54 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/11/02 16:47:54 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2012/11/02 15:40:24 | 001,070,632 | ---- | C] () -- C:\Windows\SysNative\chklogo6.wtl
[2012/11/02 15:37:09 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012/11/02 15:35:40 | 000,001,307 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
[2012/11/02 15:35:37 | 000,001,376 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
[2012/11/02 15:35:22 | 000,001,460 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
[2012/11/02 15:35:18 | 000,002,488 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2012/11/02 15:32:06 | 000,000,970 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Digital Delivery.lnk
[2012/11/02 15:31:39 | 000,002,435 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk
[2012/11/02 15:27:42 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_btath_hcrp_01009.Wdf
[2012/11/02 15:25:57 | 000,018,199 | ---- | C] () -- C:\Windows\SysNative\netathrx.inf
[2012/11/02 15:25:57 | 000,008,318 | ---- | C] () -- C:\Windows\SysNative\athrextx.cat
[2012/11/02 15:24:24 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iusb3hcs_01009.Wdf
[2012/11/02 15:24:12 | 000,015,128 | ---- | C] () -- C:\Windows\SysNative\drivers\IntelMEFWVer.dll
[2012/11/02 15:11:06 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/01/10 20:39:16 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2011/10/25 21:21:48 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011/10/25 21:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011/02/10 11:10:51 | 000,795,928 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
========== ZeroAccess Check ==========
[2009/07/13 23:55:00 | 000,000,227 | ---- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/11/02 17:00:55 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/11/02 17:00:55 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.* >
[2012/11/02 17:03:41 | 000,030,752 | RH-- | M] () -- C:\dell.sdr
[2012/11/27 09:26:29 | 2116,730,879 | -HS- | M] () -- C:\hiberfil.sys
[2012/11/27 09:26:30 | 4253,966,335 | -HS- | M] () -- C:\pagefile.sys
[2012/11/13 23:51:10 | 000,042,330 | ---- | M] () -- C:\RPSetup.exe.log
< %systemroot%\*. /mp /s >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
< End of report >
-
Here goes:
OTL.txt part 1:
OTL logfile created on: 11/28/2012 8:42:11 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\David\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
7.96 Gb Total Physical Memory | 6.00 Gb Available Physical Memory | 75.41% Memory free
15.92 Gb Paging File | 12.93 Gb Available in Paging File | 81.23% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1850.72 Gb Total Space | 1726.14 Gb Free Space | 93.27% Space Free | Partition Type: NTFS
Drive I: | 30.20 Gb Total Space | 29.62 Gb Free Space | 98.07% Space Free | Partition Type: FAT32
Drive U: | 1863.01 Gb Total Space | 1033.07 Gb Free Space | 55.45% Space Free | Partition Type: NTFS
Computer Name: DAVID-OFFICE | User Name: David | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/11/28 08:02:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\David\Desktop\OTL.exe
PRC - [2012/11/11 02:06:52 | 014,032,993 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Squeezebox\server\SqueezeSvr.exe
PRC - [2012/09/29 19:54:26 | 000,766,536 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/09/29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/09/29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/07/27 13:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/02/17 01:33:34 | 000,291,608 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2012/02/01 16:29:58 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2012/02/01 16:29:56 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2012/01/21 11:35:24 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2012/01/21 11:35:22 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2011/12/29 18:12:06 | 000,158,880 | ---- | M] (Atheros) -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2011/12/26 20:53:00 | 000,076,960 | ---- | M] (Atheros) -- C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
PRC - [2011/04/08 07:50:02 | 000,542,264 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe
PRC - [2010/08/23 09:11:28 | 000,206,240 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
PRC - [2010/03/10 16:26:30 | 000,237,568 | ---- | M] (Alcor Micro Corp.) -- C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
========== Modules (No Company Name) ==========
MOD - [2012/11/15 00:57:12 | 000,489,472 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\8bb44e1dd221cada48308ce5f5d20561\IAStorUtil.ni.dll
MOD - [2012/11/15 00:57:12 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\0461c2bf4c5b235c0ca1d923c10d6849\IAStorCommon.ni.dll
MOD - [2012/11/15 00:14:37 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\413288993ff690e8251d2dbe32bee01f\System.Runtime.Remoting.ni.dll
MOD - [2012/11/15 00:14:25 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll
MOD - [2012/11/15 00:14:21 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll
MOD - [2012/11/15 00:14:14 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b311b783e1efaa9527f4c2c9680c44d1\WindowsBase.ni.dll
MOD - [2012/11/15 00:14:12 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll
MOD - [2012/11/15 00:14:10 | 007,988,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll
MOD - [2012/11/15 00:14:10 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll
MOD - [2012/11/15 00:14:06 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll
========== Services (SafeList) ==========
SRV:64bit: - [2012/09/10 17:47:50 | 000,383,608 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\mcafee\virusscan\mcods.exe -- (McODS)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McOobeSv)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2012/07/17 14:52:28 | 000,177,144 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2012/07/17 14:49:24 | 000,218,320 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2012/07/17 14:47:42 | 000,237,920 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2012/01/10 21:01:52 | 000,627,936 | ---- | M] (Intel® Corporation) [Auto | Running] -- c:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV:64bit: - [2011/10/26 14:01:00 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011/03/08 17:00:50 | 000,224,704 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- c:\Program Files\mcafee\msc\McAWFwk.exe -- (McAWFwk)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/11/17 21:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/11/11 02:06:52 | 014,032,993 | ---- | M] () [Auto | Running] -- C:/PROGRA~2/SQUEEZ~1/server/SqueezeSvr.exe -- (squeezesvc)
SRV - [2012/11/02 15:11:05 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/10/09 10:22:48 | 000,173,568 | ---- | M] (Dell Products, LP.) [Auto | Stopped] -- C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe -- (DellDigitalDelivery)
SRV - [2012/09/29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/09/29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/08/27 06:32:34 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Users\David\AppData\Local\Temp\7zS16F7\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2012/07/27 13:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/02/01 16:29:58 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2012/01/21 11:35:24 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/01/21 11:35:22 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2011/12/29 18:12:06 | 000,158,880 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe -- (ZAtheros Bt&Wlan Coex Agent)
SRV - [2011/12/29 17:53:48 | 000,106,144 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2011/12/26 20:53:00 | 000,076,960 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe -- (ZAtheros Wlan Agent)
SRV - [2010/03/18 16:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012/11/02 17:00:55 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/11/02 17:00:52 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/11/02 17:00:52 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/09/29 19:54:26 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/09/04 00:50:20 | 000,025,584 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Running] -- c:\Program Files\Dell Support Center\pcdsrvc_x64.pkms -- (PCDSRVC{1E208CE0-FB7451FF-06020200}_0)
DRV:64bit: - [2012/07/17 18:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/07/17 14:55:40 | 000,069,672 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2012/07/17 14:52:38 | 000,335,784 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2012/07/17 14:51:16 | 000,106,112 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2012/07/17 14:50:36 | 000,752,672 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2012/07/17 14:49:36 | 000,513,456 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2012/07/17 14:48:54 | 000,300,392 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2012/07/17 14:48:34 | 000,169,320 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2012/04/20 16:40:58 | 000,196,440 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HipShieldK.sys -- (HipShieldK)
DRV:64bit: - [2012/02/01 18:16:40 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2012/01/27 02:39:34 | 000,787,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012/01/27 02:39:34 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012/01/27 02:39:34 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2011/12/29 18:02:50 | 000,548,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2011/12/29 18:02:24 | 000,280,992 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2011/12/29 18:02:12 | 000,068,256 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2011/12/29 18:01:42 | 000,167,584 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2011/12/29 18:01:24 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2011/12/29 18:01:12 | 000,030,368 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2011/12/29 18:00:54 | 000,110,752 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2011/12/29 18:00:42 | 000,338,592 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2011/12/13 11:32:22 | 002,797,056 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011/12/06 06:23:08 | 000,331,264 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011/11/24 02:02:20 | 000,648,808 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/10/26 15:05:12 | 010,496,512 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/10/26 13:22:00 | 000,326,656 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/10/18 05:40:50 | 000,093,712 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010/11/20 22:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 22:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2006/11/01 04:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {4B859847-F617-49DD-9DB7-B8746DBA5905}
IE:64bit: - HKLM\..\SearchScopes\{4B859847-F617-49DD-9DB7-B8746DBA5905}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MDDCJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {4B859847-F617-49DD-9DB7-B8746DBA5905}
IE - HKLM\..\SearchScopes\{4B859847-F617-49DD-9DB7-B8746DBA5905}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MDDCJS
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = about:Tabs [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig
IE - HKCU\..\SearchScopes,DefaultScope = {4B859847-F617-49DD-9DB7-B8746DBA5905}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2012/11/13 09:23:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2012/11/13 21:35:47 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\mcafee\systemcore\ScriptSn.20121110234248.dll (McAfee, Inc.)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\mcafee\SystemCore\ScriptSn.20121110234248.dll (McAfee, Inc.)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4 - HKLM..\Run: [iJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe (CANON INC.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [shwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe (Alcor Micro Corp.)
O4 - HKLM..\Run: [startCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [uSB3MON] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = [binary data]
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C708C6C8-AA35-497C-9F47-265D94DEE69F}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2012/11/28 08:37:14 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\David\Desktop\OTL.exe
[2012/11/28 08:37:13 | 000,000,000 | ---D | C] -- C:\Users\David\Desktop\repair 11-28-12
[2012/11/27 20:02:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2012/11/27 12:22:05 | 000,000,000 | ---D | C] -- C:\FRST
[2012/11/27 09:27:50 | 000,000,000 | ---D | C] -- C:\Users\David\Desktop\RK_Quarantine
[2012/11/27 09:26:48 | 000,000,000 | R--D | C] -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2012/11/26 19:37:00 | 000,000,000 | ---D | C] -- C:\Users\David\Desktop\Trojan Ransom
[2012/11/26 17:42:52 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Malwarebytes
[2012/11/26 17:42:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/11/26 17:42:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/11/26 17:42:41 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/11/26 17:42:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/11/26 17:06:26 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/11/26 17:06:18 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/11/26 12:07:21 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\My SureThing Projects
[2012/11/26 12:06:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Staples CD Labeler v5
[2012/11/26 11:58:04 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\MicroVision Applications
[2012/11/26 11:45:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SureThing Shared
[2012/11/26 11:45:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Staples CD Labeler
[2012/11/25 15:00:52 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\FreeFileSync
[2012/11/25 12:03:08 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\FreeFileSync
[2012/11/25 12:01:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeFileSync
[2012/11/25 12:01:35 | 000,000,000 | ---D | C] -- C:\Program Files\FreeFileSync
[2012/11/25 12:01:34 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\CrashDumps
[2012/11/25 08:59:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2012/11/25 08:59:52 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2012/11/24 17:25:35 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Apps
[2012/11/24 13:47:46 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJScan
[2012/11/24 13:47:39 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Canon
[2012/11/24 13:28:19 | 000,000,000 | ---D | C] -- C:\Users\David\Desktop\Trio Kinsky,Quatuor Prazak - Musique de chambre - vol.3
[2012/11/24 12:26:30 | 000,000,000 | ---D | C] -- C:\Users\David\Desktop\Chandos CHSA 5094-Delius VC Little
[2012/11/19 20:04:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ffmpeg For Audacity
[2012/11/19 20:03:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lame For Audacity
[2012/11/19 19:49:13 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Audacity
[2012/11/19 19:48:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Audacity
[2012/11/18 23:55:02 | 000,000,000 | ---D | C] -- C:\Programs
[2012/11/18 23:14:33 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
[2012/11/18 23:14:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IrfanView
[2012/11/18 22:29:19 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\EAC
[2012/11/18 22:29:17 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\AccurateRip
[2012/11/18 22:29:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exact Audio Copy
[2012/11/18 22:29:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Exact Audio Copy
[2012/11/18 20:53:48 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Support Center
[2012/11/18 20:53:48 | 000,000,000 | ---D | C] -- C:\ProgramData\PC-Doctor for Windows
[2012/11/18 20:53:33 | 000,000,000 | ---D | C] -- C:\Program Files\Dell Support Center
[2012/11/18 19:15:40 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Dell
[2012/11/18 19:15:37 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\PCDr
[2012/11/18 19:15:13 | 000,000,000 | ---D | C] -- C:\ProgramData\PCDr
[2012/11/18 19:09:06 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Dell Edoc Viewer
[2012/11/15 16:02:22 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\CutePDF Writer
[2012/11/15 14:02:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GPLGS
[2012/11/15 14:01:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CutePDF
[2012/11/15 14:01:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Acro Software
[2012/11/15 10:42:17 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\Style Manuals
[2012/11/15 08:34:01 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\ElevatedDiagnostics
[2012/11/15 08:07:28 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2012/11/15 00:09:08 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2012/11/15 00:09:08 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
[2012/11/15 00:06:39 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/11/15 00:06:39 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/11/15 00:06:39 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/11/15 00:06:39 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/11/15 00:06:39 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/11/15 00:06:39 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/11/15 00:06:39 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/11/15 00:06:39 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/11/15 00:06:38 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/11/15 00:06:38 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/11/15 00:06:38 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/11/15 00:06:38 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/11/15 00:06:38 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/11/15 00:06:38 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/11/15 00:06:38 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/11/15 00:05:20 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2012/11/15 00:05:20 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2012/11/15 00:05:20 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2012/11/15 00:05:20 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2012/11/15 00:04:38 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012/11/15 00:04:37 | 001,448,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012/11/15 00:04:35 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012/11/15 00:04:35 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012/11/14 20:50:12 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\foobar2000
[2012/11/14 20:50:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\foobar2000
[2012/11/14 08:56:50 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2012/11/14 08:56:50 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2012/11/14 08:56:50 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2012/11/14 08:56:44 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll
[2012/11/14 08:56:44 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2012/11/14 08:56:44 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll
[2012/11/14 08:56:44 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2012/11/14 08:56:44 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2012/11/14 08:56:44 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2012/11/14 08:56:32 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll
[2012/11/14 08:56:32 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll
[2012/11/14 00:59:56 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Diagnostics
[2012/11/14 00:41:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech Media Server
[2012/11/14 00:41:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Squeezebox
[2012/11/14 00:41:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Squeezebox
[2012/11/13 21:48:58 | 000,000,000 | ---D | C] -- C:\updates
[2012/11/13 19:56:09 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Google
[2012/11/13 19:56:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2012/11/13 09:23:58 | 000,196,440 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\HipShieldK.sys
[2012/11/12 13:07:12 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Adobe
[2012/11/12 12:48:36 | 000,000,000 | ---D | C] -- C:\Users\David\Desktop\Cannon
[2012/11/12 12:47:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\CANON
[2012/11/12 12:46:14 | 000,000,000 | ---D | C] -- C:\Program Files\Canon
[2012/11/12 12:45:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX870 series
[2012/11/12 12:44:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
[2012/11/12 12:44:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon IJ Network Utilities
[2012/11/12 12:44:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Canon IJ Network Tool
[2012/11/12 12:44:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Canon
[2012/11/12 12:44:55 | 000,307,200 | ---- | C] (CANON INC.) -- C:\Windows\SysWow64\CNC870L.dll
[2012/11/12 12:44:55 | 000,102,400 | ---- | C] (CANON INC.) -- C:\Windows\SysWow64\CNC870U.dll
[2012/11/12 12:44:55 | 000,015,872 | ---- | C] (CANON INC.) -- C:\Windows\SysWow64\CNHMCA.dll
[2012/11/12 12:41:02 | 000,366,592 | ---- | C] (CANON INC.) -- C:\Windows\SysWow64\CNMNPPM.DLL
[2012/11/12 12:41:02 | 000,359,936 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNMN6PPM.DLL
[2012/11/12 12:41:02 | 000,039,424 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNMN6UI.DLL
[2012/11/12 12:41:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\STRING
[2012/11/12 12:40:27 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ
[2012/11/12 12:40:18 | 000,000,000 | -H-D | C] -- C:\Windows\SysNative\CanonIJ Uninstaller Information
[2012/11/12 12:40:05 | 000,385,024 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNMLMA7.DLL
[2012/11/12 12:40:00 | 000,002,560 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLmTH.DLL
[2012/11/12 12:40:00 | 000,002,560 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLmKR.DLL
[2012/11/12 12:40:00 | 000,002,048 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLmTW.DLL
[2012/11/12 12:39:59 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLmUS.DLL
[2012/11/12 12:39:59 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLmSE.DLL
[2012/11/12 12:39:59 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLmRU.DLL
[2012/11/12 12:39:59 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLmPT.DLL
[2012/11/12 12:39:59 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLmPL.DLL
[2012/11/12 12:39:59 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLmNL.DLL
[2012/11/12 12:39:59 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLmIT.DLL
[2012/11/12 12:39:59 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLmID.DLL
[2012/11/12 12:39:59 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLmGR.DLL
[2012/11/12 12:39:59 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLmFR.DLL
[2012/11/12 12:39:59 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLmFI.DLL
[2012/11/12 12:39:59 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLmES.DLL
[2012/11/12 12:39:59 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLmDE.DLL
[2012/11/12 12:39:59 | 000,002,560 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLmTR.DLL
[2012/11/12 12:39:59 | 000,002,560 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLmNO.DLL
[2012/11/12 12:39:59 | 000,002,560 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLmJP.DLL
[2012/11/12 12:39:59 | 000,002,560 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLmHU.DLL
[2012/11/12 12:39:59 | 000,002,560 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLmDK.DLL
[2012/11/12 12:39:59 | 000,002,560 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLmCZ.DLL
[2012/11/12 12:39:59 | 000,002,560 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLmAR.DLL
[2012/11/12 12:39:59 | 000,002,048 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLmCN.DLL
[2012/11/12 12:39:58 | 000,343,552 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCF2Lm.DLL
[2012/11/12 12:39:58 | 000,182,272 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFMSm.EXE
[2012/11/12 12:39:56 | 000,245,760 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNMIUA7.DLL
[2012/11/12 12:39:52 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ
[2012/11/12 03:31:08 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012/11/12 03:31:08 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2012/11/12 03:04:22 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Skype
[2012/11/11 19:44:13 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\new computer
[2012/11/11 19:43:40 | 004,762,471 | R--- | C] (Swearware) -- C:\Users\David\Desktop\ComboFix.exe
[2012/11/11 09:26:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dell Digital Delivery
[2012/11/11 07:58:27 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\Word Processing
[2012/11/11 07:56:30 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\Travel
[2012/11/11 07:54:42 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\TomTom
[2012/11/11 07:54:31 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\To Do
[2012/11/11 07:54:30 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\to deskktop
[2012/11/11 07:53:13 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\System Utilities
[2012/11/11 07:53:12 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\Sony PMB
[2012/11/11 07:53:12 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\Reflect
[2012/11/11 07:52:43 | 000,000,000 | R--D | C] -- C:\Users\David\Documents\Receipts
[2012/11/11 07:52:24 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\PW
[2012/11/11 07:47:58 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\My Scans
[2012/11/11 07:31:02 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2012/11/11 07:31:02 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2012/11/11 07:31:01 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/11/11 07:31:00 | 003,968,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/11/11 07:31:00 | 003,914,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/11/11 07:30:58 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2012/11/11 07:30:58 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2012/11/11 07:30:53 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012/11/11 07:30:53 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012/11/11 07:30:53 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012/11/11 07:30:53 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012/11/11 07:30:50 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012/11/11 07:30:50 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012/11/11 07:30:50 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012/11/11 07:30:49 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012/11/11 07:30:49 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012/11/11 07:30:49 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012/11/11 07:30:49 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012/11/11 07:30:49 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012/11/11 07:30:49 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012/11/11 07:30:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012/11/11 07:30:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012/11/11 07:30:48 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012/11/11 07:30:48 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/11/11 07:30:48 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/11/11 07:30:48 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012/11/11 07:30:48 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012/11/11 07:30:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/11/11 07:30:47 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012/11/11 07:30:47 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012/11/11 07:30:47 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012/11/11 07:30:47 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012/11/11 07:30:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012/11/11 07:30:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012/11/11 07:30:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012/11/11 07:30:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/11/11 07:30:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012/11/11 07:30:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012/11/11 07:30:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/11/11 07:30:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012/11/11 07:30:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012/11/11 07:30:45 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/11/11 07:30:45 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/11/11 07:30:45 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/11/11 07:30:45 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012/11/11 07:30:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/11 07:30:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/11 07:30:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012/11/11 07:30:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012/11/11 07:30:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012/11/11 07:30:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012/11/11 07:30:43 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012/11/11 07:30:43 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012/11/11 07:30:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012/11/11 07:30:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012/11/11 07:30:42 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012/11/11 07:30:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012/11/11 07:30:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012/11/11 07:30:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/11/11 07:30:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/11/11 07:30:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012/11/11 07:30:41 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012/11/11 07:30:41 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012/11/11 07:30:41 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012/11/11 07:30:41 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012/11/11 07:30:41 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012/11/11 07:30:41 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012/11/11 07:30:40 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012/11/11 07:30:40 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012/11/11 07:30:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012/11/11 07:30:39 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012/11/11 07:30:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012/11/11 07:30:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012/11/11 07:30:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012/11/11 07:30:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012/11/11 07:30:38 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012/11/11 07:30:26 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2012/11/11 07:30:25 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2012/11/11 07:30:24 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2012/11/11 07:30:24 | 000,288,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2012/11/11 07:30:18 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012/11/11 07:28:38 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe
[2012/11/11 07:28:18 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012/11/11 07:28:18 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012/11/11 07:28:18 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012/11/11 07:28:17 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2012/11/11 07:28:07 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2012/11/11 07:28:03 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2012/11/11 07:28:03 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2012/11/11 07:28:03 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2012/11/11 07:28:00 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012/11/11 07:28:00 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012/11/10 23:13:32 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\My Digital Editions
[2012/11/10 22:45:57 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\Music
[2012/11/10 22:43:13 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\Install programs
[2012/11/10 22:42:51 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\InfoSelect
[2012/11/10 22:42:49 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\Info Select_8
[2012/11/10 22:39:13 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\home tech
[2012/11/10 22:39:03 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\gardening
[2012/11/10 22:37:08 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\Audio
[2012/11/10 22:37:02 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\fonts
[2012/11/10 22:37:01 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\Everio MediaBrowser 4
[2012/11/10 22:34:34 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\Elissa's Music
[2012/11/10 22:34:10 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\DVD Copy software
[2012/11/10 22:33:35 | 000,000,000 | R--D | C] -- C:\Users\David\Documents\Dropbox
[2012/11/10 22:22:27 | 000,000,000 | R--D | C] -- C:\Users\David\Documents\David's old docs
[2012/11/10 22:21:39 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\Corel User Files
[2012/11/10 22:21:39 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\Blackberry backups
[2012/11/10 22:20:27 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\Avery Templates
[2012/11/10 22:19:30 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\AntiVirus stuff
[2012/11/10 22:19:30 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\Anti-Malware
[2012/11/10 22:19:23 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\Amazon Downloads
[2012/11/10 20:48:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2012/11/10 20:48:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2012/11/10 20:48:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio
[2012/11/10 20:48:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2012/11/10 20:46:38 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2012/11/10 20:46:18 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Microsoft Help
[2012/11/10 20:46:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2012/11/10 20:45:49 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2012/11/10 18:10:03 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Macromedia
[2012/11/10 18:10:01 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Adobe
[2012/11/10 18:03:53 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\MigWiz
[2012/11/10 18:01:34 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Intel Corporation
[2012/11/10 18:00:40 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\BMExplorer
[2012/11/10 18:00:40 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\Bluetooth Folder
[2012/11/10 18:00:34 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\ATI
[2012/11/10 18:00:34 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\ATI
[2012/11/10 18:00:34 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Atheros
[2012/11/10 18:00:29 | 000,000,000 | R--D | C] -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/11/10 18:00:28 | 000,000,000 | R--D | C] -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/11/10 18:00:28 | 000,000,000 | R--D | C] -- C:\Users\David\Searches
[2012/11/10 18:00:28 | 000,000,000 | -H-D | C] -- C:\Users\David\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2012/11/10 18:00:22 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Identities
[2012/11/10 18:00:21 | 000,000,000 | R--D | C] -- C:\Users\David\Contacts
[2012/11/10 18:00:20 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\VirtualStore
[2012/11/10 17:56:50 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012/11/10 17:56:50 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012/11/10 17:56:49 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012/11/10 17:56:10 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012/11/10 17:56:10 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012/11/10 17:56:10 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012/11/10 17:56:09 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012/11/10 17:56:09 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012/11/10 17:55:45 | 000,000,000 | --SD | C] -- C:\Users\David\AppData\Roaming\Microsoft
[2012/11/10 17:55:45 | 000,000,000 | R--D | C] -- C:\Users\David\Videos
[2012/11/10 17:55:45 | 000,000,000 | R--D | C] -- C:\Users\David\Saved Games
[2012/11/10 17:55:45 | 000,000,000 | R--D | C] -- C:\Users\David\Pictures
[2012/11/10 17:55:45 | 000,000,000 | R--D | C] -- C:\Users\David\Music
[2012/11/10 17:55:45 | 000,000,000 | R--D | C] -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/11/10 17:55:45 | 000,000,000 | R--D | C] -- C:\Users\David\Links
[2012/11/10 17:55:45 | 000,000,000 | R--D | C] -- C:\Users\David\Favorites
[2012/11/10 17:55:45 | 000,000,000 | R--D | C] -- C:\Users\David\Downloads
[2012/11/10 17:55:45 | 000,000,000 | R--D | C] -- C:\Users\David\Documents
[2012/11/10 17:55:45 | 000,000,000 | R--D | C] -- C:\Users\David\Desktop
[2012/11/10 17:55:45 | 000,000,000 | R--D | C] -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/11/10 17:55:45 | 000,000,000 | -HSD | C] -- C:\Users\David\AppData\Local\Temporary Internet Files
[2012/11/10 17:55:45 | 000,000,000 | -HSD | C] -- C:\Users\David\Templates
[2012/11/10 17:55:45 | 000,000,000 | -HSD | C] -- C:\Users\David\Start Menu
[2012/11/10 17:55:45 | 000,000,000 | -HSD | C] -- C:\Users\David\SendTo
[2012/11/10 17:55:45 | 000,000,000 | -HSD | C] -- C:\Users\David\Recent
[2012/11/10 17:55:45 | 000,000,000 | -HSD | C] -- C:\Users\David\PrintHood
[2012/11/10 17:55:45 | 000,000,000 | -HSD | C] -- C:\Users\David\NetHood
[2012/11/10 17:55:45 | 000,000,000 | -HSD | C] -- C:\Users\David\Documents\My Videos
[2012/11/10 17:55:45 | 000,000,000 | -HSD | C] -- C:\Users\David\Documents\My Pictures
[2012/11/10 17:55:45 | 000,000,000 | -HSD | C] -- C:\Users\David\Documents\My Music
[2012/11/10 17:55:45 | 000,000,000 | -HSD | C] -- C:\Users\David\My Documents
[2012/11/10 17:55:45 | 000,000,000 | -HSD | C] -- C:\Users\David\Local Settings
[2012/11/10 17:55:45 | 000,000,000 | -HSD | C] -- C:\Users\David\AppData\Local\History
[2012/11/10 17:55:45 | 000,000,000 | -HSD | C] -- C:\Users\David\Cookies
[2012/11/10 17:55:45 | 000,000,000 | -HSD | C] -- C:\Users\David\Application Data
[2012/11/10 17:55:45 | 000,000,000 | -HSD | C] -- C:\Users\David\AppData\Local\Application Data
[2012/11/10 17:55:45 | 000,000,000 | -H-D | C] -- C:\Users\David\AppData
[2012/11/10 17:55:45 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Temp
[2012/11/10 17:55:45 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\SoftThinks
[2012/11/10 17:55:45 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Microsoft
[2012/11/10 17:55:45 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Media Center Programs
[2012/11/02 17:05:45 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SRSLabs
[2012/11/02 17:05:24 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2012/11/02 17:05:23 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2012/11/02 17:04:53 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012/11/02 17:01:02 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2012/11/02 17:01:02 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2012/11/02 17:01:01 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2012/11/02 17:01:01 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2012/11/02 17:01:01 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2012/11/02 17:01:01 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2012/11/02 17:01:01 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2012/11/02 17:01:01 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2012/11/02 17:01:01 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2012/11/02 17:01:01 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2012/11/02 17:01:01 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2012/11/02 17:01:01 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2012/11/02 17:01:01 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2012/11/02 17:01:01 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2012/11/02 17:01:01 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2012/11/02 17:01:00 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2012/11/02 17:01:00 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2012/11/02 17:00:59 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2012/11/02 17:00:59 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2012/11/02 17:00:59 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2012/11/02 17:00:59 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2012/11/02 17:00:59 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2012/11/02 17:00:59 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2012/11/02 17:00:59 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2012/11/02 17:00:59 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2012/11/02 17:00:59 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2012/11/02 17:00:58 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2012/11/02 17:00:58 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2012/11/02 17:00:58 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2012/11/02 17:00:58 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2012/11/02 17:00:58 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2012/11/02 17:00:58 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2012/11/02 17:00:58 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2012/11/02 17:00:58 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2012/11/02 17:00:58 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2012/11/02 17:00:58 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2012/11/02 17:00:58 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2012/11/02 17:00:58 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2012/11/02 17:00:58 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012/11/02 17:00:57 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2012/11/02 17:00:57 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2012/11/02 17:00:57 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2012/11/02 17:00:57 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2012/11/02 17:00:57 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2012/11/02 17:00:57 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012/11/02 17:00:57 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012/11/02 17:00:56 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2012/11/02 17:00:55 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2012/11/02 17:00:55 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2012/11/02 17:00:55 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012/11/02 17:00:55 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012/11/02 17:00:54 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012/11/02 17:00:54 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012/11/02 17:00:53 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012/11/02 17:00:53 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012/11/02 17:00:53 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012/11/02 17:00:53 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2012/11/02 17:00:53 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2012/11/02 17:00:53 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2012/11/02 17:00:53 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2012/11/02 17:00:53 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2012/11/02 17:00:53 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2012/11/02 17:00:53 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2012/11/02 17:00:53 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2012/11/02 17:00:53 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2012/11/02 17:00:53 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2012/11/02 17:00:53 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2012/11/02 17:00:53 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2012/11/02 17:00:53 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012/11/02 17:00:53 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2012/11/02 17:00:53 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2012/11/02 17:00:53 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2012/11/02 17:00:53 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2012/11/02 17:00:53 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2012/11/02 17:00:53 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012/11/02 17:00:53 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012/11/02 17:00:52 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2012/11/02 17:00:52 | 001,699,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2012/11/02 17:00:52 | 001,544,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012/11/02 17:00:52 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012/11/02 17:00:52 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2012/11/02 17:00:52 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2012/11/02 17:00:52 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2012/11/02 17:00:52 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2012/11/02 17:00:52 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2012/11/02 17:00:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2012/11/02 17:00:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2012/11/02 17:00:51 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2012/11/02 17:00:51 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2012/11/02 17:00:51 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
[2012/11/02 17:00:51 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2012/11/02 17:00:51 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2012/11/02 17:00:50 | 003,958,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSAT.exe
[2012/11/02 17:00:50 | 000,642,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2012/11/02 17:00:50 | 000,605,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2012/11/02 17:00:50 | 000,566,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2012/11/02 17:00:50 | 000,518,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2012/11/02 17:00:50 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2012/11/02 17:00:50 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll
[2012/11/02 17:00:50 | 000,246,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\input.dll
[2012/11/02 17:00:50 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\input.dll
[2012/11/02 17:00:50 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll
[2012/11/02 17:00:50 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2012/11/02 17:00:50 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2012/11/02 17:00:50 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2012/11/02 17:00:50 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2012/11/02 17:00:50 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2012/11/02 17:00:49 | 000,800,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2012/11/02 17:00:49 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINTAM.DLL
[2012/11/02 17:00:49 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINMAL.DLL
[2012/11/02 17:00:49 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINDEV.DLL
[2012/11/02 17:00:49 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINBEN.DLL
[2012/11/02 17:00:49 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINTEL.DLL
[2012/11/02 17:00:49 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINTAM.DLL
[2012/11/02 17:00:49 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINPUN.DLL
[2012/11/02 17:00:49 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINORI.DLL
[2012/11/02 17:00:49 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINORI.DLL
[2012/11/02 17:00:49 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINMAR.DLL
[2012/11/02 17:00:49 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINMAR.DLL
[2012/11/02 17:00:49 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINMAL.DLL
[2012/11/02 17:00:49 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINKAN.DLL
[2012/11/02 17:00:49 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINKAN.DLL
[2012/11/02 17:00:49 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINHIN.DLL
[2012/11/02 17:00:49 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINHIN.DLL
[2012/11/02 17:00:49 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINGUJ.DLL
[2012/11/02 17:00:49 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINEN.DLL
[2012/11/02 17:00:49 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINDEV.DLL
[2012/11/02 17:00:49 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINBEN.DLL
[2012/11/02 17:00:49 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINBE2.DLL
[2012/11/02 17:00:49 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINBE1.DLL
[2012/11/02 17:00:49 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINASA.DLL
[2012/11/02 17:00:49 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINTEL.DLL
[2012/11/02 17:00:49 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINPUN.DLL
[2012/11/02 17:00:49 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINGUJ.DLL
[2012/11/02 17:00:49 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINBE2.DLL
[2012/11/02 17:00:49 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINBE1.DLL
[2012/11/02 17:00:49 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINASA.DLL
[2012/11/02 17:00:47 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012/11/02 17:00:47 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012/11/02 16:57:24 | 000,000,000 | ---D | C] -- C:\Apps
[2012/11/02 16:50:03 | 000,568,600 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStor.sys
[2012/11/02 16:50:00 | 000,331,264 | ---- | C] (Intel® Corporation) -- C:\Windows\SysNative\drivers\IntcDAud.sys
[2012/11/02 16:50:00 | 000,014,848 | ---- | C] (Intel® Corporation) -- C:\Windows\SysNative\IntcDAuC.dll
[2012/11/02 16:49:22 | 000,648,808 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2012/11/02 16:49:22 | 000,107,552 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RTNUninst64.dll
[2012/11/02 16:49:22 | 000,074,344 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RtNicProp64.dll
[2012/11/02 16:49:20 | 002,615,400 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2012/11/02 16:49:20 | 002,603,864 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2012/11/02 16:49:20 | 001,560,168 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2012/11/02 16:49:20 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2012/11/02 16:49:20 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2012/11/02 16:49:20 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2012/11/02 16:49:20 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2012/11/02 16:49:19 | 003,745,384 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
[2012/11/02 16:49:19 | 001,247,848 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2012/11/02 16:49:19 | 000,823,912 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2012/11/02 16:49:19 | 000,376,936 | ---- | C] (Realtek Semiconductor) -- C:\Windows\SysNative\RtkGuiCompLib.dll
[2012/11/02 16:49:19 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2012/11/02 16:49:19 | 000,331,880 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
[2012/11/02 16:49:19 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2012/11/02 16:49:19 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2012/11/02 16:49:19 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2012/11/02 16:49:19 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
[2012/11/02 16:49:19 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2012/11/02 16:49:19 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2012/11/02 16:49:19 | 000,014,952 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCoLDR64.dll
[2012/11/02 16:49:18 | 002,765,312 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCORES64.dat
[2012/11/02 16:49:18 | 000,894,040 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBAPO64.dll
[2012/11/02 16:49:18 | 000,750,680 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\MBAPO32.dll
[2012/11/02 16:49:18 | 000,626,264 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBTHX64.dll
[2012/11/02 16:49:18 | 000,561,240 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\MBTHX32.dll
[2012/11/02 16:49:18 | 000,334,680 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll
[2012/11/02 16:49:18 | 000,100,968 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInstII64.dll
-
MBAR log files:
mbar-log-2012-11-28 (12-40-58).txt:
Malwarebytes Anti-Rootkit 1.1.0.1009
www.malwarebytes.org
Database version: v2012.11.28.07
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
David :: DAVID-OFFICE [administrator]
11/28/2012 12:40:58 PM
mbar-log-2012-11-28 (12-40-58).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: PUP | PUM | P2P
Objects scanned: 25027
Time elapsed: 2 minute(s), 33 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
=======================================================================================================
system-log.txt:
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1009
© Malwarebytes Corporation 2011-2012
OS version: 6.1.7601 Windows 7 Service Pack 1 x64
Account is Administrative
Internet Explorer version: 9.0.8112.16421
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 3.395000 GHz
Memory total: 8548933632, free: 6982688768
------------ Kernel report ------------
11/28/2012 12:34:43
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\system32\DRIVERS\iusb3hcs.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\iaStor.sys
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\system32\drivers\mfehidk.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\mfewfpk.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\iusb3xhc.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\HECIx64.sys
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\athrx.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\Rt64win7.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\btath_bus.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\AtihdW76.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\iusb3hub.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\DRIVERS\IntcDAud.sys
\SystemRoot\system32\drivers\mfeavfk.sys
\SystemRoot\system32\drivers\mfefirek.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\system32\DRIVERS\USBSTOR.SYS
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\btfilter.sys
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\rfcomm.sys
\SystemRoot\system32\drivers\BthEnum.sys
\SystemRoot\system32\DRIVERS\bthpan.sys
\SystemRoot\system32\DRIVERS\btath_rcp.sys
\SystemRoot\system32\drivers\btath_avdt.sys
\SystemRoot\system32\drivers\btath_a2dp.sys
\SystemRoot\system32\DRIVERS\btath_hcrp.sys
\SystemRoot\system32\DRIVERS\btath_flt.sys
\SystemRoot\system32\DRIVERS\btath_lwflt.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\drivers\cfwids.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\WUDFRd.sys
\??\c:\program files\dell support center\pcdsrvc_x64.pkms
\SystemRoot\system32\DRIVERS\asyncmac.sys
\SystemRoot\system32\drivers\mfeapfk.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\urlmon.dll
\Windows\System32\msvcrt.dll
\Windows\System32\normaliz.dll
\Windows\System32\difxapi.dll
\Windows\System32\wininet.dll
\Windows\System32\shell32.dll
\Windows\System32\comdlg32.dll
\Windows\System32\Wldap32.dll
\Windows\System32\gdi32.dll
\Windows\System32\user32.dll
\Windows\System32\iertutil.dll
\Windows\System32\psapi.dll
\Windows\System32\lpk.dll
\Windows\System32\nsi.dll
\Windows\System32\imagehlp.dll
\Windows\System32\advapi32.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\clbcatq.dll
\Windows\System32\usp10.dll
\Windows\System32\ole32.dll
\Windows\System32\oleaut32.dll
\Windows\System32\kernel32.dll
\Windows\System32\imm32.dll
\Windows\System32\shlwapi.dll
\Windows\System32\ws2_32.dll
\Windows\System32\sechost.dll
\Windows\System32\msctf.dll
\Windows\System32\setupapi.dll
\Windows\System32\KernelBase.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\crypt32.dll
\Windows\System32\comctl32.dll
\Windows\System32\wintrust.dll
\Windows\System32\devobj.dll
\Windows\System32\msasn1.dll
\Windows\SysWOW64\normaliz.dll
----------- End -----------
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR9
Upper Device Object: 0xfffffa80169d0060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\000000a7\
Lower Device Object: 0xfffffa801668a060
Lower Device Driver Name: \Driver\USBSTOR\
Driver name found: USBSTOR
DriverEntry returned 0x0
Function returned 0x0
<<<1>>>
Upper Device Name: \Device\Harddisk8\DR8
Upper Device Object: 0xfffffa80135b8060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000090\
Lower Device Object: 0xfffffa8013478b60
Lower Device Driver Name: \Driver\USBSTOR\
Driver name found: USBSTOR
<<<1>>>
Upper Device Name: \Device\Harddisk7\DR7
Upper Device Object: 0xfffffa80135b7060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\0000008f\
Lower Device Object: 0xfffffa80135b4b60
Lower Device Driver Name: \Driver\USBSTOR\
Driver name found: USBSTOR
<<<1>>>
Upper Device Name: \Device\Harddisk6\DR6
Upper Device Object: 0xfffffa80135b3060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\0000008e\
Lower Device Object: 0xfffffa801347eb60
Lower Device Driver Name: \Driver\USBSTOR\
Driver name found: USBSTOR
<<<1>>>
Upper Device Name: \Device\Harddisk5\DR5
Upper Device Object: 0xfffffa80135b6060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\0000008d\
Lower Device Object: 0xfffffa801346eb60
Lower Device Driver Name: \Driver\USBSTOR\
Driver name found: USBSTOR
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa8010a0c060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-1\
Lower Device Object: 0xfffffa800715d050
Lower Device Driver Name: \Driver\iaStor\
Driver name found: iaStor
DriverEntry returned 0x0
Function returned 0x0
Downloaded database version: v2012.11.28.07
Downloaded database version: v2012.11.27.01
Initializing...
Done!
Scanning directory: C:\Windows\system32\drivers...
<<<2>>>
Device number: 0, partition: 3
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8010a0c060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80076aab90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8010a0c060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800715d050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
------------ End ----------
Upper DeviceData: 0xfffff8a00997ad60, 0xfffffa8010a0c060, 0xfffffa8017647290
Lower DeviceData: 0xfffff8a0208534e0, 0xfffffa800715d050, 0xfffffa8017b98a90
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 37B198F1
Partition information:
Partition 0 type is Other (0xde)
Partition is NOT ACTIVE.
Partition starts at LBA: 63 Numsec = 80262
Partition 1 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 81920 Numsec = 25690112
Partition file system is NTFS
Partition is bootable
Partition 2 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 25772032 Numsec = 3881246720
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Disk Size: 2000396619264 bytes
Sector size: 512 bytes
Scanning physical sectors of unpartitioned space on drive 0 (1-62-3907004647-3907024647)...
Physical Sector Size: 0
Drive: 1, DevicePointer: 0xfffffa80169d0060, DeviceName: \Device\Harddisk1\DR9\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8013ead0e0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa80169d0060, DeviceName: \Device\Harddisk1\DR9\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa801668a060, DeviceName: \Device\000000a7\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 0
Drive: 5, DevicePointer: 0xfffffa80135b6060, DeviceName: \Device\Harddisk5\DR5\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80135b6b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa80135b6060, DeviceName: \Device\Harddisk5\DR5\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa801346eb60, DeviceName: \Device\0000008d\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 0
Drive: 6, DevicePointer: 0xfffffa80135b3060, DeviceName: \Device\Harddisk6\DR6\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80135b3b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa80135b3060, DeviceName: \Device\Harddisk6\DR6\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa801347eb60, DeviceName: \Device\0000008e\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 0
Drive: 7, DevicePointer: 0xfffffa80135b7060, DeviceName: \Device\Harddisk7\DR7\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80135b7b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa80135b7060, DeviceName: \Device\Harddisk7\DR7\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa80135b4b60, DeviceName: \Device\0000008f\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 0
Drive: 8, DevicePointer: 0xfffffa80135b8060, DeviceName: \Device\Harddisk8\DR8\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80135b8b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa80135b8060, DeviceName: \Device\Harddisk8\DR8\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8013478b60, DeviceName: \Device\00000090\, DriverName: \Driver\USBSTOR\
------------ End ----------
Done!
Performing system, memory and registry scan...
Done!
Scan finished
=======================================
-
Thanks, TBK. Exras.txt. is below. OTL.txt is attached (post was too long even with only OTL.txt pasted as text). I'll send MBAR logs in a follow-on post.
Question: Could Explorer.exe registry errors identified in Extras.txt be related to my issue with replacement of some icons with generic white rectangles on desktop, start menu, and windows explorer (mp3, wav, flac, etc)?
---------------------------------------------
Extras.txt:
OTL Extras logfile created on: 11/28/2012 8:42:15 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\David\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
7.96 Gb Total Physical Memory | 6.00 Gb Available Physical Memory | 75.41% Memory free
15.92 Gb Paging File | 12.93 Gb Available in Paging File | 81.23% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1850.72 Gb Total Space | 1726.14 Gb Free Space | 93.27% Space Free | Partition Type: NTFS
Drive I: | 30.20 Gb Total Space | 29.62 Gb Free Space | 98.07% Space Free | Partition Type: FAT32
Drive U: | 1863.01 Gb Total Space | 1033.07 Gb Free Space | 55.45% Space Free | Partition Type: NTFS
Computer Name: DAVID-OFFICE | User Name: David | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"9000:TCP" = 9000:TCP:*:Enabled:Logitech Media Server 9000 tcp (UI)
"9001:TCP" = 9001:TCP:*:Enabled:Logitech Media Server 9001 tcp (UI)
"9002:TCP" = 9002:TCP:*:Enabled:Logitech Media Server 9002 tcp (UI)
"9003:TCP" = 9003:TCP:*:Enabled:Logitech Media Server 9003 tcp (UI)
"9004:TCP" = 9004:TCP:*:Enabled:Logitech Media Server 9004 tcp (UI)
"9005:TCP" = 9005:TCP:*:Enabled:Logitech Media Server 9005 tcp (UI)
"9006:TCP" = 9006:TCP:*:Enabled:Logitech Media Server 9006 tcp (UI)
"9007:TCP" = 9007:TCP:*:Enabled:Logitech Media Server 9007 tcp (UI)
"9008:TCP" = 9008:TCP:*:Enabled:Logitech Media Server 9008 tcp (UI)
"9009:TCP" = 9009:TCP:*:Enabled:Logitech Media Server 9009 tcp (UI)
"9010:TCP" = 9010:TCP:*:Enabled:Logitech Media Server 9010 tcp (UI)
"9100:TCP" = 9100:TCP:*:Enabled:Logitech Media Server 9100 tcp (UI)
"8000:TCP" = 8000:TCP:*:Enabled:Logitech Media Server 8000 tcp (UI)
"10000:TCP" = 10000:TCP:*:Enabled:Logitech Media Server 10000 tcp (UI)
"9090:TCP" = 9090:TCP:*:Enabled:Logitech Media Server 9090 tcp (UI)
"3483:UDP" = 3483:UDP:*:Enabled:Logitech Media Server 3483 udp
"3483:TCP" = 3483:TCP:*:Enabled:Logitech Media Server 3483 tcp
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"9000:TCP" = 9000:TCP:*:Enabled:Logitech Media Server 9000 tcp (UI)
"9001:TCP" = 9001:TCP:*:Enabled:Logitech Media Server 9001 tcp (UI)
"9002:TCP" = 9002:TCP:*:Enabled:Logitech Media Server 9002 tcp (UI)
"9003:TCP" = 9003:TCP:*:Enabled:Logitech Media Server 9003 tcp (UI)
"9004:TCP" = 9004:TCP:*:Enabled:Logitech Media Server 9004 tcp (UI)
"9005:TCP" = 9005:TCP:*:Enabled:Logitech Media Server 9005 tcp (UI)
"9006:TCP" = 9006:TCP:*:Enabled:Logitech Media Server 9006 tcp (UI)
"9007:TCP" = 9007:TCP:*:Enabled:Logitech Media Server 9007 tcp (UI)
"9008:TCP" = 9008:TCP:*:Enabled:Logitech Media Server 9008 tcp (UI)
"9009:TCP" = 9009:TCP:*:Enabled:Logitech Media Server 9009 tcp (UI)
"9010:TCP" = 9010:TCP:*:Enabled:Logitech Media Server 9010 tcp (UI)
"9100:TCP" = 9100:TCP:*:Enabled:Logitech Media Server 9100 tcp (UI)
"8000:TCP" = 8000:TCP:*:Enabled:Logitech Media Server 8000 tcp (UI)
"10000:TCP" = 10000:TCP:*:Enabled:Logitech Media Server 10000 tcp (UI)
"9090:TCP" = 9090:TCP:*:Enabled:Logitech Media Server 9090 tcp (UI)
"3483:UDP" = 3483:UDP:*:Enabled:Logitech Media Server 3483 udp
"3483:TCP" = 3483:TCP:*:Enabled:Logitech Media Server 3483 tcp
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{016D8585-0137-401B-A02C-002908CFB2F7}" = lport=139 | protocol=6 | dir=in | app=system |
"{092ADF16-69D4-42EB-961A-8511A3B229E5}" = rport=139 | protocol=6 | dir=out | app=system |
"{10FBFBFF-92C9-4D43-A055-64AD25D7F13D}" = rport=137 | protocol=17 | dir=out | app=system |
"{13099058-29A4-4DFC-B81E-CD1D4489185B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{1F6FC048-A400-4673-969F-A2639D91AEBA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{203874B8-C0FD-4D5F-A380-55B609FD31B2}" = lport=10243 | protocol=6 | dir=in | app=system |
"{29703D81-787A-4D1E-8535-7A5CA495A988}" = lport=137 | protocol=17 | dir=in | app=system |
"{35503C42-F297-4851-819C-69804A751196}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{397E9A56-8593-403E-BED7-863473C970C2}" = rport=10243 | protocol=6 | dir=out | app=system |
"{3AE84DD1-834B-4C61-9AB5-73338F6B5BB9}" = rport=445 | protocol=6 | dir=out | app=system |
"{43D3C266-9EFB-4F3A-ADC2-80D3DA90E23C}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{4DE74282-58D6-4645-BCA2-9DFBFDC230EA}" = lport=445 | protocol=6 | dir=in | app=system |
"{55B88218-377D-4139-9A4D-83E0D58D335C}" = lport=138 | protocol=17 | dir=in | app=system |
"{6D49427E-0336-4154-9306-3504C06BC492}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{782719FC-708D-4EEF-B94B-4BBB8D640C98}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9A169ED0-B22E-4233-BF46-66EB2138FDFC}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{B794E388-35FC-495D-88EB-5AD420C746DF}" = rport=138 | protocol=17 | dir=out | app=system |
"{C07ED11B-ABC7-4AA4-966C-BAC73C7CB14F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C38DA476-07F3-4424-8BFF-EA126893D636}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{CD711EAC-6FA8-46C3-9B6F-DDC37A0882F2}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{CE0ADA1C-2E01-4778-B2F1-8064F9488FFF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D2F64948-4940-4A4D-B15F-E1A9772383DE}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{EF14EE58-0AEF-4637-A8D0-DB93908C2C1D}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F6322410-8FC3-4501-B209-85F1B9EE26E6}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{075831A9-2E5D-4A6D-B85A-66E5DD1EC963}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{08ABFDCC-74A7-4EDC-AFD3-EA2EB6CE42B8}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{1ACE02D6-B4CD-40F0-A00B-5565165DCDBD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1DAE53A6-B5B3-4B36-9B2F-05B895B0A841}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{1F506B1F-2929-4530-BA68-16BA5BA736AE}" = protocol=17 | dir=in | app=c:\users\david\appdata\local\temp\7zs16f7\hppiw.exe |
"{280D1EF0-4FA0-4854-A532-A0EB425F60DC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3029B265-66D3-4F71-BC91-D5EE2DFC71DA}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{34E51F09-BC09-431A-9C35-473954CEDB37}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{38BE1285-500B-4EBB-B767-29303546D5DB}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{3EC604E1-84F7-4C93-A3C9-55A2B38CB8CE}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{46AE9073-12A3-4D9E-A9ED-DA75D883AB5C}" = protocol=17 | dir=in | app=c:\users\david\appdata\local\temp\7zs2e46\hppiw.exe |
"{4BFE54DD-9817-4317-BBFB-DA0E92F53514}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{68AF9366-0F6B-43F2-9006-21E40C2750A9}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{6BB421F6-B47A-4F9F-B5D4-DC1A6FD9594B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6D6E3CC5-26CB-4898-AF8B-51E243230A90}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{886D69ED-F144-41E8-8317-C04385206E4C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{8A66E927-FCD4-4C51-B949-2D367D882F5C}" = dir=in | app=c:\program files (x86)\squeezebox\server\squeezesvr.exe |
"{8BAC93E8-A3DF-4FD3-9948-0E734516EEB8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8C023313-3D5A-495F-9946-3E1AEB04AB05}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8EC2891D-7011-49AA-9F86-36FEB46DA26F}" = protocol=6 | dir=out | app=system |
"{9539B8C2-F5C3-4883-9BA4-427F21FC075F}" = protocol=6 | dir=in | app=c:\users\david\appdata\local\temp\7zs2e46\hppiw.exe |
"{9883A783-6AA0-40A8-9859-4EAD1CBDABEF}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{9B595D27-5806-475E-943C-2888DA1E8165}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{9D89966C-B81A-4E21-B63B-ABE0E7641651}" = dir=in | app=c:\program files (x86)\squeezebox\server\squeezesvr.exe |
"{B3F137C6-4D15-4045-9545-3A8B405340F2}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{BC150E02-BF19-4A24-90E3-64BBD4769665}" = protocol=6 | dir=in | app=c:\users\david\appdata\local\temp\7zs16f7\hppiw.exe |
"{CFC37D30-BC9B-44B6-A749-4AB4CB33D47E}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{E22018E0-46A2-4122-AD67-A75BD546AF98}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EFBAED35-F0AB-4FA2-A216-E3E9ED9E2082}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{F5848F0D-E1F4-42AD-AF24-28AC989577B5}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F5AC07F0-FA44-44D0-9495-1418AAA75A26}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{FACAAED1-EA5A-4673-9281-8D7637BEF8A5}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{FDF01D52-86F3-4D8F-91D1-26AFB3BF00A1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{D927638D-507E-45D1-9C80-A0564815B7F4}C:\program files (x86)\dell\dell datasafe online\nobuclient.exe" = protocol=6 | dir=in | app=c:\program files (x86)\dell\dell datasafe online\nobuclient.exe |
"UDP Query User{5B204574-474D-48AF-9821-72BD71CF3F1E}C:\program files (x86)\dell\dell datasafe online\nobuclient.exe" = protocol=17 | dir=in | app=c:\program files (x86)\dell\dell datasafe online\nobuclient.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E262CBA-A8C6-3BE1-A812-D7490B4F2B09}" = AMD Catalyst Install Manager
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX870_series" = Canon MX870 series MP Drivers
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Atheros Bluetooth Suite (64)
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{44302C2F-11BD-FC0C-555C-4A3616E8D927}" = ccc-utility64
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{538B98C3-773F-4F20-9C66-802D104DCBE2}" = Intel® Trusted Connect Service Client
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{C9270CB8-7F02-D437-EF1D-3924DB369CFE}" = AMD AVIVO64 Codecs
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CutePDF Writer Installation" = CutePDF Writer 3.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"PC-Doctor for Windows" = Dell Support Center
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00CC71D6-D10E-CD8C-9987-2B21CD89F3B8}" = CCC Help Korean
"{08957908-A58B-21C2-2FF4-CCDC302C319C}" = Catalyst Control Center InstallProxy
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{153286B6-8551-645B-B1AE-C90744899465}" = CCC Help Thai
"{1865CA20-6CA0-2B47-10FB-079D442A0AC4}" = CCC Help Czech
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FAC373D-3564-698C-520D-F0E5E5447514}" = Catalyst Control Center
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel® USB 3.0 eXtensible Host Controller Driver
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Dell WLAN and Bluetooth Client Installation
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2E2C9814-436A-A62D-65B4-5B282B2433E3}" = CCC Help Italian
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34363EEA-096F-5942-7AB8-71035D22CBEF}" = CCC Help English
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{41068A8C-3F30-46B6-978A-EA692F28D1AF}" = Multimedia Card Reader
"{4554C679-5E8A-736B-2077-BCB6FE44F444}" = CCC Help German
"{517FBD21-11B8-C5C6-A117-407A92ADBF21}" = CCC Help Greek
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{583D68F8-9D9A-76CB-DDCB-5B135CFA73C1}" = CCC Help Portuguese
"{5D9E8D1D-9C13-4EA3-2FBF-5BC16B309859}" = CCC Help Swedish
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{70F7F759-6F96-490A-7C83-87F7B3E6DE59}" = CCC Help Chinese Standard
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76BD5955-2A21-A049-4B25-241E107B5D1E}" = CCC Help Turkish
"{7A036E28-AE5C-4662-B24F-8D8B65116F3C}" = Catalyst Control Center - Branding
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{810ADC23-569C-EBB9-015F-DA6658FDC380}" = CCC Help Chinese Traditional
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{84F52EFF-C6BB-80E5-0294-3FF7927054E1}" = CCC Help Norwegian
"{856D3E24-0DB4-1C23-8196-3F899C866259}" = Catalyst Control Center Localization All
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8DED2990-A33F-E54F-7F8A-8B7622E19D0D}" = CCC Help Polish
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_PROR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_PROR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_PROR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{903679E8-44C8-4C07-9600-05C92654FC50}" = QualxServ Service Agreement
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DEAF9B4-3967-DEC7-4721-2624D7A52330}" = CCC Help French
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A69F04D1-01E7-F06E-BD5C-AA5BB72A5124}" = CCC Help Japanese
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A8B88634-7F90-402F-B66A-86429755F6A5}" = eBay
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.4) MUI
"{ADF06D43-D3D3-C38F-4627-177BAC9D4C76}" = CCC Help Spanish
"{B9C42CED-B790-78F6-3C25-6C3EE07EE765}" = CCC Help Hungarian
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CD144FE2-58C1-603B-9BD8-A39096D1D9A3}" = CCC Help Danish
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D5EB832B-F953-A1BC-B9B4-9EBEBD17D3FB}" = CCC Help Russian
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEFD0E9E-5A6D-34C8-8338-DF2E7770D0FA}" = CCC Help Finnish
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{F9145944-F223-777C-CBBE-FF35ED649ACE}" = CCC Help Dutch
"{F91BF1B5-4213-440C-8539-C6EB2F1D1734}" = Dell Digital Delivery
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Audacity_is1" = Audacity 2.0.2
"Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CanonSolutionMenu" = Canon Utilities Solution Menu
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"Exact Audio Copy" = Exact Audio Copy 1.0beta3
"FFmpeg for Audacity_is1" = FFmpeg v0.6.2 for Audacity
"foobar2000" = foobar2000 v1.1.17 beta 1
"FreeFileSync" = FreeFileSync 5.9
"Google Calendar Sync" = Google Calendar Sync
"InstallShield_{41068A8C-3F30-46B6-978A-EA692F28D1AF}" = Multimedia Card Reader
"IrfanView" = IrfanView (remove only)
"LADSPA_plugins-win_is1" = LADSPA_plugins-win-0.4.15
"LAME_is1" = LAME v3.99.3 (for Windows)
"Logitech Media Server_is1" = Logitech Media Server 7.7.3
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.1.1000
"MP Navigator EX 3.1" = Canon MP Navigator EX 3.1
"MSC" = McAfee SecurityCenter
"PROR" = Microsoft Office Professional 2007
"WinLiveSuite" = Windows Live Essentials
"YTdetect" = Yahoo! Detect
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 11/11/2012 10:15:24 AM | Computer Name = David-Office | Source = WinMgmt | ID = 10
Description =
Error - 11/12/2012 4:14:36 AM | Computer Name = David-Office | Source = MsiInstaller | ID = 11935
Description =
Error - 11/12/2012 4:33:43 AM | Computer Name = David-Office | Source = WinMgmt | ID = 10
Description =
Error - 11/12/2012 5:02:15 AM | Computer Name = David-Office | Source = DellDigitalDelivery | ID = 0
Description = Failed in handling the PowerEvent. The error that occurred was: System.InvalidOperationException:
Collection was modified; enumeration operation may not execute. at System.ThrowHelper.ThrowInvalidOperationException(ExceptionResource
resource) at Dell.Svdc.ClientFulfillmentService.UiWcfSession.ShutDownTrayAppAndDisposeOfClients()
at Dell.Svdc.ClientFulfillmentService.ClientFulfillmentService.OnPowerEvent(PowerBroadcastStatus
powerStatus) at System.ServiceProcess.ServiceBase.DeferredPowerEvent(Int32 eventType,
IntPtr eventData).
[ System Events ]
Error - 11/25/2012 11:54:57 PM | Computer Name = David-Office | Source = Service Control Manager | ID = 7031
Description = The McAfee McShield service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 5000 milliseconds:
Restart the service.
Error - 11/26/2012 12:39:57 AM | Computer Name = David-Office | Source = Service Control Manager | ID = 7034
Description = The Dell Digital Delivery Service service terminated unexpectedly.
It has done this 1 time(s).
Error - 11/26/2012 6:01:57 AM | Computer Name = David-Office | Source = Service Control Manager | ID = 7034
Description = The Dell Digital Delivery Service service terminated unexpectedly.
It has done this 1 time(s).
Error - 11/26/2012 5:38:59 PM | Computer Name = David-Office | Source = Service Control Manager | ID = 7034
Description = The Dell Digital Delivery Service service terminated unexpectedly.
It has done this 1 time(s).
Error - 11/26/2012 5:46:06 PM | Computer Name = David-Office | Source = Service Control Manager | ID = 7034
Description = The Dell Digital Delivery Service service terminated unexpectedly.
It has done this 1 time(s).
Error - 11/26/2012 6:10:12 PM | Computer Name = David-Office | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.
Error - 11/26/2012 6:11:50 PM | Computer Name = David-Office | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.
Error - 11/26/2012 6:11:54 PM | Computer Name = David-Office | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.
Error - 11/26/2012 6:14:58 PM | Computer Name = David-Office | Source = Service Control Manager | ID = 7034
Description = The Dell Digital Delivery Service service terminated unexpectedly.
It has done this 1 time(s).
< End of report >
-
Oops, forgot to include FRST.txt.
I'm attaching the file since I get an error message that my post is too long if I paste into the body of this post. FRST.txt
-
Thanks for your quick response...really appreciate your help!
Here are the logs you requested:
FIRST.txt
RogueKiller V8.3.1 [Nov 26 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : David [Admin rights]
Mode : Scan -- Date : 11/27/2012 09:28:37
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 6 ¤¤¤
[HJPOL] HKLM\[...]\System : DisableTaskMgr (0) -> FOUND
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJPOL] HKLM\[...]\Wow6432Node\System : DisableTaskMgr (0) -> FOUND
[HJPOL] HKLM\[...]\Wow6432Node\System : DisableRegistryTools (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [NOT LOADED] ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: 1W1ELLDN +++++
--- User ---
[MBR] 6f896d60972a9120b6119a4aa04f8bf1
[bSP] add3a3c021d31e2f1fd31cce66ea33aa : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 12544 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 25772032 | Size: 1895140 Mo
User = LL1 ... OK!
Error reading LL2 MBR!
+++++ PhysicalDrive1: Fantom External HDD USB Device +++++
--- User ---
[MBR] 7742485611119950435883489a1ff3fa
[bSP] eca0422a871376a7d10cb98dea59eac3 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 1907726 Mo
User = LL1 ... OK!
Error reading LL2 MBR!
+++++ PhysicalDrive2: JetFlash Transcend 32GB USB Device +++++
--- User ---
[MBR] 56142f7d3cfeaa687d47756b2c9093e3
[bSP] 33a07a59d299ab4ea9f4ab0156f9d86f : Windows XP MBR Code
Partition table:
0 - [ACTIVE] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 18160 | Size: 30939 Mo
User = LL1 ... OK!
Error reading LL2 MBR!
+++++ PhysicalDrive3: Initio WD7500AAKS-00RBA USB Device +++++
--- User ---
[MBR] 33778a7431a6b4744c14a30fc7e785ca
[bSP] 60e6a503683e98127ac809b6ffc02f92 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 715402 Mo
User = LL1 ... OK!
Error reading LL2 MBR!
+++++ PhysicalDrive4: DMI External HDD USB Device +++++
--- User ---
[MBR] a89ac0e6f3e2e749d7e3e0e7b7b5c1da
[bSP] acfb4f17c24d80280252d29e9551be73 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 953867 Mo
User = LL1 ... OK!
Error reading LL2 MBR!
Finished : << RKreport[1]_S_11272012_02d0928.txt >>
RKreport[1]_S_11272012_02d0928.txt
========================================================================================================
RogueKiller log
RogueKiller V8.3.1 [Nov 26 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : David [Admin rights]
Mode : Scan -- Date : 11/27/2012 09:28:37
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 6 ¤¤¤
[HJPOL] HKLM\[...]\System : DisableTaskMgr (0) -> FOUND
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJPOL] HKLM\[...]\Wow6432Node\System : DisableTaskMgr (0) -> FOUND
[HJPOL] HKLM\[...]\Wow6432Node\System : DisableRegistryTools (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [NOT LOADED] ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: 1W1ELLDN +++++
--- User ---
[MBR] 6f896d60972a9120b6119a4aa04f8bf1
[bSP] add3a3c021d31e2f1fd31cce66ea33aa : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 12544 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 25772032 | Size: 1895140 Mo
User = LL1 ... OK!
Error reading LL2 MBR!
+++++ PhysicalDrive1: Fantom External HDD USB Device +++++
--- User ---
[MBR] 7742485611119950435883489a1ff3fa
[bSP] eca0422a871376a7d10cb98dea59eac3 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 1907726 Mo
User = LL1 ... OK!
Error reading LL2 MBR!
+++++ PhysicalDrive2: JetFlash Transcend 32GB USB Device +++++
--- User ---
[MBR] 56142f7d3cfeaa687d47756b2c9093e3
[bSP] 33a07a59d299ab4ea9f4ab0156f9d86f : Windows XP MBR Code
Partition table:
0 - [ACTIVE] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 18160 | Size: 30939 Mo
User = LL1 ... OK!
Error reading LL2 MBR!
+++++ PhysicalDrive3: Initio WD7500AAKS-00RBA USB Device +++++
--- User ---
[MBR] 33778a7431a6b4744c14a30fc7e785ca
[bSP] 60e6a503683e98127ac809b6ffc02f92 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 715402 Mo
User = LL1 ... OK!
Error reading LL2 MBR!
+++++ PhysicalDrive4: DMI External HDD USB Device +++++
--- User ---
[MBR] a89ac0e6f3e2e749d7e3e0e7b7b5c1da
[bSP] acfb4f17c24d80280252d29e9551be73 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 953867 Mo
User = LL1 ... OK!
Error reading LL2 MBR!
Finished : << RKreport[1]_S_11272012_02d0928.txt >>
RKreport[1]_S_11272012_02d0928.txt
-
Hello! I'm new to the forum and hope you can help.
My week-old Win7 computer started showing suspicious behavior two days ago. Some of the system icons, such as .mp3 changed to a generic white rectangle, though the files still work. Various "fixes" posted on Microsoft failed.
I downloaded Malwarebytes which discovered Trojan-Ransom and removed it (McAfee which is running on the system did not find it). I've rebooted several times and re-scanned with Malwarebytes, which does not see any further infection. I'm concerned that the Trojan may still be lurking, based on other reports of recurrent infection. Can you help me investigate further? THX
DDS:
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16455
Run by David at 20:10:40 on 2012-11-26
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8153.5675 [GMT -5:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall *Disabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
c:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\system32\mfevtps.exe
C:\PROGRA~2\SQUEEZ~1\server\SqueezeSvr.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe
C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe
C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe
C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\mcafee.com\agent\mcagent.exe
C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files\Common Files\McAfee\Core\mchost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/ig
uDefault_Page_URL = hxxp://dell13.msn.com
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\mcafee\SystemCore\ScriptSn.20121110234248.dll
BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
mRun: [startCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
mRun: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [shwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [iJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\GOOGLE~1.LNK - C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\LOGITE~1.LNK - C:\Program Files (x86)\Squeezebox\SqueezeTray.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{C708C6C8-AA35-497C-9F47-265D94DEE69F} : DHCPNameServer = 192.168.1.254
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\mcafee\SystemCore\ScriptSn.20121110234248.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX4
x64-Run: [AtherosBtStack] "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe"
x64-Run: [AthBtTray] "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe"
x64-Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon
x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2012-11-2 16152]
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2011-3-13 752672]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2011-3-13 335784]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2012-11-2 98208]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-11-2 204288]
R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe [2011-12-29 106144]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-11-2 13592]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-1-10 627936]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-11-26 399432]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-11-13 201304]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-11-13 201304]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-11-13 201304]
R2 McShield;McAfee McShield;C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe [2012-11-2 237920]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe [2012-11-2 218320]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2012-11-2 177144]
R2 squeezesvc;Logitech Media Server;C:\PROGRA~2\SQUEEZ~1\server\SqueezeSvr.exe [2012-11-14 14032993]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-11-2 363800]
R2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe [2011-12-29 158880]
R2 ZAtheros Wlan Agent;ZAtheros Wlan Agent;C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [2012-11-2 76960]
R3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2011-12-29 36000]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-11-2 93712]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2011-12-29 338592]
R3 btath_avdt;Atheros Bluetooth AVDT Service;C:\Windows\System32\drivers\btath_avdt.sys [2011-12-29 110752]
R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2011-12-29 30368]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2011-12-29 167584]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers\btath_lwflt.sys [2011-12-29 68256]
R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2011-12-29 280992]
R3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2011-12-29 548000]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2011-3-13 69672]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-11-2 331264]
R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2012-11-2 356120]
R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2012-11-2 787736]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2011-3-13 300392]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2011-3-13 513456]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-11-2 648808]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2012-10-9 173568]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-11-26 676936]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\System32\drivers\HipShieldK.sys [2012-11-13 196440]
S3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-11-26 25928]
S3 McAWFwk;McAfee Activation Service;C:\PROGRA~1\mcafee\msc\mcawfwk.exe [2012-11-2 224704]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\System32\drivers\mferkdet.sys [2011-3-13 106112]
S3 PCDSRVC{1E208CE0-FB7451FF-06020200}_0;PCDSRVC{1E208CE0-FB7451FF-06020200}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\Dell Support Center\pcdsrvc_x64.pkms [2012-9-4 25584]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-11-12 1255736]
S4 McOobeSv;McAfee OOBE Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-11-13 201304]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-11-26 22:42:52 -------- d-----w- C:\Users\David\AppData\Roaming\Malwarebytes
2012-11-26 22:42:43 -------- d-----w- C:\ProgramData\Malwarebytes
2012-11-26 22:42:41 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-11-26 22:42:41 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-11-26 17:06:46 -------- d-----w- C:\Program Files (x86)\Staples CD Labeler v5
2012-11-26 16:58:04 -------- d-----w- C:\Users\David\AppData\Local\MicroVision Applications
2012-11-26 16:45:45 -------- d-----w- C:\Program Files (x86)\Staples CD Labeler
2012-11-26 16:45:45 -------- d-----w- C:\Program Files (x86)\Common Files\SureThing Shared
2012-11-25 17:03:08 -------- d-----w- C:\Users\David\AppData\Roaming\FreeFileSync
2012-11-25 17:01:35 -------- d-----w- C:\Program Files\FreeFileSync
2012-11-25 17:01:34 -------- d-----w- C:\Users\David\AppData\Local\CrashDumps
2012-11-24 22:25:35 -------- d-----w- C:\Users\David\AppData\Local\Apps
2012-11-24 18:47:46 -------- d--h--w- C:\ProgramData\CanonIJScan
2012-11-20 01:04:55 -------- d-----w- C:\Program Files (x86)\Ffmpeg For Audacity
2012-11-20 01:03:25 -------- d-----w- C:\Program Files (x86)\Lame For Audacity
2012-11-20 00:48:51 -------- d-----w- C:\Program Files (x86)\Audacity
2012-11-19 04:55:02 -------- d-----w- C:\Programs
2012-11-19 04:14:33 -------- d-----w- C:\Program Files (x86)\IrfanView
2012-11-19 03:29:19 -------- d-----w- C:\Users\David\AppData\Roaming\EAC
2012-11-19 03:29:17 -------- d-----w- C:\Users\David\AppData\Roaming\AccurateRip
2012-11-19 03:29:10 -------- d-----w- C:\Program Files (x86)\Exact Audio Copy
2012-11-19 01:53:48 -------- d-----w- C:\ProgramData\PC-Doctor for Windows
2012-11-19 01:53:33 -------- d-----w- C:\Program Files\Dell Support Center
2012-11-19 00:15:40 -------- d-----w- C:\Users\David\AppData\Roaming\Dell
2012-11-19 00:15:37 -------- d-----w- C:\Users\David\AppData\Roaming\PCDr
2012-11-19 00:15:13 -------- d-----w- C:\ProgramData\PCDr
2012-11-19 00:09:06 -------- d-----w- C:\Users\David\AppData\Local\Dell Edoc Viewer
2012-11-15 21:02:22 -------- d-----w- C:\Users\David\AppData\Local\CutePDF Writer
2012-11-15 19:02:48 -------- d-----w- C:\Program Files (x86)\GPLGS
2012-11-15 19:01:51 87152 ----a-w- C:\Windows\System32\cpwmon64.dll
2012-11-15 19:01:50 -------- d-----w- C:\Program Files (x86)\Acro Software
2012-11-15 13:34:01 -------- d-----w- C:\Users\David\AppData\Local\ElevatedDiagnostics
2012-11-15 05:09:08 9728 ----a-w- C:\Windows\System32\Wdfres.dll
2012-11-15 05:09:08 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
2012-11-15 05:09:08 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
2012-11-15 05:09:08 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2012-11-15 05:05:20 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2012-11-15 05:05:20 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2012-11-15 05:05:20 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2012-11-15 05:05:20 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2012-11-15 05:05:20 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2012-11-15 05:05:20 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2012-11-15 05:05:20 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2012-11-15 05:04:38 458712 ----a-w- C:\Windows\System32\drivers\cng.sys
2012-11-15 05:04:38 340992 ----a-w- C:\Windows\System32\schannel.dll
2012-11-15 05:04:38 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2012-11-15 05:04:38 247808 ----a-w- C:\Windows\SysWow64\schannel.dll
2012-11-15 05:04:37 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2012-11-15 05:04:37 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2012-11-15 05:04:37 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2012-11-15 05:04:37 154480 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2012-11-15 05:04:37 1448448 ----a-w- C:\Windows\System32\lsasrv.dll
2012-11-15 05:04:35 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2012-11-15 05:04:35 366592 ----a-w- C:\Windows\System32\qdvd.dll
2012-11-15 01:50:12 -------- d-----w- C:\Users\David\AppData\Roaming\foobar2000
2012-11-15 01:50:07 -------- d-----w- C:\Program Files (x86)\foobar2000
2012-11-14 05:59:56 -------- d-----w- C:\Users\David\AppData\Local\Diagnostics
2012-11-14 05:41:19 -------- d-----w- C:\ProgramData\Squeezebox
2012-11-14 05:41:19 -------- d-----w- C:\Program Files (x86)\Squeezebox
2012-11-14 02:48:58 -------- d-----w- C:\updates
2012-11-14 00:56:09 -------- d-----w- C:\Users\David\AppData\Local\Google
2012-11-13 14:23:58 196440 ----a-w- C:\Windows\System32\drivers\HipShieldK.sys
2012-11-12 18:07:12 -------- d-----w- C:\Users\David\AppData\Local\Adobe
2012-11-12 17:47:54 -------- d-----w- C:\Program Files\Common Files\CANON
2012-11-12 17:46:14 -------- d-----w- C:\Program Files\Canon
2012-11-12 17:44:57 -------- d-----w- C:\ProgramData\Canon IJ Network Tool
2012-11-12 17:44:56 -------- d-----w- C:\Program Files (x86)\Canon
2012-11-12 17:44:55 307200 ----a-w- C:\Windows\SysWow64\CNC870L.dll
2012-11-12 17:44:55 15872 ----a-w- C:\Windows\SysWow64\CNHMCA.dll
2012-11-12 17:44:55 102400 ----a-w- C:\Windows\SysWow64\CNC870U.dll
2012-11-12 17:41:02 39424 ----a-w- C:\Windows\System32\CNMN6UI.DLL
2012-11-12 17:41:02 366592 ----a-w- C:\Windows\SysWow64\CNMNPPM.DLL
2012-11-12 17:41:02 359936 ----a-w- C:\Windows\System32\CNMN6PPM.DLL
2012-11-12 17:41:02 -------- d-----w- C:\Windows\System32\STRING
2012-11-12 17:40:24 99840 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\CNMPPA7.DLL
2012-11-12 17:40:24 30208 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\CNMPDA7.DLL
2012-11-12 17:40:05 385024 ----a-w- C:\Windows\System32\CNMLMA7.DLL
2012-11-12 17:40:00 2560 ----a-w- C:\Windows\System32\CNCFLmTH.DLL
2012-11-12 17:40:00 2560 ----a-w- C:\Windows\System32\CNCFLmKR.DLL
2012-11-12 17:40:00 2048 ----a-w- C:\Windows\System32\CNCFLmTW.DLL
2012-11-12 08:31:08 -------- d-----w- C:\Windows\SysWow64\Wat
2012-11-12 08:31:08 -------- d-----w- C:\Windows\System32\Wat
2012-11-11 14:26:48 -------- d-----w- C:\Program Files (x86)\Dell Digital Delivery
2012-11-11 12:31:26 1659760 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2012-11-11 12:31:20 886784 ----a-w- C:\Program Files\Common Files\System\wab32.dll
2012-11-11 12:31:20 708608 ----a-w- C:\Program Files (x86)\Common Files\System\wab32.dll
2012-11-11 12:31:02 395776 ----a-w- C:\Windows\System32\webio.dll
2012-11-11 12:31:02 314880 ----a-w- C:\Windows\SysWow64\webio.dll
2012-11-11 12:31:01 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-11-11 12:31:00 3968880 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-11-11 12:31:00 3914096 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-11-11 12:28:51 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-11-11 12:27:59 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2012-11-11 12:27:59 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2012-11-11 01:46:18 -------- d-----w- C:\Users\David\AppData\Local\Microsoft Help
2012-11-10 23:03:53 -------- dc----w- C:\Users\David\AppData\Local\MigWiz
2012-11-10 23:01:34 -------- d-----w- C:\Users\David\AppData\Roaming\Intel Corporation
2012-11-10 23:00:40 -------- d-----w- C:\Users\David\AppData\Local\BMExplorer
2012-11-10 23:00:34 -------- d-----w- C:\Users\David\AppData\Roaming\Atheros
2012-11-10 23:00:34 -------- d-----w- C:\Users\David\AppData\Local\ATI
2012-11-10 23:00:20 -------- d-----w- C:\Users\David\AppData\Local\VirtualStore
2012-11-10 22:58:54 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2012-11-10 22:56:49 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-11-10 22:56:10 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-11-10 22:56:09 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-11-10 22:56:09 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2012-11-02 22:06:20 0 ----a-w- C:\Windows\ativpsrm.bin
2012-11-02 22:05:45 -------- d-----w- C:\Windows\System32\SRSLabs
2012-11-02 22:05:24 -------- d-----w- C:\Program Files\Realtek
2012-11-02 22:05:23 -------- d-----w- C:\Windows\SysWow64\RTCOM
2012-11-02 22:00:59 976896 ----a-w- C:\Windows\System32\inetcomm.dll
2012-11-02 21:57:24 -------- d-----w- C:\Apps
2012-11-02 21:50:03 568600 ----a-w- C:\Windows\System32\drivers\iaStor.sys
2012-11-02 21:50:00 331264 ----a-w- C:\Windows\System32\drivers\IntcDAud.sys
2012-11-02 21:50:00 14848 ----a-w- C:\Windows\System32\IntcDAuC.dll
2012-11-02 21:47:54 995328 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll
2012-11-02 21:45:51 -------- d-----w- C:\Windows\System32\oem
2012-11-02 21:45:50 -------- d-----w- C:\Drivers
2012-11-02 20:46:16 -------- d-----w- C:\ProgramData\Atheros
2012-11-02 20:40:48 -------- d-----w- C:\Program Files (x86)\Common Files\Intel Corporation
2012-11-02 20:37:29 10288 ----a-w- C:\Windows\System32\drivers\mfeclnk.sys
2012-11-02 20:37:27 177144 ----a-w- C:\Windows\System32\mfevtps.exe
2012-11-02 20:37:23 -------- d-----w- C:\Program Files\Common Files\mcafee
2012-11-02 20:37:23 -------- d-----w- C:\Program Files (x86)\mcafee.com
2012-11-02 20:37:22 -------- d-----w- C:\Program Files\mcafee.com
2012-11-02 20:37:22 -------- d-----w- C:\Program Files\mcafee
2012-11-02 20:37:22 -------- d-----w- C:\Program Files (x86)\McAfee
2012-11-02 20:37:22 -------- d-----w- C:\Program Files (x86)\Common Files\mcafee
2012-11-02 20:36:02 -------- d-----w- C:\Windows\en
2012-11-02 20:35:35 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2012-11-02 20:35:04 -------- d-----w- C:\Windows\PCHEALTH
2012-11-02 20:34:35 69464 ----a-w- C:\Windows\SysWow64\XAPOFX1_3.dll
2012-11-02 20:34:35 523088 ----a-w- C:\Windows\System32\d3dx10_42.dll
2012-11-02 20:34:35 515416 ----a-w- C:\Windows\SysWow64\XAudio2_5.dll
2012-11-02 20:34:35 453456 ----a-w- C:\Windows\SysWow64\d3dx10_42.dll
2012-11-02 20:33:36 4398360 ----a-w- C:\Windows\System32\d3dx9_32.dll
2012-11-02 20:33:36 3426072 ----a-w- C:\Windows\SysWow64\d3dx9_32.dll
2012-11-02 20:32:08 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\20f355d21cdb93903\DSETUP.dll
2012-11-02 20:32:08 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\20f355d21cdb93903\DXSETUP.exe
2012-11-02 20:32:08 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\20f355d21cdb93903\dsetup32.dll
2012-11-02 20:32:08 15712 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\210b23941cdb93904\MeshBetaRemover.exe
2012-11-02 20:32:07 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\20cd3fcd1cdb93902\DSETUP.dll
2012-11-02 20:32:07 6260088 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\20a4c8691cdb93901\Silverlight.4.0.exe
2012-11-02 20:32:07 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\20cd3fcd1cdb93902\DXSETUP.exe
2012-11-02 20:32:07 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\20cd3fcd1cdb93902\dsetup32.dll
2012-11-02 20:32:07 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live
2012-11-02 20:28:44 151656 ----a-w- C:\Windows\System32\drivers\WimFltr.sys
2012-11-02 20:26:14 -------- d-----w- C:\Program Files (x86)\Common Files\Atheros
2012-11-02 20:25:57 63648 ----a-w- C:\Windows\System32\athihvui.dll
2012-11-02 20:25:57 442528 ----a-w- C:\Windows\System32\athihvs.dll
2012-11-02 20:25:57 2797056 ----a-w- C:\Windows\System32\drivers\athrx.sys
2012-11-02 20:25:57 2797056 ----a-w- C:\Windows\System32\athrx.sys
2012-11-02 20:25:57 -------- d-----w- C:\Windows\System32\nn-NO
2012-11-02 20:25:57 -------- d-----w- C:\Windows\Options
2012-11-02 20:25:55 -------- d-----w- C:\Program Files (x86)\Dell Wireless
2012-11-02 20:25:54 -------- d-----w- C:\Program Files (x86)\Cisco
2012-11-02 20:25:05 -------- d-----w- C:\Program Files (x86)\Multimedia Card Reader(9106)
2012-11-02 20:24:17 41984 ----a-w- C:\Windows\System32\drivers\USB3Ver.dll
2012-11-02 20:24:16 787736 ----a-w- C:\Windows\System32\drivers\iusb3xhc.sys
2012-11-02 20:24:16 356120 ----a-w- C:\Windows\System32\drivers\iusb3hub.sys
2012-11-02 20:24:16 1721576 ----a-w- C:\Windows\System32\WdfCoInstaller01009.dll
2012-11-02 20:24:16 16152 ----a-w- C:\Windows\System32\drivers\iusb3hcs.sys
2012-11-02 20:24:12 15128 ----a-w- C:\Windows\System32\drivers\IntelMEFWVer.dll
2012-11-02 20:23:29 -------- d-----w- C:\Program Files (x86)\Common Files\postureAgent
2012-11-02 20:21:05 -------- d-----w- C:\Intel
2012-11-02 20:21:02 -------- d-----w- C:\Program Files (x86)\AMD APP
2012-11-02 20:20:53 -------- d-----w- C:\Program Files\Common Files\ATI Technologies
2012-11-02 20:20:44 -------- d-----w- C:\Program Files\ATI
2012-11-02 20:20:44 -------- d-----w- C:\Program Files (x86)\ATI Technologies
2012-11-02 20:11:05 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-11-02 20:11:05 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-11-02 20:11:03 -------- d-----w- C:\Program Files\Dell Inc
2012-11-02 20:08:54 142336 ----a-w- C:\Windows\System32\poqexec.exe
2012-11-02 20:08:54 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe
2012-10-31 20:10:00 829264 ----a-w- C:\Windows\System32\msvcr100.dll
2012-10-31 20:10:00 773968 ----a-w- C:\Windows\SysWow64\msvcr100.dll
2012-10-31 20:10:00 421200 ----a-w- C:\Windows\SysWow64\msvcp100.dll
2012-10-31 20:10:00 158536 ----a-w- C:\Windows\System32\atl100.dll
2012-10-31 20:10:00 138056 ----a-w- C:\Windows\SysWow64\atl100.dll
.
==================== Find3M ====================
.
2012-11-02 22:00:59 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2012-11-02 21:47:54 91648 ----a-w- C:\Windows\System32\SetIEInstalledDate.exe
2012-10-18 18:25:58 3149824 ----a-w- C:\Windows\System32\win32k.sys
2012-10-09 18:17:13 55296 ----a-w- C:\\Windows\System32\dhcpcsvc6.dll
2012-10-09 18:17:13 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll
2012-10-09 17:40:31 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40:31 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll
2012-10-08 11:31:03 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-10-08 11:23:52 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-10-08 11:22:55 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-10-08 11:18:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-10-08 11:17:35 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-10-08 11:13:33 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-10-08 07:56:24 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-10-08 07:48:03 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-10-08 07:47:44 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-10-08 07:44:05 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-10-08 07:43:21 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-10-08 07:40:56 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-10-03 17:56:54 1914248 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-10-03 17:44:21 70656 ----a-w- C:\Windows\System32\nlaapi.dll
2012-10-03 17:44:21 303104 ----a-w- C:\Windows\System32\nlasvc.dll
2012-10-03 17:44:17 246272 ----a-w- C:\Windows\System32\netcorehc.dll
2012-10-03 17:44:17 18944 ----a-w- C:\Windows\System32\netevent.dll
2012-10-03 17:44:16 216576 ----a-w- C:\Windows\System32\ncsi.dll
2012-10-03 17:42:16 569344 ----a-w- C:\Windows\System32\iphlpsvc.dll
2012-10-03 16:42:24 18944 ----a-w- C:\Windows\SysWow64\netevent.dll
2012-10-03 16:42:24 175104 ----a-w- C:\Windows\SysWow64\netcorehc.dll
2012-10-03 16:42:23 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll
2012-10-03 16:07:26 45568 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys
2012-09-25 22:47:43 78336 ----a-w- C:\Windows\SysWow64\synceng.dll
2012-09-25 22:46:17 95744 ----a-w- C:\Windows\System32\synceng.dll
2012-09-14 19:19:29 2048 ----a-w- C:\Windows\System32\tzres.dll
.
============= FINISH: 20:10:49.10 ===============
ATTACH Text
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 11/10/2012 5:55:37 PM
System Uptime: 11/26/2012 6:22:50 PM (2 hours ago)
.
Motherboard: Dell Inc. | | 0YJPT1
Processor: Intel® Core™ i7-3770 CPU @ 3.40GHz | CPU 1 | 3401/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 1851 GiB total, 1724.585 GiB free.
D: is CDROM ()
E: is Removable
F: is FIXED (NTFS) - 932 GiB total, 222.093 GiB free.
G: is Removable
H: is Removable
S: is Removable
T: is FIXED (NTFS) - 699 GiB total, 332.423 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP20: 11/15/2012 12:24:39 AM - Windows Update
RP21: 11/15/2012 2:18:09 PM - office bulk win7 updates & foobar
RP22: 11/16/2012 3:00:22 AM - Windows Update
RP23: 11/18/2012 4:56:10 PM - Windows Backup
RP24: 11/19/2012 7:46:47 PM - before audacity install
RP25: 11/25/2012 8:59:26 AM - Installed 7-Zip 9.20 (x64 edition)
RP26: 11/26/2012 11:20:27 AM - Windows Backup
RP27: 11/26/2012 5:25:28 PM - Restore Operation
.
==== Installed Programs ======================
.
7-Zip 9.20 (x64 edition)
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.4) MUI
AMD APP SDK Runtime
AMD AVIVO64 Codecs
AMD Catalyst Install Manager
Atheros Bluetooth Suite (64)
Audacity 2.0.2
Canon Easy-PhotoPrint EX
Canon Easy-WebPrint EX
Canon IJ Network Scan Utility
Canon IJ Network Tool
Canon MP Navigator EX 3.1
Canon MX870 series MP Drivers
Canon Utilities Solution Menu
Catalyst Control Center
Catalyst Control Center - Branding
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
CutePDF Writer 3.0
D3DX10
Dell Digital Delivery
Dell Edoc Viewer
Dell Support Center
Dell WLAN and Bluetooth Client Installation
eBay
Exact Audio Copy 1.0beta3
FFmpeg v0.6.2 for Audacity
foobar2000 v1.1.17 beta 1
FreeFileSync 5.9
Google Calendar Sync
Intel® Control Center
Intel® Management Engine Components
Intel® Rapid Storage Technology
Intel® USB 3.0 eXtensible Host Controller Driver
Intel® Trusted Connect Service Client
IrfanView (remove only)
Junk Mail filter update
LADSPA_plugins-win-0.4.15
LAME v3.99.3 (for Windows)
Logitech Media Server 7.7.3
Malwarebytes Anti-Malware version 1.65.1.1000
McAfee SecurityCenter
Mesh Runtime
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2010
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Office 64-bit Components 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
MSVCRT
MSVCRT_amd64
Multimedia Card Reader
QualxServ Service Agreement
Realtek High Definition Audio Driver
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687314) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2687315) 32-Bit Edition
Shared C Run-time for x64
Skype™ 5.10
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760413) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Yahoo! Detect
.
==== Event Viewer Messages From Past Week ========
.
11/26/2012 6:25:21 PM, Error: Service Control Manager [7034] - The Dell Digital Delivery Service service terminated unexpectedly. It has done this 1 time(s).
11/26/2012 5:32:19 PM, Error: Service Control Manager [7024] - The HomeGroup Listener service terminated with service-specific error %%-2147023143.
11/26/2012 5:28:17 PM, Error: Service Control Manager [7024] - The Windows Firewall service terminated with service-specific error Access is denied..
11/26/2012 5:11:54 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
11/25/2012 10:54:57 PM, Error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
.
==== End Of File ===========================
Malwarebytes removed Trojan-Ransom, but am I still infected?
in Resolved Malware Removal Logs
Posted
No, not that or ComboFox. No problem. Thanks again!!