Jump to content

Yet another IP-Block help request


Recommended Posts

Hi,  I've tried to browse here and read a few but for whatever reason I haven't developed a clear sense of what is and what isn't a problem.

 

I've been feeling strange issues with my browsers and even some frequent crashes of first chrome 2 weeks ago and then after switching , occasionally with firefox.  There seems to be some flash or shockwave based issue but ...

... after being very careful the crashes haven't conitnued...

... but i start feeling the browsers getting slow.. and I've been shutting them down for good measure when they start acting up.

... additional info.. I like to keep open a  few dozen tabs sometimes in addition to 5 or six applicactions.. steam games Word, (maybe 3 or 4 windows of it) a few file folders.. sometimes my task manager etc... sometimes adobe products but Ill usually close the games with those.

... I do run three monitors and primarily use my browser on my third monitor for reading and the other screens for working or playing on non browser applications.

... all of that worked great for 3 years on the same exact machine but started getting a bit squirrelly a month ago.

 

It could be possible I put one security measure too many on .. but

 

I would like to rule out the Malware issue and did dot the courtesy of paying for pro.

 

And I appreciate that you are volunteers here and I'm grateful in advance for the work you do to help others.

 

OK All that said  ...

 

here are two days of malware byte logs

 

2014/03/08 00:05:56 -0800    THOMAS-PC    Thomas    IP-BLOCK    93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe)
2014/03/08 01:48:25 -0800    THOMAS-PC    Thomas    IP-BLOCK    93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe)
2014/03/08 03:58:25 -0800    THOMAS-PC    Thomas    IP-BLOCK    93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe)
2014/03/08 04:16:10 -0800    THOMAS-PC    Thomas    IP-BLOCK    93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe)
2014/03/08 04:52:03 -0800    THOMAS-PC    Thomas    IP-BLOCK    93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe)
2014/03/08 05:26:45 -0800    THOMAS-PC    Thomas    IP-BLOCK    93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe)
2014/03/08 05:37:18 -0800    THOMAS-PC    Thomas    IP-BLOCK    93.174.93.51 (Type: incoming, Port: 37017, Process: svchost.exe)
2014/03/08 05:47:26 -0800    THOMAS-PC    Thomas    IP-BLOCK    93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe)
2014/03/08 07:08:02 -0800    THOMAS-PC    Thomas    IP-BLOCK    93.174.93.51 (Type: incoming, Port: 9000, Process: svchost.exe)
2014/03/08 07:55:24 -0800    THOMAS-PC    Thomas    IP-BLOCK    93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe)
2014/03/08 09:00:15 -0800    THOMAS-PC    Thomas    IP-BLOCK    93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe)
2014/03/08 09:26:08 -0800    THOMAS-PC    Thomas    IP-BLOCK    93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe)
2014/03/08 10:11:55 -0800    THOMAS-PC    Thomas    IP-BLOCK    93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe)
2014/03/08 11:06:05 -0800    THOMAS-PC    Thomas    IP-BLOCK    93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe)
2014/03/08 12:37:13 -0800    THOMAS-PC    Thomas    IP-BLOCK    93.174.93.51 (Type: incoming, Port: 65192, Process: svchost.exe)
2014/03/08 13:49:56 -0800    THOMAS-PC    Thomas    IP-BLOCK    93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe)
2014/03/08 14:25:21 -0800    THOMAS-PC    Thomas    IP-BLOCK    59.34.55.57 (Type: incoming, Port: 5000, Process: svchost.exe)
2014/03/08 14:51:39 -0800    THOMAS-PC    Thomas    IP-BLOCK    93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe)
2014/03/08 15:10:45 -0800    THOMAS-PC    Thomas    IP-BLOCK    93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe)
2014/03/08 15:42:17 -0800    THOMAS-PC    Thomas    MESSAGE    Executing scheduled update:  Daily
2014/03/08 15:42:25 -0800    THOMAS-PC    Thomas    MESSAGE    Scheduled update executed successfully:  database updated from version v2014.03.07.10 to version v2014.03.08.10
2014/03/08 15:42:25 -0800    THOMAS-PC    Thomas    MESSAGE    Starting database refresh
2014/03/08 15:42:25 -0800    THOMAS-PC    Thomas    MESSAGE    Stopping IP protection
2014/03/08 15:42:25 -0800    THOMAS-PC    Thomas    MESSAGE    IP Protection stopped successfully
2014/03/08 15:42:28 -0800    THOMAS-PC    Thomas    MESSAGE    Database refreshed successfully
2014/03/08 15:42:28 -0800    THOMAS-PC    Thomas    MESSAGE    Starting IP protection
2014/03/08 15:42:29 -0800    THOMAS-PC    Thomas    MESSAGE    IP Protection started successfully
2014/03/08 16:00:55 -0800    THOMAS-PC    Thomas    IP-BLOCK    93.174.93.51 (Type: incoming, Port: 3801, Process: svchost.exe)
2014/03/08 16:28:19 -0800    THOMAS-PC    Thomas    IP-BLOCK    93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe)
2014/03/08 18:15:51 -0800    THOMAS-PC    Thomas    MESSAGE    Starting protection
2014/03/08 18:15:51 -0800    THOMAS-PC    Thomas    MESSAGE    Protection started successfully
2014/03/08 18:15:51 -0800    THOMAS-PC    Thomas    MESSAGE    Starting IP protection
2014/03/08 18:15:52 -0800    THOMAS-PC    Thomas    MESSAGE    IP Protection started successfully
 

 

2014/03/07 00:01:57 -0800    THOMAS-PC    Thomas    IP-BLOCK    93.174.93.51 (Type: incoming, Port: 1026, Process: svchost.exe)
2014/03/07 00:01:57 -0800    THOMAS-PC    Thomas    IP-BLOCK    93.174.93.51 (Type: incoming, Port: 1026, Process: svchost.exe)
2014/03/07 00:24:46 -0800    THOMAS-PC    Thomas    IP-BLOCK    93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe)
2014/03/07 00:56:00 -0800    THOMAS-PC    Thomas    IP-BLOCK    93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe)
2014/03/07 01:22:50 -0800    THOMAS-PC    Thomas    IP-BLOCK    93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe)
2014/03/07 01:46:03 -0800    THOMAS-PC    Thomas    IP-BLOCK    93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe)
2014/03/07 02:21:58 -0800    THOMAS-PC    (null)    IP-BLOCK    93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe)
2014/03/07 09:00:46 -0800    THOMAS-PC    Thomas    MESSAGE    Starting protection
2014/03/07 09:00:46 -0800    THOMAS-PC    Thomas    MESSAGE    Protection started successfully
2014/03/07 09:00:46 -0800    THOMAS-PC    Thomas    MESSAGE    Starting IP protection
2014/03/07 09:00:47 -0800    THOMAS-PC    Thomas    MESSAGE    IP Protection started successfully
2014/03/07 09:21:17 -0800    THOMAS-PC    Thomas    IP-BLOCK    222.186.34.143 (Type: incoming, Port: 22, Process: svchost.exe)
2014/03/07 09:36:32 -0800    THOMAS-PC    Thomas    IP-BLOCK    93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe)
2014/03/07 10:52:11 -0800    THOMAS-PC    Thomas    IP-BLOCK    93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe)
2014/03/07 11:53:00 -0800    THOMAS-PC    Thomas    IP-BLOCK    93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe)
2014/03/07 12:56:10 -0800    THOMAS-PC    Thomas    IP-BLOCK    93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe)
2014/03/07 13:54:12 -0800    THOMAS-PC    Thomas    IP-BLOCK    93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe)
2014/03/07 15:38:57 -0800    THOMAS-PC    Thomas    MESSAGE    Executing scheduled update:  Daily
2014/03/07 15:39:04 -0800    THOMAS-PC    Thomas    MESSAGE    Scheduled update executed successfully:  database updated from version v2014.03.06.10 to version v2014.03.07.10
2014/03/07 15:39:04 -0800    THOMAS-PC    Thomas    MESSAGE    Starting database refresh
2014/03/07 15:39:04 -0800    THOMAS-PC    Thomas    MESSAGE    Stopping IP protection
2014/03/07 15:39:04 -0800    THOMAS-PC    Thomas    MESSAGE    IP Protection stopped successfully
2014/03/07 15:39:07 -0800    THOMAS-PC    Thomas    MESSAGE    Database refreshed successfully
2014/03/07 15:39:07 -0800    THOMAS-PC    Thomas    MESSAGE    Starting IP protection
2014/03/07 15:39:08 -0800    THOMAS-PC    Thomas    MESSAGE    IP Protection started successfully
2014/03/07 16:43:57 -0800    THOMAS-PC    Thomas    IP-BLOCK    93.174.93.51 (Type: incoming, Port: 9687, Process: svchost.exe)
2014/03/07 17:04:55 -0800    THOMAS-PC    Thomas    IP-BLOCK    93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe)
2014/03/07 17:25:08 -0800    THOMAS-PC    Thomas    IP-BLOCK    93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe)
2014/03/07 19:33:59 -0800    THOMAS-PC    Thomas    IP-BLOCK    93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe)
2014/03/07 20:08:44 -0800    THOMAS-PC    Thomas    IP-BLOCK    93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe)
2014/03/07 20:35:01 -0800    THOMAS-PC    Thomas    IP-BLOCK    93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe)
2014/03/07 21:31:21 -0800    THOMAS-PC    Thomas    IP-BLOCK    93.174.93.51 (Type: incoming, Port: 12704, Process: svchost.exe)
2014/03/07 23:12:00 -0800    THOMAS-PC    Thomas    IP-BLOCK    93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe)
 

 

 

Link to post
Share on other sites

premeemtively  ,  here is my roguekiller report:

 

RogueKiller V8.8.10 _x64_ [Feb 28 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Thomas [Admin rights]
Mode : Scan -- Date : 03/08/2014 18:21:57
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 5 ¤¤¤
[RUN][sUSP PATH] HKCU\[...]\Run : Best Buy pc app (C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Best Buy\Best Buy pc app.appref-ms [x][x][x]) -> FOUND
[RUN][sUSP PATH] HKUS\S-1-5-21-3787918934-1339134289-2097263373-1000\[...]\Run : Best Buy pc app (C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Best Buy\Best Buy pc app.appref-ms [x][x][x]) -> FOUND
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 1 ¤¤¤
[Default][sUSP PATH] Best Buy pc app.lnk : C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk @C:\PROGRA~3\BESTBU~1\CLICKO~1.EXE "C:\ProgramData\Best Buy pc app\Best Buy pc app.application" [-][-][-] -> FOUND

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection :  ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ SCSI) ATA ST1000DM003-1CH1 SCSI Disk Device +++++
--- User ---
[MBR] ad80ed00b4c47b41d5f55efbfa3e0655
[bSP] 3b0c2f399ea279faaf40021ada00e07a : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 31 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 64260 | Size: 11146 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 22892625 | Size: 942689 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_S_03082014_182157.txt >>
RKreport[0]_S_03052014_182834.txt;RKreport[0]_S_03052014_183016.txt
 

Link to post
Share on other sites

and the frst64

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-03-2014 02
Ran by Thomas (administrator) on THOMAS-PC on 08-03-2014 18:29:37
Running from C:\Users\Thomas\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe
(Logitech Inc.) C:\Program Files\Logitech\SetPoint II\SetPointII.exe
(Alcor Micro Corp.) C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Kernel and Hardware Abstraction Layer] - C:\Windows\KHALMNPR.EXE [130576 2009-06-17] (Logitech, Inc.)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.)
HKLM-x32\...\Run: [shwiconXP9106] - C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe [237568 2009-07-17] (Alcor Micro Corp.)
HKLM-x32\...\Run: [iAStorIcon] - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [285240 2012-11-19] (Intel Corporation)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3478392 2013-12-20] (Adobe Systems Inc.)
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X]
HKU\.DEFAULT\...\Run: [skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\.DEFAULT\...\Policies\system: [NoDispAppearancePage] 0
HKU\.DEFAULT\...\Policies\system: [NoDispSettingsPage] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoFolderOptions] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoControlPanel] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoFind] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoFile] 0
HKU\.DEFAULT\...\Policies\Explorer: [HideClock] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSetFolders] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoDFSTab] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoLogoff] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoResolveSearch] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSaveSettings] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoHardwareTab] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Run: [best Buy pc app] - C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Best Buy\Best Buy pc app.appref-ms
HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Run: [AdobeBridge] - [X]
HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\MountPoints2: {32f71023-5c9d-11e3-a59a-806e6f6e6963} - D:\setup.exe
Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (No File)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (No File)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (No File)
Startup: C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet Pro 8600.lnk
ShortcutTarget: Monitor Ink Alerts - HP Officejet Pro 8600.lnk -> C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://my.yahoo.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
URLSearchHook: HKCU - (No Name) - {3bbd3c14-4c16-4989-8366-95bc9179779d} - No File
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ieb&appid=139&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ieb&appid=139&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ieb&appid=139&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ieb&appid=139&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKCU - {71F8C047-56F3-4AB3-8344-F07AF0AA6B9F} URL =
SearchScopes: HKCU - {8E452ED2-4A0F-4467-8B07-93F9A805718D} URL =
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll (Adobe Systems Incorporated.)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll (Adobe Systems Incorporated.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {3BBD3C14-4C16-4989-8366-95BC9179779D} -  No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {F375116A-793C-11D2-BFE1-444553540001} http://mls.realist.com/mapviewer/mapviewer.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76

FireFox:
========
FF ProfilePath: C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\rpjq8e4w.default
FF Homepage: https://my.yahoo.com/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin HKCU: adobe.com/AdobeExManCCDetect32 - C:\Program Files (x86)\Adobe\Adobe Extension Manager CC\npAdobeExManCCDetect32.dll (Adobe Systems)
FF Plugin HKCU: adobe.com/AdobeExManCCDetect64 - C:\Program Files (x86)\Adobe\Adobe Extension Manager CC\npAdobeExManCCDetect64.dll (Adobe Systems)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101799.dll (Amazon.com, Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2013-11-20]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2013-12-01]
FF HKLM-x32\...\Sunbird\Extensions: [{A69F5EC7-88F0-4902-A15C-E569DFA33C3A}] - C:\Program Files (x86)\BirdieSync\Sunbird Service
FF Extension: BirdieSync - C:\Program Files (x86)\BirdieSync\Sunbird Service [2014-02-07]
FF HKLM-x32\...\Thunderbird\Extensions: [{A69F5EC7-88F0-4902-A15C-E569DFA33C3A}] - C:\Program Files (x86)\BirdieSync\Thunderbird Service
FF Extension: BirdieSync - C:\Program Files (x86)\BirdieSync\Thunderbird Service [2014-02-07]

Chrome:
=======
CHR HomePage: https://duckduckgo.com/
CHR DefaultSearchKeyword: dontbubble.us
CHR DefaultSearchProvider: DuckDuckGo
CHR DefaultSearchURL: https://duckduckgo.com/?q={searchTerms}
CHR DefaultNewTabURL:
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.377\_platform_specific\win_x86\widevinecdmadapter.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\pdf.dll ()
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (AdobeAAMDetect) - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
CHR Plugin: (AdobeExManCCDetect) - C:\Program Files (x86)\Adobe\Adobe Extension Manager CC\npAdobeExManCCDetect32.dll (Adobe Systems)
CHR Plugin: (AdobeExManDetect) - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
CHR Plugin: (AmazonMP3DownloaderPlugin) - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101799.dll (Amazon.com, Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Java Deployment Toolkit 7.0.510.13) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java Platform SE 7 U51) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
CHR Plugin: (Windows Activation Technologies) - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (YouTube) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-10-16]
CHR Extension: (Google Search) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-10-16]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2013-12-01]
CHR Extension: (Summer Fields) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lioedaeelokfajcbbdbbljmcjadfbngf [2012-10-16]
CHR Extension: (Norton Identity Protection) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2013-01-10]
CHR Extension: (Google Wallet) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Gmail) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-10-16]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2013-12-20]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\Exts\Chrome.crx [2014-01-21]

==================== Services (Whitelisted) =================

S4 DokanMounter; C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe [14848 2011-01-10] ()
R2 LPDSVC; C:\Windows\system32\lpdsvc.dll [45568 2009-07-13] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe [264360 2013-10-08] (Symantec Corporation)
S4 RoxMediaDBVHS; C:\Program Files (x86)\Common Files\Roxio Shared\VHStoDVD\SharedCOM\RoxMediaDBVHS.exe [1116656 2010-02-19] (Sonic Solutions)
S4 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011\RpcAgentSrv.exe [93848 2009-08-17] (SiSoftware)
S4 TivoBeacon2; C:\Program Files (x86)\TiVo\Desktop\TiVoBeacon.exe [1104656 2010-08-24] (TiVo Inc.)
S2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [X]
S2 SessionLauncher; c:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe [X]

==================== Drivers (Whitelisted) ====================

R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140214.001\BHDrvx64.sys [1526488 2013-12-17] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1501000.012\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
R2 Dokan; C:\Windows\system32\drivers\dokan.sys [120408 2011-01-10] (Windows ® Win 7 DDK provider)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-20] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-20] (Symantec Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28216 2012-11-19] (Intel Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140307.001\IDSvia64.sys [524504 2014-03-05] (Symantec Corporation)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140308.007\ENG64.SYS [126040 2013-11-19] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140308.007\EX64.SYS [2099288 2013-11-19] (Symantec Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
S1 RxFilter; C:\Windows\SysWOW64\DRIVERS\RxFilter.sys [65520 2009-06-26] (Sonic Solutions)
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011\WNt500x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1501000.012\SRTSP64.SYS [858200 2013-09-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1501000.012\SRTSPX64.SYS [36952 2013-09-09] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1501000.012\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1501000.012\SYMEFA64.SYS [1147480 2013-09-26] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-11-20] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1501000.012\Ironx64.SYS [264280 2013-09-26] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1501000.012\SYMNETS.SYS [590936 2013-09-25] (Symantec Corporation)
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]
S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0; \??\c:\program files\dell support center\pcdsrvc_x64.pkms [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-08 18:21 - 2014-03-08 18:25 - 00002480 _____ () C:\Users\Thomas\Desktop\RKreport[0]_S_03082014_182157.txt
2014-03-07 16:07 - 2014-03-07 16:07 - 00002531 _____ () C:\Users\Public\Desktop\TurboTax 2013.lnk
2014-03-07 09:03 - 2014-03-07 09:03 - 00005079 _____ () C:\Users\Thomas\Downloads\etpro_launch (3).jnlp
2014-03-05 19:49 - 2014-03-08 18:30 - 00030509 _____ () C:\Users\Thomas\Downloads\FRST.txt
2014-03-05 19:49 - 2014-03-08 18:29 - 00000000 ____D () C:\FRST
2014-03-05 19:49 - 2014-03-05 19:50 - 00055429 _____ () C:\Users\Thomas\Downloads\Addition.txt
2014-03-05 19:47 - 2014-03-05 19:47 - 02156544 _____ (Farbar) C:\Users\Thomas\Downloads\FRST64.exe
2014-03-05 19:43 - 2014-03-05 19:43 - 04130656 _____ (Kaspersky Lab ZAO) C:\Users\Thomas\Downloads\tdsskiller.exe
2014-03-05 18:26 - 2014-03-05 19:34 - 00000000 ____D () C:\Users\Thomas\Desktop\RK_Quarantine
2014-03-05 18:19 - 2014-03-05 18:19 - 04413952 _____ () C:\Users\Thomas\Downloads\RogueKillerX64.exe
2014-03-05 04:00 - 2014-03-05 04:01 - 00002697 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-02-28 18:47 - 2014-02-28 18:47 - 00000000 ____D () C:\Users\Thomas\AppData\Roaming\tor
2014-02-28 18:44 - 2014-02-28 18:44 - 22892386 _____ () C:\Users\Thomas\Downloads\torbrowser-install-3.5.2.1_en-US(1).exe
2014-02-27 20:46 - 2014-03-08 17:01 - 00000000 ____D () C:\Users\Thomas\AppData\Local\The Witcher
2014-02-27 20:46 - 2014-02-27 21:19 - 00000000 ____D () C:\Users\Thomas\Documents\The Witcher
2014-02-27 20:43 - 2014-02-27 20:44 - 00000000 ____D () C:\Users\Public\Documents\The Witcher
2014-02-27 20:10 - 2014-02-27 20:10 - 00000221 _____ () C:\Users\Thomas\Desktop\The Witcher Enhanced Edition.url
2014-02-27 18:18 - 2014-02-27 18:18 - 00000000 ____D () C:\Users\Thomas\AppData\Local\Chromium
2014-02-26 15:34 - 2014-02-26 15:34 - 00000000 ____D () C:\Users\Thomas\Documents\EVE
2014-02-26 10:32 - 2014-02-26 10:32 - 00141312 _____ () C:\Users\Thomas\Downloads\TaxableGainsLossesDownloadFrom_01-01-2013_to_12-31-2013 (1).xls
2014-02-26 10:25 - 2014-02-26 10:25 - 00014336 _____ () C:\Users\Thomas\Downloads\TaxableGainsLossesDownloadFrom_01-01-2013_to_12-31-2013.xls
2014-02-26 10:14 - 2014-02-26 10:14 - 00005079 _____ () C:\Users\Thomas\Downloads\etpro_launch (2).jnlp
2014-02-26 09:55 - 2014-02-26 09:55 - 00058850 _____ () C:\Users\Thomas\Downloads\tradesdownload.csv
2014-02-26 08:25 - 2014-02-26 08:26 - 00005079 _____ () C:\Users\Thomas\Downloads\etpro_launch (1).jnlp
2014-02-22 09:45 - 2014-02-28 18:49 - 00000000 ____D () C:\Users\Thomas\Desktop\Tor Browser
2014-02-22 09:44 - 2014-02-22 09:44 - 22892386 _____ () C:\Users\Thomas\Downloads\torbrowser-install-3.5.2.1_en-US.exe
2014-02-22 00:06 - 2014-02-22 00:06 - 00000000 ____D () C:\Users\Thomas\AppData\Local\Macromedia
2014-02-22 00:01 - 2014-02-22 00:01 - 00000000 ____D () C:\Users\Thomas\AppData\Local\Mozilla
2014-02-22 00:00 - 2014-02-22 00:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-22 00:00 - 2014-02-22 00:00 - 00001153 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-21 23:58 - 2014-02-21 23:58 - 00282840 _____ (Mozilla) C:\Users\Thomas\Downloads\Firefox Setup Stub 27.0.1.exe
2014-02-21 22:24 - 2014-02-21 22:24 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\Thomas\Downloads\spybot-2.2.exe
2014-02-21 15:26 - 2014-02-21 15:26 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Thomas\Downloads\mbam-consumer (1).exe
2014-02-21 15:25 - 2014-02-21 15:25 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Thomas\Downloads\mbam-consumer.exe
2014-02-21 15:07 - 2014-03-05 20:50 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-21 15:07 - 2014-02-21 15:27 - 00001115 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-21 15:07 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-21 15:06 - 2014-02-21 15:06 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Thomas\Downloads\mbam-setup-1.75.0.1300 (2).exe
2014-02-21 15:05 - 2014-02-21 15:06 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Thomas\Downloads\mbam-setup-1.75.0.1300 (1).exe
2014-02-21 10:12 - 2014-02-21 10:12 - 00005079 _____ () C:\Users\Thomas\Downloads\etpro_launch (45).jnlp
2014-02-18 23:34 - 2014-02-18 23:34 - 12576996 _____ () C:\Users\Thomas\Downloads\ruby-1.9.3-p484.tar.gz
2014-02-17 16:12 - 2014-02-17 16:12 - 00675472 _____ (getcomposer.org ) C:\Users\Thomas\Downloads\Composer-Setup.exe
2014-02-16 20:42 - 2014-02-16 20:42 - 00315184 _____ () C:\Users\Thomas\Downloads\adaptivetheme-7.x-3.1.tar.gz
2014-02-16 18:43 - 2014-02-16 18:43 - 00000600 _____ () C:\Users\Thomas\AppData\Roaming\PUTTY.RND
2014-02-16 18:31 - 2014-02-19 00:31 - 00000600 _____ () C:\Users\Thomas\AppData\Local\PUTTY.RND
2014-02-16 18:28 - 2014-02-16 18:28 - 00000000 ____D () C:\Program Files (x86)\PuTTY
2014-02-16 18:27 - 2014-02-16 18:27 - 01869122 _____ (Simon Tatham ) C:\Users\Thomas\Downloads\putty-0.63-installer.exe
2014-02-16 17:58 - 2014-02-16 17:58 - 00591599 _____ () C:\Users\Thomas\Downloads\drush-master (1).zip
2014-02-16 17:57 - 2014-02-16 17:57 - 00591599 _____ () C:\Users\Thomas\Downloads\drush-master.zip
2014-02-16 17:38 - 2014-02-16 17:38 - 05300360 _____ (Martin Prikryl ) C:\Users\Thomas\Downloads\winscp551setup.exe
2014-02-15 17:56 - 2014-02-15 17:56 - 00015353 _____ () C:\Users\Thomas\Downloads\auto_entitylabel-7.x-1.2.tar.gz
2014-02-13 04:02 - 2013-12-21 01:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-13 04:02 - 2013-12-21 00:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-13 04:01 - 2014-02-06 03:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-13 04:01 - 2014-02-06 02:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-13 04:01 - 2014-02-06 02:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-13 04:01 - 2014-02-06 01:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-13 04:00 - 2014-02-06 04:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-13 04:00 - 2014-02-06 03:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-13 04:00 - 2014-02-06 03:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-13 04:00 - 2014-02-06 03:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-13 04:00 - 2014-02-06 03:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-13 04:00 - 2014-02-06 02:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-13 04:00 - 2014-02-06 02:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-13 04:00 - 2014-02-06 02:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-13 04:00 - 2014-02-06 02:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-13 04:00 - 2014-02-06 02:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-13 04:00 - 2014-02-06 02:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-13 04:00 - 2014-02-06 02:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-13 04:00 - 2014-02-06 02:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-13 04:00 - 2014-02-06 02:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-13 04:00 - 2014-02-06 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-13 04:00 - 2014-02-06 02:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-13 04:00 - 2014-02-06 01:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-13 04:00 - 2014-02-06 01:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-13 04:00 - 2014-02-06 01:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-13 04:00 - 2014-02-06 01:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-13 04:00 - 2014-02-06 01:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-13 04:00 - 2014-02-06 01:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-13 04:00 - 2014-02-06 01:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-13 04:00 - 2014-02-06 01:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-13 04:00 - 2014-02-06 01:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-13 04:00 - 2014-02-06 01:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-13 04:00 - 2014-02-06 01:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-13 04:00 - 2014-02-06 01:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-13 04:00 - 2014-02-06 01:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-13 04:00 - 2014-02-06 01:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-13 04:00 - 2014-02-06 00:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-13 04:00 - 2014-02-06 00:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-13 04:00 - 2014-02-06 00:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-13 04:00 - 2014-02-06 00:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-13 04:00 - 2014-02-06 00:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-12 16:11 - 2013-12-31 15:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-12 16:11 - 2013-12-31 15:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-12 16:11 - 2013-12-24 15:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-12 16:11 - 2013-12-24 14:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-12 16:11 - 2013-12-05 18:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-12 16:11 - 2013-12-05 18:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-12 16:11 - 2013-12-05 18:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-12 16:11 - 2013-12-05 18:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-12 16:11 - 2013-12-03 18:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-12 16:11 - 2013-12-03 18:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-12 16:11 - 2013-12-03 18:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-12 16:11 - 2013-12-03 18:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-12 16:11 - 2013-12-03 18:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-12 16:11 - 2013-12-03 18:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-12 16:11 - 2013-12-03 18:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-12 16:11 - 2013-12-03 18:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-12 16:11 - 2013-12-03 18:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-12 16:11 - 2013-12-03 18:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-12 16:11 - 2013-12-03 18:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-12 16:11 - 2013-12-03 18:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-12 16:11 - 2013-12-03 18:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-12 16:11 - 2013-12-03 18:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-12 16:11 - 2013-12-03 17:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-12 16:11 - 2013-12-03 17:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-12 16:11 - 2013-12-03 17:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-12 16:11 - 2013-12-03 17:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-12 16:11 - 2013-11-26 00:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-12 16:11 - 2013-11-22 14:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-09 18:10 - 2014-02-09 18:10 - 00319641 _____ () C:\Users\Thomas\Downloads\Tom039sTom-Tom-2014-02-09T18-10-19.mysql.gz
2014-02-09 17:17 - 2014-02-09 17:17 - 00033326 _____ () C:\Users\Thomas\Downloads\libraries-7.x-2.2.tar.gz
2014-02-07 20:34 - 2014-02-07 20:34 - 00000000 ____D () C:\Users\Thomas\AppData\Local\Trolltech
2014-02-07 18:41 - 2014-02-07 21:16 - 00000000 ____D () C:\Users\Thomas\AppData\Roaming\BirdieSync
2014-02-07 18:41 - 2014-02-07 18:41 - 00000000 ____D () C:\Users\Thomas\.android
2014-02-07 18:40 - 2014-02-07 18:41 - 00000000 ____D () C:\Program Files (x86)\BirdieSync
2014-02-07 18:33 - 2014-02-07 18:38 - 24231580 _____ (Callicia) C:\Users\Thomas\Downloads\BirdieSyncSetup (1).exe
2014-02-07 17:52 - 2014-02-07 17:54 - 24231580 _____ (Callicia) C:\Users\Thomas\Downloads\BirdieSyncSetup.exe
2014-02-07 17:32 - 2014-02-07 18:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-02-07 17:29 - 2014-02-07 17:29 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2014-02-07 17:12 - 2014-02-07 17:12 - 00049050 _____ () C:\Users\Thomas\Downloads\duplicate_contact_manager-0.9.2-tb.xpi
2014-02-07 16:12 - 2014-02-07 16:12 - 02707352 _____ (Microsoft Corporation) C:\Users\Thomas\Downloads\vcredist_x86 (2).EXE

==================== One Month Modified Files and Folders =======

2014-03-08 18:30 - 2014-03-05 19:49 - 00030509 _____ () C:\Users\Thomas\Downloads\FRST.txt
2014-03-08 18:29 - 2014-03-05 19:49 - 00000000 ____D () C:\FRST
2014-03-08 18:25 - 2014-03-08 18:21 - 00002480 _____ () C:\Users\Thomas\Desktop\RKreport[0]_S_03082014_182157.txt
2014-03-08 18:20 - 2009-07-13 21:10 - 01853940 _____ () C:\Windows\WindowsUpdate.log
2014-03-08 18:20 - 2009-07-13 20:45 - 00026000 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-08 18:20 - 2009-07-13 20:45 - 00026000 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-08 18:15 - 2012-12-31 17:20 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-08 18:15 - 2011-02-06 14:20 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-08 18:15 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-08 18:15 - 2009-07-13 20:51 - 00115750 _____ () C:\Windows\setupact.log
2014-03-08 17:01 - 2014-02-27 20:46 - 00000000 ____D () C:\Users\Thomas\AppData\Local\The Witcher
2014-03-08 17:01 - 2010-12-11 19:58 - 00000422 _____ () C:\Windows\Tasks\SystemToolsDailyTest.job
2014-03-08 17:00 - 2011-01-13 21:40 - 00000000 ____D () C:\Users\Thomas\AppData\Local\CrashDumps
2014-03-08 17:00 - 2010-12-14 17:00 - 00003488 _____ () C:\Windows\System32\Tasks\PCDEventLauncher
2014-03-08 17:00 - 2010-12-11 19:58 - 00003452 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest
2014-03-08 16:58 - 2011-02-06 14:21 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-08 16:15 - 2012-07-17 21:07 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-08 14:06 - 2013-07-17 21:39 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-03-08 02:00 - 2007-07-01 15:54 - 00000000 ____D () C:\Users\Thomas\AppData\Local\Adobe
2014-03-07 18:57 - 2011-02-11 17:01 - 00000000 ____D () C:\Users\Thomas\Documents\TurboTax
2014-03-07 16:07 - 2014-03-07 16:07 - 00002531 _____ () C:\Users\Public\Desktop\TurboTax 2013.lnk
2014-03-07 16:07 - 2012-04-06 16:05 - 00000785 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2014-03-07 16:06 - 2011-02-11 15:40 - 00000000 ____D () C:\Program Files (x86)\TurboTax
2014-03-07 09:05 - 2011-11-16 14:24 - 00002000 _____ () C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\E-TRADE Pro.lnk
2014-03-07 09:04 - 2011-08-08 10:29 - 00000000 ____D () C:\Users\Thomas\etpro
2014-03-07 09:03 - 2014-03-07 09:03 - 00005079 _____ () C:\Users\Thomas\Downloads\etpro_launch (3).jnlp
2014-03-05 20:50 - 2014-02-21 15:07 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-05 19:50 - 2014-03-05 19:49 - 00055429 _____ () C:\Users\Thomas\Downloads\Addition.txt
2014-03-05 19:47 - 2014-03-05 19:47 - 02156544 _____ (Farbar) C:\Users\Thomas\Downloads\FRST64.exe
2014-03-05 19:43 - 2014-03-05 19:43 - 04130656 _____ (Kaspersky Lab ZAO) C:\Users\Thomas\Downloads\tdsskiller.exe
2014-03-05 19:34 - 2014-03-05 18:26 - 00000000 ____D () C:\Users\Thomas\Desktop\RK_Quarantine
2014-03-05 18:19 - 2014-03-05 18:19 - 04413952 _____ () C:\Users\Thomas\Downloads\RogueKillerX64.exe
2014-03-05 18:18 - 2012-07-14 18:13 - 00000000 ____D () C:\Users\Thomas\Documents\ComputerWEB
2014-03-05 08:56 - 2011-01-05 14:11 - 00000000 ____D () C:\Users\Thomas\Documents\Kelly
2014-03-05 08:07 - 2011-08-08 10:29 - 00000000 ____D () C:\data
2014-03-05 04:01 - 2014-03-05 04:00 - 00002697 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-05 04:01 - 2011-10-30 23:40 - 00000000 ____D () C:\ProgramData\Skype
2014-03-05 04:00 - 2011-10-30 23:40 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-04 17:14 - 2010-12-14 17:00 - 00000000 ____D () C:\ProgramData\PCDr
2014-03-04 07:12 - 2010-11-11 04:04 - 01530652 _____ () C:\Windows\PFRO.log
2014-02-28 18:49 - 2014-02-22 09:45 - 00000000 ____D () C:\Users\Thomas\Desktop\Tor Browser
2014-02-28 18:47 - 2014-02-28 18:47 - 00000000 ____D () C:\Users\Thomas\AppData\Roaming\tor
2014-02-28 18:44 - 2014-02-28 18:44 - 22892386 _____ () C:\Users\Thomas\Downloads\torbrowser-install-3.5.2.1_en-US(1).exe
2014-02-28 18:39 - 2012-12-05 09:59 - 00000000 ____D () C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bounce Metronome
2014-02-27 21:19 - 2014-02-27 20:46 - 00000000 ____D () C:\Users\Thomas\Documents\The Witcher
2014-02-27 20:46 - 2010-11-11 02:19 - 00668272 _____ () C:\Windows\DirectX.log
2014-02-27 20:44 - 2014-02-27 20:43 - 00000000 ____D () C:\Users\Public\Documents\The Witcher
2014-02-27 20:10 - 2014-02-27 20:10 - 00000221 _____ () C:\Users\Thomas\Desktop\The Witcher Enhanced Edition.url
2014-02-27 18:50 - 2012-12-31 17:20 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-02-27 18:50 - 2012-12-31 17:20 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-02-27 18:49 - 2013-12-19 15:21 - 00000000 ____D () C:\Users\Thomas\AppData\Local\NVIDIA Corporation
2014-02-27 18:49 - 2012-12-31 17:19 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-02-27 18:18 - 2014-02-27 18:18 - 00000000 ____D () C:\Users\Thomas\AppData\Local\Chromium
2014-02-27 16:57 - 2012-07-17 21:07 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-27 16:57 - 2012-04-03 09:54 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-27 16:57 - 2011-05-25 06:58 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-26 15:42 - 2013-05-31 07:41 - 00031883 _____ () C:\Users\Thomas\Desktop\debug.log
2014-02-26 15:34 - 2014-02-26 15:34 - 00000000 ____D () C:\Users\Thomas\Documents\EVE
2014-02-26 10:35 - 2013-06-25 17:30 - 00000000 ____D () C:\Users\Thomas\Documents\Stock Reports
2014-02-26 10:32 - 2014-02-26 10:32 - 00141312 _____ () C:\Users\Thomas\Downloads\TaxableGainsLossesDownloadFrom_01-01-2013_to_12-31-2013 (1).xls
2014-02-26 10:25 - 2014-02-26 10:25 - 00014336 _____ () C:\Users\Thomas\Downloads\TaxableGainsLossesDownloadFrom_01-01-2013_to_12-31-2013.xls
2014-02-26 10:14 - 2014-02-26 10:14 - 00005079 _____ () C:\Users\Thomas\Downloads\etpro_launch (2).jnlp
2014-02-26 09:55 - 2014-02-26 09:55 - 00058850 _____ () C:\Users\Thomas\Downloads\tradesdownload.csv
2014-02-26 08:26 - 2014-02-26 08:25 - 00005079 _____ () C:\Users\Thomas\Downloads\etpro_launch (1).jnlp
2014-02-25 10:03 - 2013-12-17 16:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-22 09:44 - 2014-02-22 09:44 - 22892386 _____ () C:\Users\Thomas\Downloads\torbrowser-install-3.5.2.1_en-US.exe
2014-02-22 00:06 - 2014-02-22 00:06 - 00000000 ____D () C:\Users\Thomas\AppData\Local\Macromedia
2014-02-22 00:01 - 2014-02-22 00:01 - 00000000 ____D () C:\Users\Thomas\AppData\Local\Mozilla
2014-02-22 00:01 - 2014-02-22 00:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-22 00:01 - 2013-12-17 16:18 - 00000000 ____D () C:\Users\Thomas\AppData\Roaming\Mozilla
2014-02-22 00:00 - 2014-02-22 00:00 - 00001153 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-21 23:58 - 2014-02-21 23:58 - 00282840 _____ (Mozilla) C:\Users\Thomas\Downloads\Firefox Setup Stub 27.0.1.exe
2014-02-21 22:24 - 2014-02-21 22:24 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\Thomas\Downloads\spybot-2.2.exe
2014-02-21 22:05 - 2013-06-25 17:19 - 00000000 ____D () C:\Users\Thomas\Documents\Game Info
2014-02-21 22:05 - 2011-02-17 15:46 - 00000000 ____D () C:\Users\Thomas\Documents\Letters
2014-02-21 22:03 - 2011-07-27 00:17 - 00000000 ____D () C:\Users\Thomas\Documents\My Games
2014-02-21 15:27 - 2014-02-21 15:07 - 00001115 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-21 15:26 - 2014-02-21 15:26 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Thomas\Downloads\mbam-consumer (1).exe
2014-02-21 15:25 - 2014-02-21 15:25 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Thomas\Downloads\mbam-consumer.exe
2014-02-21 15:06 - 2014-02-21 15:06 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Thomas\Downloads\mbam-setup-1.75.0.1300 (2).exe
2014-02-21 15:06 - 2014-02-21 15:05 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Thomas\Downloads\mbam-setup-1.75.0.1300 (1).exe
2014-02-21 10:12 - 2014-02-21 10:12 - 00005079 _____ () C:\Users\Thomas\Downloads\etpro_launch (45).jnlp
2014-02-20 15:42 - 2014-02-02 21:58 - 00000000 ____D () C:\Users\Thomas\AppData\Local\Razer
2014-02-20 15:42 - 2014-02-02 21:57 - 00000000 ____D () C:\ProgramData\Razer
2014-02-20 15:42 - 2014-02-02 21:57 - 00000000 ____D () C:\Program Files (x86)\Razer
2014-02-19 08:12 - 2012-08-06 11:11 - 00000600 _____ () C:\Users\Thomas\AppData\Roaming\winscp.rnd
2014-02-19 00:31 - 2014-02-16 18:31 - 00000600 _____ () C:\Users\Thomas\AppData\Local\PUTTY.RND
2014-02-18 23:34 - 2014-02-18 23:34 - 12576996 _____ () C:\Users\Thomas\Downloads\ruby-1.9.3-p484.tar.gz
2014-02-18 15:43 - 2009-07-13 21:13 - 00788478 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-18 15:18 - 2010-12-11 19:58 - 00000564 _____ () C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
2014-02-18 13:11 - 2010-12-11 19:58 - 00004272 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2014-02-18 09:49 - 2012-08-02 21:41 - 00001061 _____ () C:\Users\Thomas\Desktop\Notepad++.lnk
2014-02-18 09:49 - 2012-08-02 21:41 - 00001061 _____ () C:\Users\Administrator\Desktop\Notepad++.lnk
2014-02-18 09:49 - 2012-08-02 21:41 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2014-02-17 16:12 - 2014-02-17 16:12 - 00675472 _____ (getcomposer.org ) C:\Users\Thomas\Downloads\Composer-Setup.exe
2014-02-16 20:42 - 2014-02-16 20:42 - 00315184 _____ () C:\Users\Thomas\Downloads\adaptivetheme-7.x-3.1.tar.gz
2014-02-16 18:43 - 2014-02-16 18:43 - 00000600 _____ () C:\Users\Thomas\AppData\Roaming\PUTTY.RND
2014-02-16 18:28 - 2014-02-16 18:28 - 00000000 ____D () C:\Program Files (x86)\PuTTY
2014-02-16 18:27 - 2014-02-16 18:27 - 01869122 _____ (Simon Tatham ) C:\Users\Thomas\Downloads\putty-0.63-installer.exe
2014-02-16 17:58 - 2014-02-16 17:58 - 00591599 _____ () C:\Users\Thomas\Downloads\drush-master (1).zip
2014-02-16 17:57 - 2014-02-16 17:57 - 00591599 _____ () C:\Users\Thomas\Downloads\drush-master.zip
2014-02-16 17:40 - 2012-08-06 11:11 - 00000985 _____ () C:\Users\Thomas\Desktop\WinSCP.lnk
2014-02-16 17:40 - 2012-08-06 11:11 - 00000000 ____D () C:\Program Files (x86)\WinSCP
2014-02-16 17:38 - 2014-02-16 17:38 - 05300360 _____ (Martin Prikryl ) C:\Users\Thomas\Downloads\winscp551setup.exe
2014-02-16 10:37 - 2013-12-18 13:49 - 00001072 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-02-16 10:36 - 2013-12-18 13:49 - 00000000 ____D () C:\Users\Thomas\AppData\Roaming\vlc
2014-02-15 17:56 - 2014-02-15 17:56 - 00015353 _____ () C:\Users\Thomas\Downloads\auto_entitylabel-7.x-1.2.tar.gz
2014-02-14 23:12 - 2013-07-31 02:05 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-14 23:09 - 2010-12-12 16:05 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-14 22:49 - 2010-11-11 02:12 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-02-14 21:12 - 2013-12-01 10:15 - 00001303 _____ () C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2014-02-13 21:13 - 2010-12-12 22:04 - 00000000 ____D () C:\Users\Thomas\AppData\Roaming\TS3Client
2014-02-13 05:30 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\rescache
2014-02-13 04:28 - 2009-07-13 21:08 - 00032590 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-13 04:09 - 2011-02-22 08:40 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-13 04:05 - 2010-12-21 20:16 - 00764708 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-13 04:03 - 2009-07-13 18:34 - 00000601 _____ () C:\Windows\win.ini
2014-02-11 10:53 - 2011-02-06 14:21 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-11 10:53 - 2011-02-06 14:20 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-09 18:10 - 2014-02-09 18:10 - 00319641 _____ () C:\Users\Thomas\Downloads\Tom039sTom-Tom-2014-02-09T18-10-19.mysql.gz
2014-02-09 17:17 - 2014-02-09 17:17 - 00033326 _____ () C:\Users\Thomas\Downloads\libraries-7.x-2.2.tar.gz
2014-02-07 21:16 - 2014-02-07 18:41 - 00000000 ____D () C:\Users\Thomas\AppData\Roaming\BirdieSync
2014-02-07 20:34 - 2014-02-07 20:34 - 00000000 ____D () C:\Users\Thomas\AppData\Local\Trolltech
2014-02-07 19:09 - 2011-04-05 21:05 - 00000000 ____D () C:\Users\Thomas\Documents\Real Estate 2011
2014-02-07 18:46 - 2014-02-07 17:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-02-07 18:41 - 2014-02-07 18:41 - 00000000 ____D () C:\Users\Thomas\.android
2014-02-07 18:41 - 2014-02-07 18:40 - 00000000 ____D () C:\Program Files (x86)\BirdieSync
2014-02-07 18:41 - 2010-12-11 19:56 - 00000000 ____D () C:\Users\Thomas
2014-02-07 18:38 - 2014-02-07 18:33 - 24231580 _____ (Callicia) C:\Users\Thomas\Downloads\BirdieSyncSetup (1).exe
2014-02-07 17:54 - 2014-02-07 17:52 - 24231580 _____ (Callicia) C:\Users\Thomas\Downloads\BirdieSyncSetup.exe
2014-02-07 17:29 - 2014-02-07 17:29 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2014-02-07 17:12 - 2014-02-07 17:12 - 00049050 _____ () C:\Users\Thomas\Downloads\duplicate_contact_manager-0.9.2-tb.xpi
2014-02-07 16:22 - 2013-12-17 16:18 - 00000000 ____D () C:\Users\Thomas\AppData\Local\Thunderbird
2014-02-07 16:12 - 2014-02-07 16:12 - 02707352 _____ (Microsoft Corporation) C:\Users\Thomas\Downloads\vcredist_x86 (2).EXE
2014-02-06 04:16 - 2014-02-13 04:00 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 03:30 - 2014-02-13 04:01 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 03:30 - 2014-02-13 04:00 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 03:12 - 2014-02-13 04:00 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 03:07 - 2014-02-13 04:00 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 03:06 - 2014-02-13 04:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 02:57 - 2014-02-13 04:00 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 02:56 - 2014-02-13 04:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 02:52 - 2014-02-13 04:00 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 02:49 - 2014-02-13 04:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 02:48 - 2014-02-13 04:00 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 02:48 - 2014-02-13 04:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 02:38 - 2014-02-13 04:00 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 02:32 - 2014-02-13 04:00 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 02:20 - 2014-02-13 04:01 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 02:17 - 2014-02-13 04:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 02:11 - 2014-02-13 04:00 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 02:01 - 2014-02-13 04:00 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 02:00 - 2014-02-13 04:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 01:57 - 2014-02-13 04:00 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 01:57 - 2014-02-13 04:00 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 01:52 - 2014-02-13 04:00 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 01:52 - 2014-02-13 04:00 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 01:50 - 2014-02-13 04:00 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 01:49 - 2014-02-13 04:00 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 01:47 - 2014-02-13 04:00 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 01:46 - 2014-02-13 04:00 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 01:25 - 2014-02-13 04:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 01:25 - 2014-02-13 04:00 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 01:24 - 2014-02-13 04:00 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 01:22 - 2014-02-13 04:00 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 01:13 - 2014-02-13 04:00 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 01:09 - 2014-02-13 04:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 01:03 - 2014-02-13 04:00 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 00:55 - 2014-02-13 04:00 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 00:41 - 2014-02-13 04:00 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 00:40 - 2014-02-13 04:00 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 00:36 - 2014-02-13 04:00 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 00:34 - 2014-02-13 04:00 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

Files to move or delete:
====================
C:\Users\Thomas\disable_caps_lock.reg


Some content of TEMP:
====================
C:\Users\Thomas\AppData\Local\Temp\ntdll_dump.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-28 02:57

==================== End Of Log ============================

Link to post
Share on other sites

and the additional

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-03-2014 02
Ran by Thomas at 2014-03-08 18:30:44
Running from C:\Users\Thomas\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Norton 360 (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Norton 360 (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton 360 (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

==================== Installed Programs ======================

Add or Remove Adobe Creative Suite 3 Master Collection (HKLM-x32\...\Adobe_4dcfd9b7e901b57f81f667144603236) (Version: 1.0 - Adobe Systems Incorporated)
Adobe Acrobat XI Pro (HKLM-x32\...\{23D3F585-AE29-4670-8E3E-64A0EFB29240}) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.06 - Adobe Systems)
Adobe After Effects CC (HKLM-x32\...\{317243C1-6580-4F43-AED7-37D4438C3DD5}) (Version: 12.2.1 - Adobe Systems Incorporated)
Adobe After Effects CS3 (x32 Version: 8 - Adobe Systems Incorporated) Hidden
Adobe After Effects CS3 Presets (x32 Version: 8 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1210 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.9.0.1210 - Adobe Systems Incorporated) Hidden
Adobe Anchor Service CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Asset Services CS3 (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Audition CC (HKLM-x32\...\{DE1E055B-679C-42F8-B114-7B6ED0B8ED95}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Bridge CC (64 Bit) (HKLM-x32\...\{359F8007-6486-429C-A8C5-D67F6897C88C}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Bridge CS3 (x32 Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Bridge Start Meeting (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe BridgeTalk Plugin CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Camera Raw 4.0 (x32 Version: 4.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color - Photoshop Specific (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color Common Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color EU Extra Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color JA Extra Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color NA Recommended Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Contribute CS3 (x32 Version: 4.1 - Adobe Systems Incorporated) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.4.1.351 - Adobe Systems Incorporated)
Adobe Creative Suite 3 Master Collection (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Default Language CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Dreamweaver CC (HKLM-x32\...\{00E094E1-A852-11E2-803D-ACEA632352B4}) (Version: 13 - Adobe Systems Incorporated)
Adobe Dreamweaver CS3 (x32 Version: 9 - Adobe Systems Incorporated) Hidden
Adobe Edge Animate CC (HKLM-x32\...\{00603DFF-6EC5-4E9E-AB3A-AD4C7D61FF13}) (Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Edge Inspect CC (HKLM-x32\...\{67D22EA0-4601-4450-9C99-042DABB0A315}) (Version: 1.0.408 - Adobe Systems Incorporated)
Adobe Encore CS3 (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe ExtendScript Toolkit 2 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Extension Manager CC (HKLM-x32\...\{244FD30F-63F1-49B9-9D98-1150FF4FFCB1}) (Version: 7.1.1 - Adobe Systems Incorporated)
Adobe Extension Manager CS3 (x32 Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Fireworks CS3 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Fireworks CS6 (HKLM-x32\...\{CA7C485C-7A89-11E1-B2C8-CD54B377BC52}) (Version: 12.0.1 - Adobe Systems Incorporated)
Adobe Flash Builder 4.7 (64 Bit) (HKLM-x32\...\{848DE8E1-521D-4748-A158-517708107EF3}) (Version: 4.7 - Adobe Systems Incorporated)
Adobe Flash CS3 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.9.900.117 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Flash Professional CC (HKLM-x32\...\{B56B95BF-7161-4166-8288-DB1BA9F6C9B8}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Flash Video Encoder (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Fonts All (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Gaming SDK 1.3 (HKLM-x32\...\{62FFC6DD-18BB-49FC-AF65-71FB1C0B08AA}) (Version: 1.3 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Help Viewer CS3 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Illustrator CC (HKLM-x32\...\{F2321021-08A2-44D6-B1DF-BDB415F23EC3}) (Version: 17.0 - Adobe Systems Incorporated)
Adobe Illustrator CS3 (x32 Version: 13.0 - Adobe Systems Incorporated) Hidden
Adobe InDesign CC (HKLM-x32\...\{BC448016-6F11-1014-B0EA-97CEE6E26CB6}) (Version: 9.0 - Adobe Systems Incorporated)
Adobe InDesign CS3 (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
Adobe InDesign CS3 Icon Handler (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS3 (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe MotionPicture Color Files (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Muse (HKLM-x32\...\{9A554C9D-E12D-4205-8101-9F4337CD5673}) (Version: 7.0 - Adobe Systems Incorporated)
Adobe Muse (HKLM-x32\...\AdobeMuse) (Version: 7.0.314 - Adobe Systems Incorporated)
Adobe Muse (x32 Version: 7.0.314 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files (x32 Version: 8.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Photoshop CS3 (x32 Version: 10 - Adobe Systems Incorporated) Hidden
Adobe Photoshop Lightroom 5.2 64-bit (HKLM\...\{54E6C675-3AD4-42E4-957F-31666ABF1603}) (Version: 5.2.1 - Adobe)
Adobe Prelude CC (HKLM-x32\...\{5D73C19B-BE10-44A6-96B2-A516756ED29F}) (Version: 2.2.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC (HKLM-x32\...\{505FF1AC-E7F5-4462-BBA7-08900E7E9EEF}) (Version: 7.2.1 - Adobe Systems Incorporated)
Adobe Premiere Pro CS3 (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Premiere Pro CS3 Functional Content (x32 Version: 8 - Adobe Systems Incorporated) Hidden
Adobe Premiere Pro CS3 Third Party Content (HKLM-x32\...\Adobe_71c180716438072ebd356ce2549df41) (Version: 3 - Adobe Systems Incorporated)
Adobe Premiere Pro CS3 Third Party Content (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Reader 9.1.2 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A91000000001}) (Version: 9.1.2 - Adobe Systems Incorporated)
Adobe Setup (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe SING CS3 (x32 Version: 0.1 - Adobe Systems Incorporated) Hidden
Adobe Soundbooth CS3 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Soundbooth CS3 Codecs (HKLM-x32\...\Adobe_42fe5c8ddcc4280fb81b214b4c90a63) (Version: 3 - Adobe Systems Incorporated)
Adobe Soundbooth CS3 Codecs (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe SpeedGrade CC (HKLM-x32\...\{29AA12E9-934C-485E-A9A1-D823FEB29880}) (Version: 7.2.0 - Adobe Systems Incorporated)
Adobe Stock Photos CS3 (x32 Version: 1.5 - Adobe Systems Incorporated) Hidden
Adobe Type Support (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS3 (x32 Version: 5.1.0 - Adobe Systems Incorporated) Hidden
Adobe Version Cue CS3 Client (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Version Cue CS3 Server (x32 Version: 3.0 - Adobe Systems Incorporated) Hidden
Adobe Video Profiles (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe WAS CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe XMP DVA Panels CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.4.0 - Adobe Systems Incorporated)
Adobe® Content Viewer (x32 Version: 3.4.0 - Adobe Systems Incorporated) Hidden
AHV content for Acrobat and Flash (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Amazon MP3 Downloader 1.0.17 (HKLM-x32\...\Amazon MP3 Downloader) (Version: 1.0.17 - Amazon Services LLC)
AMD Catalyst Install Manager (HKLM\...\{5831C6D6-309D-DBB5-14F7-FEE57086CEE7}) (Version: 8.0.873.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{A922C4B7-50E0-4787-A94C-59DBF3C65DBE}) (Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0 (HKLM-x32\...\Audacity_is1) (Version:  - Audacity Team)
Best Buy pc app (Version: 3.0.0.0 - Best Buy) Hidden
BirdieSync 2.4.8.0 (HKLM-x32\...\BirdieSync) (Version: 2.4.8.0 - Callicia)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Carbonite Online Backup Setup (HKLM-x32\...\Carbonite Setup Lite) (Version: 3.8.0 - Carbonite Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2010.0113.2208.39662 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0113.2208.39662 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2010.0113.2208.39662 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2010.0113.2208.39662 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0113.2208.39662 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0113.2208.39662 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0113.2208.39662 - ATI Technologies, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0405.2205.37728 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0113.2208.39662 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help English (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help French (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help German (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0113.2208.39662 - ATI) Hidden
ccc-utility64 (Version: 2010.0113.2208.39662 - ATI) Hidden
Consumer In-Home Service Agreement (HKLM-x32\...\{F47C37A4-7189-430A-B81D-739FF8A7A554}) (Version: 2.0.0 - Dell Inc.)
Curse Client (HKCU\...\101a9f93b8f0bb6f) (Version: 5.1.1.792 - Curse)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{81FB7C60-565A-4869-9D90-3BE1D270E8B7}) (Version:  - Microsoft)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.0.5744.02 - Dell Inc.)
Dell Support Center (Version: 3.0.5744.02 - PC-Doctor, Inc.) Hidden
Dell System Detect (HKCU\...\9204f5692a8faf3b) (Version: 5.3.2.10 - Dell)
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
DirectXInstallService (x32 Version: 9.0.2 - Roxio) Hidden
Dokan Library 0.6.0 (HKLM-x32\...\DokanLibrary) (Version:  - )
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Dragons Prophet (HKCU\...\SOE-Dragons Prophet) (Version:  - Sony Online Entertainment)
EMC 10 Content (x32 Version: 1.0.035 - Roxo, Inc.) Hidden
EMCGadgets64 (Version: 1.0.302 - Sonic) Hidden
erLT (x32 Version: 1.20.0137 - Logitech, Inc.) Hidden
EVE Online (remove only) (HKLM-x32\...\EVE) (Version:  - CCP Games Ltd.)
EveHQ (HKLM-x32\...\EveHQ) (Version:  - )
EVEMon (HKLM-x32\...\EVEMon) (Version: 1.8.4.4125 - battleclinic.com)
Exact Audio Copy 1.0beta3 (HKLM-x32\...\Exact Audio Copy) (Version: 1.0beta3 - Andre Wiethoff)
Global Agenda Launcher (HKLM-x32\...\{722AF0E9-9BAB-4556-9AA6-B5240D46E4B3}) (Version: 1.0.0 - Hi-Rez Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.146 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
GoToAssist 8.0.0.514 (HKLM-x32\...\GoToAssist) (Version:  - )
HP Memories Disc (HKLM-x32\...\{B376402D-58EA-45EA-BD50-DD924EB67A70}) (Version: 1.0.4.805 - Hewlett-Packard Company)
hp officejet 6100 series (x32 Version: 1.10.0000 - Hewlett-Packard Company) Hidden
HP Officejet Pro 8600 Basic Device Software (HKLM\...\{791A06E2-340F-43B0-8FAB-62D151339362}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet Pro 8600 Help (HKLM-x32\...\{46235FF7-2CBE-4A84-BEDA-87348D1F7850}) (Version: 28.0.0 - Hewlett Packard)
HP Officejet Pro 8600 Product Improvement Study (HKLM\...\{2BF5E9CC-C55D-4B0F-ACAF-FFE77F333CD8}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photo and Imaging 2.0 - All-in-One (x32 Version: 1.10.0000 - Hewlett-Packard Company) Hidden
HP Photo and Imaging 2.0 - All-in-One Drivers (x32 Version: 1.10.0000 - Hewlett-Packard Company) Hidden
HP Photo and Imaging 2.0 - hp officejet 6100 series (HKLM-x32\...\HP OfficeJet 6100 Series) (Version:  - )
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.0.1006 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.7.0.1013 - Intel Corporation)
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java 6 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416020FF}) (Version: 6.0.200 - Sun Microsystems, Inc.)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lightroom 5.2 (HKLM-x32\...\{9bcd38e7-1f9a-4536-8cd4-96448263f367}) (Version: 5.2 - Adobe Systems Incorporated)
Logitech Gaming Software (Version: 8.45.88 - Logitech Inc.) Hidden
Logitech Gaming Software 8.51 (HKLM\...\Logitech Gaming Software) (Version: 8.51.5 - Logitech Inc.)
Logitech SetPoint 5.20 (HKLM\...\{D3120436-1358-4253-9EB2-257FFE8CE1D9}) (Version: 5.20 - Logitech)
Logitech Unifying Software 2.10 (HKLM\...\Logitech Unifying) (Version: 2.10.37 - Logitech)
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0081-0409-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Search Enhancement Pack (x32 Version: 3.0.133.0 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 ENU (HKLM\...\{8424B163-D1E0-48B7-88A2-C7A61767B3D7}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MobileMe Control Panel (HKLM\...\{3C5E60F1-0821-4B07-97EA-84EB5A927CF6}) (Version: 3.1.6.0 - Apple Inc.)
Mozilla Firefox 27.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 en-US)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
Mozilla Thunderbird 24.3.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 24.3.0 (x86 en-US)) (Version: 24.3.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Multimedia Card Reader (HKLM-x32\...\InstallShield_{9F0A32A5-4EBF-4B9D-A3CD-31579F2E1400}) (Version: 1.4.915.1 - Fitipower)
Multimedia Card Reader (x32 Version: 1.4.915.1 - Fitipower) Hidden
muvee Reveal Seagate Edition (HKLM-x32\...\{78E9A751-5616-233F-1249-16AC5758C646}) (Version: 7.0.41.11017 - muvee Technologies Pte Ltd)
Nether (HKLM-x32\...\Steam App 247730) (Version:  - Phosphor Games)
Norton 360 (HKLM-x32\...\N360) (Version: 21.1.0.18 - Symantec Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.2 - Notepad++ Team)
NVIDIA 3D Vision Controller Driver 332.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 332.21 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 332.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 332.21 - NVIDIA Corporation)
NVIDIA Control Panel 332.21 (Version: 332.21 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 332.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.21 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.142.992 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3221 - NVIDIA Corporation) Hidden
PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
PuTTY version 0.63 (HKLM-x32\...\PuTTY_is1) (Version: 0.63 - Simon Tatham)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5953 - Realtek Semiconductor Corp.)
Roxio Activation Module (x32 Version: 1.0 - Roxio) Hidden
Roxio BackOnTrack (x32 Version: 1.3.0 - Roxio) Hidden
Roxio Central Audio (x32 Version: 3.8.0 - Roxio) Hidden
Roxio Central Copy (x32 Version: 3.8.0 - Roxio) Hidden
Roxio Central Core (x32 Version: 3.8.0 - Roxio) Hidden
Roxio Central Data (x32 Version: 3.8.0 - Roxio) Hidden
Roxio Central Tools (x32 Version: 3.8.0 - Roxio) Hidden
Roxio CinePlayer Decoder Pack (x32 Version: 4.3.0 - Roxio) Hidden
Roxio Easy CD and DVD Burning (HKLM-x32\...\{537BF16E-7412-448C-95D8-846E85A1D817}) (Version: 10.3 - Roxio)
Roxio Easy CD and DVD Burning (x32 Version: 10.3.106 - Roxio) Hidden
Roxio Easy VHS to DVD (HKLM-x32\...\{15210C5B-9E04-4BF7-B019-AE958F238333}) (Version: 2.0 - Roxio)
Roxio Easy VHS to DVD (x32 Version: 2.0.123 - Roxio) Hidden
Roxio Express Labeler (x32 Version: 3.2.1 - Roxio) Hidden
Roxio File Backup (Version: 1.3.0 - Roxio) Hidden
Roxio Update Manager (x32 Version: 6.0.0 - Roxio) Hidden
Roxio Video Capture USB (x32 Version: 1.22.0000 - Roxio) Hidden
Rust (HKLM-x32\...\Steam App 252490) (Version:  - Facepunch Studios)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.14.0 - SAMSUNG Electronics Co., Ltd.)
Seagate Manager Installer (HKLM-x32\...\InstallShield_{2A30052B-831C-41D3-8044-3C0388066350}) (Version: 2.01.0600 - Seagate)
Seagate Manager Installer (x32 Version: 2.01.0600 - Seagate) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
SiSoftware Sandra Lite 2011 (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2296}_is1) (Version: 17.15.2011.1 - SiSoftware)
Skins (x32 Version: 2010.0113.2208.39662 - ATI) Hidden
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.7.8524 - Skype Technologies S.A.)
Skype™ 5.10 (HKLM-x32\...\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}) (Version: 5.10.116 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 2 RC2 (HKLM-x32\...\Teamspeak 2 RC2_is1) (Version: 2.0.32.60 - Dominating Bytes Design)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13.1 - TeamSpeak Systems GmbH)
The Witcher: Enhanced Edition (HKLM-x32\...\Steam App 20900) (Version:  - CD Projekt RED)
TiVo Desktop 2.8.2 (HKLM-x32\...\{4E839090-3B68-436A-B3CF-A2A08C38DD26}) (Version: 2.8.412.369 - TiVo Inc.)
TurboTax 2010 (HKLM-x32\...\TurboTax 2010) (Version:  - Intuit, Inc)
TurboTax 2010 wcaiper (x32 Version: 010.000.1393 - Intuit Inc.) Hidden
TurboTax 2010 WinPerFedFormset (x32 Version: 010.000.4227 - Intuit Inc.) Hidden
TurboTax 2010 WinPerReleaseEngine (x32 Version: 010.000.0483 - Intuit Inc.) Hidden
TurboTax 2010 WinPerTaxSupport (x32 Version: 010.000.0214 - Intuit Inc.) Hidden
TurboTax 2010 wrapper (x32 Version: 010.000.0157 - Intuit Inc.) Hidden
TurboTax 2011 (HKLM-x32\...\TurboTax 2011) (Version:  - Intuit, Inc)
TurboTax 2011 wcaiper (x32 Version: 011.000.1647 - Intuit Inc.) Hidden
TurboTax 2011 WinPerFedFormset (x32 Version: 011.000.2999 - Intuit Inc.) Hidden
TurboTax 2011 WinPerReleaseEngine (x32 Version: 011.000.0495 - Intuit Inc.) Hidden
TurboTax 2011 WinPerTaxSupport (x32 Version: 011.000.0214 - Intuit Inc.) Hidden
TurboTax 2011 wrapper (x32 Version: 011.000.0121 - Intuit Inc.) Hidden
TurboTax 2012 (HKLM-x32\...\TurboTax 2012) (Version: 2012.0 - Intuit, Inc)
TurboTax 2012 wcaiper (x32 Version: 012.000.1430 - Intuit Inc.) Hidden
TurboTax 2012 WinPerFedFormset (x32 Version: 012.000.2083 - Intuit Inc.) Hidden
TurboTax 2012 WinPerReleaseEngine (x32 Version: 012.000.0451 - Intuit Inc.) Hidden
TurboTax 2012 WinPerTaxSupport (x32 Version: 012.000.0179 - Intuit Inc.) Hidden
TurboTax 2012 wrapper (x32 Version: 012.000.0127 - Intuit Inc.) Hidden
TurboTax 2013 (HKLM-x32\...\TurboTax 2013) (Version: 2013.0 - Intuit, Inc)
TurboTax 2013 WinPerFedFormset (x32 Version: 013.000.1036 - Intuit Inc.) Hidden
TurboTax 2013 WinPerReleaseEngine (x32 Version: 013.000.0312 - Intuit Inc.) Hidden
TurboTax 2013 WinPerTaxSupport (x32 Version: 013.000.0140 - Intuit Inc.) Hidden
TurboTax 2013 wrapper (x32 Version: 013.000.0128 - Intuit Inc.) Hidden
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837583) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{E21274CE-CA0C-49FA-93F4-DC292A052264}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{B5C70C99-B109-42FD-B219-FF12CA543F19}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{5E8EB600-8B94-429E-873E-98369C6DC1BC}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{DA2F7ECE-6629-4A80-9CDE-EC95261B75E2}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{80F56E3F-1D47-4E45-B6E0-FEF4E919F4F9}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{E78E2B68-8FD1-42EE-BB74-99A4D9E6222D}) (Version:  - Microsoft)
User's Guides (HKLM\...\{B48E1FFD-A85D-45DB-9070-C06CDF6BD427}) (Version: 1.20.0000 - Logitech)
VD64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 4.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
WinRAR 4.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
WinSCP 5.5.1 (HKLM-x32\...\winscp3_is1) (Version: 5.5.1 - Martin Prikryl)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: 5.4.0.17399 - Blizzard Entertainment)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)

==================== Restore Points  =========================

05-03-2014 12:00:10 Windows Update
08-03-2014 00:06:24 Installed TurboTax 2013 wrapper

==================== Hosts content: ==========================

2013-12-10 19:25 - 2013-09-03 17:19 - 00000833 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0A39D38B-891A-48EE-AEC8-0D9427A2CF14} - System32\Tasks\{525FA779-9144-4E8C-8220-16F59FA3BD7C} => C:\Program Files (x86)\Common Files\Roxio Shared\10.0\Roxio Central36\Main\Roxio_Central36.exe [2009-06-22] ()
Task: {0CF0DD58-BE7D-4605-A2BD-64F464E5091F} - System32\Tasks\{7CDF2BD8-E47E-46B8-B185-F106F60E2984} => C:\Program Files (x86)\iTunes\iTunes.exe [2013-11-02] (Apple Inc.)
Task: {14CBA65C-3865-4116-8A1F-F473D93C0076} - System32\Tasks\{8456EC9C-5A45-4715-99DF-9E57021FC613} => C:\Program Files (x86)\Common Files\Roxio Shared\10.0\Roxio Central36\Main\Roxio_Central36.exe [2009-06-22] ()
Task: {1804DE7E-948D-426E-929F-72D3556A79BB} - System32\Tasks\AdobeAAMUpdater-1.0-Thomas-PC-Thomas => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-12-10] (Adobe Systems Incorporated)
Task: {34E0333F-3096-48B2-B724-68E91DCF87D7} - System32\Tasks\HPCustParticipation HP Officejet Pro 8600 => C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {360D3387-DAC1-4DDD-B308-C656E0A9F85D} - System32\Tasks\PCDEventLauncher => C:\Program Files\Dell Support Center\sessionchecker.exe [2010-12-03] (PC-Doctor, Inc.)
Task: {3EFFBE47-F008-4243-A735-0DD59D17E346} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell Support Center\uaclauncher.exe [2010-12-03] (PC-Doctor, Inc.)
Task: {7589D1D2-D5AD-46FD-891C-68F7948E6903} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {7CCDF48A-5540-4CBA-98EE-4A03291A9AF5} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {89AD63A2-A3D3-41D3-867B-74CA4482CA11} - System32\Tasks\{F6E90F8D-4AA2-47C9-9893-8F91D5C0126B} => C:\Program Files (x86)\iTunes\iTunes.exe [2013-11-02] (Apple Inc.)
Task: {90C1E32A-1938-434A-856A-5633822DD454} - System32\Tasks\{CDDBF4A1-882B-4097-9C63-910A07AC095C} => C:\Program Files (x86)\Common Files\Roxio Shared\10.0\Roxio Central36\Main\Roxio_Central36.exe [2009-06-22] ()
Task: {9EEB0701-E974-4CC5-B434-DCB23929BB34} - System32\Tasks\{E49B49E5-105C-4984-915E-FDB3F5399392} => C:\Program Files (x86)\iTunes\iTunes.exe [2013-11-02] (Apple Inc.)
Task: {AC47C3A1-24B6-4D31-BFC6-DFFEF8737FC7} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\Dell Support Center\pcdrcui.exe [2010-12-03] (PC-Doctor, Inc.)
Task: {BD6EF81C-8E94-4684-8611-ADFEE2C14EE8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-02-06] (Google Inc.)
Task: {CBB93DEE-90C3-4A4D-B7C5-B0BD59E992B4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {E3962D9E-1CEE-4771-B928-ED7A81BE5455} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-02-06] (Google Inc.)
Task: {EA112BE9-DB30-478B-B987-DF5F957BBB1A} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {F3662658-0B2D-4B50-BB94-AF5562DF7A5C} - System32\Tasks\{E8B422C7-D4B5-4FB4-85ED-FEE1B299FB4D} => C:\Program Files (x86)\Common Files\Roxio Shared\10.0\Roxio Central36\Main\Roxio_Central36.exe [2009-06-22] ()
Task: {F4103DE2-D2EE-4F11-A2E6-81113FAB8FCF} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\WSCStub.exe [2013-10-08] (Symantec Corporation)
Task: {F996C832-76C3-43AD-BA7F-5CFBAC23800F} - System32\Tasks\{1D7220C5-D93A-4A57-B89E-BB5E2059BD44} => C:\Program Files (x86)\iTunes\iTunes.exe [2013-11-02] (Apple Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\Dell Support Center\uaclauncher.exe
Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\Dell Support Center\pcdrcui.exe

==================== Loaded Modules (whitelisted) =============

2012-12-31 17:20 - 2013-12-19 10:53 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-02-11 03:21 - 2014-02-11 03:21 - 00644464 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2012-06-18 07:24 - 2012-06-18 07:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-02-13 04:17 - 2014-02-13 04:17 - 00017920 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\e0cca00b42165c0b882a7ef23368c6ac\PSIClient.ni.dll
2014-02-22 00:00 - 2014-02-12 16:36 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:7BC7E6BA
AlternateDataStreams: C:\Users\Thomas\Downloads\Haley Reinhart & Casey Abrams Performances @ CityWalk LA.wma:Roxio EMC Stream

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: Adobe Version Cue CS3 => 3
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: DokanMounter => 2
MSCONFIG\Services: FLEXnet Licensing Service => 3
MSCONFIG\Services: FreeAgentGoNext Service => 2
MSCONFIG\Services: GoToAssist => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: IntuitUpdateService => 2
MSCONFIG\Services: IntuitUpdateServiceV4 => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: N360 => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: nvUpdatusService => 2
MSCONFIG\Services: RoxMediaDB10 => 3
MSCONFIG\Services: RoxMediaDBVHS => 3
MSCONFIG\Services: SandraAgentSrv => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\Services: stllssvr => 3
MSCONFIG\startupreg: DellSystemDetect => C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/08/2014 05:00:32 PM) (Source: PC-Doctor) (User: )
Description: (5464) Asapi: (17:00:32:8590)(5464) enumerator - Error -- 118 pcdrsysinfocsmi: Module returned no data

Error: (03/08/2014 05:00:32 PM) (Source: PC-Doctor) (User: )
Description: (5464) Asapi: (17:00:32:8590)(5464) Matrix.ModuleImp - Error -- 52 Unable to get information from module due to failed exec.

Error: (03/08/2014 05:00:32 PM) (Source: PC-Doctor) (User: )
Description: (5464) Asapi: (17:00:32:8590)(5464) libCommon.System.Windows - Error -- 720 execAndGetPipeData(./pcdrsysinfocsmi.p5x) readFromPipeTimed failed, killing: 528

Error: (03/08/2014 05:00:32 PM) (Source: PC-Doctor) (User: )
Description: (5464) Asapi: (17:00:32:7690)(5464) libCommon.System.Windows - Error -- 590 readFromPipeTimed(3412) child process 528 exited with return code: 259

Error: (03/08/2014 05:00:17 PM) (Source: Application Error) (User: )
Description: Faulting application name: pcdrsysinfocsmi.p5x, version: 6.0.5744.2, time stamp: 0x4ce47064
Faulting module name: MSVCR90.dll, version: 9.0.30729.6161, time stamp: 0x4dace4e7
Exception code: 0x40000015
Fault offset: 0x000000000004267f
Faulting process id: 0x210
Faulting application start time: 0xpcdrsysinfocsmi.p5x0
Faulting application path: pcdrsysinfocsmi.p5x1
Faulting module path: pcdrsysinfocsmi.p5x2
Report Id: pcdrsysinfocsmi.p5x3

Error: (03/07/2014 08:14:02 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall

Error: (03/07/2014 05:00:33 PM) (Source: PC-Doctor) (User: )
Description: (3700) Asapi: (17:00:33:1050)(3700) enumerator - Error -- 118 pcdrsysinfocsmi: Module returned no data

Error: (03/07/2014 05:00:33 PM) (Source: PC-Doctor) (User: )
Description: (3700) Asapi: (17:00:33:1040)(3700) Matrix.ModuleImp - Error -- 52 Unable to get information from module due to failed exec.

Error: (03/07/2014 05:00:33 PM) (Source: PC-Doctor) (User: )
Description: (3700) Asapi: (17:00:33:1040)(3700) libCommon.System.Windows - Error -- 720 execAndGetPipeData(./pcdrsysinfocsmi.p5x) readFromPipeTimed failed, killing: 2580

Error: (03/07/2014 05:00:33 PM) (Source: PC-Doctor) (User: )
Description: (3700) Asapi: (17:00:33:1020)(3700) libCommon.System.Windows - Error -- 590 readFromPipeTimed(3260) child process 2580 exited with return code: 259


System errors:
=============
Error: (03/08/2014 06:16:07 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AFS
RxFilter

Error: (03/08/2014 06:15:49 PM) (Source: Service Control Manager) (User: )
Description: The SessionLauncher service failed to start due to the following error:
%%2

Error: (03/08/2014 06:15:35 PM) (Source: Service Control Manager) (User: )
Description: The Dock Login Service service failed to start due to the following error:
%%2

Error: (03/07/2014 08:14:01 PM) (Source: Service Control Manager) (User: )
Description: The Steam Client Service service failed to start due to the following error:
%%1053

Error: (03/07/2014 08:14:01 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

Error: (03/07/2014 09:01:03 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AFS
RxFilter

Error: (03/07/2014 09:00:44 AM) (Source: Service Control Manager) (User: )
Description: The SessionLauncher service failed to start due to the following error:
%%2

Error: (03/07/2014 09:00:35 AM) (Source: Service Control Manager) (User: )
Description: The Dock Login Service service failed to start due to the following error:
%%2

Error: (03/06/2014 02:46:03 PM) (Source: Service Control Manager) (User: )
Description: The Steam Client Service service failed to start due to the following error:
%%1053

Error: (03/06/2014 02:46:03 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.


Microsoft Office Sessions:
=========================
Error: (03/08/2014 05:00:32 PM) (Source: PC-Doctor)(User: )
Description: (5464) Asapi: (17:00:32:8590)(5464) enumerator - Error -- 118 pcdrsysinfocsmi: Module returned no data

Error: (03/08/2014 05:00:32 PM) (Source: PC-Doctor)(User: )
Description: (5464) Asapi: (17:00:32:8590)(5464) Matrix.ModuleImp - Error -- 52 Unable to get information from module due to failed exec.

Error: (03/08/2014 05:00:32 PM) (Source: PC-Doctor)(User: )
Description: (5464) Asapi: (17:00:32:8590)(5464) libCommon.System.Windows - Error -- 720 execAndGetPipeData(./pcdrsysinfocsmi.p5x) readFromPipeTimed failed, killing: 528

Error: (03/08/2014 05:00:32 PM) (Source: PC-Doctor)(User: )
Description: (5464) Asapi: (17:00:32:7690)(5464) libCommon.System.Windows - Error -- 590 readFromPipeTimed(3412) child process 528 exited with return code: 259

Error: (03/08/2014 05:00:17 PM) (Source: Application Error)(User: )
Description: pcdrsysinfocsmi.p5x6.0.5744.24ce47064MSVCR90.dll9.0.30729.61614dace4e740000015000000000004267f21001cf3b32ecfc19bfC:\Program Files\Dell Support Center\pcdrsysinfocsmi.p5xC:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll2d6e474c-a726-11e3-a04a-842b2bafecda

Error: (03/07/2014 08:14:02 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall

Error: (03/07/2014 05:00:33 PM) (Source: PC-Doctor)(User: )
Description: (3700) Asapi: (17:00:33:1050)(3700) enumerator - Error -- 118 pcdrsysinfocsmi: Module returned no data

Error: (03/07/2014 05:00:33 PM) (Source: PC-Doctor)(User: )
Description: (3700) Asapi: (17:00:33:1040)(3700) Matrix.ModuleImp - Error -- 52 Unable to get information from module due to failed exec.

Error: (03/07/2014 05:00:33 PM) (Source: PC-Doctor)(User: )
Description: (3700) Asapi: (17:00:33:1040)(3700) libCommon.System.Windows - Error -- 720 execAndGetPipeData(./pcdrsysinfocsmi.p5x) readFromPipeTimed failed, killing: 2580

Error: (03/07/2014 05:00:33 PM) (Source: PC-Doctor)(User: )
Description: (3700) Asapi: (17:00:33:1020)(3700) libCommon.System.Windows - Error -- 590 readFromPipeTimed(3260) child process 2580 exited with return code: 259


==================== Memory info ===========================

Percentage of memory in use: 26%
Total physical RAM: 8151.08 MB
Available physical RAM: 6003.95 MB
Total Pagefile: 16300.34 MB
Available Pagefile: 14077.25 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:920.59 GB) (Free:544.76 GB) NTFS
Drive d: (TurboTax 2013) (CDROM) (Total:0.38 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 33AEB6E6)
Partition 1: (Not Active) - (Size=31 MB) - (Type=DE)
Partition 2: (Active) - (Size=11 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=921 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Link to post
Share on other sites

I did a full system scan with Malaware bytes yesterday (5 hours) with no items found.   When I purchased MB a month ago it found and removed a few things

 

I did the "perform flash scan" with MB and it found nothing

 

I downsloaded and rand the tdsskiller from kapersky and it found nothing

 

 

So.  maybe the incoming ip warnings are nothing?  I need to check teh wording of the Malwaybytes pop ups from the tool bar but I feel like some of the wording of the warning "we've blocked a malicious site" ? or something is just something I'm worrying to much about.

 

From the logs above I guess you can see I have Norton 360 running,  which i've used for years now (as well as its precursors before that)

 

Any help on the Malware angle would be appreciated (even if its a "No Problem I see" )

 

Thanks again in advance.

Link to post
Share on other sites

  • Root Admin

The IP blocks are incoming which typically there isn't too much one can do about it but we can try a few things.

 

Please go ahead and run through the following steps and post back the logs when ready.

STEP 03
Please download Malwarebytes Anti-Rootkit from here

  • Unzip the contents to a folder in a convenient location.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  • When done, please post the two logs produced they will be in the MBAR folder... mbar-log.txt and system-log.txt

STEP 04
Please download Junkware Removal Tool to your desktop.
  • Shutdown your antivirus to avoid any conflicts.
  • Right click over JRT.exe and select Run as administrator on Windows Vista or Windows 7, double-click on XP.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next reply message
  • When completed make sure to re-enable your antivirus



STEP 05
Lets clean out any adware now: (this will require a reboot so save all your work)

Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Please uncheck elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you may want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review. (all items found are adware/spyware/foistware)
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted:
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.


Then..................

Open up Malwarebytes > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a Quick Scan with Malwarebytes Anti-Malware, post the report.

Make sure that everything is checked, and click Remove Selected.


STEP 06
button_eos.gif

Please go here to run the online antivirus scannner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology

    [*]Click Scan [*]Wait for the scan to finish [*]If any threats were found, click the 'List of found threats' , then click Export to text file.... [*]Save it to your desktop, then please copy and paste that log as a reply to this topic.



STEP 07
Please download the Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press the Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). Please attach it to your reply as well.


 

Link to post
Share on other sites

  • 2 weeks later...
  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.