OTL logfile created on: 3/9/2013 7:25:05 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\QUARTE_MATT\Desktop
Enterprise Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.97 Gb Total Physical Memory | 1.86 Gb Available Physical Memory | 62.79% Memory free
5.93 Gb Paging File | 4.58 Gb Available in Paging File | 77.20% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 230.59 Gb Total Space | 106.56 Gb Free Space | 46.21% Space Free | Partition Type: NTFS
Drive F: | 2.00 Gb Total Space | 1.99 Gb Free Space | 99.83% Space Free | Partition Type: FAT32
Computer Name: 2CE929CQCT | User Name: QUARTE_MATT | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2013/03/06 18:32:44 | 004,767,304 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/03/06 18:32:44 | 000,045,248 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/02/20 23:08:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\QUARTE_MATT\Desktop\OTL.exe
PRC - [2012/12/18 09:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/12/17 19:50:28 | 016,328,976 | ---- | M] (Google) -- C:\Program Files\Google\Drive\googledrivesync.exe
PRC - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/11/28 16:37:22 | 000,059,280 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe
PRC - [2012/11/28 16:37:22 | 000,059,280 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
PRC - [2012/11/28 16:23:06 | 000,059,280 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
PRC - [2012/11/28 14:13:16 | 000,059,280 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
PRC - [2012/11/01 14:45:21 | 004,763,008 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2012/07/11 13:54:49 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2012/01/18 05:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
PRC - [2011/02/26 00:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011/02/02 11:23:08 | 001,033,600 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Forefront\Client Security\Client\Antimalware\MSASCui.exe
PRC - [2011/01/14 12:35:56 | 000,196,912 | ---- | M] (Nitro PDF Software) -- C:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService.exe
PRC - [2011/01/08 17:06:56 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Forefront\Client Security\Client\Antimalware\MsMpEng.exe
PRC - [2010/10/27 19:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/08/25 10:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2010/07/22 07:43:43 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010/02/25 15:18:20 | 000,076,856 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
PRC - [2009/10/22 19:00:12 | 000,322,624 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe
PRC - [2009/10/22 19:00:10 | 000,842,816 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DpAgent.exe
PRC - [2009/09/18 03:00:00 | 000,764,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\CCM\CcmExec.exe
PRC - [2009/09/11 12:51:48 | 001,811,704 | ---- | M] (AuthenTec, Inc.) -- C:\Program Files\Fingerprint Sensor\AtService.exe
PRC - [2009/08/18 01:36:36 | 000,348,160 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009/08/18 01:36:08 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009/07/13 20:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/04/07 09:13:10 | 000,673,616 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe
PRC - [2009/03/27 17:10:56 | 000,014,336 | ---- | M] (LSI Corporation) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe
PRC - [2008/11/07 14:20:40 | 000,025,824 | ---- | M] (Memeo) -- C:\Program Files\WD\WD Anywhere Backup\MemeoBackgroundService.exe
PRC - [2008/11/07 14:20:06 | 001,344,736 | ---- | M] (Memeo Inc.) -- C:\Program Files\WD\WD Anywhere Backup\MemeoBackup.exe
PRC - [2008/09/25 05:23:16 | 000,599,344 | ---- | M] (Validity Sensors, Inc.) -- C:\Windows\System32\vfsFPService.exe
PRC - [2008/07/24 14:22:50 | 000,102,400 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe
PRC - [2008/07/24 14:22:12 | 000,450,560 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe
PRC - [2008/07/15 12:09:52 | 000,090,112 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEADISRV.EXE
PRC - [2008/05/16 22:12:54 | 000,290,816 | ---- | M] (Pharos Systems International) -- C:\Program Files\PharosSystems\Core\CTskMstr.exe
PRC - [2007/04/06 03:12:48 | 000,073,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Forefront\Client Security\Client\SSA\FcsSas.exe
PRC - [2005/07/21 10:14:58 | 000,134,656 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Forefront\Client Security\Client\Microsoft Operations Manager 2005\MOMService.exe
========== Modules (No Company Name) ========== MOD - [2013/03/09 19:03:05 | 000,792,576 | ---- | M] () -- C:\Users\QUARTE~1\AppData\Local\Temp\_MEI56402\wx._gdi_.pyd
MOD - [2013/03/09 19:03:05 | 000,571,392 | ---- | M] () -- C:\Users\QUARTE~1\AppData\Local\Temp\_MEI56402\pysqlite2._sqlite.pyd
MOD - [2013/03/09 19:03:05 | 000,263,168 | ---- | M] () -- C:\Users\QUARTE~1\AppData\Local\Temp\_MEI56402\win32com.shell.shell.pyd
MOD - [2013/03/09 19:03:05 | 000,153,088 | ---- | M] () -- C:\Users\QUARTE~1\AppData\Local\Temp\_MEI56402\pyexpat.pyd
MOD - [2013/03/09 19:03:05 | 000,096,256 | ---- | M] () -- C:\Users\QUARTE~1\AppData\Local\Temp\_MEI56402\win32api.pyd
MOD - [2013/03/09 19:03:05 | 000,086,016 | ---- | M] () -- C:\Users\QUARTE~1\AppData\Local\Temp\_MEI56402\_elementtree.pyd
MOD - [2013/03/09 19:03:05 | 000,070,656 | ---- | M] () -- C:\Users\QUARTE~1\AppData\Local\Temp\_MEI56402\wx._html2.pyd
MOD - [2013/03/09 19:03:05 | 000,040,448 | ---- | M] () -- C:\Users\QUARTE~1\AppData\Local\Temp\_MEI56402\_socket.pyd
MOD - [2013/03/09 19:03:05 | 000,023,040 | ---- | M] () -- C:\Users\QUARTE~1\AppData\Local\Temp\_MEI56402\win32ts.pyd
MOD - [2013/03/09 19:03:05 | 000,011,776 | ---- | M] () -- C:\Users\QUARTE~1\AppData\Local\Temp\_MEI56402\win32crypt.pyd
MOD - [2013/03/09 19:03:04 | 001,024,616 | ---- | M] () -- C:\Users\QUARTE~1\AppData\Local\Temp\_MEI56402\windows._cacheinvalidation.pyd
MOD - [2013/03/09 19:03:04 | 000,731,136 | ---- | M] () -- C:\Users\QUARTE~1\AppData\Local\Temp\_MEI56402\wx._misc_.pyd
MOD - [2013/03/09 19:03:04 | 000,354,304 | ---- | M] () -- C:\Users\QUARTE~1\AppData\Local\Temp\_MEI56402\pythoncom26.dll
MOD - [2013/03/09 19:03:04 | 000,073,728 | ---- | M] () -- C:\Users\QUARTE~1\AppData\Local\Temp\_MEI56402\_ctypes.pyd
MOD - [2013/03/09 19:03:04 | 000,017,920 | ---- | M] () -- C:\Users\QUARTE~1\AppData\Local\Temp\_MEI56402\win32profile.pyd
MOD - [2013/03/09 19:03:03 | 001,169,408 | ---- | M] () -- C:\Users\QUARTE~1\AppData\Local\Temp\_MEI56402\wx._core_.pyd
MOD - [2013/03/09 19:03:03 | 000,807,424 | ---- | M] () -- C:\Users\QUARTE~1\AppData\Local\Temp\_MEI56402\wx._windows_.pyd
MOD - [2013/03/09 19:03:03 | 000,645,120 | ---- | M] () -- C:\Users\QUARTE~1\AppData\Local\Temp\_MEI56402\_ssl.pyd
MOD - [2013/03/09 19:03:03 | 000,311,808 | ---- | M] () -- C:\Users\QUARTE~1\AppData\Local\Temp\_MEI56402\_hashlib.pyd
MOD - [2013/03/09 19:03:03 | 000,110,592 | ---- | M] () -- C:\Users\QUARTE~1\AppData\Local\Temp\_MEI56402\win32security.pyd
MOD - [2013/03/09 19:03:03 | 000,110,592 | ---- | M] () -- C:\Users\QUARTE~1\AppData\Local\Temp\_MEI56402\pywintypes26.dll
MOD - [2013/03/09 19:03:03 | 000,036,352 | ---- | M] () -- C:\Users\QUARTE~1\AppData\Local\Temp\_MEI56402\win32process.pyd
MOD - [2013/03/09 19:03:03 | 000,022,528 | ---- | M] () -- C:\Users\QUARTE~1\AppData\Local\Temp\_MEI56402\win32pdh.pyd
MOD - [2013/03/09 19:03:02 | 000,121,856 | ---- | M] () -- C:\Users\QUARTE~1\AppData\Local\Temp\_MEI56402\wx._wizard.pyd
MOD - [2013/03/09 19:03:02 | 000,111,104 | ---- | M] () -- C:\Users\QUARTE~1\AppData\Local\Temp\_MEI56402\win32file.pyd
MOD - [2013/03/09 19:03:02 | 000,039,424 | ---- | M] () -- C:\Users\QUARTE~1\AppData\Local\Temp\_MEI56402\win32inet.pyd
MOD - [2013/03/09 19:03:01 | 001,056,256 | ---- | M] () -- C:\Users\QUARTE~1\AppData\Local\Temp\_MEI56402\wx._controls_.pyd
MOD - [2013/03/09 19:03:01 | 000,585,728 | ---- | M] () -- C:\Users\QUARTE~1\AppData\Local\Temp\_MEI56402\unicodedata.pyd
MOD - [2013/03/09 19:03:01 | 000,017,920 | ---- | M] () -- C:\Users\QUARTE~1\AppData\Local\Temp\_MEI56402\win32event.pyd
MOD - [2013/03/09 19:03:01 | 000,011,776 | ---- | M] () -- C:\Users\QUARTE~1\AppData\Local\Temp\_MEI56402\select.pyd
MOD - [2012/04/19 19:22:45 | 001,670,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\cbfdbf9ed05f520f449102c086841ac4\Microsoft.VisualBasic.ni.dll
MOD - [2012/04/19 19:17:04 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8e47bcd69923f39c010b285d0681b795\System.ServiceProcess.ni.dll
MOD - [2012/04/19 19:16:58 | 011,824,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\cdc38572fd6c34cb3033fb419eff3639\System.Web.ni.dll
MOD - [2012/04/19 19:16:33 | 012,431,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\5c37600b4ae4ffeaeff645bb16a58137\System.Windows.Forms.ni.dll
MOD - [2012/04/19 19:16:27 | 001,590,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\b7bec10dca3f27113cc91c24b79c8f75\System.Drawing.ni.dll
MOD - [2012/02/24 10:45:22 | 000,997,888 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\0794d7af09099432ebfb51af1d7f15ae\System.Management.ni.dll
MOD - [2012/02/24 10:39:44 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\0a894f77b9aa64acbd3ce791916357d8\System.Runtime.Remoting.ni.dll
MOD - [2012/02/24 10:39:42 | 006,618,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\c06a0517281bb4a9c7fcaeb58d38cd63\System.Data.ni.dll
MOD - [2012/02/24 10:38:52 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49f4cb0755ccc34cd35ff96dc2ef9e3\System.Xml.ni.dll
MOD - [2012/02/24 10:38:47 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\15742b3597258ce67cbe219005c197e5\System.Configuration.ni.dll
MOD - [2012/02/24 10:38:37 | 007,952,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\1f14b3e1ee0847f8662f513e67f92547\System.ni.dll
MOD - [2011/10/15 09:24:57 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\1b31ced9bb880d94fff1c6d47c16a81e\mscorlib.ni.dll
MOD - [2011/06/24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/06/13 16:54:28 | 000,094,208 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll
MOD - [2009/06/10 16:23:17 | 002,933,248 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2009/03/12 15:45:32 | 000,135,168 | ---- | M] () -- C:\Program Files\Epson Software\Event Manager\Assistants\Scan Assistant\ScanEngine.dll
MOD - [2008/11/21 13:58:42 | 000,057,344 | ---- | M] () -- C:\Program Files\Epson Software\Event Manager\Assistants\Scan Assistant\Satwain.dll
MOD - [2008/11/07 14:21:36 | 000,447,056 | ---- | M] () -- C:\Program Files\WD\WD Anywhere Backup\sqlite3.dll
========== Services (SafeList) ========== SRV - [2013/03/06 18:32:44 | 000,045,248 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/02/28 19:41:12 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/12/18 09:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/07/13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/07/11 13:54:49 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2012/01/18 05:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011/01/14 12:35:56 | 000,196,912 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService.exe -- (NitroReaderDriverReadSpool)
SRV - [2011/01/08 17:06:56 | 000,016,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Forefront\Client Security\Client\Antimalware\MsMpEng.exe -- (FCSAM)
SRV - [2010/09/13 11:48:12 | 000,025,704 | R--- | M] (Amazon.com) [On_Demand | Stopped] -- C:\Program Files\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe -- (ADVService)
SRV - [2010/07/22 08:10:23 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/10/22 19:00:12 | 000,322,624 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe -- (DpHost)
SRV - [2009/09/18 03:00:00 | 000,764,768 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\CCM\CcmExec.exe -- (CcmExec)
SRV - [2009/09/18 03:00:00 | 000,246,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\CCM\TSManager.exe -- (smstsmgr)
SRV - [2009/09/11 12:51:48 | 001,811,704 | ---- | M] (AuthenTec, Inc.) [Auto | Running] -- C:\Program Files\Fingerprint Sensor\AtService.exe -- (ATService)
SRV - [2009/08/18 01:36:08 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009/07/13 20:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/13 20:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 20:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 20:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/03/27 17:10:56 | 000,014,336 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2008/11/07 14:20:40 | 000,025,824 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\WD\WD Anywhere Backup\MemeoBackgroundService.exe -- (MemeoBackgroundService)
SRV - [2008/09/25 05:23:16 | 000,599,344 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\System32\vfsFPService.exe -- (vfsFPService)
SRV - [2008/07/24 14:22:50 | 000,102,400 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe -- (WDBtnMgrSvc.exe)
SRV - [2008/07/15 12:09:52 | 000,090,112 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEADISRV.EXE -- (AEADIFilters)
SRV - [2008/05/16 22:12:54 | 000,290,816 | ---- | M] (Pharos Systems International) [Auto | Running] -- C:\Program Files\PharosSystems\Core\CTskMstr.exe -- (Pharos Systems ComTaskMaster)
SRV - [2008/04/08 12:12:50 | 001,112,560 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -- (RoxMediaDB10)
SRV - [2007/04/06 03:12:48 | 000,073,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Forefront\Client Security\Client\SSA\FcsSas.exe -- (FcsSas)
SRV - [2005/07/21 10:14:58 | 000,134,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Forefront\Client Security\Client\Microsoft Operations Manager 2005\MOMService.exe -- (MOM)
========== Driver Services (SafeList) ========== DRV - File not found [Kernel | Disabled | Unknown] -- C:\Windows\TEMP\mc2DCDF.tmp -- (mchInjDrv)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\QUARTE~1\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2013/03/06 18:33:24 | 000,765,736 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013/03/06 18:33:24 | 000,368,176 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013/03/06 18:33:24 | 000,164,736 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013/03/06 18:33:24 | 000,062,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013/03/06 18:33:24 | 000,049,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013/03/06 18:33:23 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013/03/06 18:33:23 | 000,060,656 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2013/03/06 18:33:22 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2013/02/20 22:26:00 | 000,026,872 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\FixTDSS.sys -- (FixTDSS)
DRV - [2012/12/14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/01/18 05:44:52 | 004,332,960 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC)
DRV - [2012/01/18 05:44:28 | 000,312,096 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
DRV - [2011/07/22 11:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 16:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/07/16 14:03:36 | 000,025,656 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hpdskflt.sys -- (hpdskflt)
DRV - [2010/07/16 14:03:18 | 000,035,896 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2010/01/13 15:36:40 | 006,755,840 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5s32.sys -- (NETw5s32)
DRV - [2009/09/18 03:00:00 | 000,020,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\CCM\PrepDrv.sys -- (prepdrvr)
DRV - [2009/09/14 09:31:54 | 000,659,328 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATSwpWDF.sys -- (ATSwpWDF)
DRV - [2009/08/18 02:48:06 | 004,994,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009/07/20 14:05:16 | 000,049,152 | ---- | M] (RICOH Company, Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rismc32.sys -- (rismc32)
DRV - [2009/07/13 20:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2009/07/13 20:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009/07/13 20:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2009/07/13 18:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/13 18:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/07/13 18:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009/07/13 18:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2009/07/13 18:12:52 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2009/06/25 15:58:10 | 000,048,128 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2009/06/12 17:20:02 | 000,221,912 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1y6232.sys -- (e1yexpress)
DRV - [2009/04/29 07:46:54 | 000,015,872 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2009/04/20 08:38:54 | 000,009,344 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2009/04/06 16:12:44 | 001,161,664 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2008/10/11 14:56:00 | 000,045,056 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2008/10/09 02:32:46 | 001,810,856 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC)
DRV - [2008/07/29 14:41:36 | 000,038,400 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2008/07/10 13:47:22 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2006/11/10 14:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\afc.sys -- (Afc)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...ms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.bentley.edu/IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...Box&FORM=IE8SRCIE - HKCU\..\SearchScopes\{0E3985CD-A97A-4245-856E-76DB3FED2010}: "URL" =
http://www.google.co...utputEncoding?}IE - HKCU\..\SearchScopes\{3CCF9E35-9921-4822-9ED4-1BCDFFFAAD54}: "URL" =
http://search.avg.co...e}&iy=&ychte=usIE - HKCU\..\SearchScopes\{8AD33851-14CC-4CB8-985B-19EFE3615F65}: "URL" =
http://search.avg.co...e}&iy=&ychte=usIE - HKCU\..\SearchScopes\{A75C516E-2111-4976-B0EA-A7455551A29E}: "URL" =
http://libcat.bentle...chTerms}&SORT=DIE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:52222
========== FireFox ========== FF - prefs.js..browser.startup.homepage: "
http://www.yahoo.com/"FF - prefs.js..extensions.enabledAddons:
[email protected]:2.5
FF - prefs.js..network.proxy.no_proxies_on: ""
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_171.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.15.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.775: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.775: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=1.0.0.0: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.775: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\
[email protected]: C:\Program Files\DigitalPersona\Bin\FirefoxExt\ [2010/07/22 07:48:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\
[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/03/09 11:05:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Flock 2.6.1\extensions\\Components: C:\Program Files\Flock\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Flock 2.6.1\extensions\\Plugins: C:\Program Files\Flock\plugins [2013/02/23 20:19:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/11/29 19:49:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/02/23 20:19:37 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\
[email protected]: C:\Program Files\DigitalPersona\Bin\firefoxext [2010/07/22 07:48:58 | 000,000,000 | ---D | M]
[2011/01/17 16:29:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\QUARTE_MATT\AppData\Roaming\mozilla\Extensions
[2010/09/07 10:30:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\QUARTE_MATT\AppData\Roaming\mozilla\Extensions\{a463f10c-3994-11da-9945-000d60ca027b}
[2013/03/07 22:49:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\QUARTE_MATT\AppData\Roaming\mozilla\Firefox\Profiles\rsw2boq3.default\extensions
[2009/07/13 18:11:12 | 000,004,816 | ---- | M] () (No name found) -- C:\Users\QUARTE_MATT\AppData\Roaming\mozilla\firefox\profiles\rsw2boq3.default\extensions\
[email protected][2013/03/07 22:49:36 | 000,194,575 | ---- | M] () (No name found) -- C:\Users\QUARTE_MATT\AppData\Roaming\mozilla\firefox\profiles\rsw2boq3.default\extensions\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi
[2012/08/30 19:32:32 | 000,199,396 | ---- | M] () (No name found) -- C:\Users\QUARTE_MATT\AppData\Roaming\mozilla\firefox\profiles\rsw2boq3.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
[2013/02/23 20:17:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/03/12 23:39:39 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/03/19 15:04:43 | 000,163,840 | ---- | M] (Centra Software, Inc.) -- C:\Program Files\mozilla firefox\plugins\NPCentraUpdater.dll
[2008/07/14 11:12:20 | 000,001,004 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bentley-library-catalog.xml
[2012/03/12 23:38:32 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/03/12 23:38:32 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
========== Chrome ========== CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage:
http://www.google.comCHR - plugin: Shockwave Flash (Enabled) = C:\Users\QUARTE_MATT\AppData\Local\Google\Chrome\User Data\PepperFlash\11.6.602.167\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.152\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.152\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Centra Updater Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPCentraUpdater.dll
CHR - plugin: Java Deployment Toolkit 7.0.10.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Java Platform SE 7 U1 (Enabled) = C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealPlayer HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - Extension: Docs = C:\Users\QUARTE_MATT\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
CHR - Extension: Google Drive = C:\Users\QUARTE_MATT\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: YouTube = C:\Users\QUARTE_MATT\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\QUARTE_MATT\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Gmail = C:\Users\QUARTE_MATT\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2013/03/03 22:13:38 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (DigitalPersona Personal Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\DpAgent.exe (DigitalPersona, Inc.)
O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [Microsoft Forefront Client Security Antimalware Service] C:\Program Files\Microsoft Forefront\Client Security\Client\Antimalware\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [WD Anywhere Backup] C:\Program Files\WD\WD Anywhere Backup\MemeoLauncher2.exe (Memeo Inc.)
O4 - HKLM..\Run: [WD Drive Manager] C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe (WDC)
O4 - HKCU..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files\Google\Drive\googledrivesync.exe (Google)
O4 - HKCU..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\New Windows present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\SQM present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disablecad = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Ranges: Range1 ([*] in Trusted sites)
O15 - HKCU\..Trusted Domains: bentley.edu ([]* in Local intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([*] in Trusted sites)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5}
http://download.eset...lineScanner.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 167.206.254.1 167.206.254.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = blue.ad.bentley.edu
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9682893D-8F95-44B0-A953-DB94F2730FF6}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CD5B4F30-7694-4B1E-A0FD-8941832A33EC}: DhcpNameServer = 167.206.254.1 167.206.254.2
O18 - Protocol\Handler\saphtmlp {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\Program Files\SAP\FrontEnd\SAPgui\SAPHTMLP.DLL (SAP, Walldorf)
O18 - Protocol\Handler\sapr3 {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\Program Files\SAP\FrontEnd\SAPgui\SAPHTMLP.DLL (SAP, Walldorf)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ========== [2013/03/09 11:06:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2013/03/09 11:06:03 | 000,029,816 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2013/03/09 11:06:02 | 000,368,176 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2013/03/09 11:06:00 | 000,060,656 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2013/03/09 11:05:59 | 000,062,376 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2013/03/09 11:05:58 | 000,765,736 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2013/03/09 11:05:53 | 000,066,336 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2013/03/09 11:05:52 | 000,228,600 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2013/03/09 11:04:54 | 000,041,664 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2013/03/09 11:04:33 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013/03/09 11:03:47 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013/03/03 22:13:47 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2013/03/03 22:06:50 | 000,000,000 | ---D | C] -- C:\Users\QUARTE_MATT\AppData\Local\temp
[2013/03/03 21:53:20 | 005,036,260 | R--- | C] (Swearware) -- C:\Users\QUARTE_MATT\Desktop\ComboFix.exe
[2013/02/27 22:48:52 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Users\QUARTE_MATT\Desktop\aswMBR.exe
[2013/02/23 19:58:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2013/02/23 19:56:52 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2013/02/22 19:36:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2013/02/21 22:13:09 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\QUARTE_MATT\Desktop\tdsskiller.exe
[2013/02/21 22:07:51 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/02/20 23:08:06 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\QUARTE_MATT\Desktop\OTL.exe
[2013/02/20 22:51:50 | 000,000,000 | ---D | C] -- C:\_OTM
[2013/02/20 22:26:00 | 000,026,872 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\FixTDSS.sys
[2013/02/17 21:08:22 | 000,000,000 | ---D | C] -- C:\Users\QUARTE_MATT\AppData\Local\CrashDumps
[2013/02/17 20:53:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2013/02/17 20:25:37 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2013/02/17 11:36:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013/02/17 11:35:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2013/02/17 11:35:35 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
========== Files - Modified Within 30 Days ========== [2013/03/09 19:08:47 | 000,645,388 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/03/09 19:08:47 | 000,110,712 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/03/09 19:07:44 | 000,020,512 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/03/09 19:07:44 | 000,020,512 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/03/09 19:03:01 | 000,000,474 | ---- | M] () -- C:\Windows\SMSCFG.ini
[2013/03/09 19:00:47 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/03/09 18:58:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/03/09 11:10:48 | 2387,816,448 | -HS- | M] () -- C:\hiberfil.sys
[2013/03/09 11:06:04 | 000,002,085 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013/03/09 11:05:53 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2013/03/09 10:53:20 | 111,691,960 | ---- | M] () -- C:\Users\QUARTE_MATT\Desktop\avast_free_antivirus_setup.exe
[2013/03/09 10:41:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/03/09 10:33:01 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/03/07 21:13:54 | 111,713,197 | ---- | M] () -- C:\Users\QUARTE_MATT\Desktop\Jake_Owen_-_Barefoot_Blue_Jean_Night_(2011)_320kbps.rar
[2013/03/06 18:33:24 | 000,765,736 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2013/03/06 18:33:24 | 000,368,176 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2013/03/06 18:33:24 | 000,164,736 | ---- | M] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013/03/06 18:33:24 | 000,062,376 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2013/03/06 18:33:24 | 000,049,248 | ---- | M] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2013/03/06 18:33:23 | 000,066,336 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2013/03/06 18:33:23 | 000,060,656 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2013/03/06 18:33:22 | 000,029,816 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2013/03/06 18:32:51 | 000,041,664 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2013/03/06 18:32:42 | 000,228,600 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2013/03/05 23:08:33 | 000,576,684 | ---- | M] () -- C:\Users\QUARTE_MATT\Documents\Fit_AbWorkout.pdf
[2013/03/03 22:13:38 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2013/03/03 21:53:35 | 005,036,260 | R--- | M] (Swearware) -- C:\Users\QUARTE_MATT\Desktop\ComboFix.exe
[2013/02/28 19:30:38 | 000,001,077 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/02/27 22:56:19 | 000,377,856 | ---- | M] () -- C:\Users\QUARTE_MATT\Desktop\9dcg2bw4.exe
[2013/02/27 22:56:19 | 000,377,856 | ---- | M] () -- C:\9dcg2bw4.exe
[2013/02/27 22:54:10 | 000,000,512 | ---- | M] () -- C:\Users\QUARTE_MATT\Desktop\MBR.dat
[2013/02/27 22:50:15 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Users\QUARTE_MATT\Desktop\aswMBR.exe
[2013/02/22 19:33:27 | 157,228,696 | ---- | M] () -- C:\Users\QUARTE_MATT\Desktop\setup_11.0.0.1245.x01_2013_02_23_02_18.exe
[2013/02/21 22:13:22 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\QUARTE_MATT\Desktop\tdsskiller.exe
[2013/02/20 23:08:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\QUARTE_MATT\Desktop\OTL.exe
[2013/02/20 22:26:00 | 000,026,872 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\FixTDSS.sys
[2013/02/20 21:16:14 | 000,080,311 | ---- | M] () -- C:\Users\QUARTE_MATT\Desktop\Lenovo E585.pdf
[2013/02/19 22:22:27 | 000,002,235 | ---- | M] () -- C:\Users\QUARTE_MATT\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/02/17 21:18:09 | 000,000,272 | ---- | M] () -- C:\ProgramData\SMRResults311.dat
[2013/02/17 20:10:54 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.old
[2013/02/17 11:35:39 | 000,001,967 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
========== Files Created - No Company Name ========== [2013/03/09 11:06:04 | 000,002,085 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013/03/09 11:05:57 | 000,164,736 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013/03/09 11:05:56 | 000,049,248 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2013/03/09 10:52:32 | 111,691,960 | ---- | C] () -- C:\Users\QUARTE_MATT\Desktop\avast_free_antivirus_setup.exe
[2013/03/07 20:37:42 | 111,713,197 | ---- | C] () -- C:\Users\QUARTE_MATT\Desktop\Jake_Owen_-_Barefoot_Blue_Jean_Night_(2011)_320kbps.rar
[2013/03/05 23:08:33 | 000,576,684 | ---- | C] () -- C:\Users\QUARTE_MATT\Documents\Fit_AbWorkout.pdf
[2013/02/27 22:56:38 | 000,377,856 | ---- | C] () -- C:\9dcg2bw4.exe
[2013/02/27 22:56:17 | 000,377,856 | ---- | C] () -- C:\Users\QUARTE_MATT\Desktop\9dcg2bw4.exe
[2013/02/27 22:54:10 | 000,000,512 | ---- | C] () -- C:\Users\QUARTE_MATT\Desktop\MBR.dat
[2013/02/22 19:32:07 | 157,228,696 | ---- | C] () -- C:\Users\QUARTE_MATT\Desktop\setup_11.0.0.1245.x01_2013_02_23_02_18.exe
[2013/02/20 21:16:14 | 000,080,311 | ---- | C] () -- C:\Users\QUARTE_MATT\Desktop\Lenovo E585.pdf
[2013/02/17 21:18:09 | 000,000,272 | ---- | C] () -- C:\ProgramData\SMRResults311.dat
[2013/02/17 19:49:30 | 000,002,235 | ---- | C] () -- C:\Users\QUARTE_MATT\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/02/17 11:35:39 | 000,001,967 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/05/13 21:41:53 | 000,000,000 | ---- | C] () -- C:\Windows\PowerReg.dat
[2012/01/18 05:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\System32\LogiDPP.dll
[2012/01/18 05:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\System32\DevManagerCore.dll
[2012/01/18 05:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\System32\LogiDPPApp.exe
[2012/01/18 05:22:54 | 000,028,418 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2011/12/04 16:39:35 | 000,011,678 | -HS- | C] () -- C:\Users\QUARTE_MATT\AppData\Local\gnknnt2n7ojj3gnm8xoe8a087t8f
[2011/08/28 22:28:12 | 000,000,000 | ---- | C] () -- C:\Users\QUARTE_MATT\AppData\Local\{795FF470-B269-4E6B-ABEC-8AEA7DD7E459}
[2011/08/08 19:13:48 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011/08/08 19:13:48 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/08/08 19:13:48 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/08/08 19:13:48 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/08/08 19:13:48 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/05/08 17:41:34 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011/05/08 17:41:09 | 000,180,624 | ---- | C] () -- C:\Windows\System32\Primomonnt.dll
[2011/03/12 16:53:16 | 000,001,209 | ---- | C] () -- C:\Windows\eReg.dat
[2010/11/16 11:22:23 | 000,083,456 | ---- | C] () -- C:\Users\QUARTE_MATT\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/10/04 16:29:22 | 000,004,096 | -H-- | C] () -- C:\Users\QUARTE_MATT\AppData\Local\keyfile3.drm
[2010/09/07 08:36:16 | 000,005,238 | RHS- | C] () -- C:\Users\QUARTE_MATT\ntuser.pol
[2010/08/05 14:56:28 | 000,048,946 | RHS- | C] () -- C:\ProgramData\ntuser.pol
========== ZeroAccess Check ========== [2009/07/13 23:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/01/04 04:03:45 | 012,868,096 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/13 20:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 20:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ========== [2012/11/17 14:11:03 | 000,000,000 | ---D | M] -- C:\Users\QUARTE_MATT\AppData\Roaming\Amazon
[2011/07/31 18:42:31 | 000,000,000 | ---D | M] -- C:\Users\QUARTE_MATT\AppData\Roaming\AVG10
[2010/11/16 12:29:09 | 000,000,000 | ---D | M] -- C:\Users\QUARTE_MATT\AppData\Roaming\Blackberry Desktop
[2011/01/17 17:07:51 | 000,000,000 | ---D | M] -- C:\Users\QUARTE_MATT\AppData\Roaming\Centra
[2011/12/25 14:17:42 | 000,000,000 | ---D | M] -- C:\Users\QUARTE_MATT\AppData\Roaming\com.amazon.music.uploader
[2010/07/22 07:55:31 | 000,000,000 | ---D | M] -- C:\Users\QUARTE_MATT\AppData\Roaming\DigitalPersona
[2011/09/06 17:43:52 | 000,000,000 | ---D | M] -- C:\Users\QUARTE_MATT\AppData\Roaming\Epson
[2010/09/07 10:42:27 | 000,000,000 | ---D | M] -- C:\Users\QUARTE_MATT\AppData\Roaming\Flock
[2011/03/14 12:12:03 | 000,000,000 | ---D | M] -- C:\Users\QUARTE_MATT\AppData\Roaming\FrostWire
[2011/01/15 22:56:52 | 000,000,000 | ---D | M] -- C:\Users\QUARTE_MATT\AppData\Roaming\GMATPrep
[2013/02/23 15:13:52 | 000,000,000 | ---D | M] -- C:\Users\QUARTE_MATT\AppData\Roaming\Nitro PDF
[2013/02/20 21:15:44 | 000,000,000 | ---D | M] -- C:\Users\QUARTE_MATT\AppData\Roaming\PrimoPDF
[2010/11/16 11:22:04 | 000,000,000 | ---D | M] -- C:\Users\QUARTE_MATT\AppData\Roaming\Research In Motion
[2011/01/17 16:15:52 | 000,000,000 | ---D | M] -- C:\Users\QUARTE_MATT\AppData\Roaming\Saba
[2010/12/07 16:27:36 | 000,000,000 | ---D | M] -- C:\Users\QUARTE_MATT\AppData\Roaming\SAP
[2010/09/30 10:08:49 | 000,000,000 | ---D | M] -- C:\Users\QUARTE_MATT\AppData\Roaming\SmartDraw
[2012/10/05 19:27:10 | 000,000,000 | ---D | M] -- C:\Users\QUARTE_MATT\AppData\Roaming\Spotify
[2010/09/07 08:36:44 | 000,000,000 | ---D | M] -- C:\Users\QUARTE_MATT\AppData\Roaming\WD
========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:502D809E
< End of report >