Here are the OTL Logs:
OTL logfile created on: 7/9/2013 11:18:13 AM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lewis\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
5.91 Gb Total Physical Memory | 3.29 Gb Available Physical Memory | 55.59% Memory free
11.82 Gb Paging File | 8.71 Gb Available in Paging File | 73.69% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451.01 Gb Total Space | 400.91 Gb Free Space | 88.89% Space Free | Partition Type: NTFS
Computer Name: LEWIS-PC | User Name: Lewis | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2013/07/09 11:17:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lewis\Downloads\OTL (2).exe
PRC - [2013/07/05 09:38:10 | 000,239,496 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.149\GoogleCrashHandler.exe
PRC - [2013/06/14 21:28:44 | 000,825,808 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/05/16 10:59:00 | 003,830,224 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
PRC - [2013/05/16 10:56:34 | 001,033,688 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2013/05/16 10:56:30 | 001,817,560 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2013/05/15 13:21:32 | 000,171,928 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2013/05/11 06:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/05/09 04:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/05/09 04:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/05/09 04:58:27 | 000,137,960 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwServ.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/11/26 09:30:00 | 000,687,104 | ---- | M] () -- C:\Program Files (x86)\Fast Free Converter\FastFreeConverterUpdt.exe
PRC - [2011/05/19 03:16:36 | 000,921,664 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
========== Modules (No Company Name) ========== MOD - [2013/06/14 21:28:42 | 000,393,168 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\ppgooglenaclpluginchrome.dll
MOD - [2013/06/14 21:28:41 | 013,140,432 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll
MOD - [2013/06/14 21:28:40 | 004,051,408 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\pdf.dll
MOD - [2013/06/14 21:27:51 | 000,599,504 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\libglesv2.dll
MOD - [2013/06/14 21:27:50 | 000,124,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\libegl.dll
MOD - [2013/06/14 21:27:48 | 001,597,392 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\ffmpegsumo.dll
MOD - [2013/05/16 10:55:28 | 000,161,112 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
MOD - [2013/05/16 10:55:26 | 000,113,496 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2013/05/16 10:55:24 | 000,416,600 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
MOD - [2011/03/17 01:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/12/21 02:15:30 | 001,041,248 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
========== Services (SafeList) ========== SRV:
64bit: - [2013/05/09 04:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:
64bit: - [2013/05/09 04:58:27 | 000,137,960 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV:
64bit: - [2011/09/15 20:41:28 | 001,518,352 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:
64bit: - [2011/09/15 20:28:06 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:
64bit: - [2011/09/15 20:24:52 | 000,844,560 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:
64bit: - [2011/09/15 11:54:46 | 001,166,848 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV:
64bit: - [2011/06/03 14:51:38 | 000,134,928 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV:
64bit: - [2011/01/25 05:57:18 | 000,296,448 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:
64bit: - [2010/05/21 18:20:07 | 001,052,328 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\dleacoms.exe -- (dlea_device)
SRV:
64bit: - [2010/05/21 18:20:02 | 000,045,224 | ---- | M] () [Auto | Running] -- C:\windows\SysNative\spool\DRIVERS\x64\3\\dleaserv.exe -- (dleaCATSCustConnectService)
SRV:
64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:
64bit: - [2009/03/03 06:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [On_Demand | Stopped] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2013/06/12 14:41:13 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/05/11 06:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/11/26 09:30:00 | 000,687,104 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Fast Free Converter\FastFreeConverterUpdt.exe -- (FastFreeConverterUpdt)
SRV - [2011/10/26 10:58:10 | 000,162,816 | ---- | M] (Dell Products, LP.) [On_Demand | Stopped] -- C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe -- (DellDigitalDelivery)
SRV - [2011/08/18 12:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) [On_Demand | Stopped] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)
SRV - [2011/05/19 03:16:48 | 000,995,392 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2011/05/19 03:16:46 | 001,335,360 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)
SRV - [2011/05/19 03:16:36 | 000,921,664 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2010/11/06 01:54:22 | 000,013,336 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/10/05 23:04:12 | 002,655,768 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/10/05 23:04:08 | 000,325,656 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/08/25 22:28:54 | 002,823,000 | ---- | M] (Dell, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe -- (NOBU)
SRV - [2010/05/21 18:20:02 | 000,045,224 | ---- | M] () [Auto | Running] -- C:\windows\system32\spool\DRIVERS\x64\3\\dleaserv.exe -- (dleaCATSCustConnectService)
SRV - [2010/05/21 18:19:52 | 000,598,696 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWOW64\dleacoms.exe -- (dlea_device)
SRV - [2010/03/18 15:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ========== DRV:
64bit: - [2013/06/27 16:06:57 | 000,189,936 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:
64bit: - [2013/06/27 16:06:56 | 000,378,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:
64bit: - [2013/06/27 16:06:55 | 001,030,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:
64bit: - [2013/05/09 04:59:07 | 000,072,016 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:
64bit: - [2013/05/09 04:59:07 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:
64bit: - [2013/05/09 04:59:07 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:
64bit: - [2013/05/09 04:59:06 | 000,270,824 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswNdis2.sys -- (aswNdis2)
DRV:
64bit: - [2013/05/09 04:59:06 | 000,131,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswFW.sys -- (aswFW)
DRV:
64bit: - [2013/05/09 04:59:06 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:
64bit: - [2013/05/09 04:59:06 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:
64bit: - [2013/05/09 04:59:06 | 000,022,600 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:
64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:
64bit: - [2013/03/13 14:01:59 | 000,012,368 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswNdis.sys -- (aswNdis)
DRV:
64bit: - [2012/03/28 10:42:56 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:
64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:
64bit: - [2012/02/01 18:06:42 | 000,025,072 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\Program Files\Dell Support Center\pcdsrvc_x64.pkms -- (PCDSRVC{1E208CE0-FB7451FF-06020101}_0)
DRV:
64bit: - [2011/09/18 04:26:52 | 008,604,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:
64bit: - [2011/09/15 11:48:24 | 000,299,008 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP)
DRV:
64bit: - [2011/09/15 11:48:24 | 000,299,008 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL)
DRV:
64bit: - [2011/07/19 20:54:06 | 000,059,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex)
DRV:
64bit: - [2011/07/19 17:13:42 | 000,282,624 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf)
DRV:
64bit: - [2011/06/21 17:19:14 | 000,025,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:
64bit: - [2011/06/21 17:19:12 | 000,034,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:
64bit: - [2011/06/16 14:40:20 | 000,176,000 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:
64bit: - [2011/05/19 03:17:04 | 000,053,248 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux)
DRV:
64bit: - [2011/05/19 03:17:02 | 000,051,712 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmaud.sys -- (btmaudio)
DRV:
64bit: - [2011/05/13 04:28:46 | 000,363,856 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:
64bit: - [2011/04/10 15:51:06 | 012,223,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:
64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:
64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:
64bit: - [2011/01/25 05:57:18 | 000,520,192 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:
64bit: - [2010/12/10 17:50:36 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:
64bit: - [2010/12/10 17:50:36 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:
64bit: - [2010/11/20 23:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:
64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:
64bit: - [2010/11/20 23:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:
64bit: - [2010/11/06 19:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:
64bit: - [2010/10/29 20:11:42 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:
64bit: - [2010/10/26 15:08:08 | 000,406,632 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:
64bit: - [2010/10/15 05:28:16 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:
64bit: - [2010/09/21 11:59:38 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:
64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:
64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:
64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:
64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:
64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:
64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:
64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:
64bit: - [2006/11/01 14:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:
64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:
64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...ms}&FORM=IE8SRCIE:
64bit: - HKLM\..\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}: "URL" =
http://www.bing.com/...rc=IE-SearchBoxIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...ms}&FORM=IE8SRCIE - HKLM\..\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}: "URL" =
http://www.bing.com/...rc=IE-SearchBox IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://yahoo.com/IE - HKCU\..\URLSearchHook: {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - No CLSID value found
IE - HKCU\..\URLSearchHook: {50fafaf0-70a9-419d-a109-fa4b4ffd4e37} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...Box&FORM=IE10SRIE - HKCU\..\SearchScopes\{ABF18326-DB37-475C-8698-AD575EC30971}: "URL" =
http://search.yahoo....p={searchTerms}IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
========== FireFox ========== FF:
64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:
64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:
64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~2\mcafee\msc\npmcsn~1.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore
[2013/04/13 16:57:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lewis\AppData\Roaming\Mozilla\Extensions
[2013/05/28 07:04:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lewis\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
[2012/09/04 08:15:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lewis\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions
[2012/09/04 07:15:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
========== Chrome ========== CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage:
http://www.yahoo.com/CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Lewis\AppData\Local\Google\Chrome\User Data\PepperFlash\11.7.700.202\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Lewis\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Lewis\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Google Talk Plugin Video Renderer (Enabled) = C:\Users\Lewis\AppData\Roaming\Mozilla\plugins\npo1d.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: Java Platform SE 7 U21 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - Extension: Google Translate = C:\Users\Lewis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\1.2.4_0\
CHR - Extension: reddit companion = C:\Users\Lewis\AppData\Local\Google\Chrome\User Data\Default\Extensions\algjnflpgoopkdijmkalfcifomdhmcbe\1.1.2_0\
CHR - Extension: Search by Image (by Google) = C:\Users\Lewis\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm\1.4.3_0\
CHR - Extension: Facebook Share Button = C:\Users\Lewis\AppData\Local\Google\Chrome\User Data\Default\Extensions\feakibicljdmfdfdjacenlnmeacnnnpm\1.0.2_0\
CHR - Extension: Facebook for Chrome = C:\Users\Lewis\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdalhedleemkkdjddjgfjmcnbpejpapp\6.2.9_0\
CHR - Extension: avast! Online Security = C:\Users\Lewis\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.8_0\
CHR - Extension: My Shareaholic = C:\Users\Lewis\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagnaolanjedhkeiamdeidabdmdcofjl\1.0.2_0\
CHR - Extension: Shareaholic for Google Chrome\u2122 = C:\Users\Lewis\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmipnjdeifmobkhgogdnomkihhgojep\5.7.0_0\
CHR - Extension: StumbleUpon = C:\Users\Lewis\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcahibnffhnnjcedflmchmokndkjnhpg\5.6.17.1_0\
CHR - Extension: Shareaholic for Pinterest = C:\Users\Lewis\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfjkehmceppcpjoaoegdmffmkdhiegmc\2.0.2_0\
CHR - Extension: Extended Share for Google Plus = C:\Users\Lewis\AppData\Local\Google\Chrome\User Data\Default\Extensions\oenpjldbckebacipkfbcoppmiflglnib\4.0.2_0\
CHR - Extension: Facebook Translate = C:\Users\Lewis\AppData\Local\Google\Chrome\User Data\Default\Extensions\plofenifjagmdikfcobngnfmmnfmphin\1.1.3_0\
CHR - Extension: Reverse Image Search = C:\Users\Lewis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnbjgbjnfhgmgndhgipcgdjjjagihbkh\1.1_0\
O1 HOSTS File: ([2013/07/04 16:14:27 | 000,897,302 | R--- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 15431 more lines...
O2:
64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:
64bit: - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Fast Free Converter 4.1) - {C3E50543-BC36-4C80-8070-38A97E02DEB2} - C:\Program Files (x86)\Fast Free Converter\FastFreeConverter\FastFreeConverter.dll (Fast Free Converter)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:
64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:
64bit: - HKLM..\Run: [IntelPAN] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe (Dell, Inc.)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O13
64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: dell.com ([]* in Trusted sites)
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884}
http://ccfiles.creat...102/CTSUEng.cab (Creative Software AutoUpdate)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5}
http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E}
http://ccfiles.creat...13/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29}
http://ccfiles.creat...30321/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2DB07389-E2D8-435C-8610-A2B4A482E18C}: DhcpNameServer = 192.168.1.1
O18:
64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:
64bit: - Protocol\Filter\application/x-mfe-ipt - No CLSID value found
O18 - Protocol\Filter\application/x-mfe-ipt - No CLSID value found
O20:
64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:
64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21:
64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (sdnclean64.exe)
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:
64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ========== [2013/07/07 06:46:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\File Type Helper
[2013/07/07 06:46:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Fast Free Converter
[2013/07/05 08:23:30 | 000,000,000 | ---D | C] -- C:\Users\Lewis\AppData\Local\Evernote
[2013/07/05 08:23:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Evernote
[2013/07/04 16:09:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2013/07/04 16:09:44 | 000,017,272 | ---- | C] (Safer Networking Limited) -- C:\windows\SysNative\sdnclean64.exe
[2013/06/27 16:04:58 | 000,263,592 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\javaws.exe
[2013/06/27 16:04:51 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\javaw.exe
[2013/06/27 16:04:51 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\java.exe
[2013/06/27 16:04:51 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\WindowsAccessBridge-32.dll
[2013/06/27 16:04:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2013/06/23 17:50:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2013/06/21 10:22:03 | 000,378,944 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswSP.sys
[2013/06/21 10:22:03 | 000,033,400 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswFsBlk.sys
[2013/06/21 10:22:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Internet Security
[2013/06/21 10:21:47 | 000,270,824 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswNdis2.sys
[2013/06/21 10:21:47 | 000,131,232 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswFW.sys
[2013/06/21 10:21:47 | 000,072,016 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswRdr2.sys
[2013/06/21 10:21:47 | 000,064,288 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswTdi.sys
[2013/06/21 10:21:46 | 001,030,952 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswSnx.sys
[2013/06/21 10:21:46 | 000,080,816 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswMonFlt.sys
[2013/06/21 10:21:46 | 000,022,600 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswKbd.sys
[2013/06/21 10:21:45 | 000,287,840 | ---- | C] (AVAST Software) -- C:\windows\SysNative\aswBoot.exe
[2013/06/21 10:21:37 | 000,012,368 | ---- | C] (ALWIL Software) -- C:\windows\SysNative\drivers\aswNdis.sys
[2013/06/21 10:21:12 | 000,041,664 | ---- | C] (AVAST Software) -- C:\windows\avastSS.scr
[2013/06/15 10:12:57 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2013/06/15 10:12:56 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2013/06/12 15:05:43 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll
[2013/06/12 15:05:43 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll
[2013/06/12 15:05:43 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe
[2013/06/12 15:05:43 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe
[2013/06/12 15:05:43 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2013/06/12 15:05:43 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2013/06/12 15:05:43 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2013/06/12 15:05:43 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2013/06/12 15:05:43 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2013/06/12 15:05:41 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2013/06/12 15:05:41 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2013/06/12 15:05:41 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2013/06/12 15:05:40 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2013/06/12 10:32:29 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\win32spl.dll
[2013/06/12 10:32:29 | 000,492,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\win32spl.dll
[2013/06/12 10:32:27 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cryptdlg.dll
[2013/06/12 10:32:27 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cryptdlg.dll
[2013/06/12 10:32:25 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WindowsCodecs.dll
[2013/06/12 10:32:19 | 001,192,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\certutil.exe
[2013/06/12 10:32:19 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\certutil.exe
[2013/06/12 10:32:18 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\crypt32.dll
[2013/06/12 10:32:18 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cryptnet.dll
[2013/06/12 10:32:18 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\certenc.dll
[2013/06/12 10:32:18 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\certenc.dll
[2013/06/12 10:32:10 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d11.dll
[2013/06/12 10:32:10 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3d11.dll
========== Files - Modified Within 30 Days ========== [2013/07/09 10:43:00 | 000,000,896 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/07/09 10:41:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013/07/09 09:43:00 | 000,000,892 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/07/09 09:08:19 | 000,782,986 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013/07/09 09:08:19 | 000,663,260 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013/07/09 09:08:19 | 000,122,096 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013/07/09 09:06:23 | 000,000,928 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-1422163307-3788927115-2030255185-1000UA.job
[2013/07/09 09:06:21 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013/07/09 06:24:17 | 000,000,906 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-1422163307-3788927115-2030255185-1000Core.job
[2013/07/09 04:55:01 | 000,020,928 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/07/09 04:55:01 | 000,020,928 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/07/09 04:46:50 | 463,871,999 | -HS- | M] () -- C:\hiberfil.sys
[2013/07/09 03:44:02 | 000,074,255 | ---- | M] () -- C:\Users\Lewis\Desktop\Devilish.jpg
[2013/07/08 10:42:24 | 000,084,096 | ---- | M] () -- C:\Users\Lewis\Desktop\paraclete.jpg
[2013/07/08 10:38:48 | 000,077,706 | ---- | M] () -- C:\Users\Lewis\Desktop\Photon.png
[2013/07/08 06:37:53 | 000,148,912 | ---- | M] () -- C:\Users\Lewis\Desktop\Satan.jpg
[2013/07/08 05:57:01 | 000,021,772 | ---- | M] () -- C:\Users\Lewis\Desktop\Animus.jpg
[2013/07/08 05:50:56 | 000,059,061 | ---- | M] () -- C:\Users\Lewis\Desktop\carl.jpg
[2013/07/07 11:26:05 | 000,026,188 | ---- | M] () -- C:\Users\Lewis\Desktop\Jung and Philosopy by William R. Clough.pdf
[2013/07/07 10:25:36 | 025,256,959 | ---- | M] () -- C:\Users\Lewis\Desktop\The Old Testament in the light of the ancient East Volume 1 by Alfred Jeremias.pdf
[2013/07/07 05:54:02 | 000,106,400 | ---- | M] () -- C:\Users\Lewis\Desktop\Trinity.jpg
[2013/07/04 16:14:27 | 000,897,302 | R--- | M] () -- C:\windows\SysNative\drivers\etc\Hosts
[2013/07/03 06:06:58 | 000,570,614 | ---- | M] () -- C:\Users\Lewis\Desktop\Sal SPIA.pdf
[2013/06/29 10:56:19 | 000,043,772 | ---- | M] () -- C:\Users\Lewis\Documents\topic.jpg
[2013/06/29 06:40:40 | 000,294,661 | ---- | M] () -- C:\Users\Lewis\Desktop\Annuity.pdf
[2013/06/27 16:13:39 | 000,777,202 | ---- | M] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2013/06/27 16:06:57 | 000,189,936 | ---- | M] () -- C:\windows\SysNative\drivers\aswVmm.sys
[2013/06/27 16:06:57 | 000,000,175 | ---- | M] () -- C:\windows\SysNative\drivers\aswVmm.sys.sum
[2013/06/27 16:06:57 | 000,000,175 | ---- | M] () -- C:\windows\SysNative\drivers\aswSP.sys.sum
[2013/06/27 16:06:56 | 000,378,944 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswSP.sys
[2013/06/27 16:06:55 | 001,030,952 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswSnx.sys
[2013/06/27 16:06:55 | 000,000,175 | ---- | M] () -- C:\windows\SysNative\drivers\aswSnx.sys.sum
[2013/06/27 16:04:44 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\WindowsAccessBridge-32.dll
[2013/06/27 16:04:42 | 000,867,240 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\npdeployJava1.dll
[2013/06/27 16:04:42 | 000,789,416 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\deployJava1.dll
[2013/06/27 16:04:42 | 000,263,592 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\javaws.exe
[2013/06/27 16:04:42 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\javaw.exe
[2013/06/27 16:04:42 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\java.exe
[2013/06/21 10:21:46 | 000,000,000 | ---- | M] () -- C:\windows\SysWow64\config.nt
[2013/06/12 14:41:12 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2013/06/12 14:41:12 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/06/09 15:38:34 | 000,954,441 | ---- | M] () -- C:\Users\Lewis\Desktop\The Interpretation of Dreams by Sigmund Freud.pdf
========== Files Created - No Company Name ========== [2013/07/09 03:43:31 | 000,074,255 | ---- | C] () -- C:\Users\Lewis\Desktop\Devilish.jpg
[2013/07/08 10:42:06 | 000,084,096 | ---- | C] () -- C:\Users\Lewis\Desktop\paraclete.jpg
[2013/07/08 10:38:17 | 000,077,706 | ---- | C] () -- C:\Users\Lewis\Desktop\Photon.png
[2013/07/08 06:37:36 | 000,148,912 | ---- | C] () -- C:\Users\Lewis\Desktop\Satan.jpg
[2013/07/08 05:56:19 | 000,021,772 | ---- | C] () -- C:\Users\Lewis\Desktop\Animus.jpg
[2013/07/08 05:50:30 | 000,059,061 | ---- | C] () -- C:\Users\Lewis\Desktop\carl.jpg
[2013/07/07 11:26:02 | 000,026,188 | ---- | C] () -- C:\Users\Lewis\Desktop\Jung and Philosopy by William R. Clough.pdf
[2013/07/07 10:25:34 | 025,256,959 | ---- | C] () -- C:\Users\Lewis\Desktop\The Old Testament in the light of the ancient East Volume 1 by Alfred Jeremias.pdf
[2013/07/07 05:53:46 | 000,106,400 | ---- | C] () -- C:\Users\Lewis\Desktop\Trinity.jpg
[2013/07/04 16:09:48 | 000,001,397 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2013/07/03 06:06:58 | 000,570,614 | ---- | C] () -- C:\Users\Lewis\Desktop\Sal SPIA.pdf
[2013/06/29 18:35:39 | 000,043,772 | ---- | C] () -- C:\Users\Lewis\Documents\topic.jpg
[2013/06/29 06:40:40 | 000,294,661 | ---- | C] () -- C:\Users\Lewis\Desktop\Annuity.pdf
[2013/06/27 16:06:57 | 000,000,175 | ---- | C] () -- C:\windows\SysNative\drivers\aswVmm.sys.sum
[2013/06/26 17:54:58 | 000,000,175 | ---- | C] () -- C:\windows\SysNative\drivers\aswSnx.sys.sum
[2013/06/26 17:54:56 | 000,000,175 | ---- | C] () -- C:\windows\SysNative\drivers\aswSP.sys.sum
[2013/06/21 10:21:46 | 000,189,936 | ---- | C] () -- C:\windows\SysNative\drivers\aswVmm.sys
[2013/06/21 10:21:46 | 000,065,336 | ---- | C] () -- C:\windows\SysNative\drivers\aswRvrt.sys
[2013/06/09 15:38:34 | 000,954,441 | ---- | C] () -- C:\Users\Lewis\Desktop\The Interpretation of Dreams by Sigmund Freud.pdf
[2013/01/09 17:19:41 | 000,038,446 | ---- | C] () -- C:\Users\Lewis\AppData\Roaming\Comma Separated Values (Windows).ADR
[2012/09/04 08:49:57 | 000,000,452 | ---- | C] () -- C:\windows\wininit.ini
[2012/04/17 12:01:17 | 000,203,436 | ---- | C] () -- C:\Program Files\17April2012 ProBasic.cpd
[2012/04/17 11:59:19 | 000,265,302 | ---- | C] () -- C:\Program Files\17April2012 CPrint Back up.cpd
[2012/03/16 11:53:40 | 000,000,017 | ---- | C] () -- C:\Users\Lewis\AppData\Local\resmon.resmoncfg
[2012/03/11 13:59:18 | 000,000,047 | ---- | C] () -- C:\windows\NeroDigital.ini
[2012/03/03 16:46:10 | 000,364,544 | ---- | C] ( ) -- C:\windows\SysWow64\dleainpa.dll
[2012/03/03 16:46:10 | 000,344,064 | ---- | C] () -- C:\windows\SysWow64\dleacomx.dll
[2012/03/03 16:46:10 | 000,331,776 | ---- | C] () -- C:\windows\SysWow64\DLEAinst.dll
[2012/03/03 16:46:09 | 000,643,072 | ---- | C] ( ) -- C:\windows\SysWow64\dleapmui.dll
[2012/03/03 16:46:09 | 000,344,064 | ---- | C] ( ) -- C:\windows\SysWow64\dleaiesc.dll
[2012/03/03 16:46:09 | 000,106,496 | ---- | C] () -- C:\windows\SysWow64\dleainsr.dll
[2012/03/03 16:46:09 | 000,057,344 | ---- | C] () -- C:\windows\SysWow64\dleajswr.dll
[2012/03/03 16:46:09 | 000,036,864 | ---- | C] () -- C:\windows\SysWow64\dleacur.dll
[2012/03/03 16:46:08 | 000,323,584 | ---- | C] () -- C:\windows\SysWow64\dleains.dll
[2012/03/03 16:46:08 | 000,262,144 | ---- | C] () -- C:\windows\SysWow64\dleainsb.dll
[2012/03/03 16:46:08 | 000,253,952 | ---- | C] () -- C:\windows\SysWow64\dleacu.dll
[2012/03/03 16:46:08 | 000,090,112 | ---- | C] () -- C:\windows\SysWow64\dleacub.dll
[2012/03/03 16:46:07 | 001,048,576 | ---- | C] ( ) -- C:\windows\SysWow64\dleaserv.dll
[2012/03/03 16:46:07 | 000,847,872 | ---- | C] ( ) -- C:\windows\SysWow64\dleausb1.dll
[2012/03/03 16:46:07 | 000,577,536 | ---- | C] ( ) -- C:\windows\SysWow64\dlealmpm.dll
[2012/03/03 16:46:06 | 000,688,128 | ---- | C] ( ) -- C:\windows\SysWow64\dleahbn3.dll
[2012/03/03 16:46:06 | 000,324,264 | ---- | C] ( ) -- C:\windows\SysWow64\dleaih.exe
[2012/03/03 16:46:05 | 000,802,816 | ---- | C] ( ) -- C:\windows\SysWow64\dleacomc.dll
[2012/03/03 16:46:05 | 000,598,696 | ---- | C] ( ) -- C:\windows\SysWow64\dleacoms.exe
[2012/03/03 16:46:05 | 000,372,736 | ---- | C] ( ) -- C:\windows\SysWow64\dleacomm.dll
[2012/03/03 16:46:04 | 000,373,416 | ---- | C] ( ) -- C:\windows\SysWow64\dleacfg.exe
[2012/03/03 16:46:02 | 000,086,180 | ---- | C] () -- C:\windows\SysWow64\DLEAcfg.dll
[2012/03/03 16:43:03 | 000,028,672 | ---- | C] () -- C:\windows\SysWow64\DLEAsmr.dll
[2012/03/03 16:43:02 | 000,299,008 | ---- | C] () -- C:\windows\SysWow64\DLEAsm.dll
[2012/03/03 04:47:23 | 000,004,608 | ---- | C] () -- C:\Users\Lewis\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/01/05 02:40:56 | 000,963,116 | ---- | C] () -- C:\windows\SysWow64\igkrng600.bin
[2012/01/05 02:40:56 | 000,218,304 | ---- | C] () -- C:\windows\SysWow64\igfcg600m.bin
[2012/01/05 02:40:56 | 000,145,804 | ---- | C] () -- C:\windows\SysWow64\igcompkrng600.bin
[2012/01/05 02:40:56 | 000,056,832 | ---- | C] () -- C:\windows\SysWow64\igdde32.dll
[2012/01/05 02:40:55 | 013,356,032 | ---- | C] () -- C:\windows\SysWow64\ig4icd32.dll
[2012/01/05 01:14:29 | 000,017,776 | ---- | C] () -- C:\windows\EvtMessage.dll
[2012/01/05 01:09:27 | 000,008,192 | ---- | C] () -- C:\windows\SysWow64\drivers\IntelMEFWVer.dll
[2011/11/16 16:49:04 | 000,000,096 | ---- | C] () -- C:\windows\LaunApp.ini
[2011/11/16 16:49:01 | 000,000,325 | ---- | C] () -- C:\windows\Prelaunch.ini
[2011/11/16 16:49:01 | 000,000,271 | ---- | C] () -- C:\windows\WisPriority.ini
[2011/11/16 16:49:01 | 000,000,035 | ---- | C] () -- C:\windows\DELL_LANGCODE.ini
[2011/11/16 16:49:01 | 000,000,033 | ---- | C] () -- C:\windows\DELL_OSTYPE.ini
[2011/11/16 16:49:01 | 000,000,032 | ---- | C] () -- C:\windows\WisHWDest.ini
[2011/11/16 16:49:01 | 000,000,028 | ---- | C] () -- C:\windows\WisLangCode.ini
[2011/11/16 16:49:01 | 000,000,023 | ---- | C] () -- C:\windows\WisSysInfo.ini
[2011/11/16 15:25:01 | 000,777,202 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
========== ZeroAccess Check ========== [2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 01:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 00:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== Files - Unicode (All) ==========[2012/09/05 18:02:41 | 000,001,984 | ---- | M] ()(C:\windows\SysNative\Mausoleum of Halicarnassus Mausolus was the Persian satrap (governor) of a region of southwestern Turkey. After his death in 353??? his wife built a tomb for him, which became one of the Seven Wonder..lnk) -- C:\windows\SysNative\Mausoleum of Halicarnassus Mausolus was the Persian satrap (governor) of a region of southwestern Turkey. After his death in 353все his wife built a tomb for him, which became one of the Seven Wonder..lnk
[2012/09/05 18:02:05 | 000,001,984 | ---- | C] ()(C:\windows\SysNative\Mausoleum of Halicarnassus Mausolus was the Persian satrap (governor) of a region of southwestern Turkey. After his death in 353??? his wife built a tomb for him, which became one of the Seven Wonder..lnk) -- C:\windows\SysNative\Mausoleum of Halicarnassus Mausolus was the Persian satrap (governor) of a region of southwestern Turkey. After his death in 353все his wife built a tomb for him, which became one of the Seven Wonder..lnk
< End of report >
OTL Extras logfile created on: 7/9/2013 11:18:13 AM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lewis\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
5.91 Gb Total Physical Memory | 3.29 Gb Available Physical Memory | 55.59% Memory free
11.82 Gb Paging File | 8.71 Gb Available in Paging File | 73.69% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451.01 Gb Total Space | 400.91 Gb Free Space | 88.89% Space Free | Partition Type: NTFS
Computer Name: LEWIS-PC | User Name: Lewis | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (All) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm[@ = chm.file] -- C:\windows\hh.exe (Microsoft Corporation)
.cpl[@ = cplfile] -- C:\windows\SysNative\control.exe (Microsoft Corporation)
.hlp[@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
.hta[@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.inf[@ = inffile] -- C:\windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.ini[@ = inifile] -- C:\windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
.js[@ = JSFile] -- C:\windows\SysNative\WScript.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\windows\SysNative\WScript.exe (Microsoft Corporation)
.reg[@ = regfile] -- C:\windows\regedit.exe (Microsoft Corporation)
.txt[@ = txtfile] -- C:\windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\windows\SysNative\WScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\windows\SysNative\WScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\windows\SysNative\WScript.exe (Microsoft Corporation)
.wsh[@ = WSHFile] -- C:\windows\SysNative\WScript.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.inf [@ = inffile] -- C:\windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\windows\SysWow64\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\windows\SysWow64\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\windows\SysWow64\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\windows\SysWow64\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\windows\SysWow64\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\windows\SysWow64\WScript.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- "C:\Program Files (x86)\File Type Assistant\tsassist.exe" "%1" (Trusted Software ApS)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- "C:\Program Files (x86)\File Type Assistant\tsassist.exe" "%1" (Trusted Software ApS)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0580E7CA-4339-4C6A-AD15-4F69FC372291}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0AF4C540-D4F4-468C-B7D4-8B53CFEE365D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0D437045-8700-4BAF-A4B7-B6EB9449E9E4}" = rport=139 | protocol=6 | dir=out | app=system |
"{0EE57C56-DD86-4532-93B7-3577D75F4895}" = lport=7070 | protocol=6 | dir=in | name=c-print discovery |
"{0F2E8119-62DB-450E-BBB9-BE9C70B61C8E}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{0F65512A-0C30-4DA6-86D9-11D6CCC3F4F9}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{19896ABE-6595-4EF9-BF98-46C6BF2305C1}" = lport=7000 | protocol=6 | dir=in | name=windows easy transfer tcp port |
"{1AFC4225-4522-4211-824D-7B558D8D7CAC}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2EF4F5C0-DA21-4A39-9118-292EA0D0B382}" = rport=445 | protocol=6 | dir=out | app=system |
"{3D4E2C94-4875-45C4-9DC2-811E4342587A}" = lport=137 | protocol=17 | dir=in | app=system |
"{3DB4B043-CF73-41C6-BB2B-4F00FFF91382}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4F7058D3-E267-4FF6-B990-D99AC5F3405D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4F98DC92-7231-43F9-BA02-4FC1AE5EA5C9}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{518357AF-9F62-4883-86D8-BD66DC24C946}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{53B51EB8-1AD6-4BF3-B250-B4567ACC6EF8}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{5449BC6B-EAE7-402C-B7B2-34634C31A888}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{54595B9E-C3B7-4699-A139-D548B38F02B2}" = lport=138 | protocol=17 | dir=in | app=system |
"{54B7C17F-5658-411B-AEA0-EFF43247A40A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{5B68883B-01F4-4BBA-BE2B-04C7B299FAD2}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{63E77909-51C1-4CFB-BB32-5E6B38C7BAE5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6D3EDAD6-8A7D-4117-8AFF-F1632373C357}" = rport=137 | protocol=17 | dir=out | app=system |
"{78F09170-0AA0-4D4D-89CE-E31D716428BE}" = lport=7000 | protocol=17 | dir=in | name=windows easy transfer udp port |
"{844A9D60-D926-44C5-AD7D-3FCC7901C2FA}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8C19BF0E-0CE3-4A71-80DC-5DAECF96071F}" = lport=139 | protocol=6 | dir=in | app=system |
"{8C6ECC22-DBCB-4447-8B27-721AB8EECB89}" = rport=138 | protocol=17 | dir=out | app=system |
"{8DDBEF2B-ABCA-4E3A-9C75-04173DC8E7F6}" = rport=10243 | protocol=6 | dir=out | app=system |
"{96730737-B208-4762-AA4C-FAC9060EB5A5}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss |
[email protected],-28539 |
"{BE3F0B29-6070-4C9E-B89F-0A1E456BA78C}" = lport=3030 | protocol=6 | dir=in | name=c-print xml |
"{C72F4BA5-D873-4419-838A-F7D8CC39336A}" = lport=445 | protocol=6 | dir=in | app=system |
"{CADFEA6D-4B0C-4AFE-8CEA-4C163984FB3B}" = lport=10000 | protocol=6 | dir=in | name=c-print client connection |
"{CF2FF756-E9D3-40F0-B4B3-51856CD3B1C7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D14E2363-A8AB-4C28-AE91-12D1CFBDBFF2}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{D59EB71A-3EEE-4044-88FB-73C508589442}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{DCB4014A-89AF-4328-82DC-652C5B16AD37}" = lport=10243 | protocol=6 | dir=in | app=system |
"{E5A1240D-BC69-4D9C-9614-74AA7B6B9977}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EB066B2E-9D75-406B-8721-DED1EBF896C5}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F21E5652-A56F-4BF2-80EB-CABD9A178CB1}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F411E236-18CD-426B-90CA-01D957019C66}" = lport=49194 | protocol=6 | dir=in | name=akamai netsession interface |
"{F8175360-B644-4B6C-8DC6-CED39046E87D}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{016C78DD-0D71-4588-A16A-9DA4EA9F5433}" = protocol=17 | dir=in | app=c:\windows\system32\migwiz\migwiz.exe |
"{03D44C60-62ED-4061-BAF5-0E959747F9C6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{054DCD31-0549-409F-80C3-006601101FA2}" = protocol=17 | dir=in | app=c:\users\lewis\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{0695CDF0-9238-4867-97EE-7BD6F46A7954}" = protocol=17 | dir=in | app=c:\users\lewis\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{073C79D4-1720-4049-A942-7773FA164198}" = protocol=17 | dir=in | app=c:\program files\dell\dashboard\dl__dashboard.exe |
"{0752AFEB-CE8F-4370-A076-460059ACEDB3}" = protocol=6 | dir=in | app=c:\program files (x86)\ncircle purecloud secure connector\openvpn\openvpn.exe |
"{0F44DEA1-B0BA-45D0-BFB4-017B52237483}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1003DACA-89DC-4ADE-AEE7-8DC3777DBE41}" = protocol=58 | dir=out |
[email protected],-28546 |
"{11AC590F-63E1-4C41-8CA0-586EB1F44F37}" = protocol=6 | dir=in | app=c:\users\lewis\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{11ACB871-BB58-4190-B5C6-8BA5ED1F4A96}" = protocol=6 | dir=in | app=c:\program files\dell\dashboard\dl__dashboard.exe |
"{13C34006-AD3B-4F8B-9DC4-2CE16C1E74E6}" = dir=in | app=c:\windows\system32\dleacoms.exe |
"{1E5526DC-8778-4674-A325-8A9B0DE80CD2}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{20C5C546-0AE6-42F1-83ED-3C8CBC0401E4}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{28985ADC-6B5C-4EB6-A4EE-2445F13640C2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2D6AD7F4-A005-4776-AF46-58754FFFE82F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{382D0E81-47F6-4CF7-A702-2AB5D9323C9F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3B46CC8A-4B2A-4D56-87D7-98F626F1A8D7}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{3C0DCB9E-411B-486C-BB0F-11DBB449C0E8}" = dir=in | app=c:\windows\system32\dleacoms.exe |
"{4B231554-0C47-4560-BC74-6E09F4E62E83}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{4D476F96-EB80-4CCE-99E9-258BC5D40D28}" = protocol=17 | dir=in | app=c:\program files (x86)\dell v310-v510 series\dleafax.exe |
"{4E539AF3-A0ED-400C-86F6-50D2275D4531}" = protocol=58 | dir=in |
[email protected],-28545 |
"{5DBAB223-27BF-47D7-BCC1-01C9DA35A3DD}" = protocol=1 | dir=in |
[email protected],-28543 |
"{609CB029-E5E8-4D51-BC41-6EF837B6252A}" = protocol=6 | dir=in | app=c:\program files (x86)\ncircle purecloud secure connector\purecloudservice.exe |
"{79F2D06E-AE86-433F-800B-3A19AE9DB1F9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7C80B9F5-1857-41ED-848D-6B0587F2B333}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{858785ED-3D7D-4687-ACAA-C9322C257AAC}" = protocol=6 | dir=in | app=c:\program files (x86)\dell v310-v510 series\dleafax.exe |
"{882C7FA9-BC4E-44FC-9D0F-1AA56CC5A305}" = protocol=6 | dir=in | app=c:\program files (x86)\google\google talk\googletalk.exe |
"{912FA7F5-62A5-4DA7-AE10-63BE822363BA}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{92C4DA34-FEDA-486A-B4FD-468DFF2BAEC6}" = protocol=17 | dir=in | app=c:\program files (x86)\google\google talk\googletalk.exe |
"{93460404-3434-4D78-A0EF-65A490CF38B7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9D2E09B3-8A00-4D30-8508-E2E535FEC351}" = dir=in | app=c:\program files (x86)\file type assistant\tsassist.exe |
"{A3E00FD4-D85A-4B55-96F7-7D74AB397370}" = protocol=1 | dir=out |
[email protected],-28544 |
"{A7308F94-CF29-40B4-B426-4DE1012A4D12}" = protocol=6 | dir=in | app=c:\windows\system32\migwiz\migwiz.exe |
"{A85E9339-64AF-47AE-8BB3-1835D4B9BECD}" = protocol=6 | dir=in | app=c:\users\lewis\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{A97E7586-1A6C-4EF9-AF8B-B4C636BE01A9}" = dir=in | app=c:\windows\system32\dleacoms.exe |
"{BA08964D-2F43-4495-81D5-94D1CBB576B1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C8728DCC-1720-4E17-ADB7-E649FB44A1E1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D35EECB4-ABB9-4B7A-8DE9-8191AF4A3F7D}" = protocol=17 | dir=in | app=c:\program files (x86)\ncircle purecloud secure connector\openvpn\openvpn.exe |
"{D4BC1A75-993A-4D9E-91B9-99EA5424B7F6}" = dir=in | app=c:\program files (x86)\intel corporation\intel widi\widiapp.exe |
"{D8D1400D-6FC6-4C20-82C7-F808A2708CEE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{DA993D50-5E1D-47EC-AF65-EF54EBF667D0}" = protocol=6 | dir=out | app=system |
"{E4C8CFA7-93F8-41DF-84B5-A6CE1E242DC7}" = protocol=17 | dir=in | app=c:\program files (x86)\ncircle purecloud secure connector\purecloudservice.exe |
"{E5B77A04-9FCA-4B1D-8389-937D355983E4}" = dir=in | app=c:\windows\system32\dleacoms.exe |
"{E931CB4D-49A5-4D3D-A798-D6CFD449EF3F}" = dir=in | app=c:\program files (x86)\file type assistant\tsassist.exe |
"{EC995EB2-2D74-4857-8428-04C04C492016}" = dir=in | app=c:\windows\system32\dleacoms.exe |
"{FA203B0F-F9ED-46EA-93EC-FB5D6C1893DC}" = dir=in | app=c:\program files (x86)\dell\videostage\videostage.exe |
"{FAF00E91-A831-44DE-A386-4B2AB9C97350}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{FB295369-2A7E-4ADB-BEBD-C24714BD9BDD}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{14BF3585-4AC1-4A56-ADED-899A095E8C4D}C:\program files (x86)\ntid\c-print pro server 2.6.3\c-print pro server.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ntid\c-print pro server 2.6.3\c-print pro server.exe |
"TCP Query User{1E885E85-25BC-4496-88AD-7E014FBBC732}C:\program files (x86)\dell\dell datasafe online\nobuclient.exe" = protocol=6 | dir=in | app=c:\program files (x86)\dell\dell datasafe online\nobuclient.exe |
"TCP Query User{37C1316F-A736-43F8-99D2-437AFEE07D60}C:\users\lewis\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\lewis\appdata\local\akamai\netsession_win.exe |
"TCP Query User{8E32FEC5-4BB1-4B81-AE71-C22BF39018F3}C:\users\lewis\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\lewis\appdata\local\akamai\netsession_win.exe |
"TCP Query User{BE48E383-B83B-46CE-A82B-07F5A1F65D52}C:\program files (x86)\dell\dell datasafe online\nobuclient.exe" = protocol=6 | dir=in | app=c:\program files (x86)\dell\dell datasafe online\nobuclient.exe |
"UDP Query User{0A732999-3E38-4EE0-82F1-55F9FFD3AFE1}C:\program files (x86)\dell\dell datasafe online\nobuclient.exe" = protocol=17 | dir=in | app=c:\program files (x86)\dell\dell datasafe online\nobuclient.exe |
"UDP Query User{81622AB6-41A3-4554-A171-1D2764C58D1F}C:\program files (x86)\dell\dell datasafe online\nobuclient.exe" = protocol=17 | dir=in | app=c:\program files (x86)\dell\dell datasafe online\nobuclient.exe |
"UDP Query User{B3238130-3967-4DCF-B0B6-8FA127B9C9EA}C:\users\lewis\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\lewis\appdata\local\akamai\netsession_win.exe |
"UDP Query User{B82CB4B5-285B-4A26-93E7-66C56B45E51B}C:\users\lewis\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\lewis\appdata\local\akamai\netsession_win.exe |
"UDP Query User{D72D9D70-118B-4713-867D-0215D8224186}C:\program files (x86)\ntid\c-print pro server 2.6.3\c-print pro server.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ntid\c-print pro server 2.6.3\c-print pro server.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center
"{28EF7372-9087-4AC3-9B9F-D9751FCDF830}" = Intel® Wireless Display
"{295AEB79-B53A-4F1B-860F-7800BB7E3681}" = Intel® PROSet/Wireless WiFi Software
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{7CE8BE79-ABC3-4B2C-9543-28ED2B0A9EA8}" = Intel® PROSet/Wireless Software for Bluetooth® Technology
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Dell V310-V510 Series" = Dell V310-V510 Series
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"ProInst" = Intel PROSet Wireless
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0D98F04D-11A1-4B64-A406-43292B9EEE90}" = Dell PhotoStage
"{0ECFCB07-9BFE-4970-ACA1-D568D982760B}" = Complete Care Business Service Agreement
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{121634B0-2F4A-11D3-ADA3-00C04F52DD53}" = Windows Installer Clean Up
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{40F6237F-0877-4344-AAD8-736E37969743}" = Scribd Uploader
"{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}" = Banctec Service Agreement
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{781A93CD-1608-427D-B7F0-D05C07795B25}" = Intel® WiDi
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{7EC66A95-AC2D-4127-940B-0445A526AB2F}" = Dell DataSafe Online
"{7FB00B6B-6843-97EC-EED6-78BD6D35370A}" = Zinio Reader 4
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.OUTLOOKR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.OUTLOOKR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.OUTLOOKR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.OUTLOOKR_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.OUTLOOKR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0116-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{903679E8-44C8-4C07-9600-05C92654FC50}" = QualxServ Service Agreement
"{91140000-001A-0000-0000-0000000FF1CE}" = Microsoft Office Outlook 2010
"{91140000-001A-0000-0000-0000000FF1CE}_Office14.OUTLOOKR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91AF2672-F5BC-42CF-8037-A9D2F92BBCC0}" = Dell MusicStage
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95140000-007C-0409-0000-0000000FF1CE}" = Microsoft Outlook Social Connector Provider for Facebook 32-bit
"{95140000-007D-0409-0000-0000000FF1CE}" = Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A0087DDE-69D0-11E2-AD57-43CA6188709B}" = Adobe AIR
"{A760067A-C07E-1033-0000-A764AC000002}" = Avery Template - U_0087_01_PlateauLines_0805_01_en
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}" = Dell Home Systems Service Agreement
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.03)
"{AFC08A81-D3C5-46F4-8F08-876E4BA606EA}" = Dell Digital Delivery
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{C33AA6D6-F5EC-48F3-AFDC-8141345D473A}" = Premium Service Agreement
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{D2E707E8-090E-EC5B-4833-1CA694FB7460}" = Zinio Alert Messenger
"{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage
"{E2EBA7C0-8072-447F-856D-FFEE8D15B23B}" = Dell Stage
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E4335E82-17B3-460F-9E70-39D9BC269DB3}" = Dell PhotoStage
"{EF85FEF4-EB92-4075-A6D2-5F519BB30A2C}" = Accidental Damage Services Agreement
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F47C37A4-7189-430A-B81D-739FF8A7A554}" = Consumer In-Home Service Agreement
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"avast" = avast! Internet Security
"Dell Webcam Central" = Dell Webcam Central
"Google Chrome" = Google Chrome
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Office14.OUTLOOKR" = Microsoft Outlook 2010
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"SugarSync" = SugarSync Manager
"Trusted Software Assistant_is1" = File Type Assistant
========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"9204f5692a8faf3b" = Dell System Detect
"Akamai" = Akamai NetSession Interface
========== Last 20 Event Log Errors ========== [ Application Events ]
Error - 7/8/2013 12:12:01 AM | Computer Name = Lewis-PC | Source = Windows Search Service | ID = 3028
Description =
Error - 7/8/2013 12:12:01 AM | Computer Name = Lewis-PC | Source = Windows Search Service | ID = 3058
Description =
Error - 7/8/2013 12:12:01 AM | Computer Name = Lewis-PC | Source = Windows Search Service | ID = 7010
Description =
Error - 7/8/2013 5:21:11 AM | Computer Name = Lewis-PC | Source = WinMgmt | ID = 10
Description =
Error - 7/8/2013 7:49:37 AM | Computer Name = Lewis-PC | Source = WinMgmt | ID = 10
Description =
Error - 7/8/2013 4:44:34 PM | Computer Name = Lewis-PC | Source = WinMgmt | ID = 10
Description =
Error - 7/8/2013 8:42:16 PM | Computer Name = Lewis-PC | Source = WinMgmt | ID = 10
Description =
Error - 7/9/2013 3:08:00 AM | Computer Name = Lewis-PC | Source = WinMgmt | ID = 10
Description =
Error - 7/9/2013 4:30:27 AM | Computer Name = Lewis-PC | Source = WinMgmt | ID = 10
Description =
Error - 7/9/2013 4:47:52 AM | Computer Name = Lewis-PC | Source = WinMgmt | ID = 10
Description =
[ Dell Events ]
Error - 3/2/2012 5:03:27 PM | Computer Name = Lewis-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 3/2/2012 5:03:27 PM | Computer Name = Lewis-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 3/2/2012 5:22:38 PM | Computer Name = Lewis-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 3/2/2012 5:22:38 PM | Computer Name = Lewis-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
[ System Events ]
Error - 7/4/2013 8:46:32 AM | Computer Name = Lewis-PC | Source = BugCheck | ID = 1001
Description =
Error - 7/5/2013 11:40:41 PM | Computer Name = Lewis-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D
2 Scanner Service service to connect.
Error - 7/5/2013 11:40:41 PM | Computer Name = Lewis-PC | Source = Service Control Manager | ID = 7000
Description = The Spybot-S&D 2 Scanner Service service failed to start due to the
following error: %%1053
Error - 7/6/2013 8:07:05 AM | Computer Name = Lewis-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 7:34:47 AM on ?7/?6/?2013 was unexpected.
Error - 7/7/2013 6:46:51 AM | Computer Name = Lewis-PC | Source = Service Control Manager | ID = 7030
Description = The FastFreeConverterUpdt service is marked as an interactive service.
However, the system is configured to not allow interactive services. This service
may not function properly.
Error - 7/8/2013 12:12:01 AM | Computer Name = Lewis-PC | Source = Service Control Manager | ID = 7024
Description = The Windows Search service terminated with service-specific error
%%-1073473535.
Error - 7/8/2013 12:12:01 AM | Computer Name = Lewis-PC | Source = Service Control Manager | ID = 7031
Description = The Windows Search service terminated unexpectedly. It has done this
1 time(s). The following corrective action will be taken in 30000 milliseconds:
Restart the service.
Error - 7/8/2013 5:20:54 AM | Computer Name = Lewis-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D
2 Scanner Service service to connect.
Error - 7/8/2013 5:20:54 AM | Computer Name = Lewis-PC | Source = Service Control Manager | ID = 7000
Description = The Spybot-S&D 2 Scanner Service service failed to start due to the
following error: %%1053
Error - 7/8/2013 7:48:31 AM | Computer Name = Lewis-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 7:47:24 AM on ?7/?8/?2013 was unexpected.
[ Windows PowerShell Events ]
Error - 3/7/2012 3:55:22 PM | Computer Name = Lewis-PC | Source = PowerShell | ID = 103
Description =
Error - 3/7/2012 4:04:05 PM | Computer Name = Lewis-PC | Source = PowerShell | ID = 103
Description =
Error - 3/7/2012 5:15:43 PM | Computer Name = Lewis-PC | Source = PowerShell | ID = 103
Description =
Error - 3/7/2012 5:16:14 PM | Computer Name = Lewis-PC | Source = PowerShell | ID = 103
Description =
Error - 3/7/2012 5:16:40 PM | Computer Name = Lewis-PC | Source = PowerShell | ID = 103
Description =
Error - 3/7/2012 6:14:20 PM | Computer Name = Lewis-PC | Source = PowerShell | ID = 103
Description =
Error - 3/8/2012 6:55:35 PM | Computer Name = Lewis-PC | Source = PowerShell | ID = 103
Description =
Error - 3/9/2012 6:42:38 AM | Computer Name = Lewis-PC | Source = PowerShell | ID = 103
Description =
Error - 3/9/2012 4:59:24 PM | Computer Name = Lewis-PC | Source = PowerShell | ID = 103
Description =
< End of report >
Thank you