Rouge Killer
RogueKiller V8.8.0 _x64_ [Dec 27 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.co...es/roguekiller/
Blog : http://www.adlice.com
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Greg Duke [Admin rights]
Mode : Scan -- Date : 01/10/2014 03:26:52
| ARK || FAK || MBR |
¤¤¤ Bad processes : 1 ¤¤¤
[SUSP PATH][DLL] rundll32.exe -- C:\Users\Greg Duke\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll [7] -> rundll32.exe KILLED [TermProc]
¤¤¤ Registry Entries : 9 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : BackgroundContainer ("C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Greg Duke\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun [7][7][x]) -> FOUND
[DNS][PUM] HKLM\[...]\CCSet\[...]\{668C2A9B-7655-40D1-BAB1-F35DC10EED1B} : NameServer (68.28.137.132 68.28.138.132 [UNITED STATES (US) - UNITED STATES (US)]) -> FOUND
[DNS][PUM] HKLM\[...]\CCSet\[...]\{67B49301-D9F1-491B-A84E-0D8D9EC514E6} : NameServer (0.0.0.0 [(Private Address) (XX)]) -> FOUND
[DNS][PUM] HKLM\[...]\CS001\[...]\{668C2A9B-7655-40D1-BAB1-F35DC10EED1B} : NameServer (68.28.137.132 68.28.138.132 [UNITED STATES (US) - UNITED STATES (US)]) -> FOUND
[DNS][PUM] HKLM\[...]\CS001\[...]\{67B49301-D9F1-491B-A84E-0D8D9EC514E6} : NameServer (0.0.0.0 [(Private Address) (XX)]) -> FOUND
[DNS][PUM] HKLM\[...]\CS002\[...]\{668C2A9B-7655-40D1-BAB1-F35DC10EED1B} : NameServer (68.28.137.132 68.28.138.132 [UNITED STATES (US) - UNITED STATES (US)]) -> FOUND
[DNS][PUM] HKLM\[...]\CS002\[...]\{67B49301-D9F1-491B-A84E-0D8D9EC514E6} : NameServer (0.0.0.0 [(Private Address) (XX)]) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
¤¤¤ Scheduled tasks : 2 ¤¤¤
[V2][SUSP PATH] BackgroundContainer Startup Task : "C:\Windows\SysWOW64\Rundll32.exe" - "C:\Users\Greg Duke\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun [7][7][x] -> FOUND
[V2][SUSP PATH] Updater26278.exe : C:\Users\Greg - Duke\AppData\Local\Updater26278\Updater26278.exe /extensionid=26278 /extensionname="Solid Savings" /chromeid=cijeeimilokkhlfjombmalgpabbonmah [x][x][x] -> FOUND
¤¤¤ Startup Entries : 0 ¤¤¤
¤¤¤ Web browsers : 0 ¤¤¤
¤¤¤ Browser Addons : 0 ¤¤¤
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
¤¤¤ External Hives: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD2500BEVT-75A23T0 +++++
--- User ---
[MBR] c841405fb684c5931da19a3a6f371657
[BSP] 5e99425481158154ceee13b65236346a : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 11142 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 22900736 | Size: 227292 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Finished : << RKreport[0]_S_01102014_032652.txt >>
aswMBR
aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2014-01-10 03:34:19
-----------------------------
03:34:19.325 OS Version: Windows x64 6.1.7601 Service Pack 1
03:34:19.325 Number of processors: 4 586 0x2505
03:34:19.325 ComputerName: MYRA-LAPTOP UserName: Greg Duke
03:34:20.480 Initialize success
03:35:06.822 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
03:35:06.822 Disk 0 Vendor: WDC_WD25 01.0 Size: 238475MB BusType: 3
03:35:07.025 Disk 0 MBR read successfully
03:35:07.040 Disk 0 MBR scan
03:35:07.040 Disk 0 Windows VISTA default MBR code
03:35:07.040 Disk 0 Partition 1 00 DE Dell Utility DELL 4.1 39 MB offset 63
03:35:07.056 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 11142 MB offset 81920
03:35:07.072 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 227292 MB offset 22900736
03:35:07.103 Disk 0 scanning C:\Windows\system32\drivers
03:35:42.219 Service scanning
03:35:53.513 Service MpNWMon C:\Windows\system32\DRIVERS\MpNWMon.sys **LOCKED** 32
03:36:15.493 Modules scanning
03:36:15.509 Disk 0 trace - called modules:
03:36:15.540 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
03:36:15.556 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80044e3060]
03:36:15.571 3 CLASSPNP.SYS[fffff88001a9e43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0xfffffa80024ff050]
03:36:15.587 Scan finished successfully
03:37:23.307 Disk 0 MBR has been saved successfully to "C:\Users\Greg Duke\Desktop\MBR.dat"
03:37:23.307 The log file has been saved successfully to "C:\Users\Greg Duke\Desktop\aswMBR.txt"
OTL
OTL logfile created on: 1/10/2014 3:41:13 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Greg Duke\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.87 Gb Total Physical Memory | 0.78 Gb Available Physical Memory | 41.77% Memory free
3.73 Gb Paging File | 1.90 Gb Available in Paging File | 50.91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 221.96 Gb Total Space | 178.26 Gb Free Space | 80.31% Space Free | Partition Type: NTFS
Computer Name: MYRA-LAPTOP | User Name: Greg Duke | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/01/10 03:14:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Greg Duke\Desktop\OTL.exe
PRC - [2013/10/09 09:58:16 | 003,275,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013/09/19 22:21:11 | 000,295,512 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2013/08/14 14:19:24 | 000,039,056 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2013/06/26 18:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2013/06/26 18:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2013/05/11 05:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/08/21 12:48:28 | 003,110,808 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\SyncUP\SyncUP.exe
PRC - [2012/08/13 11:57:02 | 010,376,704 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2012/08/13 11:57:02 | 010,368,512 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2012/07/13 15:27:00 | 000,769,432 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2011/10/13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/07/08 10:12:32 | 002,749,248 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
PRC - [2011/07/08 10:10:34 | 004,257,600 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
PRC - [2011/07/08 10:09:50 | 001,692,480 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2011/07/07 17:14:02 | 000,150,312 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\SyncUP\Nero.AndroidServer.exe
PRC - [2011/06/09 13:06:06 | 000,507,624 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
PRC - [2010/01/14 07:30:16 | 000,330,488 | ---- | M] (QUALCOMM, Inc.) -- C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kDell.exe
PRC - [2009/06/24 16:21:38 | 000,409,744 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
PRC - [2009/06/09 09:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
========== Modules (No Company Name) ==========
MOD - [2013/10/28 22:36:28 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\96afc74588c6581e299884469ea0dced\System.Xml.Linq.ni.dll
MOD - [2013/10/28 22:36:13 | 009,923,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\0907f7b4f6806e1b4f5ece93a49865ef\System.Data.Entity.ni.dll
MOD - [2013/10/28 22:34:21 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\8f5b881951592b2fd05f710650bf7e04\System.Core.ni.dll
MOD - [2013/10/28 20:56:33 | 002,157,056 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\78ae7334cd4505ed06c32045ec670927\ReachFramework.ni.dll
MOD - [2013/10/28 20:56:28 | 001,658,368 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\5393c55b8dd50b54e60bc59f175478ee\PresentationUI.ni.dll
MOD - [2013/10/28 20:56:25 | 014,340,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\bcf51dc88597d0835c819a2d5a755b74\PresentationFramework.ni.dll
MOD - [2013/10/28 20:55:37 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll
MOD - [2013/10/28 20:55:14 | 001,806,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\abef2d6ca33a18d7af379ee35c64154c\System.Deployment.ni.dll
MOD - [2013/10/28 20:55:08 | 012,238,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\51478a61dbd40488e320a0061e23c4df\PresentationCore.ni.dll
MOD - [2013/10/28 20:54:29 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\4eef5a3a4d0ed6d6fd882947a70df530\WindowsBase.ni.dll
MOD - [2013/10/28 20:54:14 | 000,688,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\65fa27da96ef57affcac61ac16c111e0\System.Security.ni.dll
MOD - [2013/10/28 20:54:01 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\08d05898be584065b797a6dd48d9ad56\System.Configuration.ni.dll
MOD - [2013/09/24 16:20:46 | 011,914,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\6ebbfafc5521934f7e1c154937a2788b\System.Web.ni.dll
MOD - [2013/09/24 16:20:26 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\d473c19e69818875b9c739cad8f386a5\System.Runtime.Remoting.ni.dll
MOD - [2013/09/08 10:44:40 | 000,240,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\03dc83fbe48384390aed7a455e949789\WindowsFormsIntegration.ni.dll
MOD - [2013/09/08 10:41:42 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9a1bc983c28c695729b3e46acdc6933e\System.Management.ni.dll
MOD - [2013/09/08 10:07:46 | 002,347,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\e043ad64456256a8ee5b934e227d9782\System.Runtime.Serialization.ni.dll
MOD - [2013/09/08 10:07:24 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a2920ed81e097f8551231a9350697bbd\PresentationFramework.Aero.ni.dll
MOD - [2013/09/08 10:06:50 | 000,628,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\5970036570c1e44e8ae0f6f94c1039aa\System.EnterpriseServices.ni.dll
MOD - [2013/09/08 10:06:49 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\4ada2213cefea889a5ed6e2fb6839b93\System.Transactions.ni.dll
MOD - [2013/09/08 10:06:48 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\764054efc88f51b54c8d7e44df26b671\System.Data.ni.dll
MOD - [2013/09/08 10:06:40 | 001,117,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\c04ee50363f97f7d8163c318a29ae851\System.DirectoryServices.ni.dll
MOD - [2013/09/08 10:06:38 | 001,044,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Printing\079fad14e3994552238179d60fe7d7cb\System.Printing.ni.dll
MOD - [2013/09/08 10:06:03 | 000,039,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\3ea679e79eda32e3465d8cf36e838a00\PresentationCFFRasterizer.ni.dll
MOD - [2013/09/08 10:05:47 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
MOD - [2013/09/08 10:05:43 | 000,185,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\033da6b735d41afaa20309b5e87e2ae0\UIAutomationTypes.ni.dll
MOD - [2013/09/08 10:05:42 | 000,060,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\8f4a3d09bd38a742ccfe4a20a126fff5\UIAutomationProvider.ni.dll
MOD - [2013/09/08 10:05:42 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\8c20095bd7d46cdfa7933eb258a07daa\Accessibility.ni.dll
MOD - [2013/09/08 10:05:09 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
MOD - [2013/09/08 10:05:00 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
MOD - [2013/09/08 10:04:51 | 000,015,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\28acf866ccc5092b2241bc8206091ba1\Microsoft.VisualC.ni.dll
MOD - [2013/09/08 10:04:49 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2012/08/10 17:51:32 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
MOD - [2011/07/08 10:12:32 | 002,749,248 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
MOD - [2011/07/07 17:14:06 | 000,891,688 | ---- | M] () -- C:\Program Files (x86)\Nero\SyncUP\System.Data.SQLite.dll
MOD - [2011/07/07 17:13:10 | 000,251,688 | ---- | M] () -- C:\Program Files (x86)\Nero\SyncUP\System.ComponentModel.Composition.dll
MOD - [2010/11/20 22:24:08 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2009/06/10 16:23:19 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
========== Services (SafeList) ==========
SRV:64bit: - [2014/01/09 05:21:17 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/05/27 00:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2011/04/27 18:21:18 | 000,288,272 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2011/04/27 18:21:18 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2010/06/29 14:47:12 | 000,911,872 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe -- (WiMAXAppSrv)
SRV:64bit: - [2010/06/29 14:41:48 | 000,408,576 | ---- | M] (Red Bend Ltd.) [Auto | Start_Pending] -- C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe -- (DMAgent)
SRV:64bit: - [2010/03/05 10:26:38 | 001,425,168 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2010/03/05 10:07:58 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2010/03/05 10:06:22 | 000,831,760 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2009/11/17 21:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV:64bit: - [2009/06/09 09:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2014/01/02 11:13:59 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/12/24 19:48:00 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/10/23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/10/09 09:58:16 | 003,275,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013/08/14 14:19:24 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2013/06/26 18:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2013/06/26 18:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2013/05/11 05:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/13 15:27:00 | 000,769,432 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2011/10/21 16:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/14 02:18:50 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2011/10/13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011/07/08 10:09:50 | 001,692,480 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)
SRV - [2010/08/25 20:28:54 | 002,823,000 | ---- | M] (Dell, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe -- (NOBU)
SRV - [2010/03/18 16:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/14 07:30:16 | 000,330,488 | ---- | M] (QUALCOMM, Inc.) [Auto | Running] -- C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kDell.exe -- (QDLService2kDell)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013/06/26 18:21:50 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2013/06/26 18:21:48 | 000,028,840 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2013/06/26 18:21:46 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2013/06/26 18:21:44 | 000,767,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/10/14 03:25:27 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/10/14 03:25:27 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/04/27 16:25:24 | 000,084,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2010/11/20 22:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 22:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/10/28 19:02:34 | 010,620,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/08/31 08:07:04 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/05/31 15:05:06 | 007,689,216 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64)
DRV:64bit: - [2010/05/16 20:28:38 | 000,175,104 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bpmp.sys -- (bpmp)
DRV:64bit: - [2010/05/16 20:28:30 | 000,081,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bpusb.sys -- (bpusb)
DRV:64bit: - [2010/05/16 20:28:28 | 000,071,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bpenum.sys -- (bpenum)
DRV:64bit: - [2010/05/07 14:19:58 | 000,245,792 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/04/15 22:26:28 | 000,319,536 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/03/03 21:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/02/26 18:32:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010/02/02 16:41:24 | 000,240,640 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\qcusbnetdl2k.sys -- (qcusbnetdl2k)
DRV:64bit: - [2010/02/02 16:41:24 | 000,121,216 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\qcusbserdl2k.sys -- (qcusbserdl2k)
DRV:64bit: - [2010/02/02 16:41:24 | 000,006,400 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\qcfilterdl2k.sys -- (qcfilterdl2k)
DRV:64bit: - [2009/12/22 12:18:48 | 000,074,280 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2009/09/17 15:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/15 13:06:42 | 000,172,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2006/11/01 12:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{E65DEF74-029D-41C0-A5DC-A455BB3A1E30}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{E65DEF74-029D-41C0-A5DC-A455BB3A1E30}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1563109977-2122601895-824292158-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
IE - HKU\S-1-5-21-1563109977-2122601895-824292158-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-1563109977-2122601895-824292158-1000\..\SearchScopes,DefaultScope = {05C247FE-BCAC-4F59-AAFA-B42C0A8DF6EF}
IE - HKU\S-1-5-21-1563109977-2122601895-824292158-1000\..\SearchScopes\{05C247FE-BCAC-4F59-AAFA-B42C0A8DF6EF}: "URL" = http://search.condui...787349316831747
IE - HKU\S-1-5-21-1563109977-2122601895-824292158-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...000001de14afbf4
IE - HKU\S-1-5-21-1563109977-2122601895-824292158-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...&rlz=1I7RNQN_en
IE - HKU\S-1-5-21-1563109977-2122601895-824292158-1000\..\SearchScopes\{EDF507FE-6AB5-4482-AE84-E5F8B9C4DAE0}: "URL" = http://www.mysearchr...q={searchTerms}
IE - HKU\S-1-5-21-1563109977-2122601895-824292158-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultthis.engineName: "MixiDJ V1 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...78888371313578"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledAddons: adblockpopups%40jessehakanen.net:0.9.1
FF - prefs.js..extensions.enabledAddons: %7BDF153AFF-6948-45d7-AC98-4FC4AF8A08E2%7D:1.3.3
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/09/19 22:23:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2012/12/16 08:57:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Greg Duke\AppData\Roaming\mozilla\Extensions
[2014/01/09 04:19:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Greg Duke\AppData\Roaming\mozilla\Firefox\Profiles\i5e1hga6.default\extensions
[2013/10/27 19:03:18 | 000,128,676 | ---- | M] () (No name found) -- C:\Users\Greg Duke\AppData\Roaming\mozilla\firefox\profiles\i5e1hga6.default\extensions\[email protected]
[2014/01/09 04:19:57 | 000,915,554 | ---- | M] () (No name found) -- C:\Users\Greg Duke\AppData\Roaming\mozilla\firefox\profiles\i5e1hga6.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/05/12 21:25:41 | 000,002,352 | ---- | M] () -- C:\Users\Greg Duke\AppData\Roaming\mozilla\firefox\profiles\i5e1hga6.default\searchplugins\babylon.xml
[2013/01/09 18:48:07 | 000,002,432 | ---- | M] () -- C:\Users\Greg Duke\AppData\Roaming\mozilla\firefox\profiles\i5e1hga6.default\searchplugins\babylon1.xml
[2013/05/12 21:25:41 | 000,002,352 | ---- | M] () -- C:\Users\Greg Duke\AppData\Roaming\mozilla\firefox\profiles\i5e1hga6.default\searchplugins\BrowserProtect.xml
[2014/01/08 14:17:06 | 000,001,977 | ---- | M] () -- C:\Users\Greg Duke\AppData\Roaming\mozilla\firefox\profiles\i5e1hga6.default\searchplugins\search-here.xml
[2014/01/02 11:13:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2014/01/02 11:13:20 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2014/01/02 11:13:12 | 000,000,000 | ---D | M] (SySaver) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2014/01/02 11:13:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/01/02 11:13:08 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2014/01/02 11:14:03 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/09/19 22:23:01 | 000,000,000 | ---D | M] (RealDownloader) -- C:\PROGRAMDATA\REALNETWORKS\REALDOWNLOADER\BROWSERPLUGINS\FIREFOX\EXT
[2013/01/09 18:47:38 | 000,002,349 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
========== Chrome ==========
CHR - default_search_provider: Yahoo! Search (Enabled)
CHR - default_search_provider: search_url = http://us.yhs4.searc...0731,0,0,6,7635
CHR - default_search_provider: suggest_url = http://ff.search.yah...d={searchTerms}
CHR - homepage:
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\gcswf32.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Users\Greg Duke\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.5.0.11422_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.270.7 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java Platform SE 6 U27 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: RealNetworks RealDownloader Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
CHR - plugin: RealNetworks RealDownloader HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
CHR - plugin: RealNetworks RealDownloader PepperFlashVideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
CHR - plugin: RealDownloader Plugin (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Inbox Toolbar = C:\Users\Greg Duke\AppData\Local\Google\Chrome\User Data\Default\Extensions\apgjagobplilmcdfelodhgefiidomnfl\1.0.0.9_0\
CHR - Extension: YouTube = C:\Users\Greg Duke\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Solid Savings = C:\Users\Greg Duke\AppData\Local\Google\Chrome\User Data\Default\Extensions\cijeeimilokkhlfjombmalgpabbonmah\1.25.17_0\crossrider
CHR - Extension: Solid Savings = C:\Users\Greg Duke\AppData\Local\Google\Chrome\User Data\Default\Extensions\cijeeimilokkhlfjombmalgpabbonmah\1.25.17_0\
CHR - Extension: Google Search = C:\Users\Greg Duke\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: SySaver = C:\Users\Greg Duke\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjkpcnacdgdlpfejlgflolpaigoicibh\1_0\
CHR - Extension: RealDownloader = C:\Users\Greg Duke\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.3_0\
CHR - Extension: MixiDJ V1 = C:\Users\Greg Duke\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfjbflachhjbdbhfgknpgcgpchaikkok\10.21.1.507_0\
CHR - Extension: Wajam = C:\Users\Greg Duke\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_1\
CHR - Extension: Skype Click to Call = C:\Users\Greg Duke\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0\
CHR - Extension: Chrome In-App Payments service = C:\Users\Greg Duke\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
CHR - Extension: Gmail = C:\Users\Greg Duke\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL File not found
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll File not found
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe (Dell, Inc.)
O4 - HKLM..\Run: [Dell Registration] C:\Program Files (x86)\System Registration\prodreg.exe (Dell, Inc.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [NeroLauncher] C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe ()
O4 - HKLM..\Run: [TkBellExe] c:\program files (x86)\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKU\.DEFAULT..\Run: [SearchProtect] \SearchProtect\bin\cltmng.exe File not found
O4 - HKU\S-1-5-18..\Run: [SearchProtect] \SearchProtect\bin\cltmng.exe File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1563109977-2122601895-824292158-1000..\Run: [BackgroundContainer] C:\Users\Greg Duke\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll (Conduit Ltd.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O4 - Startup: C:\Users\Greg Duke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-1563109977-2122601895-824292158-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2DA12E24-E39C-44FE-B7F0-A9DE114A30A8}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{668C2A9B-7655-40D1-BAB1-F35DC10EED1B}: NameServer = 68.28.137.132 68.28.138.132
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{67B49301-D9F1-491B-A84E-0D8D9EC514E6}: NameServer = 0.0.0.0
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A0B8BE5A-798C-479C-9383-DCB619DCA8CF}: DhcpNameServer = 68.28.137.132
O18:64bit: - Protocol\Handler\cozi - No CLSID value found
O18:64bit: - Protocol\Handler\inbox - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
O18 - Protocol\Handler\inbox {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\PROGRA~2\INBOXT~1\Inbox.dll File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2014/01/10 03:26:47 | 000,016,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wmilib.sys.bak
[2014/01/10 03:26:46 | 000,151,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WimFltr.sys.bak
[2014/01/10 03:26:46 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys.bak
[2014/01/10 03:26:45 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\watchdog.sys.bak
[2014/01/10 03:26:43 | 000,129,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\videoprt.sys.bak
[2014/01/10 03:26:42 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbrpm.sys.bak
[2014/01/10 03:26:41 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys.bak
[2014/01/10 03:26:41 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys.bak
[2014/01/10 03:26:40 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBCAMD2.sys.bak
[2014/01/10 03:26:40 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys.bak
[2014/01/10 03:26:39 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbGD.sys.bak
[2014/01/10 03:26:38 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys.bak
[2014/01/10 03:26:37 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tdi.sys.bak
[2014/01/10 03:26:36 | 000,319,536 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\drivers\SynTP.sys.bak
[2014/01/10 03:26:36 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tape.sys.bak
[2014/01/10 03:26:35 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys.bak
[2014/01/10 03:26:35 | 000,068,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\stream.sys.bak
[2014/01/10 03:26:35 | 000,024,656 | ---- | C] (Promise Technology) -- C:\Windows\SysNative\drivers\stexstor.sys.bak
[2014/01/10 03:26:34 | 000,426,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\spsys.sys.bak
[2014/01/10 03:26:33 | 000,028,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Sftredirlh.sys.bak
[2014/01/10 03:26:33 | 000,023,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Sftvollh.sys.bak
[2014/01/10 03:26:33 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\smclib.sys.bak
[2014/01/10 03:26:32 | 000,767,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Sftfslh.sys.bak
[2014/01/10 03:26:32 | 000,273,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Sftplaylh.sys.bak
[2014/01/10 03:26:31 | 000,171,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\scsiport.sys.bak
[2014/01/10 03:26:29 | 000,245,792 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\drivers\RtsUStor.sys.bak
[2014/01/10 03:26:29 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys.bak
[2014/01/10 03:26:29 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rootmdm.sys.bak
[2014/01/10 03:26:28 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rmcast.sys.bak
[2014/01/10 03:26:25 | 000,240,640 | ---- | C] (QUALCOMM Incorporated) -- C:\Windows\SysNative\drivers\qcusbnetdl2k.sys.bak
[2014/01/10 03:26:25 | 000,121,216 | ---- | C] (QUALCOMM Incorporated) -- C:\Windows\SysNative\drivers\qcusbserdl2k.sys.bak
[2014/01/10 03:26:25 | 000,006,400 | ---- | C] (QUALCOMM Incorporated) -- C:\Windows\SysNative\drivers\qcfilterdl2k.sys.bak
[2014/01/10 03:26:24 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys.bak
[2014/01/10 03:26:24 | 000,048,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pciidex.sys.bak
[2014/01/10 03:26:23 | 000,041,280 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\Windows\SysNative\drivers\PCASp50a64.sys.bak
[2014/01/10 03:26:20 | 000,084,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys.bak
[2014/01/10 03:26:17 | 007,689,216 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\NETw5s64.sys.bak
[2014/01/10 03:26:17 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys.bak
[2014/01/10 03:26:08 | 000,065,600 | ---- | C] (LSI Corporation) -- C:\Windows\SysNative\drivers\lsi_sas2.sys.bak
[2014/01/10 03:26:08 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys.bak
[2014/01/10 03:26:08 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mcd.sys.bak
[2014/01/10 03:26:07 | 000,074,280 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\L1C62x64.sys.bak
[2014/01/10 03:26:05 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\irda.sys.bak
[2014/01/10 03:26:04 | 000,317,440 | ---- | C] (Intel® Corporation) -- C:\Windows\SysNative\drivers\IntcDAud.sys.bak
[2014/01/10 03:26:03 | 000,158,976 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\Impcd.sys.bak
[2014/01/10 03:26:00 | 010,620,224 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\igdkmd64.sys.bak
[2014/01/10 03:25:59 | 000,540,696 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStor.sys.bak
[2014/01/10 03:25:58 | 000,078,720 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\SysNative\drivers\HpSAMD.sys.bak
[2014/01/10 03:25:57 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys.bak
[2014/01/10 03:25:57 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidparse.sys.bak
[2014/01/10 03:25:56 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS.bak
[2014/01/10 03:25:56 | 000,056,344 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\HECIx64.sys.bak
[2014/01/10 03:25:56 | 000,031,232 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysNative\drivers\hcw85cir.sys.bak
[2014/01/10 03:25:55 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys.bak
[2014/01/10 03:25:53 | 003,286,016 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\evbda.sys.bak
[2014/01/10 03:25:52 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys.bak
[2014/01/10 03:25:51 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys.bak
[2014/01/10 03:25:51 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxg.sys.bak
[2014/01/10 03:25:51 | 000,055,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dumpfve.sys.bak
[2014/01/10 03:25:51 | 000,028,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Dumpata.sys.bak
[2014/01/10 03:25:51 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxapi.sys.bak
[2014/01/10 03:25:50 | 000,224,768 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\drivers\CtAudDrv.sys.bak
[2014/01/10 03:25:50 | 000,172,704 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\drivers\CtClsFlt.sys.bak
[2014/01/10 03:25:50 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys.bak
[2014/01/10 03:25:49 | 000,039,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\crashdmp.sys.bak
[2014/01/10 03:25:48 | 000,179,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys.bak
[2014/01/10 03:25:47 | 000,468,480 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\bxvbda.sys.bak
[2014/01/10 03:25:46 | 000,175,104 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\bpmp.sys.bak
[2014/01/10 03:25:46 | 000,081,920 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\bpusb.sys.bak
[2014/01/10 03:25:45 | 000,270,848 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\b57nd60a.sys.bak
[2014/01/10 03:25:45 | 000,071,168 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\bpenum.sys.bak
[2014/01/10 03:25:45 | 000,028,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\battc.sys.bak
[2014/01/10 03:25:44 | 000,155,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys.bak
[2014/01/10 03:25:43 | 000,194,128 | ---- | C] (AMD Technologies Inc.) -- C:\Windows\SysNative\drivers\amdsbs.sys.bak
[2014/01/10 03:25:43 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys.bak
[2014/01/10 03:25:43 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys.bak
[2014/01/10 03:25:40 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\1394bus.sys.bak
[2014/01/10 03:18:45 | 000,000,000 | ---D | C] -- C:\Users\Greg Duke\Desktop\RK_Quarantine
[2014/01/10 03:13:55 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Greg Duke\Desktop\OTL.exe
[2014/01/10 03:06:10 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Users\Greg Duke\Desktop\aswMBR.exe
[2014/01/09 05:25:26 | 000,028,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEUDINIT.EXE
[2014/01/09 05:21:33 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014/01/09 05:21:33 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2014/01/09 05:21:25 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll
[2014/01/09 05:21:25 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2014/01/09 05:21:24 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2014/01/09 05:21:24 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/01/09 05:21:24 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2014/01/09 05:21:24 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/01/09 05:21:24 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2014/01/09 05:21:24 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2014/01/09 05:21:24 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/01/09 05:21:23 | 001,926,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/01/09 05:21:23 | 001,051,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014/01/09 05:21:23 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/01/09 05:21:23 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2014/01/09 05:21:23 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2014/01/09 05:21:23 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2014/01/09 05:21:23 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2014/01/09 05:21:23 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/01/09 05:21:23 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2014/01/09 05:21:23 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/01/09 05:21:23 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2014/01/09 05:21:23 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/01/09 05:21:23 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2014/01/09 05:21:22 | 000,610,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2014/01/09 05:21:22 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/01/09 05:21:22 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2014/01/09 05:21:22 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2014/01/09 05:21:22 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/01/09 05:21:22 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2014/01/09 05:21:22 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2014/01/09 05:21:22 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014/01/09 05:21:22 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/01/09 05:21:22 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2014/01/09 05:21:22 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2014/01/09 05:21:21 | 000,942,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll
[2014/01/09 05:21:21 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2014/01/09 05:21:21 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2014/01/09 05:21:20 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2014/01/09 05:21:20 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/01/09 05:21:20 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2014/01/09 05:21:20 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2014/01/09 05:21:19 | 005,765,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/01/09 05:21:19 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/01/09 05:21:19 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/01/09 05:21:19 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/01/09 05:21:19 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2014/01/09 05:21:19 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/01/09 05:21:19 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2014/01/09 05:21:19 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2014/01/09 05:21:19 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2014/01/09 05:21:19 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2014/01/09 05:21:19 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014/01/09 05:21:18 | 001,993,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/01/09 05:21:18 | 001,228,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014/01/09 05:21:18 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/01/09 05:21:18 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/01/09 05:21:18 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2014/01/09 05:21:18 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/01/09 05:21:18 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2014/01/09 05:21:18 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/01/09 05:21:18 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2014/01/09 05:21:18 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2014/01/09 05:21:18 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/01/09 05:21:18 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2014/01/09 05:21:18 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/01/09 05:21:18 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2014/01/09 05:21:18 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/01/09 05:21:18 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/01/09 05:21:18 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2014/01/09 05:21:17 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2014/01/09 05:21:17 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2014/01/09 05:21:17 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2014/01/09 05:21:17 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/01/09 05:21:17 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014/01/09 05:21:17 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2014/01/09 05:21:17 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/01/09 05:21:17 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2014/01/09 05:21:17 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2014/01/09 05:21:17 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/01/09 02:36:14 | 000,000,000 | ---D | C] -- C:\ProgramData\PCPowerSpeed
[2014/01/02 11:13:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/01/02 10:56:34 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msieftp.dll
[2014/01/02 10:56:30 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msieftp.dll
[2014/01/02 10:53:24 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2014/01/02 10:53:21 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2014/01/02 10:52:39 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2013/12/24 22:26:13 | 001,474,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013/12/24 22:25:31 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2013/12/24 22:25:31 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2013/12/24 22:25:30 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\credui.dll
[2013/12/24 22:25:30 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmartcardCredentialProvider.dll
[2013/12/24 22:25:30 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
[2013/12/24 22:24:50 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2013/12/24 22:24:50 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2013/12/24 22:24:49 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2013/12/24 22:24:49 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2013/12/24 22:24:49 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2013/12/24 22:10:08 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2013/12/24 22:10:07 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2013/12/24 22:10:06 | 011,410,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2013/12/24 22:10:00 | 014,631,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2013/12/24 22:09:50 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2013/12/24 22:03:00 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL
[2013/12/24 22:02:59 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshwfp.dll
[2013/12/24 22:02:58 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL
[2013/12/24 22:02:57 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshwfp.dll
[2013/12/24 22:00:01 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshom.ocx
[2013/12/24 21:59:58 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrrun.dll
[2013/12/24 21:59:56 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cscript.exe
[2013/12/24 21:59:34 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshom.ocx
[2013/12/24 21:59:30 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrrun.dll
[2013/12/24 21:59:30 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscript.exe
[2013/12/24 20:43:55 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys
[2013/12/24 20:43:55 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys
[2013/12/24 19:46:19 | 008,699,272 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[4 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014/01/10 03:54:36 | 000,000,422 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2014/01/10 03:37:23 | 000,000,512 | ---- | M] () -- C:\Users\Greg Duke\Desktop\MBR.dat
[2014/01/10 03:26:47 | 000,016,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wmilib.sys.bak
[2014/01/10 03:26:46 | 000,151,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WimFltr.sys.bak
[2014/01/10 03:26:46 | 000,054,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys.bak
[2014/01/10 03:26:45 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\watchdog.sys.bak
[2014/01/10 03:26:43 | 000,129,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\videoprt.sys.bak
[2014/01/10 03:26:42 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbrpm.sys.bak
[2014/01/10 03:26:41 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys.bak
[2014/01/10 03:26:41 | 000,007,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys.bak
[2014/01/10 03:26:40 | 000,032,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBCAMD2.sys.bak
[2014/01/10 03:26:40 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys.bak
[2014/01/10 03:26:39 | 000,059,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys.bak
[2014/01/10 03:26:39 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbGD.sys.bak
[2014/01/10 03:26:38 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tdi.sys.bak
[2014/01/10 03:26:36 | 000,319,536 | ---- | M] (Synaptics Incorporated) -- C:\Windows\SysNative\drivers\SynTP.sys.bak
[2014/01/10 03:26:36 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tape.sys.bak
[2014/01/10 03:26:35 | 000,189,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys.bak
[2014/01/10 03:26:35 | 000,068,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\stream.sys.bak
[2014/01/10 03:26:35 | 000,024,656 | ---- | M] (Promise Technology) -- C:\Windows\SysNative\drivers\stexstor.sys.bak
[2014/01/10 03:26:34 | 000,426,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\spsys.sys.bak
[2014/01/10 03:26:34 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\smclib.sys.bak
[2014/01/10 03:26:33 | 000,273,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Sftplaylh.sys.bak
[2014/01/10 03:26:33 | 000,028,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Sftredirlh.sys.bak
[2014/01/10 03:26:33 | 000,023,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Sftvollh.sys.bak
[2014/01/10 03:26:32 | 000,767,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Sftfslh.sys.bak
[2014/01/10 03:26:31 | 000,171,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\scsiport.sys.bak
[2014/01/10 03:26:30 | 000,245,792 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\drivers\RtsUStor.sys.bak
[2014/01/10 03:26:29 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys.bak
[2014/01/10 03:26:29 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rootmdm.sys.bak
[2014/01/10 03:26:28 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rmcast.sys.bak
[2014/01/10 03:26:25 | 000,240,640 | ---- | M] (QUALCOMM Incorporated) -- C:\Windows\SysNative\drivers\qcusbnetdl2k.sys.bak
[2014/01/10 03:26:25 | 000,230,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys.bak
[2014/01/10 03:26:25 | 000,121,216 | ---- | M] (QUALCOMM Incorporated) -- C:\Windows\SysNative\drivers\qcusbserdl2k.sys.bak
[2014/01/10 03:26:25 | 000,006,400 | ---- | M] (QUALCOMM Incorporated) -- C:\Windows\SysNative\drivers\qcfilterdl2k.sys.bak
[2014/01/10 03:26:24 | 000,048,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pciidex.sys.bak
[2014/01/10 03:26:23 | 000,041,280 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\Windows\SysNative\drivers\PCASp50a64.sys.bak
[2014/01/10 03:26:20 | 000,084,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys.bak
[2014/01/10 03:26:18 | 007,689,216 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\NETw5s64.sys.bak
[2014/01/10 03:26:17 | 000,376,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys.bak
[2014/01/10 03:26:09 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mcd.sys.bak
[2014/01/10 03:26:08 | 000,065,600 | ---- | M] (LSI Corporation) -- C:\Windows\SysNative\drivers\lsi_sas2.sys.bak
[2014/01/10 03:26:08 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys.bak
[2014/01/10 03:26:07 | 000,074,280 | ---- | M] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\L1C62x64.sys.bak
[2014/01/10 03:26:05 | 000,120,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\irda.sys.bak
[2014/01/10 03:26:04 | 000,317,440 | ---- | M] (Intel® Corporation) -- C:\Windows\SysNative\drivers\IntcDAud.sys.bak
[2014/01/10 03:26:04 | 000,158,976 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\Impcd.sys.bak
[2014/01/10 03:26:01 | 010,620,224 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\igdkmd64.sys.bak
[2014/01/10 03:25:59 | 000,540,696 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStor.sys.bak
[2014/01/10 03:25:58 | 000,078,720 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\SysNative\drivers\HpSAMD.sys.bak
[2014/01/10 03:25:57 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys.bak
[2014/01/10 03:25:57 | 000,056,344 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\HECIx64.sys.bak
[2014/01/10 03:25:57 | 000,032,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidparse.sys.bak
[2014/01/10 03:25:56 | 000,288,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS.bak
[2014/01/10 03:25:56 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysNative\drivers\hcw85cir.sys.bak
[2014/01/10 03:25:55 | 000,023,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys.bak
[2014/01/10 03:25:53 | 003,286,016 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\evbda.sys.bak
[2014/01/10 03:25:52 | 000,265,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys.bak
[2014/01/10 03:25:52 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxg.sys.bak
[2014/01/10 03:25:51 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys.bak
[2014/01/10 03:25:51 | 000,055,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dumpfve.sys.bak
[2014/01/10 03:25:51 | 000,028,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Dumpata.sys.bak
[2014/01/10 03:25:51 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxapi.sys.bak
[2014/01/10 03:25:50 | 000,224,768 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\SysNative\drivers\CtAudDrv.sys.bak
[2014/01/10 03:25:50 | 000,172,704 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\SysNative\drivers\CtClsFlt.sys.bak
[2014/01/10 03:25:50 | 000,027,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys.bak
[2014/01/10 03:25:49 | 000,039,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\crashdmp.sys.bak
[2014/01/10 03:25:48 | 000,179,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys.bak
[2014/01/10 03:25:47 | 000,468,480 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\bxvbda.sys.bak
[2014/01/10 03:25:46 | 000,175,104 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\bpmp.sys.bak
[2014/01/10 03:25:46 | 000,081,920 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\bpusb.sys.bak
[2014/01/10 03:25:46 | 000,071,168 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\bpenum.sys.bak
[2014/01/10 03:25:45 | 000,270,848 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\b57nd60a.sys.bak
[2014/01/10 03:25:45 | 000,155,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys.bak
[2014/01/10 03:25:45 | 000,028,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\battc.sys.bak
[2014/01/10 03:25:44 | 000,027,008 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys.bak
[2014/01/10 03:25:43 | 000,194,128 | ---- | M] (AMD Technologies Inc.) -- C:\Windows\SysNative\drivers\amdsbs.sys.bak
[2014/01/10 03:25:43 | 000,107,904 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys.bak
[2014/01/10 03:25:41 | 000,068,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\1394bus.sys.bak
[2014/01/10 03:25:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/01/10 03:14:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Greg Duke\Desktop\OTL.exe
[2014/01/10 03:07:14 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/10 03:06:35 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Users\Greg Duke\Desktop\aswMBR.exe
[2014/01/10 03:01:34 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/10 03:01:34 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/10 02:53:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/10 02:52:45 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2014/01/10 02:52:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/10 02:52:29 | 1501,974,528 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/09 14:14:20 | 004,406,784 | ---- | M] () -- C:\Users\Greg Duke\Desktop\RogueKillerX64.exe
[2014/01/09 05:21:33 | 000,940,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014/01/09 05:21:33 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2014/01/09 05:21:25 | 000,645,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll
[2014/01/09 05:21:25 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2014/01/09 05:21:24 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/01/09 05:21:24 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2014/01/09 05:21:24 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/01/09 05:21:24 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2014/01/09 05:21:24 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/01/09 05:21:24 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2014/01/09 05:21:24 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2014/01/09 05:21:24 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/01/09 05:21:23 | 001,926,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/01/09 05:21:23 | 001,051,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014/01/09 05:21:23 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2014/01/09 05:21:23 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2014/01/09 05:21:23 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2014/01/09 05:21:23 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/01/09 05:21:23 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2014/01/09 05:21:23 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/01/09 05:21:23 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2014/01/09 05:21:23 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/01/09 05:21:23 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2014/01/09 05:21:23 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/01/09 05:21:23 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2014/01/09 05:21:23 | 000,016,284 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2014/01/09 05:21:22 | 000,610,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2014/01/09 05:21:22 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/01/09 05:21:22 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2014/01/09 05:21:22 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2014/01/09 05:21:22 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2014/01/09 05:21:22 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2014/01/09 05:21:22 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014/01/09 05:21:22 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/01/09 05:21:22 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2014/01/09 05:21:22 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2014/01/09 05:21:21 | 000,942,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll
[2014/01/09 05:21:21 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2014/01/09 05:21:21 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2014/01/09 05:21:20 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2014/01/09 05:21:20 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/01/09 05:21:20 | 000,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2014/01/09 05:21:20 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2014/01/09 05:21:19 | 005,765,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/01/09 05:21:19 | 000,708,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/01/09 05:21:19 | 000,574,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/01/09 05:21:19 | 000,453,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/01/09 05:21:19 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2014/01/09 05:21:19 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/01/09 05:21:19 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2014/01/09 05:21:19 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2014/01/09 05:21:19 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2014/01/09 05:21:19 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2014/01/09 05:21:19 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014/01/09 05:21:18 | 001,993,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/01/09 05:21:18 | 001,228,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014/01/09 05:21:18 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/01/09 05:21:18 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/01/09 05:21:18 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2014/01/09 05:21:18 | 000,548,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/01/09 05:21:18 | 000,235,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2014/01/09 05:21:18 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/01/09 05:21:18 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2014/01/09 05:21:18 | 000,143,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2014/01/09 05:21:18 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/01/09 05:21:18 | 000,101,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2014/01/09 05:21:18 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/01/09 05:21:18 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2014/01/09 05:21:18 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/01/09 05:21:18 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/01/09 05:21:18 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2014/01/09 05:21:18 | 000,016,284 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2014/01/09 05:21:17 | 000,774,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2014/01/09 05:21:17 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2014/01/09 05:21:17 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2014/01/09 05:21:17 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/01/09 05:21:17 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014/01/09 05:21:17 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2014/01/09 05:21:17 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/01/09 05:21:17 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2014/01/09 05:21:17 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2014/01/09 05:21:17 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/01/09 04:47:23 | 000,783,272 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/01/09 04:47:23 | 000,662,924 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/01/09 04:47:23 | 000,122,462 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/01/08 14:33:53 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/01/07 12:19:56 | 000,294,024 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/12/24 19:47:54 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/12/24 19:47:53 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/12/24 19:46:27 | 008,699,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[4 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014/01/10 03:37:23 | 000,000,512 | ---- | C] () -- C:\Users\Greg Duke\Desktop\MBR.dat
[2014/01/09 14:14:10 | 004,406,784 | ---- | C] () -- C:\Users\Greg Duke\Desktop\RogueKillerX64.exe
[2014/01/09 05:21:23 | 000,016,284 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2014/01/09 05:21:18 | 000,016,284 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013/03/09 16:15:22 | 000,000,258 | RHS- | C] () -- C:\Users\Greg Duke\ntuser.pol
[2012/12/22 05:53:15 | 000,005,243 | ---- | C] () -- C:\Users\Greg Duke\AppData\Roaming\UserTile.png
[2011/10/14 02:08:51 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
========== ZeroAccess Check ==========
[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 21:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 20:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013/09/08 01:07:16 | 000,000,000 | ---D | M] -- C:\Users\Greg Duke\AppData\Roaming\24x7 Help
[2013/07/31 18:51:23 | 000,000,000 | ---D | M] -- C:\Users\Greg Duke\AppData\Roaming\AVG2013
[2013/09/08 01:11:09 | 000,000,000 | ---D | M] -- C:\Users\Greg Duke\AppData\Roaming\DefaultTab
[2013/10/07 17:20:37 | 000,000,000 | ---D | M] -- C:\Users\Greg Duke\AppData\Roaming\FreePriceAlerts
[2013/09/08 01:07:16 | 000,000,000 | ---D | M] -- C:\Users\Greg Duke\AppData\Roaming\Iminent
[2012/02/25 17:23:04 | 000,000,000 | ---D | M] -- C:\Users\Greg Duke\AppData\Roaming\Leadertech
[2013/01/09 19:43:56 | 000,000,000 | ---D | M] -- C:\Users\Greg Duke\AppData\Roaming\OpenOffice.org
[2013/01/09 19:01:36 | 000,000,000 | ---D | M] -- C:\Users\Greg Duke\AppData\Roaming\OpenOfficePackages
[2014/01/07 12:03:42 | 000,000,000 | ---D | M] -- C:\Users\Greg Duke\AppData\Roaming\PCPowerSpeed
[2013/09/08 01:11:09 | 000,000,000 | ---D | M] -- C:\Users\Greg Duke\AppData\Roaming\SearchProtect
[2014/01/07 11:53:28 | 000,000,000 | ---D | M] -- C:\Users\Greg Duke\AppData\Roaming\SoftGrid Client
[2013/01/09 18:04:51 | 000,000,000 | ---D | M] -- C:\Users\Greg Duke\AppData\Roaming\TP
[2013/07/31 18:50:07 | 000,000,000 | ---D | M] -- C:\Users\Greg Duke\AppData\Roaming\TuneUp Software
[2013/10/24 18:01:05 | 000,000,000 | ---D | M] -- C:\Users\Greg Duke\AppData\Roaming\Windows Live Writer
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
< MD5 for: EXPLORER.EXE >
[2011/10/14 03:25:39 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/10/14 03:25:39 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/10/14 03:25:39 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/10/14 03:25:39 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 22:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/10/14 03:25:39 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/10/14 03:25:39 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/20 22:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
< MD5 for: SVCHOST.EXE >
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: USERINIT.EXE >
[2010/11/20 22:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 22:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/20 22:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 22:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010/11/20 22:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 22:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
< %systemroot%\*. /mp /s >
< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2014/01/02 11:13:38 | 000,872,352 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2014/01/02 11:13:38 | 000,872,352 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2014/01/02 11:13:38 | 000,872,352 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" [2014/01/02 11:14:00 | 000,275,568 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -preferences [2014/01/02 11:14:00 | 000,275,568 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -safe-mode [2014/01/02 11:14:00 | 000,275,568 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --show-icons [2013/12/03 21:48:06 | 000,863,184 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --hide-icons [2013/12/03 21:48:06 | 000,863,184 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [2013/12/03 21:48:06 | 000,863,184 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [2013/12/03 21:48:06 | 000,863,184 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2014/01/09 05:21:21 | 000,804,560 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2014/01/09 05:21:21 | 000,804,560 | ---- | M] (Microsoft Corporation)
< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /HIDESHORTCUTS [2014/01/02 11:13:38 | 000,872,352 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SHOWSHORTCUTS [2014/01/02 11:13:38 | 000,872,352 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SETASDEFAULTAPPGLOBAL [2014/01/02 11:13:38 | 000,872,352 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" [2014/01/02 11:14:00 | 000,275,568 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -PREFERENCES [2014/01/02 11:14:00 | 000,275,568 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -SAFE-MODE [2014/01/02 11:14:00 | 000,275,568 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --SHOW-ICONS [2013/12/03 21:48:06 | 000,863,184 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --HIDE-ICONS [2013/12/03 21:48:06 | 000,863,184 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --MAKE-DEFAULT-BROWSER [2013/12/03 21:48:06 | 000,863,184 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" [2013/12/03 21:48:06 | 000,863,184 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2014/01/09 05:21:18 | 000,218,624 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2014/01/09 05:21:18 | 000,218,624 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2014/01/09 05:21:18 | 000,218,624 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2014/01/09 05:21:21 | 000,804,560 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE [2014/01/09 05:21:21 | 000,804,560 | ---- | M] (Microsoft Corporation)
< End of report >
OTL Extras
OTL Extras logfile created on: 1/10/2014 3:41:14 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Greg Duke\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.87 Gb Total Physical Memory | 0.78 Gb Available Physical Memory | 41.77% Memory free
3.73 Gb Paging File | 1.90 Gb Available in Paging File | 50.91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 221.96 Gb Total Space | 178.26 Gb Free Space | 80.31% Space Free | Partition Type: NTFS
Computer Name: MYRA-LAPTOP | User Name: Greg Duke | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1563109977-2122601895-824292158-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{17EC0EFD-BC7A-4756-A099-F06AA77A1E33}" = lport=9700 | protocol=17 | dir=in | name=syncup_udp_9700 |
"{393A9ED1-EAF6-4ADE-8B8E-14848EEE8AA6}" = lport=445 | protocol=6 | dir=in | app=system |
"{3D0D2CBA-D1DD-4257-BB02-0B704E8AAC9F}" = rport=445 | protocol=6 | dir=out | app=system |
"{6C2CC718-AD5F-4659-B3F1-78CCE9AC80B6}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{6CFDBF35-3B7F-4935-84C2-A30D2E74C08D}" = lport=9700 | protocol=6 | dir=in | name=syncup_tcp_9700 |
"{76CED2D9-4545-4A3D-BD28-D72B1574FE37}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{89A04EBD-4E55-4519-B72B-6BE363FEC127}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8BB3265F-A6D9-43F3-BEF7-E508C43BDC9A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{97C8A29B-2B70-41E5-B021-7A8B972FAC52}" = rport=139 | protocol=6 | dir=out | app=system |
"{A219E9C9-BAB3-4CCC-AA8D-9C03728ACDCF}" = lport=138 | protocol=17 | dir=in | app=system |
"{C9DF7CBD-B9E4-4E8C-BDD0-D4C58BAA0067}" = rport=138 | protocol=17 | dir=out | app=system |
"{D2D7C088-A56F-4E40-BAB8-1B4BE7714F53}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D544F82C-0ED7-4718-A4F3-AF300C31C9B1}" = lport=139 | protocol=6 | dir=in | app=system |
"{E2A738EF-6C53-4F6A-8167-62975F135CCB}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{E9014C94-DF46-4163-8FD2-6018B241467C}" = rport=137 | protocol=17 | dir=out | app=system |
"{F68CBA69-7014-4804-B5A4-36707A079422}" = lport=9701 | protocol=6 | dir=in | name=syncup_tcp_9701 |
"{F6A6AF63-5C3C-43D9-9421-6FEA38B1FEDE}" = lport=137 | protocol=17 | dir=in | app=system |
"{F78636AA-05E3-4880-A1A5-21FA52FCFCEF}" = lport=9702 | protocol=6 | dir=in | name=syncup_tcp_9702 |
"{FCE2B3AF-43E2-4C55-A3B7-9917DC7310C2}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{20D3B7FA-EB18-44FF-BC33-47A22D7D454B}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{2F7D9222-76CC-4B56-B57E-802E5C38F231}" = protocol=58 | dir=in | [email protected],-28545 |
"{3912220F-07CC-46BA-B331-2404B65884CE}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{45A2AF25-AC72-4B99-A81B-15C965331B07}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{51D31B47-D298-44AD-930B-EB55188B3403}" = protocol=17 | dir=in | app=c:\program files (x86)\nero\nero blu-ray player\blu-rayplayer.exe |
"{6014FD09-ED0F-4D5C-8737-2DD50D99FD09}" = protocol=17 | dir=in | app=c:\program files\intel\wimax\bin\dmagent.exe |
"{848F4FFA-97B2-4D81-817E-00367A293C02}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{903A2CD4-2789-43FA-BE97-A296BD469F60}" = protocol=6 | dir=in | app=c:\program files (x86)\nero\nero blu-ray player\blu-rayplayer.exe |
"{909CB757-DE06-40BC-9A6F-9F2CFF321F0C}" = protocol=6 | dir=in | app=c:\program files\intel\wimax\bin\appsrv.exe |
"{9487AFC1-2814-4814-9004-55E3DC26A188}" = protocol=17 | dir=in | app=c:\program files\intel\wimax\bin\appsrv.exe |
"{96C4E7EF-A0AA-4C46-9CB3-628E2961F8AE}" = protocol=58 | dir=out | [email protected],-28546 |
"{B3BE1210-B3F6-4A92-855A-20C6B56D79EA}" = protocol=1 | dir=out | [email protected],-28544 |
"{C98E2190-D957-4679-BFC4-388ED3876BA1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C9A9C7D3-4301-44A2-8A13-8B9F87DB9727}" = protocol=6 | dir=in | app=c:\program files\intel\wimax\bin\dmagent.exe |
"{D1B37B46-957B-45D6-A2AC-C7DEF263646B}" = protocol=1 | dir=in | [email protected],-28543 |
"TCP Query User{9A04AD5D-5DDD-4F00-A674-0F95EA63A17B}C:\program files (x86)\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files (x86)\real\realplayer\realplay.exe |
"UDP Query User{41AEAF67-384A-46C5-9ED2-0C8795FD3DC5}C:\program files (x86)\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files (x86)\real\realplayer\realplay.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{26A24AE4-039D-4CA4-87B4-2F86416027FF}" = Java 6 Update 27 (64-bit)
"{42738DB0-FC3E-4672-A99B-9372F5696E30}" = Microsoft Security Client
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6548B189-BEA4-4041-80E0-AEB60548E046}" = Intel® PROSet/Wireless WiMAX Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{C73A3942-84C8-4597-9F9B-EE227DCBA758}" = Dell Dock
"{D16A2127-B927-4379-B153-3DEC091E4EEB}" = Intel® PROSet/Wireless WiFi Software
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Dell Support Center" = Dell Support Center
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{26A24AE4-039D-4CA4-87B4-2F83216027FF}" = Java 6 Update 27
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2A0F2CC5-3065-492C-8380-B03AA7106B1A}" = Dell Product Registration
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker
"{40F06490-8C14-43AA-99D3-EEEFDBAC3CFC}" = SyncUP
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{5030C973-F5BA-4432-860C-A3DA77BFEB05}" = Qualcomm Gobi 2000 Package for Dell
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{612AD33D-9824-4E87-8396-92374E91C4BB}_is1" = Inbox Toolbar
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{7EC66A95-AC2D-4127-940B-0445A526AB2F}" = Dell DataSafe Online
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F1F2AEA-C72A-4DD6-991E-C5506A5625E4}" = OpenOffice.org 3.4.1
"{A2FE691E-3F8E-4E30-AA7D-FF17AC77EA87}" = Nero Blu-ray Player
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}" = Dell Home Systems Service Agreement
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.05)
"{B0C56FD7-493D-44DD-B007-BBB5117D6E6F}_is1" = PC Power Speed 1.1.0.36
"{B4089055-D468-45A4-A6BA-5A138DD715FC}" = Bing Bar
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BAEF9F3A-D10C-40DF-819D-D21D9600AE1A}" = Extreme Flash Player
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}" = RealDownloader
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{D92C9CCE-E5F0-4125-977A-0590F3225B74}" = SyncUP
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{EA1F3D6C-A6F5-4CDC-B0D3-9C56C06B4D29}" = Cozi
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Dell Dock" = Dell Dock
"Dell Webcam Central" = Dell Webcam Central
"Google Chrome" = Google Chrome
"GoToAssist" = GoToAssist 8.0.0.514
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Mozilla Firefox 26.0 (x86 en-US)" = Mozilla Firefox 26.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"RealPlayer 16.0" = RealPlayer
"WinLiveSuite_Wave3" = Windows Live Essentials
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1563109977-2122601895-824292158-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"OpenOffice Packages" = OpenOffice Packages
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 10/28/2013 9:51:55 PM | Computer Name = Myra-Laptop | Source = ESENT | ID = 455
Description = Windows (3112) Windows: Error -1811 occurred while opening logfile
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00008.log.
Error - 10/28/2013 9:51:55 PM | Computer Name = Myra-Laptop | Source = Windows Search Service | ID = 9000
Description =
Error - 10/28/2013 9:51:55 PM | Computer Name = Myra-Laptop | Source = Windows Search Service | ID = 7040
Description =
Error - 10/28/2013 9:51:55 PM | Computer Name = Myra-Laptop | Source = Windows Search Service | ID = 7042
Description =
Error - 10/28/2013 9:51:55 PM | Computer Name = Myra-Laptop | Source = Windows Search Service | ID = 9002
Description =
Error - 10/28/2013 9:51:55 PM | Computer Name = Myra-Laptop | Source = Windows Search Service | ID = 3029
Description =
Error - 10/28/2013 9:51:55 PM | Computer Name = Myra-Laptop | Source = Windows Search Service | ID = 3029
Description =
Error - 10/28/2013 9:51:55 PM | Computer Name = Myra-Laptop | Source = Windows Search Service | ID = 3028
Description =
Error - 10/28/2013 9:51:55 PM | Computer Name = Myra-Laptop | Source = Windows Search Service | ID = 3058
Description =
Error - 10/28/2013 9:51:55 PM | Computer Name = Myra-Laptop | Source = Windows Search Service | ID = 7010
Description =
[ System Events ]
Error - 12/24/2013 11:09:50 PM | Computer Name = Myra-Laptop | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Internet Explorer 11 for Windows 7 for x64-based Systems.
Error - 12/24/2013 11:09:53 PM | Computer Name = Myra-Laptop | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x8024200d: Update for Windows 7 for x64-based Systems (KB2891804).
Error - 12/24/2013 11:33:32 PM | Computer Name = Myra-Laptop | Source = Service Control Manager | ID = 7022
Description = The Intel® PROSet/Wireless WiMAX Red Bend Device Management Service
service hung on starting.
Error - 1/2/2014 11:34:09 AM | Computer Name = Myra-Laptop | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the SftService service.
Error - 1/2/2014 11:37:21 AM | Computer Name = Myra-Laptop | Source = Service Control Manager | ID = 7022
Description = The Windows Update service hung on starting.
Error - 1/2/2014 11:53:22 AM | Computer Name = Myra-Laptop | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Windows
Presentation Foundation Font Cache 3.0.0.0 service to connect.
Error - 1/2/2014 11:53:22 AM | Computer Name = Myra-Laptop | Source = Service Control Manager | ID = 7000
Description = The Windows Presentation Foundation Font Cache 3.0.0.0 service failed
to start due to the following error: %%1053
Error - 1/2/2014 12:25:20 PM | Computer Name = Myra-Laptop | Source = Service Control Manager | ID = 7022
Description = The Intel® PROSet/Wireless WiMAX Red Bend Device Management Service
service hung on starting.
Error - 1/2/2014 12:25:31 PM | Computer Name = Myra-Laptop | Source = Microsoft Antimalware | ID = 3002
Description = %%860 Real-Time Protection feature has encountered an error and failed.
Feature:
%%835 Error Code: 0x80004005 Error description: Unspecified error Reason: %%842
Error - 1/7/2014 12:45:05 PM | Computer Name = Myra-Laptop | Source = Service Control Manager | ID = 7043
Description = The Windows Update service did not shut down properly after receiving
a preshutdown control.
< End of report >
Edited by CJDesmond, 10 January 2014 - 04:00 AM.