View Full Version : Nasty malware not detected by any removal software!
brchapman
2014-05-23, 18:15
I have a real nasty virus that keeps changing my proxy server settings and redirects online to ad sites and has tons of popups on web pages. I've tried to detect it with Spybot, AVG, Malwarbytes and Mcafee, but no luck. Can you help????
:snwelcome:
Please read this and go to page 2 and download and run the required programs and post the logs please, without this information its hard to help you
http://forums.spybot.info/showthread.php?288-quot-BEFORE-You-POST-quot-(Please-read-this-Procedure-Before-Requesting-Assistance)
brchapman
2014-05-25, 18:53
Here are the log files (atached) Any help will be greatly appreciated!
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17041 BrowserJavaVersion: 10.55.2
Run by Barry Chapman at 10:38:59 on 2014-05-25
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.12205.8448 [GMT -4:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Spybot - Search and Destroy *Enabled/Updated* {20A26C15-1AF0-7CA3-9380-FAB824A7EE0D}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Backblaze\bzserv.exe
C:\Windows\system32\taskeng.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
c:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files (x86)\Backblaze\bzbui.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Windows\system32\mfevtps.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\Microsoft\SystemUpdatekb70007\WindowsUpdater.exe
C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
C:\Windows\SysWOW64\vmnat.exe
C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
C:\Program Files (x86)\MSR\Privoxy\privoxy.exe
C:\Program Files\McAfee\MSC\McAPExe.exe
C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
C:\Windows\system32\taskeng.exe
C:\Windows\SysWOW64\vmnetdhcp.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\msiexec.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Dell Backup and Recovery\COMPONENTS\DBRUPDATE\DBRUPD.EXE
C:\Program Files (x86)\Dell Backup and Recovery\TOASTER.EXE
C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
C:\Program Files (x86)\Pervasive Software\PSQL\bin\w3dbsmgr.exe
C:\Windows\system32\taskmgr.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
mStart Page = about:blank
uProxyServer = hxxp=127.0.0.1:8118;https=127.0.0.1:8118
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
EB: Adobe PDF: {182EC0BE-5110-49C8-A062-BEB1D02A220B} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
uRun: [updateMgr] "C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe" AcStd7_1_0 -reboot 1
uRun: [Backblaze] "C:\Program Files (x86)\Backblaze\bzbui.exe" -quiet
mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
mRun: [mcpltui_exe] "C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe" /platui
mExplorerRun: [BtvStack] "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe"
StartupFolder: C:\Users\BARRYC~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\Program Files (x86)\ERUNT\AUTOBACK.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEA~1.LNK - C:\Windows\Installer\{AC76BA86-1033-F400-BA7E-100000000002}\SC_Acrobat.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\STARTP~1.LNK - C:\Windows\Installer\{0A3238D7-AB32-1030-B717-F3E3F18B4A8C}\WGE.14A03FCD_EA43_4130_A5C0_F02D38895A13.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-System: DisableCAD = dword:1
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: Convert link target to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
LSP: %SystemRoot%\system32\vsocklib.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 8.8.8.8 8.8.4.4 205.152.144.23 205.152.132.23
TCP: Interfaces\{52E3D270-9F67-475E-B16A-1D6443366E50} : DHCPNameServer = 8.8.8.8 8.8.4.4 205.152.144.23 205.152.132.23
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = about:blank
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Run: [IgfxTray] "C:\Windows\System32\igfxtray.exe"
x64-Run: [HotKeysCmds] "C:\Windows\System32\hkcmd.exe"
x64-Run: [Persistence] "C:\Windows\System32\igfxpers.exe"
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
x64-Run: [RtHDVBg] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX4
x64-Run: [IAStorIcon] "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Barry Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\76t9nm76.default\
FF - prefs.js: network.proxy.ssl_port - 8118
FF - plugin: c:\PROGRA~2\mcafee\msc\npMcSnFFPl.dll
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrlui.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2014-3-22 666984]
R0 iaStorF;iaStorF;C:\Windows\System32\drivers\iaStorF.sys [2014-3-22 28008]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2014-3-21 20464]
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2012-11-8 784760]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2012-11-8 346760]
R1 SDHookDriver;Hook Test Driver;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys [2014-5-15 64160]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2014-3-21 98208]
R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe [2013-7-2 312448]
R2 bzserv;Backblaze Service;C:\Program Files (x86)\Backblaze\bzserv.exe [2014-5-13 234600]
R2 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2014-1-13 198664]
R2 HomeNetSvc;McAfee Home Network;C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [2014-3-21 328928]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-7-29 14696]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-5-11 733696]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-3-21 169432]
R2 McAPExe;McAfee AP Service;C:\Program Files\mcafee\msc\McAPExe.exe [2012-11-29 178528]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [2014-3-21 328928]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [2014-3-21 328928]
R2 McOobeSv2;McAfee OOBE Service2;C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [2014-3-21 328928]
R2 mcpltsvc;McAfee Platform Services;C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [2014-3-21 328928]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [2014-3-21 328928]
R2 mfecore;McAfee Anti-Malware Core;C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe [2014-3-21 1041192]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe [2014-3-21 219752]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2014-3-21 189912]
R2 RtkAudioService;Realtek Audio Service;C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2014-3-21 246488]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-5-15 1738200]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-5-15 2081752]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-5-15 171928]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [2014-4-4 1915920]
R2 SystemUpdatekb70007;SystemUpdatekb70007;C:\Windows\Microsoft\SystemUpdatekb70007\WindowsUpdater.exe [2014-5-14 18944]
R2 VMUSBArbService;VMware USB Arbitration Service;C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2011-8-29 846448]
R2 ZAtheros Wlan Agent;ZAtheros Wlan Agent;C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [2014-3-21 81536]
R3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2013-7-2 89800]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2013-7-2 347336]
R3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;C:\Windows\System32\drivers\btath_avdt.sys [2013-7-2 116424]
R3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2013-7-2 34384]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2013-7-2 179432]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers\btath_lwflt.sys [2013-7-2 77464]
R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2013-7-2 137928]
R3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2013-7-2 589000]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2012-11-8 70592]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2014-3-21 368112]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2014-3-21 786416]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-5-5 25816]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2012-11-8 311856]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2012-11-8 522360]
R3 mfencbdc;McAfee Inc. mfencbdc;C:\Windows\System32\drivers\mfencbdc.sys [2014-3-18 441264]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2014-3-21 263896]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2014-3-22 849992]
S2 0311681401027050mcinstcleanup;McAfee Application Installer Cleanup (0311681401027050);C:\Windows\TEMP\031168~1.EXE -cleanup -nolog --> C:\Windows\TEMP\031168~1.EXE -cleanup -nolog [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-5-5 1809720]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-5-5 857912]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\System32\drivers\HipShieldK.sys [2014-5-2 197704]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-5-5 111616]
S3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2014-3-22 452088]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-5-11 822232]
S3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-5-5 63192]
S3 McAWFwk;McAfee Activation Service;C:\PROGRA~1\COMMON~1\mcafee\actwiz\mcawfwk.exe [2014-3-21 334760]
S3 mfencrk;McAfee Inc. mfencrk;C:\Windows\System32\drivers\mfencrk.sys [2014-3-18 96592]
S3 netvsc;netvsc;C:\Windows\System32\drivers\netvsc60.sys [2010-11-21 168448]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 SynthVid;SynthVid;C:\Windows\System32\drivers\VMBusVideoM.sys [2010-11-21 22528]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-5-4 1255736]
.
=============== File Associations ===============
.
FileExt: .vbe: VBEFile=C:\Windows\SysWow64\WScript.exe "%1" %*
FileExt: .vbs: VBSFile=C:\Windows\SysWow64\WScript.exe "%1" %*
.
=============== Created Last 30 ================
.
2014-05-25 13:09:53 736952 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll
2014-05-25 12:59:19 2876528 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2014-05-25 12:59:06 42168 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2014-05-25 12:59:03 539984 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2014-05-25 08:27:17 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3456136A-31BD-44AD-AC9F-CC6C03C478DA}\offreg.dll
2014-05-23 13:20:18 10702536 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2014-05-23 13:20:10 10702536 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3456136A-31BD-44AD-AC9F-CC6C03C478DA}\mpengine.dll
2014-05-23 12:25:39 -------- d-----w- C:\New folder
2014-05-23 11:52:39 33334 ----a-w- C:\ProgramData\1400845954.bdinstall.bin
2014-05-23 11:52:03 189 ----a-w- C:\ProgramData\1400845920.2208.bin
2014-05-23 11:52:02 2061 ----a-w- C:\ProgramData\1400845920.2284.bin
2014-05-23 11:52:00 39641 ----a-w- C:\ProgramData\1400845920.2200.bin
2014-05-23 11:43:56 965 ----a-w- C:\ProgramData\1400845426.13472.bin
2014-05-23 11:43:55 2062 ----a-w- C:\ProgramData\1400845426.13672.bin
2014-05-23 11:43:46 43785 ----a-w- C:\ProgramData\1400845426.14224.bin
2014-05-23 11:42:32 44557 ----a-w- C:\ProgramData\1400845313.bdinstall.bin
2014-05-23 11:41:53 -------- d-----w- C:\Users\Barry Chapman\AppData\Roaming\QuickScan
2014-05-22 19:35:22 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-05-22 14:47:49 -------- d-----w- C:\Program Files (x86)\Spybot
2014-05-21 15:27:06 -------- d-----w- C:\Users\Barry Chapman\AppData\Roaming\TuneUp Software
2014-05-21 15:16:30 -------- d--h--w- C:\ProgramData\Common Files
2014-05-21 15:16:29 -------- d-----w- C:\Users\Barry Chapman\AppData\Local\MFAData
2014-05-21 15:16:29 -------- d-----w- C:\ProgramData\MFAData
2014-05-20 18:53:08 -------- d-----w- C:\Users\Barry Chapman\AppData\Local\Norman Malware Cleaner
2014-05-20 16:44:27 -------- d-----w- C:\ProgramData\HitmanPro
2014-05-19 20:42:54 -------- d-----w- C:\AdwCleaner
2014-05-19 14:55:46 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe
2014-05-19 14:20:13 -------- d-----w- C:\Adobe XI Pro
2014-05-19 12:08:57 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2014-05-16 14:51:07 -------- d-----w- C:\Users\Barry Chapman\AppData\Local\CrashDumps
2014-05-16 13:39:50 -------- d-----w- C:\Users\Barry Chapman\AppData\Roaming\SUPERAntiSpyware.com
2014-05-16 13:39:36 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2014-05-16 12:33:26 -------- d-----w- C:\Users\Barry Chapman\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2014-05-16 12:33:05 -------- d-----w- C:\Program Files (x86)\Adobe Download Assistant
2014-05-15 15:40:14 21040 ----a-w- C:\Windows\System32\sdnclean64.exe
2014-05-15 15:21:40 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2014-05-15 15:21:38 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-05-15 07:25:44 -------- d-----r- C:\Users\Barry Chapman\Virtual Machines
2014-05-15 07:06:08 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-05-15 07:06:08 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-05-14 20:16:31 -------- d-----w- C:\Users\Barry Chapman\AppData\Local\PDF24
2014-05-14 19:56:37 -------- d-----w- C:\Windows\Microsoft
2014-05-14 19:56:07 -------- d-----w- C:\Program Files (x86)\MSR
2014-05-14 19:56:04 -------- d-----w- C:\Users\Barry Chapman\AppData\Local\IdleCrawler
2014-05-14 19:54:59 -------- d-----w- C:\Users\Barry Chapman\AppData\Roaming\GetPrivate
2014-05-14 19:54:30 -------- d-----w- C:\Users\Barry Chapman\AppData\Roaming\wi_upd
2014-05-14 19:48:24 -------- d-----w- C:\Users\Barry Chapman\AppData\Roaming\BitTorrent
2014-05-14 14:25:54 -------- d-----w- C:\Windows\PCHEALTH
2014-05-14 14:22:10 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services
2014-05-14 12:30:28 -------- d-----w- C:\Users\Barry Chapman\AppData\Local\Secunia PSI
2014-05-14 12:30:08 -------- d-----w- C:\Program Files (x86)\Secunia
2014-05-13 16:16:21 -------- d-----w- C:\ProgramData\Backblaze
2014-05-13 16:16:21 -------- d-----w- C:\Program Files (x86)\Backblaze
2014-05-13 16:02:10 -------- d-----w- C:\Users\Barry Chapman\AppData\Local\VMware
2014-05-13 15:18:34 -------- d-----w- C:\Windows\pss
2014-05-13 00:43:13 -------- d-----w- C:\Users\Barry Chapman\.asdm
2014-05-13 00:43:03 -------- d-----w- C:\Program Files (x86)\Cisco Systems
2014-05-12 17:51:55 -------- d-----w- C:\Program Files\My Lockbox
2014-05-12 11:16:46 -------- d--h--w- C:\.bzvol
2014-05-09 11:41:14 63568 ----a-w- C:\Windows\System32\drivers\vmx86.sys
2014-05-09 11:40:35 354896 ----a-w- C:\Windows\SysWow64\vmnetdhcp.exe
2014-05-09 11:40:33 434256 ----a-w- C:\Windows\SysWow64\vmnat.exe
2014-05-09 11:40:32 30800 ----a-w- C:\Windows\System32\drivers\vmnetuserif.sys
2014-05-09 11:40:26 943184 ----a-w- C:\Windows\System32\vnetlib64.dll
2014-05-09 11:39:45 33360 ----a-w- C:\Windows\System32\drivers\VMkbd.sys
2014-05-09 11:39:43 39024 ----a-w- C:\Windows\System32\drivers\hcmon.sys
2014-05-09 11:39:13 -------- d-----w- C:\Program Files (x86)\VMware
2014-05-09 11:39:13 -------- d-----w- C:\Program Files (x86)\Common Files\VMware
2014-05-09 11:38:43 -------- d-----w- C:\Program Files\Common Files\VMware
2014-05-07 13:29:31 -------- d-----w- C:\ProgramData\Canon Electronics
2014-05-06 20:16:12 -------- d-----w- C:\Users\Barry Chapman\AppData\Local\ElevatedDiagnostics
2014-05-06 17:18:22 -------- d-----w- C:\Windows\System32\MRT
2014-05-06 17:12:58 152576 ----a-w- C:\Windows\System32\DR25SVC.dll
2014-05-06 17:12:46 491792 ----a-w- C:\Windows\SysWow64\qd1.dll
2014-05-06 14:09:29 -------- d-----w- C:\ProgramData\Oracle
2014-05-06 14:04:56 108968 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
2014-05-06 13:31:13 233744 ----a-w- C:\Windows\SysWow64\PIXMDLN.DLL
2014-05-06 13:09:30 98304 ----a-w- C:\Windows\SysWow64\Wiaext32.dll
2014-05-06 13:09:30 23152 ----a-w- C:\Windows\system\Pixperm.dll
2014-05-06 13:09:30 21008 ----a-w- C:\Windows\system\Ctl3d.dll
2014-05-06 13:09:30 200704 ----a-w- C:\Windows\SysWow64\twpix32.dll
2014-05-06 13:09:30 16064 ----a-w- C:\Windows\system\Pixloc.dll
2014-05-06 13:09:29 231552 ----a-w- C:\Windows\system\Pixdflt.dll
2014-05-06 13:06:37 -------- d-----w- C:\Users\Barry Chapman\AppData\Roaming\ISIS Drivers
2014-05-06 13:06:37 -------- d-----w- C:\ProgramData\ISIS Drivers
2014-05-06 12:51:55 -------- d-----w- C:\DR Scanner
2014-05-06 12:43:03 -------- d-----w- C:\DR2580C
2014-05-06 12:37:30 96768 ----a-w- C:\Windows\System32\DR25CPL.dll
2014-05-06 12:37:30 83456 ----a-w- C:\Windows\System32\CeiUSB64.dll
2014-05-06 11:52:59 -------- d-s---w- C:\Windows\System32\CompatTel
2014-05-06 11:29:31 -------- d-----w- C:\CapturePerfect Upgrade
2014-05-06 07:02:54 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
2014-05-05 20:53:00 -------- d-----w- C:\Windows\SysWow64\spool
2014-05-05 20:15:01 -------- d-----w- C:\Program Files\Microsoft Mouse and Keyboard Center
2014-05-05 19:50:08 -------- d-----w- C:\HP Universal Print Driver
2014-05-05 18:52:53 65536 ----a-w- C:\Windows\SysWow64\LTWNode.exe
2014-05-05 18:52:53 204800 ----a-w- C:\Windows\SysWow64\ltwpvsw.DLL
2014-05-05 18:44:05 -------- d-----w- C:\ProgramData\Pervasive Software
2014-05-05 18:44:05 -------- d-----w- C:\Program Files (x86)\Pervasive Software
2014-05-05 18:22:07 -------- d-----w- C:\LTAPPS
2014-05-05 18:18:46 -------- d-----w- C:\Wages
2014-05-05 18:07:17 169600 ----a-w- C:\Windows\SysWow64\WSpell.ocx
2014-05-05 16:22:16 -------- d-----w- C:\Users\Barry Chapman\AppData\Local\Help
2014-05-05 15:26:58 119512 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-05-05 15:26:05 88280 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-05-05 15:26:05 63192 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-05-05 15:26:04 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-05-05 15:26:04 -------- d-----w- C:\ProgramData\Malwarebytes
2014-05-05 15:26:04 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-05 14:49:21 1355776 ----a-w- C:\Windows\SysWow64\msvbvm50.dll
2014-05-05 14:49:20 -------- d-----w- C:\MWACCT
2014-05-05 14:49:04 -------- d-----w- C:\Users\Barry Chapman\AppData\Local\Programs
2014-05-05 14:40:33 -------- d-----w- C:\Users\Barry Chapman\AppData\Local\QuickenWindow
2014-05-05 14:36:26 -------- d-----w- C:\Users\Barry Chapman\AppData\Local\IsolatedStorage
2014-05-05 14:24:51 -------- d-----w- C:\Program Files (x86)\Common Files\AnswerWorks 5.0
2014-05-05 14:24:39 4169728 ----a-w- C:\Windows\SysWow64\cdintf400.dll
2014-05-05 14:24:09 -------- d-----w- C:\Program Files (x86)\Common Files\Intuit
2014-05-05 14:24:08 -------- d-----w- C:\Users\Barry Chapman\AppData\Roaming\Intuit
2014-05-05 14:24:08 -------- d-----w- C:\Program Files (x86)\Quicken
2014-05-05 14:23:30 -------- d-----w- C:\ProgramData\Intuit
2014-05-05 14:13:09 -------- d-----w- C:\Quicken 2014
2014-05-05 13:54:36 99840 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\HPZPPLHN.DLL
2014-05-05 13:43:40 -------- d-----w- C:\Program Files (x86)\Common Files\SWF Studio
2014-05-05 12:58:28 -------- d-sh--w- C:\Users\Barry Chapman\AppData\Local\EmieUserList
2014-05-05 12:58:28 -------- d-sh--w- C:\Users\Barry Chapman\AppData\Local\EmieSiteList
2014-05-04 07:37:17 -------- d-----w- C:\Windows\SysWow64\Wat
2014-05-04 07:37:17 -------- d-----w- C:\Windows\System32\Wat
2014-05-04 07:17:29 -------- d-----w- C:\Windows\Migration
2014-05-04 07:06:19 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2014-05-04 07:06:19 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2014-05-04 07:06:18 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2014-05-04 07:06:18 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2014-05-04 07:06:18 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2014-05-04 07:06:18 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2014-05-04 07:06:18 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2014-05-03 20:55:45 3156480 ----a-w- C:\Windows\System32\win32k.sys
2014-05-03 20:53:46 376768 ----a-w- C:\Windows\System32\drivers\netio.sys
2014-05-03 20:46:07 -------- d-----w- C:\Windows\System32\appmgmt
2014-05-03 20:40:07 -------- d-----w- C:\Office 2000
2014-05-03 20:34:04 -------- d-----w- C:\Users\Barry Chapman\AppData\Local\Microsoft Help
2014-05-03 20:23:38 -------- d-----w- C:\Users\Barry Chapman\AppData\Local\Macromedia
2014-05-03 19:48:38 886784 ----a-w- C:\Windows\System32\wab32.dll
2014-05-03 19:48:38 1098752 ----a-w- C:\Windows\System32\wab32res.dll
2014-05-03 19:40:56 -------- d-----w- C:\Windows\Msagent
2014-05-03 19:33:02 9216 ----a-w- C:\Windows\SysWow64\ftlx0411.dll
2014-05-03 19:33:02 9216 ----a-w- C:\Windows\System32\ftlx0411.dll
2014-05-03 19:33:02 296960 ----a-w- C:\Windows\winhlp32.exe
2014-05-03 19:33:02 195072 ----a-w- C:\Windows\SysWow64\ftsrch.dll
2014-05-03 19:33:02 195072 ----a-w- C:\Windows\System32\ftsrch.dll
2014-05-03 19:33:02 10240 ----a-w- C:\Windows\SysWow64\ftlx041e.dll
2014-05-03 19:33:02 10240 ----a-w- C:\Windows\System32\ftlx041e.dll
2014-05-03 18:40:10 -------- d-----w- C:\Users\Barry Chapman\AppData\Local\Adobe
2014-05-03 18:29:44 -------- d-----w- C:\Program Files (x86)\wp51
2014-05-03 18:14:42 -------- d-----w- C:\Program Files (x86)\Kyocera
2014-05-03 18:14:25 77824 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2014-05-03 18:14:25 32768 ------w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2014-05-03 18:14:25 225280 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\IScript\iscript.dll
2014-05-03 18:14:25 176128 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2014-05-03 17:53:55 -------- d-----w- C:\Users\Barry Chapman\AppData\Roaming\Canon Electronics
2014-05-03 17:31:52 21008 ----a-w- C:\Windows\SysWow64\CTL3D.DLL
2014-05-03 17:31:31 733184 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iKernel.dll
2014-05-03 17:31:31 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\ctor.dll
2014-05-03 17:31:31 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\DotNetInstaller.exe
2014-05-03 17:31:31 266240 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iscript.dll
2014-05-03 17:31:31 180356 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iGdi.dll
2014-05-03 17:31:31 172032 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iuser.dll
2014-05-03 17:31:30 303236 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\setup.dll
2014-05-03 17:31:15 67888 ----a-w- C:\Windows\SysWow64\SuStiUtl.dll
2014-05-03 17:16:43 -------- d-----w- C:\Program Files (x86)\Common Files\Borland Shared
2014-05-03 17:14:53 -------- d-----w- C:\Program Files (x86)\WordPerfect Office 12
2014-05-03 17:14:53 -------- d-----w- C:\Program Files (x86)\Common Files\Corel
2014-05-03 16:01:21 -------- d-----w- C:\Users\Barry Chapman\AppData\Roaming\PCDr
2014-05-03 00:32:20 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2014-05-03 00:32:12 99840 ----a-w- C:\Windows\System32\wudriver.dll
2014-05-03 00:32:05 36864 ----a-w- C:\Windows\System32\wuapp.exe
2014-05-03 00:32:05 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2014-05-03 00:30:25 736952 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
2014-05-03 00:29:56 2876528 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2014-05-03 00:29:42 42168 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2014-05-03 00:29:39 539984 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2014-05-02 23:50:51 197704 ----a-w- C:\Windows\System32\drivers\HipShieldK.sys
2014-05-02 20:12:46 -------- d-----w- C:\Users\Barry Chapman\AppData\Local\Google
2014-05-02 20:10:13 -------- d-----w- C:\Users\Barry Chapman\AppData\Local\Diagnostics
2014-05-02 19:58:33 -------- d-----w- C:\Users\Barry Chapman\AppData\Local\Apps
2014-05-02 19:58:32 -------- d-----w- C:\Users\Barry Chapman\AppData\Local\Deployment
2014-05-02 19:45:07 -------- d-----w- C:\Users\Barry Chapman\AppData\Roaming\Opera Software
2014-05-02 19:45:07 -------- d-----w- C:\Users\Barry Chapman\AppData\Local\Opera Software
2014-05-02 19:26:33 -------- d-----w- C:\Users\Barry Chapman\AppData\Roaming\Intel Corporation
2014-05-02 19:25:54 -------- d-----w- C:\Users\Barry Chapman\AppData\Roaming\Dell
2014-05-02 19:25:50 -------- d-----w- C:\Users\Barry Chapman\AppData\Local\BMExplorer
2014-05-02 19:25:38 -------- d-----w- C:\ProgramData\Atheros
2014-05-02 19:25:31 -------- d-----w- C:\Users\Barry Chapman\AppData\Roaming\Atheros
2014-05-02 19:25:07 -------- d-----w- C:\Users\Barry Chapman\AppData\Local\VirtualStore
2014-05-02 19:23:34 -------- d-----w- C:\Users\Barry Chapman\AppData\Local\softthinks
2014-05-02 19:23:34 -------- d-----w- C:\ProgramData\softthinks
.
==================== Find3M ====================
.
2014-05-14 12:36:30 70832 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-14 12:36:30 692400 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-05-09 06:14:03 477184 ----a-w- C:\Windows\System32\aepdu.dll
2014-05-09 06:11:23 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-04-15 06:34:10 1070232 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX
2014-04-12 02:22:05 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2014-04-12 02:22:05 155072 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-04-12 02:19:38 29184 ----a-w- C:\Windows\System32\sspisrv.dll
2014-04-12 02:19:38 136192 ----a-w- C:\Windows\System32\sspicli.dll
2014-04-12 02:19:37 28160 ----a-w- C:\Windows\System32\secur32.dll
2014-04-12 02:19:32 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-04-12 02:19:05 31232 ----a-w- C:\Windows\System32\lsass.exe
2014-04-12 02:12:06 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-04-12 02:10:56 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-04-03 21:23:54 70592 ----a-w- C:\Windows\System32\drivers\cfwids.sys
2014-04-03 21:16:04 346760 ----a-w- C:\Windows\System32\drivers\mfewfpk.sys
2014-04-03 21:15:34 189912 ----a-w- C:\Windows\System32\mfevtps.exe
2014-04-03 21:10:34 784760 ----a-w- C:\Windows\System32\drivers\mfehidk.sys
2014-04-03 21:08:04 522360 ----a-w- C:\Windows\System32\drivers\mfefirek.sys
2014-04-03 21:06:04 311856 ----a-w- C:\Windows\System32\drivers\mfeavfk.sys
2014-04-03 21:03:32 177544 ----a-w- C:\Windows\System32\drivers\mfeapfk.sys
2014-03-31 13:35:08 270496 ------w- C:\Windows\System32\MpSigStub.exe
2014-03-22 08:05:50 194048 ----a-w- C:\Windows\SysWow64\elshyph.dll
2014-03-22 08:04:58 1887232 ----a-w- C:\Windows\System32\d3d11.dll
2014-03-19 19:23:14 50896 ----a-w- C:\Windows\System32\drivers\point64.sys
2014-03-18 11:09:16 11336 ----a-w- C:\Windows\System32\drivers\mfeclnrk.sys
2014-03-18 11:08:50 96592 ----a-w- C:\Windows\System32\drivers\mfencrk.sys
2014-03-18 11:08:26 441264 ----a-w- C:\Windows\System32\drivers\mfencbdc.sys
2014-03-06 09:31:33 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-03-06 08:59:04 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-03-06 08:57:34 548352 ----a-w- C:\Windows\System32\vbscript.dll
2014-03-06 08:57:20 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-03-06 08:29:40 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-03-06 08:29:14 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-03-06 08:28:15 752640 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-03-06 08:15:54 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-03-06 08:11:41 5784064 ----a-w- C:\Windows\System32\jscript9.dll
2014-03-06 08:02:34 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-03-06 08:02:33 455168 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-03-06 08:01:01 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-03-06 07:56:43 38400 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-03-06 07:46:36 4254720 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-03-06 07:38:13 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-03-06 07:36:40 592896 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-03-06 07:13:43 32256 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-03-06 07:11:15 2043904 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-03-06 06:40:39 1967104 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-03-06 06:22:40 2260480 ----a-w- C:\Windows\System32\wininet.dll
2014-03-06 05:41:49 1789440 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-03-04 09:47:01 5550016 ----a-w- C:\Windows\System32\ntoskrnl.exe
2014-03-04 09:44:21 362496 ----a-w- C:\Windows\System32\wow64win.dll
2014-03-04 09:44:21 243712 ----a-w- C:\Windows\System32\wow64.dll
2014-03-04 09:44:21 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2014-03-04 09:44:20 39936 ----a-w- C:\Windows\System32\wincredprovider.dll
2014-03-04 09:44:10 210944 ----a-w- C:\Windows\System32\wdigest.dll
2014-03-04 09:44:08 86528 ----a-w- C:\Windows\System32\TSpkg.dll
2014-03-04 09:44:06 340992 ----a-w- C:\Windows\System32\schannel.dll
2014-03-04 09:44:03 722944 ----a-w- C:\Windows\System32\objsel.dll
2014-03-04 09:44:03 314880 ----a-w- C:\Windows\System32\msv1_0.dll
2014-03-04 09:44:03 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2014-03-04 09:44:00 728064 ----a-w- C:\Windows\System32\kerberos.dll
2014-03-04 09:44:00 424960 ----a-w- C:\Windows\System32\KernelBase.dll
2014-03-04 09:43:56 57344 ----a-w- C:\Windows\System32\cngprovider.dll
2014-03-04 09:43:56 52736 ----a-w- C:\Windows\System32\dpapiprovider.dll
2014-03-04 09:43:56 44544 ----a-w- C:\Windows\System32\dimsroam.dll
2014-03-04 09:43:56 22016 ----a-w- C:\Windows\System32\credssp.dll
2014-03-04 09:43:55 56832 ----a-w- C:\Windows\System32\adprovider.dll
2014-03-04 09:43:55 53760 ----a-w- C:\Windows\System32\capiprovider.dll
2014-03-04 09:43:50 455168 ----a-w- C:\Windows\System32\winlogon.exe
2014-03-04 09:20:11 3969984 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2014-03-04 09:20:11 3914176 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2014-03-04 09:16:54 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2014-03-04 09:16:18 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2014-03-04 09:16:18 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2014-03-04 08:09:30 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2014-03-04 08:09:29 2048 ----a-w- C:\Windows\SysWow64\user.exe
.
============= FINISH: 10:46:11.46 ===============
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2014-05-25 10:43:56
-----------------------------
10:43:56.230 OS Version: Windows x64 6.1.7601 Service Pack 1
10:43:56.230 Number of processors: 4 586 0x3C03
10:43:56.232 ComputerName: BARRYSNEW UserName:
10:44:02.497 Initialize success
11:23:17.612 AVAST engine defs: 14052500
11:26:21.779 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000007d
11:26:21.784 Disk 0 Vendor: TOSHIBA_ MS1O Size: 476940MB BusType: 11
11:26:21.893 Disk 0 MBR read successfully
11:26:21.894 Disk 0 MBR scan
11:26:21.913 Disk 0 Windows VISTA default MBR code
11:26:21.915 Disk 0 Partition 1 00 DE Dell Utility DELL 4.1 39 MB offset 63
11:26:21.945 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 25258 MB offset 81920
11:26:21.979 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 451641 MB offset 51810304
11:26:22.025 Disk 0 scanning C:\Windows\system32\drivers
11:26:33.648 Service scanning
11:27:00.723 Modules scanning
11:27:00.726 Disk 0 trace - called modules:
11:27:00.739 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStorF.sys storport.sys hal.dll iaStorA.sys
11:27:01.064 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800cb4d060]
11:27:01.066 3 CLASSPNP.SYS[fffff88001d7843f] -> nt!IofCallDriver -> [0xfffffa800a776af0]
11:27:01.068 5 iaStorF.sys[fffff88001d14ab0] -> nt!IofCallDriver -> \Device\0000007d[0xfffffa800a1d7960]
11:27:01.620 AVAST engine scan C:\Windows
11:27:03.626 AVAST engine scan C:\Windows\system32
11:31:00.443 AVAST engine scan C:\Windows\system32\drivers
11:31:14.789 AVAST engine scan C:\Users\Barry Chapman
11:32:27.850 File: C:\Users\Barry Chapman\AppData\Local\IdleCrawler\IdleProfile.exe **INFECTED** Win32:Malware-gen
11:35:07.598 AVAST engine scan C:\ProgramData
11:36:48.837 Scan finished successfully
11:38:01.469 Disk 0 MBR has been saved successfully to "C:\Users\Barry Chapman\Desktop\MBR.dat"
11:38:01.477 The log file has been saved successfully to "C:\Users\Barry Chapman\Desktop\aswMBR.txt"
Looking over your logs now, be right back. Any further logs we ask for please just copy and paste them in in lew of attaching them, its easier for us to analyze them.
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 5/2/2014 3:17:37 PM
System Uptime: 5/25/2014 7:52:23 AM (3 hours ago)
.
Motherboard: Dell Inc. | | 02YRK5
Processor: Intel(R) Core(TM) i3-4130 CPU @ 3.40GHz | CPU 1 | 3400/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 441 GiB total, 373.667 GiB free.
D: is CDROM ()
Y: is FIXED (NTFS) - 25 GiB total, 14.205 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP49: 5/21/2014 11:25:30 AM - Installed AVG 2014
RP50: 5/21/2014 11:25:58 AM - Installed AVG 2014
RP51: 5/22/2014 3:00:19 AM - Windows Update
RP52: 5/22/2014 3:03:06 PM - Removed AVG 2014
RP53: 5/22/2014 3:06:22 PM - Removed AVG 2014
RP54: 5/22/2014 4:16:37 PM - Windows Update
RP55: 5/23/2014 8:00:45 AM - Removed eBay
.
==== Installed Programs ======================
.
Accidental Damage Services Agreement
Adobe Acrobat 7.0 Standard - English, Français, Deutsch
Adobe Acrobat 7.1.2 Standard - English, Français, Deutsch
Adobe Acrobat 7.1.4 - CPSID_50030
Adobe Acrobat 7.1.4 Standard - English, Français, Deutsch
Adobe Flash Player 13 ActiveX
Adobe Flash Player 13 Plugin
Adobe Reader XI (11.0.06) MUI
Backblaze
Banctec Service Agreement
Canon DR-2580C Driver
CapturePerfect 3.0 Help & Manual
CapturePerfect 3.1
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Complete Care Business Service Agreement
Consumer In-Home Service Agreement
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell Backup and Recovery
Dell Backup and Recovery - Support Software
Dell Digital Delivery
Dell Edoc Viewer
Dell Home Systems Service Agreement
Dell WLAN and Bluetooth Client Installation
DR-2580C Job Tool
DSC/AA Factory Installer
ERUNT 1.1j
Google Chrome
Google Update Helper
Google+ Auto Backup
Intel(R) Management Engine Components
Intel(R) Processor Graphics
Intel(R) Rapid Storage Technology
Intel® Trusted Connect Service Client
iSEEK AnswerWorks English Runtime
Java 7 Update 55
Java 7 Update 55 (64-bit)
Kyocera Address Book for Network FAX
Malwarebytes Anti-Malware version 2.0.1.1004
McAfee LiveSafe – Internet Security
Medlin Accounting
Medlin Payroll
Microsoft .NET Framework 4.5.1
Microsoft Mouse and Keyboard Center
Microsoft Office Excel MUI (English) 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Standard 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Mozilla Firefox 29.0 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
My Dell
Pervasive PSQL v10 SP3 Workgroup (32-bit)
Picasa 3
Premium Service Agreement
Qualcomm Atheros Bluetooth Suite (64)
QualxServ Service Agreement
Quicken 2014
Realtek Card Reader
Realtek High Definition Audio Driver
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2810073) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2878284) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2863926) 32-Bit Edition
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
Shared C Run-time for x64
Spybot - Search & Destroy
System Update kb70007
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition
Visual Studio 2012 x64 Redistributables
Visual Studio 2012 x86 Redistributables
VmciSockets
VMware Player
WinRAR 5.00 (32-bit)
WordPerfect Office 12
.
==== Event Viewer Messages From Past Week ========
.
5/25/2014 7:53:50 AM, Error: Service Control Manager [7034] - The MBAMService service terminated unexpectedly. It has done this 1 time(s).
5/25/2014 7:53:10 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the MBAMScheduler service to connect.
5/25/2014 7:53:10 AM, Error: Service Control Manager [7000] - The MBAMScheduler service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
5/25/2014 4:26:20 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
5/24/2014 12:14:31 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}
5/24/2014 12:14:31 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {C90134D2-4AE9-407A-919A-4A2EF09C6C51}
5/24/2014 12:13:14 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
5/24/2014 12:13:13 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
5/24/2014 12:13:13 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
5/24/2014 12:13:13 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
5/24/2014 12:13:13 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
5/24/2014 12:13:12 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
5/24/2014 12:13:06 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
5/24/2014 12:13:02 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service TermService with arguments "" in order to run the server: {F9A874B6-F8A8-4D73-B5A8-AB610816828B}
5/24/2014 12:13:01 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD CSC DfsC discache mfehidk NetBIOS NetBT nsiproxy Psched rdbss SDHookDriver spldr tdx vpcnfltr vpcvmm vwififlt Wanarpv6 WfpLwf ws2ifsl
5/24/2014 12:12:59 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
5/24/2014 12:12:59 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
5/24/2014 12:12:59 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
5/24/2014 12:12:59 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
5/24/2014 12:12:59 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
5/24/2014 12:12:59 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
5/24/2014 12:12:59 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
5/24/2014 12:12:59 PM, Error: Service Control Manager [7001] - The McAfee Validation Trust Protection Service service depends on the McAfee Inc. mfehidk service which failed to start because of the following error: A device attached to the system is not functioning.
5/24/2014 12:12:59 PM, Error: Service Control Manager [7001] - The McAfee Proxy Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error: The dependency service or group failed to start.
5/24/2014 12:12:59 PM, Error: Service Control Manager [7001] - The McAfee Personal Firewall Service service depends on the Windows Firewall service which failed to start because of the following error: The dependency service or group failed to start.
5/24/2014 12:12:59 PM, Error: Service Control Manager [7001] - The McAfee Firewall Core Service service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error: The dependency service or group failed to start.
5/24/2014 12:12:59 PM, Error: Service Control Manager [7001] - The McAfee AP Service service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error: The dependency service or group failed to start.
5/24/2014 12:12:59 PM, Error: Service Control Manager [7001] - The McAfee Anti-Malware Core service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error: The dependency service or group failed to start.
5/24/2014 12:12:59 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
5/24/2014 12:12:59 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
5/24/2014 12:12:59 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
5/23/2014 7:52:37 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
5/23/2014 7:49:15 AM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\system32\athihvs.dll Error Code: 21
5/23/2014 7:49:02 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache SDHookDriver spldr vpcvmm Wanarpv6
5/23/2014 7:48:56 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000034 (0x0000000000050853, 0xfffff8800359a5d8, 0xfffff88003599e30, 0xfffff800037aa123). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 052314-21138-01.
5/22/2014 9:59:07 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Updating Service service to connect.
5/22/2014 9:59:07 AM, Error: Service Control Manager [7000] - The Spybot-S&D 2 Updating Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
5/22/2014 9:48:38 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Avgdiska AVGIDSDriver Avgldx64 discache SDHookDriver spldr vpcvmm Wanarpv6
5/22/2014 9:48:34 AM, Error: Service Control Manager [7001] - The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error: A device attached to the system is not functioning.
5/22/2014 3:40:57 AM, Error: Service Control Manager [7022] - The McAfee Home Network service hung on starting.
5/22/2014 3:37:17 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Secunia Update Agent service to connect.
5/22/2014 3:37:17 AM, Error: Service Control Manager [7000] - The Secunia Update Agent service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
5/22/2014 3:06:36 PM, Error: Service Control Manager [7034] - The Andrea RT Filters Service service terminated unexpectedly. It has done this 1 time(s).
5/22/2014 10:01:00 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
5/22/2014 10:01:00 AM, Error: Service Control Manager [7000] - The Spybot-S&D 2 Scanner Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
5/22/2014 1:43:40 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR2.
5/21/2014 3:04:41 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070652: Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition.
5/21/2014 3:02:35 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070652: Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition.
5/21/2014 3:01:36 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070652: Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition.
5/21/2014 3:01:36 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070652: Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition.
5/20/2014 6:50:40 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the McAfee Platform Services service to connect.
5/20/2014 6:50:40 PM, Error: Service Control Manager [7000] - The McAfee Platform Services service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
5/20/2014 6:49:36 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the mfecore service.
5/20/2014 6:48:45 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the McAfee Anti-Spam Service service to connect.
5/20/2014 6:48:45 PM, Error: Service Control Manager [7000] - The McAfee Anti-Spam Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
5/20/2014 6:48:44 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the McAfee Proxy Service service to connect.
5/20/2014 6:48:44 PM, Error: Service Control Manager [7000] - The McAfee Proxy Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
5/20/2014 6:48:42 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the McAfee Personal Firewall Service service to connect.
5/20/2014 6:48:42 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the McAfee Home Network service to connect.
5/20/2014 6:48:42 PM, Error: Service Control Manager [7000] - The McAfee Personal Firewall Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
5/20/2014 6:48:42 PM, Error: Service Control Manager [7000] - The McAfee Home Network service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
5/20/2014 6:43:26 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service mcpltsvc with arguments "" in order to run the server: {20966775-18A4-4299-B8E3-772C336B52A7}
5/20/2014 6:42:31 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service mcpltsvc with arguments "" in order to run the server: {26608B46-476A-4BF1-9CC6-AFEA28EBBC17}
5/20/2014 6:25:29 PM, Error: Service Control Manager [7024] - The Windows Firewall service terminated with service-specific error Access is denied..
5/20/2014 6:01:48 PM, Error: Microsoft-Windows-DNS-Client [1012] - There was an error while attempting to read the local hosts file.
5/20/2014 2:01:57 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SDHookDriver
.
==== End Of File ===========================
-AdwCleaner-by Xplode
Click on this link to download : ADWCleaner (http://www.bleepingcomputer.com/download/adwcleaner/)
Click on ONE of the Two Blue Download Now buttons That have a blue arrow beside them and save it to your desktop.
Do not click on any links in the top Advertisment.
Double click on AdwCleaner.exe to run the tool.
Vista/Windows 7/8 users right-click and select Run As Administrator (http://windows.microsoft.com/en-US/windows7/How-do-I-run-an-application-once-with-a-full-administrator-access-token).
Click on the Scan button.
AdwCleaner will begin...be patient as the scan may take some time to complete.
After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
Copy and paste the contents of that logfile in your next reply.
A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
brchapman
2014-05-26, 17:32
Here's the ADW log:
# AdwCleaner v3.211 - Report created 26/05/2014 at 10:24:53
# Updated 26/05/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Barry Chapman - BARRYSNEW
# Running from : C:\Users\Barry Chapman\Downloads\AdwCleaner.exe
# Option : Clean
***** [ Services ] *****
The virus is still there because it is still changing the proxy settings in the background...
***** [ Files / Folders ] *****
[!] Folder Deleted : C:\Program Files (x86)\MSR
Folder Deleted : C:\Users\Barry Chapman\AppData\Roaming\GetPrivate
File Deleted : C:\Windows\System32\Tasks\GPUpdate
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKCU\Software\AppDataLow\Software
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17041
-\\ Mozilla Firefox v29.0 (en-US)
[ File : C:\Users\Barry Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\76t9nm76.default\prefs.js ]
-\\ Google Chrome v35.0.1916.114
[ File : C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
*************************
AdwCleaner[R0].txt - [1137 octets] - [26/05/2014 10:19:25]
AdwCleaner[R1].txt - [1198 octets] - [26/05/2014 10:20:43]
AdwCleaner[S0].txt - [1281 octets] - [26/05/2014 10:24:53]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1341 octets] ##########
brchapman
2014-05-26, 17:33
The virus is still there because it keeps changing the proxy settings in the background...
Where not done yet !!! I am glad that nothing was removed with AdwCleaner that you needed because in my instructions I just wanted to see a report first. Most times cleaning up malware takes more than just a click of the mouse, it usually takes running more than one program
Run Malwarebytes first and you can quarantine anything it finds
http://i.imgur.com/GUZVCQN.jpg Please download Malwarebytes Anti-Malware (http://www.malwarebytes.org/mbam-download.php) to your desktop.
Right-click and Run as Administrator mbam-setup.exe and follow the prompts to install the program.
Once installed, Malwarebytes will ask if you want to Launch Now. Please select to do so and then Malwarebytes will open and update on its own. Please allow this to complete.
If an update is found, it will download and install the latest version.
Let's be sure to run a Hyper Scan. Press the Scan tab and then select Hyper Scan.
Press Scan Now then Skip Update (since we just updated it)
http://www.bleepstatic.com/fhost/uploads/2/mbam2.0.1.jpg
When the scan is complete, click View Detailed Log, then Export to save the log to your Desktop (name the log MBAM Scan).
Copy and Paste all of the information in that file to your next reply.
Then
OTL by OldTimer
Download OTL (http://oldtimer.geekstogo.com/OTL.exe) to your desktop.
Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
When the window appears, underneath Output at the top change it to Minimal Output.
Click the "Scan All Users" checkbox.
Check the boxes beside LOP Check and Purity Check.
Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
Note:These logs can be located in the OTL. folder on you C:\ drive if they fail to open automatically.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.
brchapman
2014-05-27, 16:43
I tried to downloand and install Malwarebytes, but I get errors when it tries to install: Internal Error: Expresson Error 'Runtime Error (at 79:177); External exception E06D7363.' I also tried to install Malwarebytes Chameleon, but it wouldn't load either.
OK, bypass Malwarebytes for now and download and run OTL and post the logs please
brchapman
2014-05-27, 17:16
File to large, uploading in three parts:
OTL logfile created on: 5/27/2014 9:56:00 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Barry Chapman\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17041)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
11.92 Gb Total Physical Memory | 9.16 Gb Available Physical Memory | 76.88% Memory free
23.84 Gb Paging File | 20.92 Gb Available in Paging File | 87.75% Paging File free
Paging file location(s): ?:\pagefile.sys
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 441.06 Gb Total Space | 373.55 Gb Free Space | 84.69% Space Free | Partition Type: NTFS
Drive E: | 465.76 Gb Total Space | 445.11 Gb Free Space | 95.57% Space Free | Partition Type: NTFS
Drive Y: | 24.67 Gb Total Space | 14.20 Gb Free Space | 57.59% Space Free | Partition Type: NTFS
Computer Name: BARRYSNEW | User Name: Barry Chapman | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Barry Chapman\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Backblaze\bzbui.exe ()
PRC - C:\Program Files (x86)\Backblaze\bzserv.exe ()
PRC - C:\Windows\Microsoft\SystemUpdatekb70007\WindowsUpdater.exe ()
PRC - C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe (SoftThinks - Dell)
PRC - C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe (SoftThinks - Dell)
PRC - C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe (SoftThinks SAS)
PRC - c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe (Dell Products, LP.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe (Atheros)
PRC - C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.)
PRC - C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.)
PRC - C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (VMware, Inc.)
PRC - C:\Program Files (x86)\Pervasive Software\PSQL\bin\w3dbsmgr.exe (Pervasive Software Inc.)
========== Modules (No Company Name) ==========
MOD - C:\Program Files (x86)\Backblaze\bzbui.exe ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\1e5e19d119e04b93da3d45153abd60fd\System.IdentityModel.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Net.Http\d7a1bbd56dc15a29c2450b177f9468d7\System.Net.Http.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\24bf0c88c0465485f4b842df043b3f45\System.ServiceModel.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servf73e6522#\0bedc417d3c5dcb1c9a5f15dd733c556\System.ServiceModel.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\b6c7a1ca929c1b10f36b683c9f1a0517\System.Xml.Linq.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\a4b45c44490c75bc2fb22780e7ef087d\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\3fe705796c6a41d4889d9001d1c56af8\System.Xaml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\0893e0e7137e3b2da905da6216b75344\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f4f6ee0df2aa4189bf36e6335cb92761\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\a74542efbeb46445949a39026c501132\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\5cd2aee5e7c07227c694d89219688ab3\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\34b53ecafa1d7ccc7ca961d722b5d983\System.ServiceModel.Internals.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\78652b7fa68ee058bff6a118c657f565\SMDiagnostics.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\bada32953bb6b16a53d653eae23d78dc\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\dce99d8de14d8a015313db98c72552ee\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\acf97bfe2a931d4a47253b26b7218991\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\75f8bc4cf08030c4a53b6d5e0ae20046\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\bbc48ec4245e502ae19b0601d3799c9e\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\ff26cc03e6d57d8abd13b990332e67c6\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl ()
MOD - C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll ()
MOD - C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll ()
MOD - C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll ()
========== Services (SafeList) ==========
SRV:[b]64bit: - (McAPExe) -- C:\Program Files\mcafee\msc\McAPExe.exe (McAfee, Inc.)
SRV:64bit: - (mfevtp) -- C:\Windows\SysNative\mfevtps.exe (McAfee, Inc.)
SRV:64bit: - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe ()
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (mfecore) -- C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe (McAfee, Inc.)
SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (McODS) -- C:\Program Files\mcafee\virusscan\mcods.exe (McAfee, Inc.)
SRV:64bit: - (MSK80Service) -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McProxy) -- C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (mcpltsvc) -- C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McOobeSv2) -- C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNaiAnn) -- C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McMPFSvc) -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (HomeNetSvc) -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (IAStorDataMgrSvc) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV:64bit: - (RtkAudioService) -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor)
SRV:64bit: - (Intel(R) -- c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe (Intel(R) Corporation)
SRV:64bit: - (Intel(R) -- c:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
SRV:64bit: - (McAWFwk) -- c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe (McAfee, Inc.)
SRV:64bit: - (AERTFilters) -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Andrea Electronics Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (bzserv) -- C:\Program Files (x86)\Backblaze\bzserv.exe ()
SRV - (SystemUpdatekb70007) -- C:\Windows\Microsoft\SystemUpdatekb70007\WindowsUpdater.exe ()
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (SftService) -- C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe (SoftThinks SAS)
SRV - (DellDigitalDelivery) -- c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe (Dell Products, LP.)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (AtherosSvc) -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe (Windows (R) Win 7 DDK provider)
SRV - (ZAtheros Wlan Agent) -- C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe (Atheros)
SRV - (VMnetDHCP) -- C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.)
SRV - (VMware NAT Service) -- C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.)
SRV - (VMAuthdService) -- C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (VMware, Inc.)
SRV - (VMUSBArbService) -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe (VMware, Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (cfwids) -- C:\Windows\SysNative\drivers\cfwids.sys (McAfee, Inc.)
DRV:64bit: - (mfewfpk) -- C:\Windows\SysNative\drivers\mfewfpk.sys (McAfee, Inc.)
DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)
DRV:64bit: - (mfefirek) -- C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.)
DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\drivers\mfeavfk.sys (McAfee, Inc.)
DRV:64bit: - (mfeapfk) -- C:\Windows\SysNative\drivers\mfeapfk.sys (McAfee, Inc.)
DRV:64bit: - (vpcvmm) -- C:\Windows\SysNative\drivers\vpcvmm.sys (Microsoft Corporation)
DRV:64bit: - (vpcnfltr) -- C:\Windows\SysNative\drivers\vpcnfltr.sys (Microsoft Corporation)
DRV:64bit: - (vpcbus) -- C:\Windows\SysNative\drivers\vpchbus.sys (Microsoft Corporation)
DRV:64bit: - (vpcusb) -- C:\Windows\SysNative\drivers\vpcusb.sys (Microsoft Corporation)
DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation)
DRV:64bit: - (mfencrk) -- C:\Windows\SysNative\drivers\mfencrk.sys (McAfee, Inc.)
DRV:64bit: - (mfencbdc) -- C:\Windows\SysNative\drivers\mfencbdc.sys (McAfee, Inc.)
DRV:64bit: - (dc3d) -- C:\Windows\SysNative\drivers\dc3d.sys (Microsoft Corporation)
DRV:64bit: - (HipShieldK) -- C:\Windows\SysNative\drivers\HipShieldK.sys (McAfee, Inc.)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\TeeDriverx64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\drivers\iaStorA.sys (Intel Corporation)
DRV:64bit: - (iaStorF) -- C:\Windows\SysNative\drivers\iaStorF.sys (Intel Corporation)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\drivers\btath_a2dp.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\drivers\btath_hcrp.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\drivers\btath_rcp.sys (Qualcomm Atheros)
DRV:64bit: - (btath_avdt) -- C:\Windows\SysNative\drivers\btath_avdt.sys (Qualcomm Atheros)
DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\drivers\btath_flt.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\drivers\btath_lwflt.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_BUS) -- C:\Windows\SysNative\drivers\btath_bus.sys (Qualcomm Atheros)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Qualcomm Atheros Communications, Inc.)
DRV:64bit: - (iusb3hcs) -- C:\Windows\SysNative\drivers\iusb3hcs.sys (Intel Corporation)
DRV:64bit: - (iusb3xhc) -- C:\Windows\SysNative\drivers\iusb3xhc.sys (Intel Corporation)
DRV:64bit: - (iusb3hub) -- C:\Windows\SysNative\drivers\iusb3hub.sys (Intel Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (vmx86) -- C:\Windows\SysNative\drivers\vmx86.sys (VMware, Inc.)
DRV:64bit: - (vmkbd) -- C:\Windows\SysNative\drivers\VMkbd.sys (VMware, Inc.)
DRV:64bit: - (VMnetuserif) -- C:\Windows\SysNative\drivers\vmnetuserif.sys (VMware, Inc.)
DRV:64bit: - (VMnetBridge) -- C:\Windows\SysNative\drivers\vmnetbridge.sys (VMware, Inc.)
DRV:64bit: - (VMnetAdapter) -- C:\Windows\SysNative\drivers\vmnetadapter.sys (VMware, Inc.)
DRV:64bit: - (vmci) -- C:\Windows\SysNative\drivers\vmci.sys (VMware, Inc.)
DRV:64bit: - (hcmon) -- C:\Windows\SysNative\drivers\hcmon.sys (VMware, Inc.)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc60.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (SynthVid) -- C:\Windows\SysNative\drivers\VMBusVideoM.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (usbscan) -- C:\Windows\SysWOW64\drivers\usbscan.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {D81273E4-7658-47B6-8075-3D404C64D87C}
IE:64bit: - HKLM\..\SearchScopes\{D81273E4-7658-47B6-8075-3D404C64D87C}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=DCJB
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{D81273E4-7658-47B6-8075-3D404C64D87C}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=DCJB
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118
IE - HKU\S-1-5-21-670280924-550259233-2201882432-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-670280924-550259233-2201882432-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-670280924-550259233-2201882432-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-670280924-550259233-2201882432-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0
FF - prefs.js..network.proxy.type: 1user_pref("network.proxy.http", "127.0.0.1");user_pref("network.proxy.http_port", 8118);user_pref("network.proxy.ssl", "127.0.0.1");user_pref("network.proxy.ssl_port", 8118);
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2014/05/25 10:10:50 | 000,000,000 | ---D | M]
[2014/05/03 16:21:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Barry Chapman\AppData\Roaming\Mozilla\Extensions
[2014/05/03 16:29:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Barry Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\76t9nm76.default\extensions
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_1\
CHR - Extension: Google Drive = C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1\
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5019_0\
CHR - Extension: YouTube = C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\
CHR - Extension: Google Search = C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1\
CHR - Extension: Google Wallet = C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\
CHR - Extension: Gmail = C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2014/05/15 14:38:25 | 000,450,709 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 123fporn.info
O1 - Hosts: 15469 more lines...
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Qualcomm®Atheros®)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [mcpltui_exe] C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe (McAfee, Inc.)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-670280924-550259233-2201882432-1000..\Run: [Backblaze] C:\Program Files (x86)\Backblaze\bzbui.exe ()
O4 - HKU\S-1-5-21-670280924-550259233-2201882432-1000..\Run: [updateMgr] C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: BtvStack = "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe" (Qualcomm®Atheros®)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert link target to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert selected links to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert selection to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Qualcomm®Atheros®)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.8.8.8 8.8.4.4 205.152.144.23 205.152.132.23
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{52E3D270-9F67-475E-B16A-1D6443366E50}: DhcpNameServer = 8.8.8.8 8.8.4.4 205.152.144.23 205.152.132.23
O18:64bit: - Protocol\Handler\ipp - No CLSID value found
O18:64bit: - Protocol\Handler\ipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/12/15 20:52:18 | 000,000,080 | ---- | M] () - E:\Autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
brchapman
2014-05-27, 17:18
========== Files/Folders - Created Within 30 Days ==========
[2014/05/27 09:18:51 | 000,000,000 | ---D | C] -- C:\Malwarebytes' Anti-Malware
[2014/05/27 08:56:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2014/05/27 08:54:00 | 000,000,000 | R--D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2014/05/26 10:19:40 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\SysWow64\sqlite3.dll
[2014/05/25 10:38:02 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2014/05/25 10:36:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2014/05/25 10:36:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2014/05/23 08:25:39 | 000,000,000 | ---D | C] -- C:\New folder
[2014/05/23 07:48:53 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2014/05/23 07:41:53 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\QuickScan
[2014/05/22 16:20:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2014/05/22 15:37:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
[2014/05/22 15:35:36 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014/05/22 15:35:22 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014/05/22 15:35:22 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014/05/22 15:35:22 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014/05/22 15:35:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2014/05/22 10:47:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot
[2014/05/21 11:27:06 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\TuneUp Software
[2014/05/21 11:16:30 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2014/05/21 11:16:29 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\MFAData
[2014/05/21 11:16:29 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2014/05/20 14:53:08 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\Norman Malware Cleaner
[2014/05/20 12:44:27 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2014/05/19 16:42:54 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/05/19 10:55:46 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2014/05/19 10:20:13 | 000,000,000 | ---D | C] -- C:\Adobe XI Pro
[2014/05/19 08:08:57 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2014/05/19 07:54:08 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\Documents\ProcAlyzer Dumps
[2014/05/16 10:51:07 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\CrashDumps
[2014/05/16 09:39:50 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\SUPERAntiSpyware.com
[2014/05/16 09:39:36 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2014/05/16 08:33:26 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2014/05/16 08:33:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Download Assistant
[2014/05/16 08:32:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2014/05/15 11:40:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2014/05/15 11:40:14 | 000,021,040 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe
[2014/05/15 11:21:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2014/05/15 11:21:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2014/05/15 03:25:44 | 000,000,000 | R--D | C] -- C:\Users\Barry Chapman\Virtual Machines
[2014/05/15 03:06:09 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/05/15 03:06:09 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/05/14 16:16:31 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\PDF24
[2014/05/14 15:56:37 | 000,000,000 | ---D | C] -- C:\Windows\Microsoft
[2014/05/14 15:56:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSR
[2014/05/14 15:56:04 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\IdleCrawler
[2014/05/14 15:54:30 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\wi_upd
[2014/05/14 15:48:24 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\BitTorrent
[2014/05/14 11:56:55 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\Documents\Outlook Files
[2014/05/14 10:26:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2014/05/14 10:25:54 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2014/05/14 10:22:45 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2014/05/14 10:22:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2014/05/14 10:20:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2014/05/14 10:20:23 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2014/05/14 08:30:28 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\Secunia PSI
[2014/05/14 08:30:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Secunia
[2014/05/14 05:44:33 | 000,477,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014/05/14 05:44:33 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014/05/14 05:44:11 | 003,969,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2014/05/14 05:44:11 | 001,460,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2014/05/14 05:44:10 | 005,550,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2014/05/14 05:44:10 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2014/05/14 05:44:10 | 000,722,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\objsel.dll
[2014/05/14 05:44:10 | 000,538,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\objsel.dll
[2014/05/14 05:44:10 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2014/05/14 05:44:10 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2014/05/14 05:44:09 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2014/05/14 05:44:09 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cngprovider.dll
[2014/05/14 05:44:09 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adprovider.dll
[2014/05/14 05:44:09 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\capiprovider.dll
[2014/05/14 05:44:09 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpapiprovider.dll
[2014/05/14 05:44:09 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cngprovider.dll
[2014/05/14 05:44:09 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adprovider.dll
[2014/05/14 05:44:09 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\capiprovider.dll
[2014/05/14 05:44:09 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpapiprovider.dll
[2014/05/14 05:44:09 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dimsroam.dll
[2014/05/14 05:44:09 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wincredprovider.dll
[2014/05/14 05:44:09 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dimsroam.dll
[2014/05/14 05:44:09 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wincredprovider.dll
[2014/05/14 05:44:08 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2014/05/14 05:44:08 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2014/05/13 12:17:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backblaze
[2014/05/13 12:16:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Backblaze
[2014/05/13 12:16:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Backblaze
[2014/05/13 12:02:10 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\VMware
[2014/05/13 11:18:34 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2014/05/13 11:00:12 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\VMware
[2014/05/12 20:43:13 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\.asdm
[2014/05/12 20:43:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco Systems
[2014/05/12 13:51:55 | 000,000,000 | ---D | C] -- C:\Program Files\My Lockbox
[2014/05/12 07:16:46 | 000,000,000 | -H-D | C] -- C:\.bzvol
[2014/05/09 11:38:06 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\Documents\CCWin
[2014/05/09 07:41:14 | 000,063,568 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\vmx86.sys
[2014/05/09 07:40:35 | 000,354,896 | ---- | C] (VMware, Inc.) -- C:\Windows\SysWow64\vmnetdhcp.exe
[2014/05/09 07:40:33 | 000,434,256 | ---- | C] (VMware, Inc.) -- C:\Windows\SysWow64\vmnat.exe
[2014/05/09 07:40:32 | 000,030,800 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\vmnetuserif.sys
[2014/05/09 07:40:26 | 000,943,184 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\vnetlib64.dll
[2014/05/09 07:39:45 | 000,033,360 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\VMkbd.sys
[2014/05/09 07:39:43 | 000,039,024 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\hcmon.sys
[2014/05/09 07:39:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
[2014/05/09 07:39:13 | 000,000,000 | ---D | C] -- C:\ProgramData\VMware
[2014/05/09 07:39:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VMware
[2014/05/09 07:39:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\VMware
[2014/05/09 07:38:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\VMware
[2014/05/07 09:42:51 | 000,231,552 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXDFLT.DLL
[2014/05/07 09:42:51 | 000,102,672 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXTIFFN.DLL
[2014/05/07 09:42:51 | 000,049,424 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXTHK32.DLL
[2014/05/07 09:42:51 | 000,045,328 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXSLN.DLL
[2014/05/07 09:42:51 | 000,023,152 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXPERM.DLL
[2014/05/07 09:42:51 | 000,016,048 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXLOC.DLL
[2014/05/07 09:42:51 | 000,011,968 | ---- | C] (Pixel Translations Incorporated) -- C:\Windows\SysWow64\PIXMDLLC.CPL
[2014/05/07 09:42:51 | 000,006,416 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXTHK16.DLL
[2014/05/07 09:42:50 | 000,209,168 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXNOTEN.DLL
[2014/05/07 09:42:50 | 000,074,000 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXNAMEN.DLL
[2014/05/07 09:42:50 | 000,045,328 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXRAMN.DLL
[2014/05/07 09:42:50 | 000,045,328 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXPANN.DLL
[2014/05/07 09:42:50 | 000,045,328 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXMPN.DLL
[2014/05/07 09:42:50 | 000,045,328 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXMDLGN.DLL
[2014/05/07 09:42:49 | 000,753,936 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXANNOT.DLL
[2014/05/07 09:42:49 | 000,463,120 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXJP2K.DLL
[2014/05/07 09:42:49 | 000,327,680 | ---- | C] (The University of New South Wales) -- C:\Windows\SysWow64\PIXJP2KI.DLL
[2014/05/07 09:42:49 | 000,119,056 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXJBGN.DLL
[2014/05/07 09:42:49 | 000,094,480 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXAPS.DLL
[2014/05/07 09:42:49 | 000,069,904 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXDLGN.DLL
[2014/05/07 09:42:49 | 000,057,616 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXLZWN.DLL
[2014/05/07 09:29:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Canon Electronics
[2014/05/07 09:25:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CapturePerfect 3.1
[2014/05/06 16:16:12 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\ElevatedDiagnostics
[2014/05/06 15:56:54 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\Documents\My Documents from old
[2014/05/06 13:18:22 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2014/05/06 13:12:58 | 000,152,576 | ---- | C] (Canon Electronics) -- C:\Windows\SysNative\DR25SVC.dll
[2014/05/06 13:12:46 | 000,491,792 | ---- | C] (Captiva Software Corp.) -- C:\Windows\SysWow64\qd1.dll
[2014/05/06 10:10:41 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Oracle
[2014/05/06 10:09:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2014/05/06 10:09:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2014/05/06 10:05:04 | 000,313,256 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2014/05/06 10:04:56 | 000,189,352 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2014/05/06 10:04:56 | 000,189,352 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2014/05/06 10:04:56 | 000,108,968 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2014/05/06 10:04:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/05/06 10:04:48 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2014/05/06 09:31:13 | 000,233,744 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXMDLN.DLL
[2014/05/06 09:09:30 | 000,200,704 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\twpix32.dll
[2014/05/06 09:09:30 | 000,098,304 | ---- | C] (Cornerstone Imaging, Inc.) -- C:\Windows\SysWow64\Wiaext32.dll
[2014/05/06 09:09:30 | 000,023,152 | ---- | C] (Pixel Translations Incorporated) -- C:\Windows\System\Pixperm.dll
[2014/05/06 09:09:30 | 000,021,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System\Ctl3d.dll
[2014/05/06 09:09:30 | 000,016,064 | ---- | C] (Pixel Translations Incorporated) -- C:\Windows\System\Pixloc.dll
[2014/05/06 09:09:29 | 000,231,552 | ---- | C] (Pixel Translations Incorporated) -- C:\Windows\System\Pixdflt.dll
[2014/05/06 09:06:37 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\ISIS Drivers
[2014/05/06 09:06:37 | 000,000,000 | ---D | C] -- C:\ProgramData\ISIS Drivers
[2014/05/06 09:05:28 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\Desktop\CapturePerfect 3.0
[2014/05/06 08:51:55 | 000,000,000 | ---D | C] -- C:\DR Scanner
[2014/05/06 08:43:03 | 000,000,000 | ---D | C] -- C:\DR2580C
[2014/05/06 08:37:30 | 000,096,768 | ---- | C] (Canon Electronics Inc.) -- C:\Windows\SysNative\DR25CPL.dll
[2014/05/06 08:37:30 | 000,083,456 | ---- | C] (Canon Electronics Inc.) -- C:\Windows\SysNative\CeiUSB64.dll
[2014/05/06 07:52:59 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\CompatTel
[2014/05/06 07:29:31 | 000,000,000 | ---D | C] -- C:\CapturePerfect Upgrade
[2014/05/06 03:02:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2014/05/05 17:44:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon DR-2580C
[2014/05/05 16:56:07 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\AdobeUM
[2014/05/05 16:53:00 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\spool
[2014/05/05 16:53:00 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Adobe PDF
[2014/05/05 16:24:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2014/05/05 16:24:38 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2014/05/05 16:24:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2014/05/05 16:15:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
[2014/05/05 16:15:01 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Mouse and Keyboard Center
[2014/05/05 15:50:08 | 000,000,000 | ---D | C] -- C:\HP Universal Print Driver
[2014/05/05 14:53:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Landtech XML
[2014/05/05 14:52:53 | 000,204,800 | ---- | C] (Landtech Data Corporation) -- C:\Windows\SysWow64\ltwpvsw.DLL
[2014/05/05 14:52:53 | 000,065,536 | ---- | C] (Landtech Data Corp.) -- C:\Windows\SysWow64\LTWNode.exe
[2014/05/05 14:52:53 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Landtech XML
[2014/05/05 14:44:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Pervasive Software
[2014/05/05 14:44:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pervasive Software
[2014/05/05 14:44:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pervasive
[2014/05/05 14:22:07 | 000,000,000 | ---D | C] -- C:\LTAPPS
[2014/05/05 14:18:46 | 000,000,000 | ---D | C] -- C:\Wages
[2014/05/05 14:07:17 | 000,169,600 | ---- | C] (Wintertree Software Inc.) -- C:\Windows\SysWow64\WSpell.ocx
[2014/05/05 12:36:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WP-64
[2014/05/05 12:22:16 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Help
[2014/05/05 12:22:16 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\Help
[2014/05/05 11:26:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/05/05 10:49:21 | 001,355,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvbvm50.dll
[2014/05/05 10:49:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Medlin Accounting
[2014/05/05 10:49:20 | 000,000,000 | ---D | C] -- C:\MWACCT
[2014/05/05 10:49:04 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\Programs
[2014/05/05 10:40:33 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\QuickenWindow
[2014/05/05 10:36:26 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\IsolatedStorage
[2014/05/05 10:28:28 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\Documents\Quicken
[2014/05/05 10:24:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AnswerWorks 5.0
[2014/05/05 10:24:39 | 004,169,728 | ---- | C] (Amyuni Technologies
http://www.amyuni.com) -- C:\Windows\SysWow64\cdintf400.dll
[2014/05/05 10:24:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quicken 2014
[2014/05/05 10:24:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intuit
[2014/05/05 10:24:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Quicken
[2014/05/05 10:24:08 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Intuit
[2014/05/05 10:23:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Intuit
[2014/05/05 10:13:09 | 000,000,000 | ---D | C] -- C:\Quicken 2014
[2014/05/05 09:43:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SWF Studio
[2014/05/05 08:58:28 | 000,000,000 | -HSD | C] -- C:\Users\Barry Chapman\AppData\Local\EmieUserList
[2014/05/05 08:58:28 | 000,000,000 | -HSD | C] -- C:\Users\Barry Chapman\AppData\Local\EmieSiteList
[2014/05/05 03:10:48 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/05/05 03:10:48 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/05/05 03:10:46 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/05/05 03:10:43 | 000,586,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/05/05 03:10:43 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014/05/05 03:10:43 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/05/05 03:10:43 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/05/05 03:10:42 | 000,752,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/05/05 03:10:42 | 000,628,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/05/05 03:10:42 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/05/05 03:10:42 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/05/05 03:10:42 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/05/05 03:10:42 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/05/05 03:10:41 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/05/05 03:10:41 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/05/05 03:10:41 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/05/05 03:10:41 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/05/05 03:10:41 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/05/05 03:10:41 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/05/05 03:10:39 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/05/05 03:10:39 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/05/05 03:10:39 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/05/05 03:10:39 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/05/05 03:10:39 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/05/05 03:10:38 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014/05/05 03:10:38 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/05/05 03:10:37 | 001,967,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/05/05 03:10:36 | 002,043,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/05/05 03:10:35 | 005,784,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/05/04 03:37:17 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2014/05/04 03:37:17 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2014/05/04 03:17:29 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2014/05/04 03:06:18 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2014/05/04 03:06:18 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2014/05/04 03:06:18 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2014/05/04 03:06:18 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2014/05/03 16:58:30 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2014/05/03 16:58:30 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2014/05/03 16:58:24 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2014/05/03 16:58:24 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2014/05/03 16:58:23 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wer.dll
[2014/05/03 16:58:23 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wer.dll
[2014/05/03 16:58:22 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2014/05/03 16:58:22 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2014/05/03 16:55:43 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2014/05/03 16:55:43 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2014/05/03 16:55:42 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2014/05/03 16:55:42 | 000,572,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2014/05/03 16:55:42 | 000,553,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2014/05/03 16:55:42 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2014/05/03 16:55:42 | 000,528,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll
[2014/05/03 16:55:42 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2014/05/03 16:55:42 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2014/05/03 16:55:42 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2014/05/03 16:55:42 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2014/05/03 16:55:42 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2014/05/03 16:55:42 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2014/05/03 16:55:42 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2014/05/03 16:55:42 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2014/05/03 16:55:42 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2014/05/03 16:55:42 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2014/05/03 16:55:35 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2014/05/03 16:55:35 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2014/05/03 16:55:09 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2014/05/03 16:55:09 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2014/05/03 16:53:46 | 000,376,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2014/05/03 16:53:44 | 000,190,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2014/05/03 16:53:44 | 000,027,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2014/05/03 16:53:44 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iologmsg.dll
[2014/05/03 16:53:44 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iologmsg.dll
[2014/05/03 16:53:38 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2014/05/03 16:53:38 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2014/05/03 16:53:37 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2014/05/03 16:53:37 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2014/05/03 16:53:37 | 000,124,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2014/05/03 16:53:37 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2014/05/03 16:53:36 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2014/05/03 16:53:36 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2014/05/03 16:53:36 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2014/05/03 16:53:36 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2014/05/03 16:53:36 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2014/05/03 16:53:36 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2014/05/03 16:53:36 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2014/05/03 16:53:36 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2014/05/03 16:53:35 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2014/05/03 16:53:35 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2014/05/03 16:53:30 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2014/05/03 16:46:07 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2014/05/03 16:40:07 | 000,000,000 | ---D | C] -- C:\Office 2000
[2014/05/03 16:34:04 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\Microsoft Help
[2014/05/03 16:34:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2014/05/03 16:26:05 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\WinRAR
[2014/05/03 16:23:38 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\Macromedia
[2014/05/03 16:21:15 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Mozilla
[2014/05/03 16:21:15 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\Mozilla
[2014/05/03 16:21:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2014/05/03 16:21:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2014/05/03 16:21:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/05/03 16:10:33 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014/05/03 16:10:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014/05/03 16:10:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR
[2014/05/03 15:48:38 | 001,098,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wab32res.dll
[2014/05/03 15:48:38 | 000,886,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wab32.dll
[2014/05/03 15:40:56 | 000,000,000 | ---D | C] -- C:\Windows\Msagent
[2014/05/03 15:40:38 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Microsoft Web Folders
[2014/05/03 15:33:02 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ftsrch.dll
[2014/05/03 15:33:02 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ftsrch.dll
[2014/05/03 15:33:02 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ftlx041e.dll
[2014/05/03 15:33:02 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ftlx041e.dll
[2014/05/03 15:33:02 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ftlx0411.dll
[2014/05/03 15:33:02 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ftlx0411.dll
[2014/05/03 14:40:10 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\Adobe
[2014/05/03 14:29:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\wp51
[2014/05/03 14:14:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FAX User Software
[2014/05/03 14:14:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kyocera
[2014/05/03 13:53:55 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Canon Electronics
[2014/05/03 13:38:36 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\Documents\Corel User Files
[2014/05/03 13:38:11 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Corel
[2014/05/03 13:31:52 | 000,021,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CTL3D.DLL
[2014/05/03 13:31:15 | 000,067,888 | ---- | C] (Canon Electronics Inc.) -- C:\Windows\SysWow64\SuStiUtl.dll
[2014/05/03 13:30:43 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\Desktop\Canon DR-2580C
[2014/05/03 13:30:41 | 000,106,496 | ---- | C] (Canon Electronics) -- C:\Windows\SysWow64\DR25SVC.dll
[2014/05/03 13:30:41 | 000,094,208 | ---- | C] (Canon Electronics Inc.) -- C:\Windows\SysWow64\DR25CPL.dll
[2014/05/03 13:30:41 | 000,036,864 | ---- | C] (Canon Electronics Inc.) -- C:\Windows\SysWow64\CeiUSB2.dll
[2014/05/03 13:30:41 | 000,014,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\usbscan.sys
[2014/05/03 13:30:38 | 000,180,224 | ---- | C] (Pegasus Imaging Corp.) -- C:\Windows\SysWow64\PIXN1120.DLL
[2014/05/03 13:30:38 | 000,176,128 | ---- | C] (Pegasus Imaging Corp.) -- C:\Windows\SysWow64\PIXN1520.DLL
[2014/05/03 13:30:38 | 000,114,688 | ---- | C] (Pegasus Imaging Corp.) -- C:\Windows\SysWow64\PIXN1320.DLL
[2014/05/03 13:30:38 | 000,051,712 | ---- | C] (Pegasus Imaging Corp.) -- C:\Windows\SysWow64\PIXN20.DLL
[2014/05/03 13:30:37 | 000,602,384 | ---- | C] (Pixel Translations Incorporated) -- C:\Windows\SysWow64\pixipdll.dll
[2014/05/03 13:30:37 | 000,155,648 | ---- | C] (Pegasus Imaging Corp.) -- C:\Windows\SysWow64\PIXN1020.DLL
[2014/05/03 13:30:36 | 000,401,484 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Msvcrtd.dll
[2014/05/03 13:30:36 | 000,221,456 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXDFLTN.DLL
[2014/05/03 13:30:36 | 000,074,000 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXLOCN.DLL
[2014/05/03 13:30:36 | 000,053,520 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXPERMN.DLL
[2014/05/03 13:30:36 | 000,000,000 | ---D | C] -- C:\Windows\PIXTRAN
[2014/05/03 13:30:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Canon Electronics
[2014/05/03 13:30:31 | 000,306,688 | ---- | C] (InstallShield Software Corporation) -- C:\Windows\IsUninst.exe
[2014/05/03 13:17:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WordPerfect Office 12
[2014/05/03 13:16:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Borland Shared
[2014/05/03 13:14:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WordPerfect Office 12
[2014/05/03 13:14:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Corel
[2014/05/03 12:01:21 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\PCDr
[2014/05/02 20:32:20 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2014/05/02 20:32:20 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2014/05/02 20:32:20 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2014/05/02 20:32:12 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2014/05/02 20:32:12 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2014/05/02 20:32:12 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2014/05/02 20:32:05 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2014/05/02 20:32:05 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2014/05/02 19:50:51 | 000,197,704 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\HipShieldK.sys
[2014/05/02 16:23:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/05/02 16:12:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2014/05/02 16:12:46 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\Google
[2014/05/02 16:10:13 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\Diagnostics
[2014/05/02 15:58:33 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\Apps
[2014/05/02 15:58:32 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\Deployment
[2014/05/02 15:45:07 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Opera Software
[2014/05/02 15:45:07 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\Opera Software
[2014/05/02 15:45:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera
[2014/05/02 15:42:10 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Macromedia
[2014/05/02 15:26:33 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Intel Corporation
[2014/05/02 15:25:54 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Dell
[2014/05/02 15:25:50 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\BMExplorer
[2014/05/02 15:25:49 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\Documents\Bluetooth Folder
[2014/05/02 15:25:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Atheros
[2014/05/02 15:25:33 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Leadertech
[2014/05/02 15:25:31 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Atheros
[2014/05/02 15:25:20 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Adobe
[2014/05/02 15:25:19 | 000,000,000 | R--D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014/05/02 15:25:19 | 000,000,000 | R--D | C] -- C:\Users\Barry Chapman\Searches
[2014/05/02 15:25:19 | 000,000,000 | R--D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014/05/02 15:25:19 | 000,000,000 | -H-D | C] -- C:\Users\Barry Chapman\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2014/05/02 15:25:10 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Identities
[2014/05/02 15:25:08 | 000,000,000 | R--D | C] -- C:\Users\Barry Chapman\Contacts
[2014/05/02 15:25:07 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\VirtualStore
[2014/05/02 15:23:34 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\softthinks
[2014/05/02 15:23:34 | 000,000,000 | ---D | C] -- C:\ProgramData\softthinks
[2014/05/02 15:17:44 | 000,000,000 | --SD | C] -- C:\Users\Barry Chapman\AppData\Roaming\Microsoft
[2014/05/02 15:17:44 | 000,000,000 | R--D | C] -- C:\Users\Barry Chapman\Videos
[2014/05/02 15:17:44 | 000,000,000 | R--D | C] -- C:\Users\Barry Chapman\Saved Games
[2014/05/02 15:17:44 | 000,000,000 | R--D | C] -- C:\Users\Barry Chapman\Pictures
[2014/05/02 15:17:44 | 000,000,000 | R--D | C] -- C:\Users\Barry Chapman\Music
[2014/05/02 15:17:44 | 000,000,000 | R--D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/05/02 15:17:44 | 000,000,000 | R--D | C] -- C:\Users\Barry Chapman\Links
[2014/05/02 15:17:44 | 000,000,000 | R--D | C] -- C:\Users\Barry Chapman\Favorites
[2014/05/02 15:17:44 | 000,000,000 | R--D | C] -- C:\Users\Barry Chapman\Downloads
[2014/05/02 15:17:44 | 000,000,000 | R--D | C] -- C:\Users\Barry Chapman\Documents
[2014/05/02 15:17:44 | 000,000,000 | R--D | C] -- C:\Users\Barry Chapman\Desktop
[2014/05/02 15:17:44 | 000,000,000 | R--D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/05/02 15:17:44 | 000,000,000 | -HSD | C] -- C:\Users\Barry Chapman\AppData\Local\Temporary Internet Files
[2014/05/02 15:17:44 | 000,000,000 | -HSD | C] -- C:\Users\Barry Chapman\Templates
[2014/05/02 15:17:44 | 000,000,000 | -HSD | C] -- C:\Users\Barry Chapman\Start Menu
[2014/05/02 15:17:44 | 000,000,000 | -HSD | C] -- C:\Users\Barry Chapman\SendTo
[2014/05/02 15:17:44 | 000,000,000 | -HSD | C] -- C:\Users\Barry Chapman\Recent
[2014/05/02 15:17:44 | 000,000,000 | -HSD | C] -- C:\Users\Barry Chapman\PrintHood
[2014/05/02 15:17:44 | 000,000,000 | -HSD | C] -- C:\Users\Barry Chapman\NetHood
[2014/05/02 15:17:44 | 000,000,000 | -HSD | C] -- C:\Users\Barry Chapman\Documents\My Videos
[2014/05/02 15:17:44 | 000,000,000 | -HSD | C] -- C:\Users\Barry Chapman\Documents\My Pictures
[2014/05/02 15:17:44 | 000,000,000 | -HSD | C] -- C:\Users\Barry Chapman\Documents\My Music
[2014/05/02 15:17:44 | 000,000,000 | -HSD | C] -- C:\Users\Barry Chapman\My Documents
[2014/05/02 15:17:44 | 000,000,000 | -HSD | C] -- C:\Users\Barry Chapman\Local Settings
[2014/05/02 15:17:44 | 000,000,000 | -HSD | C] -- C:\Users\Barry Chapman\AppData\Local\History
[2014/05/02 15:17:44 | 000,000,000 | -HSD | C] -- C:\Users\Barry Chapman\Cookies
[2014/05/02 15:17:44 | 000,000,000 | -HSD | C] -- C:\Users\Barry Chapman\Application Data
[2014/05/02 15:17:44 | 000,000,000 | -HSD | C] -- C:\Users\Barry Chapman\AppData\Local\Application Data
[2014/05/02 15:17:44 | 000,000,000 | -H-D | C] -- C:\Users\Barry Chapman\AppData
[2014/05/02 15:17:44 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\Temp
[2014/05/02 15:17:44 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\Microsoft
[2014/05/02 15:17:44 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Media Center Programs
========== Files - Modified Within 30 Days ==========
[2014/05/27 09:57:26 | 000,021,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/05/27 09:57:26 | 000,021,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/05/27 09:55:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/05/27 09:18:20 | 000,791,990 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/05/27 09:18:20 | 000,670,374 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/05/27 09:18:20 | 000,125,196 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/05/27 09:13:14 | 001,440,846 | ---- | M] () -- C:\Program Files (x86)\mbam-chameleon-1.62.1.1000.zip
[2014/05/27 09:07:02 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/05/27 08:53:24 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/05/27 08:53:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/05/27 08:53:05 | 1008,427,006 | -HS- | M] () -- C:\hiberfil.sys
[2014/05/25 11:49:58 | 000,004,447 | ---- | M] () -- C:\Users\Barry Chapman\Desktop\attach.zip
[2014/05/25 11:38:01 | 000,000,512 | ---- | M] () -- C:\Users\Barry Chapman\Desktop\MBR.dat
[2014/05/25 10:52:48 | 000,004,315 | ---- | M] () -- C:\Users\Barry Chapman\Desktop\attach.rar
[2014/05/25 10:37:03 | 000,001,159 | ---- | M] () -- C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2014/05/25 10:36:53 | 000,000,960 | ---- | M] () -- C:\Users\Barry Chapman\Desktop\ERUNT.lnk
[2014/05/23 09:52:06 | 000,201,978 | ---- | M] () -- C:\Users\Barry Chapman\Documents\141046 PRELIMINARY HUD.pdf
[2014/05/23 07:52:39 | 000,033,334 | ---- | M] () -- C:\ProgramData\1400845954.bdinstall.bin
[2014/05/23 07:52:28 | 000,000,189 | ---- | M] () -- C:\ProgramData\1400845920.2208.bin
[2014/05/23 07:52:24 | 000,002,061 | ---- | M] () -- C:\ProgramData\1400845920.2284.bin
[2014/05/23 07:52:14 | 000,039,641 | ---- | M] () -- C:\ProgramData\1400845920.2200.bin
[2014/05/23 07:48:44 | 624,028,561 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014/05/23 07:44:29 | 000,000,965 | ---- | M] () -- C:\ProgramData\1400845426.13472.bin
[2014/05/23 07:44:27 | 000,043,785 | ---- | M] () -- C:\ProgramData\1400845426.14224.bin
[2014/05/23 07:44:03 | 000,002,062 | ---- | M] () -- C:\ProgramData\1400845426.13672.bin
[2014/05/23 07:42:32 | 000,044,557 | ---- | M] () -- C:\ProgramData\1400845313.bdinstall.bin
[2014/05/22 15:48:56 | 000,042,188 | ---- | M] () -- C:\Users\Barry Chapman\Documents\141050 revised contract.pdf
[2014/05/22 15:35:06 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014/05/22 15:35:06 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014/05/22 15:35:06 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014/05/22 15:35:06 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014/05/22 15:20:40 | 000,103,981 | ---- | M] () -- C:\Users\Barry Chapman\Documents\141050 signed contract.pdf
[2014/05/22 13:23:30 | 000,051,706 | ---- | M] () -- C:\Windows\SysWow64\bddel.dat
[2014/05/22 13:12:59 | 000,202,050 | ---- | M] () -- C:\Users\Barry Chapman\Documents\141042 REVISED HUD.pdf
[2014/05/22 10:49:21 | 000,001,434 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2014/05/21 16:21:32 | 000,037,861 | ---- | M] () -- C:\Users\Barry Chapman\AppData\Roaming\Comma Separated Values (Windows).ADR
[2014/05/21 15:00:00 | 000,017,064 | ---- | M] () -- C:\Users\Barry Chapman\Documents\Martinez legal description.pdf
[2014/05/21 09:17:50 | 000,002,334 | ---- | M] () -- C:\Users\Barry Chapman\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/05/21 09:17:50 | 000,002,310 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/05/20 11:11:14 | 000,024,389 | ---- | M] () -- C:\Users\Barry Chapman\Documents\141042 preliminary HUD.pdf
[2014/05/20 09:17:06 | 000,166,076 | ---- | M] () -- C:\Users\Barry Chapman\Documents\141049 HICKMAN ucc1.pdf
[2014/05/19 14:46:28 | 000,126,434 | ---- | M] () -- C:\Users\Barry Chapman\Documents\141049 REVISED HUD.pdf
[2014/05/19 14:25:33 | 000,148,676 | ---- | M] () -- C:\Users\Barry Chapman\Documents\141049 HUD & LEGAL DESCR.pdf
[2014/05/19 14:11:04 | 000,129,944 | ---- | M] () -- C:\Users\Barry Chapman\Documents\141051 HUD.pdf
[2014/05/19 09:55:20 | 000,009,944 | ---- | M] () -- C:\Users\Barry Chapman\Documents\Clayton Homes Invoice-Turbide.pdf
[2014/05/16 11:13:50 | 000,111,023 | ---- | M] () -- C:\Users\Barry Chapman\Documents\Bunche Stree contract.pdf
[2014/05/15 14:38:25 | 000,450,709 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014/05/15 12:49:03 | 000,450,709 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20140515-143825.backup
[2014/05/15 11:40:19 | 000,000,656 | ---- | M] () -- C:\Windows\tasks\Check for updates (Spybot - Search & Destroy).job
[2014/05/15 11:40:19 | 000,000,628 | ---- | M] () -- C:\Windows\tasks\Refresh immunization (Spybot - Search & Destroy).job
[2014/05/15 11:40:19 | 000,000,458 | ---- | M] () -- C:\Windows\tasks\Scan the system (Spybot - Search & Destroy).job
[2014/05/15 11:36:53 | 000,000,085 | ---- | M] () -- C:\Windows\wininit.ini
[2014/05/14 15:27:56 | 000,002,453 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
[2014/05/14 15:14:45 | 000,494,176 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/05/14 15:08:15 | 000,001,520 | ---- | M] () -- C:\Users\Public\Documents\AcStd7_1_0.ini
[2014/05/14 14:39:51 | 000,129,908 | ---- | M] () -- C:\Users\Barry Chapman\Documents\Wiggins hud.pdf
[2014/05/14 11:41:08 | 000,001,186 | ---- | M] () -- C:\Users\Barry Chapman\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2014/05/14 08:36:30 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/05/14 08:36:30 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/05/13 15:37:53 | 000,125,914 | ---- | M] () -- C:\Users\Barry Chapman\Documents\141044 PREL HUD.pdf
[2014/05/13 12:25:15 | 000,144,192 | ---- | M] () -- C:\Users\Barry Chapman\Documents\141046 tax cert and plat.pdf
[2014/05/13 11:38:10 | 034,209,792 | ---- | M] () -- C:\Users\Barry Chapman\Desktop\CHAPMA11_20140505-2014-05-13.QDF-backup
[2014/05/13 11:13:54 | 000,007,605 | ---- | M] () -- C:\Users\Barry Chapman\AppData\Local\resmon.resmoncfg
[2014/05/13 10:04:35 | 000,000,000 | ---- | M] () -- C:\Users\Barry Chapman\AppData\Local\{89B78C50-3F1E-4624-B5B6-B21F413891C7}
[2014/05/13 09:04:13 | 000,025,833 | ---- | M] () -- C:\Users\Barry Chapman\Documents\Performance Monitor screen grab.gif
[2014/05/12 16:37:27 | 000,255,875 | ---- | M] () -- C:\Users\Barry Chapman\Documents\141046 commitment.pdf
[2014/05/12 16:26:00 | 000,010,295 | ---- | M] () -- C:\Users\Barry Chapman\Documents\141046 commitment.wpd
[2014/05/12 16:21:54 | 000,002,380 | ---- | M] () -- C:\Users\Barry Chapman\Documents\141046 DATA FILE.wpd
[2014/05/09 10:58:52 | 000,729,275 | ---- | M] () -- C:\Users\Barry Chapman\Documents\141039 signed docs.pdf
[2014/05/09 10:41:30 | 000,015,330 | ---- | M] () -- C:\Users\Barry Chapman\Documents\WIRE INSTRUCTIONS REAL ESTATE TRUST ACCT.pdf
[2014/05/09 07:41:18 | 000,001,070 | ---- | M] () -- C:\Users\Barry Chapman\Application Data\Microsoft\Internet Explorer\Quick Launch\VMware Player.lnk
[2014/05/09 07:39:33 | 000,807,106 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/05/09 07:39:32 | 000,002,187 | ---- | M] () -- C:\Users\Public\Desktop\VMware Player.lnk
[2014/05/09 02:14:03 | 000,477,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014/05/09 02:11:23 | 000,424,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014/05/07 15:51:16 | 000,088,239 | ---- | M] () -- C:\Users\Barry Chapman\Documents\martin aff doc.pdf
[2014/05/07 15:43:47 | 002,744,977 | ---- | M] () -- C:\Users\Barry Chapman\Documents\Gary Martin closing package.pdf
[2014/05/07 11:24:18 | 000,027,554 | ---- | M] () -- C:\Users\Barry Chapman\Documents\141041 revised note.pdf
[2014/05/07 09:44:56 | 000,532,504 | ---- | M] () -- C:\Users\Barry Chapman\Documents\revised note and sd to change dates.pdf
[2014/05/07 09:16:15 | 000,024,895 | ---- | M] () -- C:\Users\Barry Chapman\Documents\Old Republic Synovus letter.pdf
[2014/05/06 16:39:15 | 000,534,254 | ---- | M] () -- C:\Users\Barry Chapman\Documents\Tillman revised note & sd.pdf
[2014/05/06 13:22:33 | 000,000,125 | ---- | M] () -- C:\Windows\SetScan.ini
[2014/05/06 10:04:49 | 000,313,256 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2014/05/06 10:04:49 | 000,189,352 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2014/05/06 10:04:49 | 000,189,352 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2014/05/06 10:04:49 | 000,108,968 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2014/05/06 09:06:37 | 000,005,432 | ---- | M] () -- C:\Windows\pixcache.ini
[2014/05/05 23:00:47 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/05/05 22:10:52 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/05/05 16:54:47 | 000,002,039 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Acrobat 7.0 Standard.lnk
[2014/05/05 16:15:18 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_point64_01011.Wdf
[2014/05/05 16:12:32 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_dc3d_01011.Wdf
[2014/05/05 15:02:39 | 000,013,839 | ---- | M] () -- C:\Users\Barry Chapman\Documents\141000.pdf
[2014/05/05 14:53:30 | 000,001,534 | ---- | M] () -- C:\Users\Barry Chapman\Desktop\Landtech XML.lnk
[2014/05/05 14:52:53 | 000,204,800 | ---- | M] (Landtech Data Corporation) -- C:\Windows\SysWow64\ltwpvsw.DLL
[2014/05/05 14:52:53 | 000,065,536 | ---- | M] (Landtech Data Corp.) -- C:\Windows\SysWow64\LTWNode.exe
[2014/05/05 14:44:31 | 000,000,519 | ---- | M] () -- C:\Windows\ODBCINST.INI
[2014/05/05 14:44:25 | 000,002,781 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start Pervasive PSQL Workgroup Engine.lnk
[2014/05/05 11:17:49 | 000,000,580 | ---- | M] () -- C:\Users\Public\Desktop\Medlin Accounting.lnk
[2014/05/05 10:24:34 | 000,001,808 | ---- | M] () -- C:\Users\Public\Desktop\Quicken Deluxe 2014.lnk
[2014/05/05 10:24:31 | 000,000,126 | ---- | M] () -- C:\Windows\QUICKEN.INI
[2014/05/03 16:21:08 | 000,001,149 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/05/03 16:10:33 | 000,001,007 | ---- | M] () -- C:\Users\Public\Desktop\WinRAR.lnk
[2014/05/03 15:41:59 | 000,000,376 | ---- | M] () -- C:\Windows\ODBC.INI
[2014/05/03 13:38:12 | 000,061,678 | ---- | M] () -- C:\Users\Barry Chapman\AppData\Roaming\PFP120JPR.{PB
[2014/05/03 13:38:12 | 000,012,358 | ---- | M] () -- C:\Users\Barry Chapman\AppData\Roaming\PFP120JCM.{PB
[2014/05/03 13:17:14 | 000,002,607 | ---- | M] () -- C:\Users\Barry Chapman\Desktop\WordPerfect.lnk
[2014/05/02 15:31:58 | 000,001,409 | ---- | M] () -- C:\Users\Barry Chapman\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/05/02 15:15:22 | 000,041,450 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2014/05/02 15:15:22 | 000,041,450 | ---- | M] () -- C:\Windows\SysNative\license.rtf
brchapman
2014-05-27, 17:19
========== Files Created - No Company Name ==========
[2014/05/27 09:25:05 | 001,440,846 | ---- | C] () -- C:\Program Files (x86)\mbam-chameleon-1.62.1.1000.zip
[2014/05/25 11:49:58 | 000,004,447 | ---- | C] () -- C:\Users\Barry Chapman\Desktop\attach.zip
[2014/05/25 11:38:01 | 000,000,512 | ---- | C] () -- C:\Users\Barry Chapman\Desktop\MBR.dat
[2014/05/25 10:52:48 | 000,004,315 | ---- | C] () -- C:\Users\Barry Chapman\Desktop\attach.rar
[2014/05/25 10:37:03 | 000,001,159 | ---- | C] () -- C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2014/05/25 10:36:53 | 000,000,960 | ---- | C] () -- C:\Users\Barry Chapman\Desktop\ERUNT.lnk
[2014/05/23 09:46:30 | 000,201,978 | ---- | C] () -- C:\Users\Barry Chapman\Documents\141046 PRELIMINARY HUD.pdf
[2014/05/23 07:52:39 | 000,033,334 | ---- | C] () -- C:\ProgramData\1400845954.bdinstall.bin
[2014/05/23 07:52:03 | 000,000,189 | ---- | C] () -- C:\ProgramData\1400845920.2208.bin
[2014/05/23 07:52:02 | 000,002,061 | ---- | C] () -- C:\ProgramData\1400845920.2284.bin
[2014/05/23 07:52:00 | 000,039,641 | ---- | C] () -- C:\ProgramData\1400845920.2200.bin
[2014/05/23 07:48:44 | 624,028,561 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2014/05/23 07:43:56 | 000,000,965 | ---- | C] () -- C:\ProgramData\1400845426.13472.bin
[2014/05/23 07:43:55 | 000,002,062 | ---- | C] () -- C:\ProgramData\1400845426.13672.bin
[2014/05/23 07:43:46 | 000,043,785 | ---- | C] () -- C:\ProgramData\1400845426.14224.bin
[2014/05/23 07:42:32 | 000,044,557 | ---- | C] () -- C:\ProgramData\1400845313.bdinstall.bin
[2014/05/22 15:48:57 | 000,042,188 | ---- | C] () -- C:\Users\Barry Chapman\Documents\141050 revised contract.pdf
[2014/05/22 15:20:41 | 000,103,981 | ---- | C] () -- C:\Users\Barry Chapman\Documents\141050 signed contract.pdf
[2014/05/22 13:22:39 | 000,051,706 | ---- | C] () -- C:\Windows\SysWow64\bddel.dat
[2014/05/22 13:12:59 | 000,202,050 | ---- | C] () -- C:\Users\Barry Chapman\Documents\141042 REVISED HUD.pdf
[2014/05/21 15:00:00 | 000,017,064 | ---- | C] () -- C:\Users\Barry Chapman\Documents\Martinez legal description.pdf
[2014/05/20 11:11:14 | 000,024,389 | ---- | C] () -- C:\Users\Barry Chapman\Documents\141042 preliminary HUD.pdf
[2014/05/20 09:17:02 | 000,166,076 | ---- | C] () -- C:\Users\Barry Chapman\Documents\141049 HICKMAN ucc1.pdf
[2014/05/19 14:46:28 | 000,126,434 | ---- | C] () -- C:\Users\Barry Chapman\Documents\141049 REVISED HUD.pdf
[2014/05/19 14:25:34 | 000,148,676 | ---- | C] () -- C:\Users\Barry Chapman\Documents\141049 HUD & LEGAL DESCR.pdf
[2014/05/19 14:11:05 | 000,129,944 | ---- | C] () -- C:\Users\Barry Chapman\Documents\141051 HUD.pdf
[2014/05/19 09:55:21 | 000,009,944 | ---- | C] () -- C:\Users\Barry Chapman\Documents\Clayton Homes Invoice-Turbide.pdf
[2014/05/16 11:15:34 | 000,111,023 | ---- | C] () -- C:\Users\Barry Chapman\Documents\Bunche Stree contract.pdf
[2014/05/15 11:40:19 | 000,000,656 | ---- | C] () -- C:\Windows\tasks\Check for updates (Spybot - Search & Destroy).job
[2014/05/15 11:40:19 | 000,000,628 | ---- | C] () -- C:\Windows\tasks\Refresh immunization (Spybot - Search & Destroy).job
[2014/05/15 11:40:19 | 000,000,458 | ---- | C] () -- C:\Windows\tasks\Scan the system (Spybot - Search & Destroy).job
[2014/05/15 11:40:16 | 000,001,446 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2014/05/15 11:40:16 | 000,001,434 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2014/05/15 11:36:51 | 000,000,085 | ---- | C] () -- C:\Windows\wininit.ini
[2014/05/14 14:43:14 | 000,129,908 | ---- | C] () -- C:\Users\Barry Chapman\Documents\Wiggins hud.pdf
[2014/05/14 14:40:55 | 000,002,453 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
[2014/05/14 14:34:35 | 000,001,520 | ---- | C] () -- C:\Users\Public\Documents\AcStd7_1_0.ini
[2014/05/14 11:41:08 | 000,001,186 | ---- | C] () -- C:\Users\Barry Chapman\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2014/05/13 15:37:54 | 000,125,914 | ---- | C] () -- C:\Users\Barry Chapman\Documents\141044 PREL HUD.pdf
[2014/05/13 12:25:15 | 000,144,192 | ---- | C] () -- C:\Users\Barry Chapman\Documents\141046 tax cert and plat.pdf
[2014/05/13 11:38:10 | 034,209,792 | ---- | C] () -- C:\Users\Barry Chapman\Desktop\CHAPMA11_20140505-2014-05-13.QDF-backup
[2014/05/13 10:04:35 | 000,000,000 | ---- | C] () -- C:\Users\Barry Chapman\AppData\Local\{89B78C50-3F1E-4624-B5B6-B21F413891C7}
[2014/05/13 09:04:13 | 000,025,833 | ---- | C] () -- C:\Users\Barry Chapman\Documents\Performance Monitor screen grab.gif
[2014/05/13 08:53:10 | 000,007,605 | ---- | C] () -- C:\Users\Barry Chapman\AppData\Local\resmon.resmoncfg
[2014/05/12 16:39:10 | 000,255,875 | ---- | C] () -- C:\Users\Barry Chapman\Documents\141046 commitment.pdf
[2014/05/12 16:26:00 | 000,010,295 | ---- | C] () -- C:\Users\Barry Chapman\Documents\141046 commitment.wpd
[2014/05/12 16:21:54 | 000,002,380 | ---- | C] () -- C:\Users\Barry Chapman\Documents\141046 DATA FILE.wpd
[2014/05/09 10:58:52 | 000,729,275 | ---- | C] () -- C:\Users\Barry Chapman\Documents\141039 signed docs.pdf
[2014/05/09 10:41:30 | 000,015,330 | ---- | C] () -- C:\Users\Barry Chapman\Documents\WIRE INSTRUCTIONS REAL ESTATE TRUST ACCT.pdf
[2014/05/09 07:41:18 | 000,001,070 | ---- | C] () -- C:\Users\Barry Chapman\Application Data\Microsoft\Internet Explorer\Quick Launch\VMware Player.lnk
[2014/05/09 07:39:32 | 000,002,187 | ---- | C] () -- C:\Users\Public\Desktop\VMware Player.lnk
[2014/05/07 15:51:16 | 000,088,239 | ---- | C] () -- C:\Users\Barry Chapman\Documents\martin aff doc.pdf
[2014/05/07 15:43:46 | 002,744,977 | ---- | C] () -- C:\Users\Barry Chapman\Documents\Gary Martin closing package.pdf
[2014/05/07 11:24:13 | 000,027,554 | ---- | C] () -- C:\Users\Barry Chapman\Documents\141041 revised note.pdf
[2014/05/07 09:47:05 | 000,532,504 | ---- | C] () -- C:\Users\Barry Chapman\Documents\revised note and sd to change dates.pdf
[2014/05/07 09:16:15 | 000,024,895 | ---- | C] () -- C:\Users\Barry Chapman\Documents\Old Republic Synovus letter.pdf
[2014/05/06 16:39:15 | 000,534,254 | ---- | C] () -- C:\Users\Barry Chapman\Documents\Tillman revised note & sd.pdf
[2014/05/06 09:09:30 | 000,063,248 | ---- | C] () -- C:\Windows\SysWow64\picn1120.ssm
[2014/05/05 17:43:05 | 000,005,432 | ---- | C] () -- C:\Windows\pixcache.ini
[2014/05/05 16:54:47 | 000,002,501 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat 7.0 Standard.lnk
[2014/05/05 16:54:47 | 000,002,459 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Distiller 7.0.lnk
[2014/05/05 16:54:47 | 000,002,039 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Acrobat 7.0 Standard.lnk
[2014/05/05 16:15:18 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_point64_01011.Wdf
[2014/05/05 16:12:32 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_dc3d_01011.Wdf
[2014/05/05 14:53:30 | 000,001,534 | ---- | C] () -- C:\Users\Barry Chapman\Desktop\Landtech XML.lnk
[2014/05/05 14:44:31 | 000,000,519 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2014/05/05 14:44:25 | 000,002,781 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start Pervasive PSQL Workgroup Engine.lnk
[2014/05/05 14:35:58 | 000,013,839 | ---- | C] () -- C:\Users\Barry Chapman\Documents\141000.pdf
[2014/05/05 11:45:19 | 000,037,861 | ---- | C] () -- C:\Users\Barry Chapman\AppData\Roaming\Comma Separated Values (Windows).ADR
[2014/05/05 10:49:21 | 000,000,580 | ---- | C] () -- C:\Users\Public\Desktop\Medlin Accounting.lnk
[2014/05/05 10:24:34 | 000,001,808 | ---- | C] () -- C:\Users\Public\Desktop\Quicken Deluxe 2014.lnk
[2014/05/05 10:24:06 | 000,000,126 | ---- | C] () -- C:\Windows\QUICKEN.INI
[2014/05/04 03:06:18 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2014/05/03 16:21:08 | 000,001,161 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2014/05/03 16:21:08 | 000,001,149 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/05/03 16:10:33 | 000,001,007 | ---- | C] () -- C:\Users\Public\Desktop\WinRAR.lnk
[2014/05/03 15:41:59 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2014/05/03 13:38:12 | 000,061,678 | ---- | C] () -- C:\Users\Barry Chapman\AppData\Roaming\PFP120JPR.{PB
[2014/05/03 13:38:12 | 000,012,358 | ---- | C] () -- C:\Users\Barry Chapman\AppData\Roaming\PFP120JCM.{PB
[2014/05/03 13:30:41 | 000,000,125 | ---- | C] () -- C:\Windows\SetScan.ini
[2014/05/03 13:17:14 | 000,002,607 | ---- | C] () -- C:\Users\Barry Chapman\Desktop\WordPerfect.lnk
[2014/05/02 16:23:30 | 000,002,334 | ---- | C] () -- C:\Users\Barry Chapman\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/05/02 16:23:30 | 000,002,310 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/05/02 16:12:54 | 000,000,912 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/05/02 16:12:54 | 000,000,908 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/05/02 15:31:58 | 000,001,409 | ---- | C] () -- C:\Users\Barry Chapman\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/05/02 15:25:20 | 000,001,415 | ---- | C] () -- C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/05/02 15:18:02 | 000,001,975 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Help Documentation.lnk
[2014/05/02 15:17:44 | 000,000,290 | ---- | C] () -- C:\Users\Barry Chapman\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2014/05/02 15:17:44 | 000,000,272 | ---- | C] () -- C:\Users\Barry Chapman\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2014/03/22 04:08:50 | 019,587,072 | ---- | C] () -- C:\Windows\SysWow64\igdfcl32.dll
[2014/03/22 04:08:50 | 000,241,152 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2014/03/22 04:08:50 | 000,109,056 | ---- | C] () -- C:\Windows\SysWow64\igdail32.dll
[2014/03/21 13:42:49 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2013/05/11 05:17:52 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
========== ZeroAccess Check ==========
[2014/05/20 18:36:38 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/24 22:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/24 22:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2014/05/14 15:48:40 | 000,000,000 | ---D | M] -- C:\Users\Barry Chapman\AppData\Roaming\BitTorrent
[2014/05/03 13:53:55 | 000,000,000 | ---D | M] -- C:\Users\Barry Chapman\AppData\Roaming\Canon Electronics
[2014/05/16 08:33:26 | 000,000,000 | ---D | M] -- C:\Users\Barry Chapman\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2014/05/20 17:52:11 | 000,000,000 | ---D | M] -- C:\Users\Barry Chapman\AppData\Roaming\ISIS Drivers
[2014/05/02 15:25:33 | 000,000,000 | ---D | M] -- C:\Users\Barry Chapman\AppData\Roaming\Leadertech
[2014/05/20 17:26:37 | 000,000,000 | ---D | M] -- C:\Users\Barry Chapman\AppData\Roaming\Opera Software
[2014/05/06 10:10:41 | 000,000,000 | ---D | M] -- C:\Users\Barry Chapman\AppData\Roaming\Oracle
[2014/05/04 18:11:07 | 000,000,000 | ---D | M] -- C:\Users\Barry Chapman\AppData\Roaming\PCDr
[2014/05/23 07:41:53 | 000,000,000 | ---D | M] -- C:\Users\Barry Chapman\AppData\Roaming\QuickScan
[2014/05/21 11:27:06 | 000,000,000 | ---D | M] -- C:\Users\Barry Chapman\AppData\Roaming\TuneUp Software
[2014/05/20 17:52:15 | 000,000,000 | ---D | M] -- C:\Users\Barry Chapman\AppData\Roaming\wi_upd
========== Purity Check ==========
< End of report >
brchapman
2014-05-27, 17:22
Here's the Extras file:
OTL Extras logfile created on: 5/27/2014 9:56:00 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Barry Chapman\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17041)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
11.92 Gb Total Physical Memory | 9.16 Gb Available Physical Memory | 76.88% Memory free
23.84 Gb Paging File | 20.92 Gb Available in Paging File | 87.75% Paging File free
Paging file location(s): ?:\pagefile.sys
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 441.06 Gb Total Space | 373.55 Gb Free Space | 84.69% Space Free | Partition Type: NTFS
Drive E: | 465.76 Gb Total Space | 445.11 Gb Free Space | 95.57% Space Free | Partition Type: NTFS
Drive Y: | 24.67 Gb Total Space | 14.20 Gb Free Space | 57.59% Space Free | Partition Type: NTFS
Computer Name: BARRYSNEW | User Name: Barry Chapman | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[b]64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-670280924-550259233-2201882432-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02C52ADA-F7F9-4C6E-8A8C-B7D757FDE1C8}" = rport=139 | protocol=6 | dir=out | app=system |
"{1436ECE1-A3DD-418E-A644-45CC18276134}" = lport=138 | protocol=17 | dir=in | app=system |
"{17C1B1B9-D25B-4D53-A228-8C866A1D1950}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{1F103D52-7A68-4AFC-A054-736024F3DE01}" = rport=445 | protocol=6 | dir=out | app=system |
"{274EC9CA-17D5-4510-995F-88E1F8308B2B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{28835DB4-A842-4552-BB1B-C20952B4997C}" = rport=137 | protocol=17 | dir=out | app=system |
"{31ECFF31-BB3D-4F4F-8E2C-8C73729D595D}" = lport=445 | protocol=6 | dir=in | app=system |
"{35F63BE7-3F92-493F-BE2A-B20186805D7A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{482EC901-06F0-42F9-8D75-4DB660E27BB8}" = lport=139 | protocol=6 | dir=in | app=system |
"{4BAEB164-45F5-470F-914D-AA854775D325}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{643526CF-0C7D-4415-B8A5-7C542C669EEC}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{7124136F-21DF-4A45-9B09-0A05B0BD3CD8}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{739D16E0-F677-4D00-B6DA-3535CDC53409}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{7B6370D6-66BA-48DB-A8C2-3088EDC10B85}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{9A683F8C-9887-4778-85D1-B9B8883A0AAC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A21435E0-E6D3-48EC-AF04-7C8070EA7EF9}" = rport=138 | protocol=17 | dir=out | app=system |
"{B4CB2CA9-7C40-4CC9-8253-D90D97C8C887}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C48234D7-891A-4D9D-B2E9-4F4DD768DB24}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CEB04216-C143-4A2A-A49C-E47BA48E7965}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{DDF4B81F-A96B-44E1-BA69-1831B13B3F12}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{DEFD6B7B-A25B-40CA-9572-FE88207F3F07}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E989FE69-824C-42F4-9E6C-08FF10736834}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{FC292D5D-EEFA-40B5-B321-6535751BAA51}" = lport=137 | protocol=17 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{055617C7-03EE-484A-9A82-D0789938FDA3}" = dir=in | app=c:\program files (x86)\vmware\vmware player\vmware-authd.exe |
"{0D3E3C34-4E49-489B-9837-50DAB01372E4}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{0DEFBA21-4454-40F7-BC90-141CC1336E86}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{231B8FAF-4B97-4B50-B1FA-63EBA70C1099}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{2AAFEFB9-7709-40C9-80F9-7C6D63B0A534}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{4581E7DF-A984-401A-B3A5-7C7327829A8C}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{75E438DD-8712-4F85-877D-0A523FDCF490}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{88DAD500-42FF-4B70-A936-B13D30BE0046}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{9753A171-9CAD-43E3-BB7D-0DFB0E8DFD9F}" = dir=in | app=c:\program files (x86)\vmware\vmware player\vmware-authd.exe |
"{9B0FB172-671C-414A-A7B5-541E19590F2B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{AC19239E-4510-4EE5-85DB-AE73D8C9B5EE}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe |
"{AE27E0CE-50D8-43C5-8C57-8C93E6EEDF11}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{B5B977D8-6974-4C23-860E-C3FC7BEB3005}" = protocol=6 | dir=in | app=c:\program files (x86)\pervasive software\psql\bin\w3dbsmgr.exe |
"{B795DAD7-7A2E-4D16-8735-9B738EB44B1C}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe |
"{D56B5BE7-7A4E-4BE0-A14D-C1CC827EEC1A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E460D64D-919E-4249-8D41-3C6852BFE71D}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{EDA06360-7C81-46FE-A770-6E9E7CDB145E}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{F27AD313-9A3D-4ECF-B55F-19283A2D5D79}" = protocol=17 | dir=in | app=c:\program files (x86)\pervasive software\psql\bin\w3dbsmgr.exe |
"{F6BC580B-F650-4281-AE30-186F8E6FEEBB}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"TCP Query User{B2E66777-48E3-4496-9EE4-9C7E14F334DA}C:\program files (x86)\pervasive software\psql\bin\w3dbsmgr.exe" = protocol=6 | dir=in | app=c:\program files (x86)\pervasive software\psql\bin\w3dbsmgr.exe |
"UDP Query User{F2DF2244-2D79-4418-9951-E2F3E894BF88}C:\program files (x86)\pervasive software\psql\bin\w3dbsmgr.exe" = protocol=17 | dir=in | app=c:\program files (x86)\pervasive software\psql\bin\w3dbsmgr.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B8B7B39-179F-47F8-A7AC-63D9C433A567}" = Intel(R) Rapid Storage Technology
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23D2AFC7-C01E-4413-9D9A-0BABF52569BF}" = Microsoft Mouse and Keyboard Center
"{26A24AE4-039D-4CA4-87B4-2F86417055FF}" = Java 7 Update 55 (64-bit)
"{409CB30E-E457-4008-9B1A-ED1B9EA21140}" = Intel(R) Rapid Storage Technology
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{89AFB053-A343-46EF-97E4-D593AD7184E6}" = Intel® Trusted Connect Service Client
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{A1F2E701-F148-4359-84CF-4CDA51FDF55F}" = VmciSockets
"{A84A4FB1-D703-48DB-89E0-68B6499D2801}" = Qualcomm Atheros Bluetooth Suite (64)
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F7A70D00-F283-45C8-B163-49EC365D7E27}" = DSC/AA Factory Installer
"Microsoft Mouse and Keyboard Center" = Microsoft Mouse and Keyboard Center
"PC-Doctor for Windows" = My Dell
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03A9F528-A754-460F-B2C1-AC125A147114}" = Dell Digital Delivery
"{0877F595-254F-45F4-991D-3F72E86B17CE}" = Quicken 2014
"{09AAA659-ACF9-47B3-B362-C216693C7A11}" = Canon DR-2580C Driver
"{0A3238D7-AB32-1030-B717-F3E3F18B4A8C}" = Pervasive PSQL v10 SP3 Workgroup (32-bit)
"{0ECFCB07-9BFE-4970-ACA1-D568D982760B}" = Complete Care Business Service Agreement
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell Backup and Recovery
"{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}" = iSEEK AnswerWorks English Runtime
"{1BBE4C53-634B-44B3-8693-314ED6260557}" = Adobe Flash Player 13 ActiveX
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217055FF}" = Java 7 Update 55
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Dell WLAN and Bluetooth Client Installation
"{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}" = Banctec Service Agreement
"{50600275-223D-455E-959E-DCA40A037B7B}" = CapturePerfect 3.1
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}" = Realtek Card Reader
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{90140000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{903679E8-44C8-4C07-9600-05C92654FC50}" = QualxServ Service Agreement
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A79B3745-665C-11D6-AF01-0010B5A02D6F}" = Kyocera Address Book for Network FAX
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell Backup and Recovery - Support Software
"{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}" = Dell Home Systems Service Agreement
"{AC76BA86-1033-F400-BA7E-100000000002}" = Adobe Acrobat 7.0 Standard - English, Français, Deutsch
"{AC76BA86-7AD7-FFFF-7B44-AB0000000001}" = Adobe Reader XI (11.0.06) MUI
"{ADEE751B-09AE-4DA7-9658-DCF90E8F9ED7}" = Adobe Flash Player 13 Plugin
"{AEB719FD-EDB0-43E9-B524-90F97C1E6499}" = System Update kb70007
"{AF19F291-F22F-4798-9662-525305AE9E48}" = WordPerfect Office 12
"{AF809A35-F15C-47EC-B21A-E1A62D4FC7DC}" = CapturePerfect 3.0 Help & Manual
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{C33AA6D6-F5EC-48F3-AFDC-8141345D473A}" = Premium Service Agreement
"{D1D4D7EA-62B8-4665-9FF7-02A91B925CC9}" = Google+ Auto Backup
"{E452E727-86B8-4233-8CC3-41FD817AFAFF}" = VMware Player
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EF85FEF4-EB92-4075-A6D2-5F519BB30A2C}" = Accidental Damage Services Agreement
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F47C37A4-7189-430A-B81D-739FF8A7A554}" = Consumer In-Home Service Agreement
"Adobe Acrobat 7.0 Standard - EFG - V" = Adobe Acrobat 7.1.4 Standard - English, Français, Deutsch
"Adobe Acrobat 7.0 Standard - EFG - V_714" = Adobe Acrobat 7.1.4 - CPSID_50030
"Adobe Acrobat 7.0 Standard - English, Français, Deutsch - V" = Adobe Acrobat 7.1.2 Standard - English, Français, Deutsch
"Backblaze" = Backblaze
"DR-2580C Driver" = Canon DR-2580C Driver
"DR-2580C Job Tool" = DR-2580C Job Tool
"ERUNT_is1" = ERUNT 1.1j
"Google Chrome" = Google Chrome
"Medlin Accounting Shareware_is1" = Medlin Accounting
"Medlin Payroll_is1" = Medlin Payroll
"Mozilla Firefox 29.0 (x86 en-US)" = Mozilla Firefox 29.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSC" = McAfee LiveSafe – Internet Security
"Office14.STANDARD" = Microsoft Office Standard 2010
"Picasa 3" = Picasa 3
"VMware_Player" = VMware Player
"WinRAR archiver" = WinRAR 5.00 (32-bit)
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 5/27/2014 7:46:46 AM | Computer Name = BarrysNew | Source = Chrome | ID = 1
Description =
Error - 5/27/2014 7:47:02 AM | Computer Name = BarrysNew | Source = Chrome | ID = 1
Description =
Error - 5/27/2014 7:47:18 AM | Computer Name = BarrysNew | Source = Chrome | ID = 1
Description =
Error - 5/27/2014 7:59:08 AM | Computer Name = BarrysNew | Source = Application Error | ID = 1000
Description = Faulting application name: mbam.exe, version: 1.0.0.500, time stamp:
0x533d8de2 Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp:
0x4df2be1e Exception code: 0x40000015 Fault offset: 0x0008d6fd Faulting process id:
0x5a4 Faulting application start time: 0x01cf79a3075d351d Faulting application path:
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe Faulting module path:
C:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll Report Id: 4e692b12-e596-11e3-b064-afc890ab93b6
Error - 5/27/2014 8:00:05 AM | Computer Name = BarrysNew | Source = WinMgmt | ID = 10
Description =
Error - 5/27/2014 8:00:34 AM | Computer Name = BarrysNew | Source = Application Error | ID = 1000
Description = Faulting application name: mbam.exe, version: 1.0.0.500, time stamp:
0x533d8de2 Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp:
0x4df2be1e Exception code: 0x40000015 Fault offset: 0x0008d6fd Faulting process id:
0x78c Faulting application start time: 0x01cf79a33aec636d Faulting application path:
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe Faulting module path:
C:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll Report Id: 81a76a98-e596-11e3-b064-afc890ab93b6
Error - 5/27/2014 8:53:40 AM | Computer Name = BarrysNew | Source = WinMgmt | ID = 10
Description =
Error - 5/27/2014 8:55:00 AM | Computer Name = BarrysNew | Source = MsiInstaller | ID = 11311
Description =
Error - 5/27/2014 9:05:45 AM | Computer Name = BarrysNew | Source = Application Error | ID = 1000
Description = Faulting application name: mbam.exe, version: 1.0.0.532, time stamp:
0x53518532 Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp:
0x4df2be1e Exception code: 0x40000015 Fault offset: 0x0008d6fd Faulting process id:
0xaa0 Faulting application start time: 0x01cf79ac5d6a265d Faulting application path:
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe Faulting module path:
C:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll Report Id: 9c92df27-e59f-11e3-848b-142d271ccbca
Error - 5/27/2014 9:22:29 AM | Computer Name = BarrysNew | Source = Application Error | ID = 1000
Description = Faulting application name: mbam.exe, version: 1.0.0.532, time stamp:
0x53518532 Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp:
0x4df2be1e Exception code: 0x40000015 Fault offset: 0x0008d6fd Faulting process id:
0x2a38 Faulting application start time: 0x01cf79aeb489ed46 Faulting application path:
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe Faulting module path:
C:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll Report Id: f36c9b59-e5a1-11e3-848b-142d271ccbca
[ Media Center Events ]
Error - 5/25/2014 7:58:00 AM | Computer Name = BarrysNew | Source = MCUpdate | ID = 0
Description = 7:58:00 AM - Error connecting to the internet. 7:58:00 AM - Unable
to contact server..
Error - 5/25/2014 7:58:27 AM | Computer Name = BarrysNew | Source = MCUpdate | ID = 0
Description = 7:58:09 AM - Error connecting to the internet. 7:58:09 AM - Unable
to contact server..
[ System Events ]
Error - 5/27/2014 7:58:43 AM | Computer Name = BarrysNew | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068
Error - 5/27/2014 7:58:43 AM | Computer Name = BarrysNew | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068
Error - 5/27/2014 7:58:43 AM | Computer Name = BarrysNew | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068
Error - 5/27/2014 7:58:43 AM | Computer Name = BarrysNew | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068
Error - 5/27/2014 7:58:43 AM | Computer Name = BarrysNew | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068
Error - 5/27/2014 7:58:43 AM | Computer Name = BarrysNew | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068
Error - 5/27/2014 7:58:43 AM | Computer Name = BarrysNew | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068
Error - 5/27/2014 7:58:43 AM | Computer Name = BarrysNew | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068
Error - 5/27/2014 8:02:32 AM | Computer Name = BarrysNew | Source = DCOM | ID = 10005
Description =
Error - 5/27/2014 8:02:32 AM | Computer Name = BarrysNew | Source = DCOM | ID = 10005
Description =
< End of report >
It looks like that proxy is going through China
Are you having problems with Windows Updates ?
Open OTL.exe
Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL
:OTL
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118
IE - HKU\S-1-5-21-670280924-550259233-2201882432-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-670280924-550259233-2201882432-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118
FF - prefs.js..network.proxy.type: 1user_pref("network.proxy.http", "127.0.0.1");user_pref("network.proxy.http_port", 8118);user_pref("network.proxy.ssl", "127.0.0.1");user_pref("network.proxy.ssl_port", 8118);
[2014/05/14 15:56:04 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\IdleCrawler
[2014/05/14 15:48:24 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\BitTorrent
[2014/05/15 12:49:03 | 000,450,709 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20140515-143825.backup
:Services
:Reg
:Files
ipconfig /flushdns /c
:Commands
[purity]
[resethosts]
[EMPTYJAVA]
[emptytemp]
[start explorer]
[Reboot]
Then click the Run Fix button at the top. <--Not run Scan
Let the program run unhindered, reboot when it is done
Then post the results of the log it produces
Then run a new scan with OTL and post the new log please
brchapman
2014-05-27, 18:51
Here's the post boot log. On the re-scan do you want to scan as before, i.e. all users, minimum output, etc.?
OTL Extras logfile created on: 5/27/2014 9:56:00 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Barry Chapman\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17041)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
11.92 Gb Total Physical Memory | 9.16 Gb Available Physical Memory | 76.88% Memory free
23.84 Gb Paging File | 20.92 Gb Available in Paging File | 87.75% Paging File free
Paging file location(s): ?:\pagefile.sys
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 441.06 Gb Total Space | 373.55 Gb Free Space | 84.69% Space Free | Partition Type: NTFS
Drive E: | 465.76 Gb Total Space | 445.11 Gb Free Space | 95.57% Space Free | Partition Type: NTFS
Drive Y: | 24.67 Gb Total Space | 14.20 Gb Free Space | 57.59% Space Free | Partition Type: NTFS
Computer Name: BARRYSNEW | User Name: Barry Chapman | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[b]64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-670280924-550259233-2201882432-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02C52ADA-F7F9-4C6E-8A8C-B7D757FDE1C8}" = rport=139 | protocol=6 | dir=out | app=system |
"{1436ECE1-A3DD-418E-A644-45CC18276134}" = lport=138 | protocol=17 | dir=in | app=system |
"{17C1B1B9-D25B-4D53-A228-8C866A1D1950}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{1F103D52-7A68-4AFC-A054-736024F3DE01}" = rport=445 | protocol=6 | dir=out | app=system |
"{274EC9CA-17D5-4510-995F-88E1F8308B2B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{28835DB4-A842-4552-BB1B-C20952B4997C}" = rport=137 | protocol=17 | dir=out | app=system |
"{31ECFF31-BB3D-4F4F-8E2C-8C73729D595D}" = lport=445 | protocol=6 | dir=in | app=system |
"{35F63BE7-3F92-493F-BE2A-B20186805D7A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{482EC901-06F0-42F9-8D75-4DB660E27BB8}" = lport=139 | protocol=6 | dir=in | app=system |
"{4BAEB164-45F5-470F-914D-AA854775D325}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{643526CF-0C7D-4415-B8A5-7C542C669EEC}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{7124136F-21DF-4A45-9B09-0A05B0BD3CD8}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{739D16E0-F677-4D00-B6DA-3535CDC53409}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{7B6370D6-66BA-48DB-A8C2-3088EDC10B85}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{9A683F8C-9887-4778-85D1-B9B8883A0AAC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A21435E0-E6D3-48EC-AF04-7C8070EA7EF9}" = rport=138 | protocol=17 | dir=out | app=system |
"{B4CB2CA9-7C40-4CC9-8253-D90D97C8C887}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C48234D7-891A-4D9D-B2E9-4F4DD768DB24}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CEB04216-C143-4A2A-A49C-E47BA48E7965}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{DDF4B81F-A96B-44E1-BA69-1831B13B3F12}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{DEFD6B7B-A25B-40CA-9572-FE88207F3F07}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E989FE69-824C-42F4-9E6C-08FF10736834}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{FC292D5D-EEFA-40B5-B321-6535751BAA51}" = lport=137 | protocol=17 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{055617C7-03EE-484A-9A82-D0789938FDA3}" = dir=in | app=c:\program files (x86)\vmware\vmware player\vmware-authd.exe |
"{0D3E3C34-4E49-489B-9837-50DAB01372E4}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{0DEFBA21-4454-40F7-BC90-141CC1336E86}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{231B8FAF-4B97-4B50-B1FA-63EBA70C1099}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{2AAFEFB9-7709-40C9-80F9-7C6D63B0A534}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{4581E7DF-A984-401A-B3A5-7C7327829A8C}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{75E438DD-8712-4F85-877D-0A523FDCF490}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{88DAD500-42FF-4B70-A936-B13D30BE0046}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{9753A171-9CAD-43E3-BB7D-0DFB0E8DFD9F}" = dir=in | app=c:\program files (x86)\vmware\vmware player\vmware-authd.exe |
"{9B0FB172-671C-414A-A7B5-541E19590F2B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{AC19239E-4510-4EE5-85DB-AE73D8C9B5EE}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe |
"{AE27E0CE-50D8-43C5-8C57-8C93E6EEDF11}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{B5B977D8-6974-4C23-860E-C3FC7BEB3005}" = protocol=6 | dir=in | app=c:\program files (x86)\pervasive software\psql\bin\w3dbsmgr.exe |
"{B795DAD7-7A2E-4D16-8735-9B738EB44B1C}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe |
"{D56B5BE7-7A4E-4BE0-A14D-C1CC827EEC1A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E460D64D-919E-4249-8D41-3C6852BFE71D}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{EDA06360-7C81-46FE-A770-6E9E7CDB145E}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{F27AD313-9A3D-4ECF-B55F-19283A2D5D79}" = protocol=17 | dir=in | app=c:\program files (x86)\pervasive software\psql\bin\w3dbsmgr.exe |
"{F6BC580B-F650-4281-AE30-186F8E6FEEBB}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"TCP Query User{B2E66777-48E3-4496-9EE4-9C7E14F334DA}C:\program files (x86)\pervasive software\psql\bin\w3dbsmgr.exe" = protocol=6 | dir=in | app=c:\program files (x86)\pervasive software\psql\bin\w3dbsmgr.exe |
"UDP Query User{F2DF2244-2D79-4418-9951-E2F3E894BF88}C:\program files (x86)\pervasive software\psql\bin\w3dbsmgr.exe" = protocol=17 | dir=in | app=c:\program files (x86)\pervasive software\psql\bin\w3dbsmgr.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B8B7B39-179F-47F8-A7AC-63D9C433A567}" = Intel(R) Rapid Storage Technology
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23D2AFC7-C01E-4413-9D9A-0BABF52569BF}" = Microsoft Mouse and Keyboard Center
"{26A24AE4-039D-4CA4-87B4-2F86417055FF}" = Java 7 Update 55 (64-bit)
"{409CB30E-E457-4008-9B1A-ED1B9EA21140}" = Intel(R) Rapid Storage Technology
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{89AFB053-A343-46EF-97E4-D593AD7184E6}" = Intel® Trusted Connect Service Client
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{A1F2E701-F148-4359-84CF-4CDA51FDF55F}" = VmciSockets
"{A84A4FB1-D703-48DB-89E0-68B6499D2801}" = Qualcomm Atheros Bluetooth Suite (64)
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F7A70D00-F283-45C8-B163-49EC365D7E27}" = DSC/AA Factory Installer
"Microsoft Mouse and Keyboard Center" = Microsoft Mouse and Keyboard Center
"PC-Doctor for Windows" = My Dell
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03A9F528-A754-460F-B2C1-AC125A147114}" = Dell Digital Delivery
"{0877F595-254F-45F4-991D-3F72E86B17CE}" = Quicken 2014
"{09AAA659-ACF9-47B3-B362-C216693C7A11}" = Canon DR-2580C Driver
"{0A3238D7-AB32-1030-B717-F3E3F18B4A8C}" = Pervasive PSQL v10 SP3 Workgroup (32-bit)
"{0ECFCB07-9BFE-4970-ACA1-D568D982760B}" = Complete Care Business Service Agreement
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell Backup and Recovery
"{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}" = iSEEK AnswerWorks English Runtime
"{1BBE4C53-634B-44B3-8693-314ED6260557}" = Adobe Flash Player 13 ActiveX
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217055FF}" = Java 7 Update 55
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Dell WLAN and Bluetooth Client Installation
"{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}" = Banctec Service Agreement
"{50600275-223D-455E-959E-DCA40A037B7B}" = CapturePerfect 3.1
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}" = Realtek Card Reader
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{90140000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{903679E8-44C8-4C07-9600-05C92654FC50}" = QualxServ Service Agreement
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A79B3745-665C-11D6-AF01-0010B5A02D6F}" = Kyocera Address Book for Network FAX
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell Backup and Recovery - Support Software
"{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}" = Dell Home Systems Service Agreement
"{AC76BA86-1033-F400-BA7E-100000000002}" = Adobe Acrobat 7.0 Standard - English, Français, Deutsch
"{AC76BA86-7AD7-FFFF-7B44-AB0000000001}" = Adobe Reader XI (11.0.06) MUI
"{ADEE751B-09AE-4DA7-9658-DCF90E8F9ED7}" = Adobe Flash Player 13 Plugin
"{AEB719FD-EDB0-43E9-B524-90F97C1E6499}" = System Update kb70007
"{AF19F291-F22F-4798-9662-525305AE9E48}" = WordPerfect Office 12
"{AF809A35-F15C-47EC-B21A-E1A62D4FC7DC}" = CapturePerfect 3.0 Help & Manual
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{C33AA6D6-F5EC-48F3-AFDC-8141345D473A}" = Premium Service Agreement
"{D1D4D7EA-62B8-4665-9FF7-02A91B925CC9}" = Google+ Auto Backup
"{E452E727-86B8-4233-8CC3-41FD817AFAFF}" = VMware Player
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EF85FEF4-EB92-4075-A6D2-5F519BB30A2C}" = Accidental Damage Services Agreement
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F47C37A4-7189-430A-B81D-739FF8A7A554}" = Consumer In-Home Service Agreement
"Adobe Acrobat 7.0 Standard - EFG - V" = Adobe Acrobat 7.1.4 Standard - English, Français, Deutsch
"Adobe Acrobat 7.0 Standard - EFG - V_714" = Adobe Acrobat 7.1.4 - CPSID_50030
"Adobe Acrobat 7.0 Standard - English, Français, Deutsch - V" = Adobe Acrobat 7.1.2 Standard - English, Français, Deutsch
"Backblaze" = Backblaze
"DR-2580C Driver" = Canon DR-2580C Driver
"DR-2580C Job Tool" = DR-2580C Job Tool
"ERUNT_is1" = ERUNT 1.1j
"Google Chrome" = Google Chrome
"Medlin Accounting Shareware_is1" = Medlin Accounting
"Medlin Payroll_is1" = Medlin Payroll
"Mozilla Firefox 29.0 (x86 en-US)" = Mozilla Firefox 29.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSC" = McAfee LiveSafe – Internet Security
"Office14.STANDARD" = Microsoft Office Standard 2010
"Picasa 3" = Picasa 3
"VMware_Player" = VMware Player
"WinRAR archiver" = WinRAR 5.00 (32-bit)
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 5/27/2014 7:46:46 AM | Computer Name = BarrysNew | Source = Chrome | ID = 1
Description =
Error - 5/27/2014 7:47:02 AM | Computer Name = BarrysNew | Source = Chrome | ID = 1
Description =
Error - 5/27/2014 7:47:18 AM | Computer Name = BarrysNew | Source = Chrome | ID = 1
Description =
Error - 5/27/2014 7:59:08 AM | Computer Name = BarrysNew | Source = Application Error | ID = 1000
Description = Faulting application name: mbam.exe, version: 1.0.0.500, time stamp:
0x533d8de2 Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp:
0x4df2be1e Exception code: 0x40000015 Fault offset: 0x0008d6fd Faulting process id:
0x5a4 Faulting application start time: 0x01cf79a3075d351d Faulting application path:
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe Faulting module path:
C:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll Report Id: 4e692b12-e596-11e3-b064-afc890ab93b6
Error - 5/27/2014 8:00:05 AM | Computer Name = BarrysNew | Source = WinMgmt | ID = 10
Description =
Error - 5/27/2014 8:00:34 AM | Computer Name = BarrysNew | Source = Application Error | ID = 1000
Description = Faulting application name: mbam.exe, version: 1.0.0.500, time stamp:
0x533d8de2 Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp:
0x4df2be1e Exception code: 0x40000015 Fault offset: 0x0008d6fd Faulting process id:
0x78c Faulting application start time: 0x01cf79a33aec636d Faulting application path:
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe Faulting module path:
C:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll Report Id: 81a76a98-e596-11e3-b064-afc890ab93b6
Error - 5/27/2014 8:53:40 AM | Computer Name = BarrysNew | Source = WinMgmt | ID = 10
Description =
Error - 5/27/2014 8:55:00 AM | Computer Name = BarrysNew | Source = MsiInstaller | ID = 11311
Description =
Error - 5/27/2014 9:05:45 AM | Computer Name = BarrysNew | Source = Application Error | ID = 1000
Description = Faulting application name: mbam.exe, version: 1.0.0.532, time stamp:
0x53518532 Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp:
0x4df2be1e Exception code: 0x40000015 Fault offset: 0x0008d6fd Faulting process id:
0xaa0 Faulting application start time: 0x01cf79ac5d6a265d Faulting application path:
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe Faulting module path:
C:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll Report Id: 9c92df27-e59f-11e3-848b-142d271ccbca
Error - 5/27/2014 9:22:29 AM | Computer Name = BarrysNew | Source = Application Error | ID = 1000
Description = Faulting application name: mbam.exe, version: 1.0.0.532, time stamp:
0x53518532 Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp:
0x4df2be1e Exception code: 0x40000015 Fault offset: 0x0008d6fd Faulting process id:
0x2a38 Faulting application start time: 0x01cf79aeb489ed46 Faulting application path:
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe Faulting module path:
C:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll Report Id: f36c9b59-e5a1-11e3-848b-142d271ccbca
[ Media Center Events ]
Error - 5/25/2014 7:58:00 AM | Computer Name = BarrysNew | Source = MCUpdate | ID = 0
Description = 7:58:00 AM - Error connecting to the internet. 7:58:00 AM - Unable
to contact server..
Error - 5/25/2014 7:58:27 AM | Computer Name = BarrysNew | Source = MCUpdate | ID = 0
Description = 7:58:09 AM - Error connecting to the internet. 7:58:09 AM - Unable
to contact server..
[ System Events ]
Error - 5/27/2014 7:58:43 AM | Computer Name = BarrysNew | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068
Error - 5/27/2014 7:58:43 AM | Computer Name = BarrysNew | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068
Error - 5/27/2014 7:58:43 AM | Computer Name = BarrysNew | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068
Error - 5/27/2014 7:58:43 AM | Computer Name = BarrysNew | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068
Error - 5/27/2014 7:58:43 AM | Computer Name = BarrysNew | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068
Error - 5/27/2014 7:58:43 AM | Computer Name = BarrysNew | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068
Error - 5/27/2014 7:58:43 AM | Computer Name = BarrysNew | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068
Error - 5/27/2014 7:58:43 AM | Computer Name = BarrysNew | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068
Error - 5/27/2014 8:02:32 AM | Computer Name = BarrysNew | Source = DCOM | ID = 10005
Description =
Error - 5/27/2014 8:02:32 AM | Computer Name = BarrysNew | Source = DCOM | ID = 10005
Description =
< End of report >
brchapman
2014-05-27, 19:00
Here's the new OTL scan, do you want the extras also?
OTL logfile created on: 5/27/2014 11:46:27 AM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Barry Chapman\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17041)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
11.92 Gb Total Physical Memory | 8.88 Gb Available Physical Memory | 74.49% Memory free
23.84 Gb Paging File | 20.66 Gb Available in Paging File | 86.67% Paging File free
Paging file location(s): ?:\pagefile.sys
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 441.06 Gb Total Space | 374.01 Gb Free Space | 84.80% Space Free | Partition Type: NTFS
Drive E: | 465.76 Gb Total Space | 445.11 Gb Free Space | 95.57% Space Free | Partition Type: NTFS
Drive Y: | 24.67 Gb Total Space | 14.20 Gb Free Space | 57.59% Space Free | Partition Type: NTFS
Computer Name: BARRYSNEW | User Name: Barry Chapman | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Barry Chapman\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files (x86)\Backblaze\bzbui.exe ()
PRC - C:\Program Files (x86)\Backblaze\bzserv.exe ()
PRC - C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDOnAccess.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe (SoftThinks - Dell)
PRC - C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe (SoftThinks - Dell)
PRC - C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe (SoftThinks SAS)
PRC - c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe (Dell Products, LP.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe (Atheros)
PRC - C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.)
PRC - C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.)
PRC - C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (VMware, Inc.)
PRC - C:\Program Files (x86)\Pervasive Software\PSQL\bin\w3dbsmgr.exe (Pervasive Software Inc.)
========== Modules (No Company Name) ==========
MOD - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppgooglenaclpluginchrome.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libegl.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll ()
MOD - C:\Program Files (x86)\Backblaze\bzbui.exe ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\1e5e19d119e04b93da3d45153abd60fd\System.IdentityModel.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Net.Http\d7a1bbd56dc15a29c2450b177f9468d7\System.Net.Http.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\24bf0c88c0465485f4b842df043b3f45\System.ServiceModel.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servf73e6522#\0bedc417d3c5dcb1c9a5f15dd733c556\System.ServiceModel.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\b6c7a1ca929c1b10f36b683c9f1a0517\System.Xml.Linq.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\a4b45c44490c75bc2fb22780e7ef087d\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\3fe705796c6a41d4889d9001d1c56af8\System.Xaml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\0893e0e7137e3b2da905da6216b75344\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f4f6ee0df2aa4189bf36e6335cb92761\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\a74542efbeb46445949a39026c501132\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\5cd2aee5e7c07227c694d89219688ab3\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\34b53ecafa1d7ccc7ca961d722b5d983\System.ServiceModel.Internals.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\78652b7fa68ee058bff6a118c657f565\SMDiagnostics.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\bada32953bb6b16a53d653eae23d78dc\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\dce99d8de14d8a015313db98c72552ee\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\acf97bfe2a931d4a47253b26b7218991\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\75f8bc4cf08030c4a53b6d5e0ae20046\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\bbc48ec4245e502ae19b0601d3799c9e\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\ff26cc03e6d57d8abd13b990332e67c6\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl ()
MOD - C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll ()
MOD - C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll ()
MOD - C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll ()
========== Services (SafeList) ==========
SRV:[b]64bit: - (McAPExe) -- C:\Program Files\mcafee\msc\McAPExe.exe (McAfee, Inc.)
SRV:64bit: - (mfevtp) -- C:\Windows\SysNative\mfevtps.exe (McAfee, Inc.)
SRV:64bit: - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe ()
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (mfecore) -- C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe (McAfee, Inc.)
SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (McODS) -- C:\Program Files\mcafee\virusscan\mcods.exe (McAfee, Inc.)
SRV:64bit: - (MSK80Service) -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McProxy) -- C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (mcpltsvc) -- C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McOobeSv2) -- C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNaiAnn) -- C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McMPFSvc) -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (HomeNetSvc) -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (IAStorDataMgrSvc) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV:64bit: - (RtkAudioService) -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor)
SRV:64bit: - (Intel(R) -- c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe (Intel(R) Corporation)
SRV:64bit: - (Intel(R) -- c:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
SRV:64bit: - (McAWFwk) -- c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe (McAfee, Inc.)
SRV:64bit: - (AERTFilters) -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Andrea Electronics Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (bzserv) -- C:\Program Files (x86)\Backblaze\bzserv.exe ()
SRV - (SystemUpdatekb70007) -- C:\Windows\Microsoft\SystemUpdatekb70007\WindowsUpdater.exe ()
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (SftService) -- C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe (SoftThinks SAS)
SRV - (DellDigitalDelivery) -- c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe (Dell Products, LP.)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (AtherosSvc) -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe (Windows (R) Win 7 DDK provider)
SRV - (ZAtheros Wlan Agent) -- C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe (Atheros)
SRV - (VMnetDHCP) -- C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.)
SRV - (VMware NAT Service) -- C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.)
SRV - (VMAuthdService) -- C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (VMware, Inc.)
SRV - (VMUSBArbService) -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe (VMware, Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (cfwids) -- C:\Windows\SysNative\drivers\cfwids.sys (McAfee, Inc.)
DRV:64bit: - (mfewfpk) -- C:\Windows\SysNative\drivers\mfewfpk.sys (McAfee, Inc.)
DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)
DRV:64bit: - (mfefirek) -- C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.)
DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\drivers\mfeavfk.sys (McAfee, Inc.)
DRV:64bit: - (mfeapfk) -- C:\Windows\SysNative\drivers\mfeapfk.sys (McAfee, Inc.)
DRV:64bit: - (vpcvmm) -- C:\Windows\SysNative\drivers\vpcvmm.sys (Microsoft Corporation)
DRV:64bit: - (vpcnfltr) -- C:\Windows\SysNative\drivers\vpcnfltr.sys (Microsoft Corporation)
DRV:64bit: - (vpcbus) -- C:\Windows\SysNative\drivers\vpchbus.sys (Microsoft Corporation)
DRV:64bit: - (vpcusb) -- C:\Windows\SysNative\drivers\vpcusb.sys (Microsoft Corporation)
DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation)
DRV:64bit: - (mfencrk) -- C:\Windows\SysNative\drivers\mfencrk.sys (McAfee, Inc.)
DRV:64bit: - (mfencbdc) -- C:\Windows\SysNative\drivers\mfencbdc.sys (McAfee, Inc.)
DRV:64bit: - (dc3d) -- C:\Windows\SysNative\drivers\dc3d.sys (Microsoft Corporation)
DRV:64bit: - (HipShieldK) -- C:\Windows\SysNative\drivers\HipShieldK.sys (McAfee, Inc.)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\TeeDriverx64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\drivers\iaStorA.sys (Intel Corporation)
DRV:64bit: - (iaStorF) -- C:\Windows\SysNative\drivers\iaStorF.sys (Intel Corporation)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\drivers\btath_a2dp.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\drivers\btath_hcrp.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\drivers\btath_rcp.sys (Qualcomm Atheros)
DRV:64bit: - (btath_avdt) -- C:\Windows\SysNative\drivers\btath_avdt.sys (Qualcomm Atheros)
DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\drivers\btath_flt.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\drivers\btath_lwflt.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_BUS) -- C:\Windows\SysNative\drivers\btath_bus.sys (Qualcomm Atheros)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Qualcomm Atheros Communications, Inc.)
DRV:64bit: - (iusb3hcs) -- C:\Windows\SysNative\drivers\iusb3hcs.sys (Intel Corporation)
DRV:64bit: - (iusb3xhc) -- C:\Windows\SysNative\drivers\iusb3xhc.sys (Intel Corporation)
DRV:64bit: - (iusb3hub) -- C:\Windows\SysNative\drivers\iusb3hub.sys (Intel Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (vmx86) -- C:\Windows\SysNative\drivers\vmx86.sys (VMware, Inc.)
DRV:64bit: - (vmkbd) -- C:\Windows\SysNative\drivers\VMkbd.sys (VMware, Inc.)
DRV:64bit: - (VMnetuserif) -- C:\Windows\SysNative\drivers\vmnetuserif.sys (VMware, Inc.)
DRV:64bit: - (VMnetBridge) -- C:\Windows\SysNative\drivers\vmnetbridge.sys (VMware, Inc.)
DRV:64bit: - (VMnetAdapter) -- C:\Windows\SysNative\drivers\vmnetadapter.sys (VMware, Inc.)
DRV:64bit: - (vmci) -- C:\Windows\SysNative\drivers\vmci.sys (VMware, Inc.)
DRV:64bit: - (hcmon) -- C:\Windows\SysNative\drivers\hcmon.sys (VMware, Inc.)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc60.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (SynthVid) -- C:\Windows\SysNative\drivers\VMBusVideoM.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (usbscan) -- C:\Windows\SysWOW64\drivers\usbscan.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {D81273E4-7658-47B6-8075-3D404C64D87C}
IE:64bit: - HKLM\..\SearchScopes\{D81273E4-7658-47B6-8075-3D404C64D87C}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=DCJB
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{D81273E4-7658-47B6-8075-3D404C64D87C}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=DCJB
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118
IE - HKU\S-1-5-21-670280924-550259233-2201882432-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-670280924-550259233-2201882432-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-670280924-550259233-2201882432-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-670280924-550259233-2201882432-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0
FF - prefs.js..network.proxy.type: 1user_pref("network.proxy.http", "127.0.0.1");user_pref("network.proxy.http_port", 8118);user_pref("network.proxy.ssl", "127.0.0.1");user_pref("network.proxy.ssl_port", 8118);
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2014/05/25 10:10:50 | 000,000,000 | ---D | M]
[2014/05/03 16:21:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Barry Chapman\AppData\Roaming\Mozilla\Extensions
[2014/05/03 16:29:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Barry Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\76t9nm76.default\extensions
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_1\
CHR - Extension: Google Drive = C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1\
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5019_0\
CHR - Extension: YouTube = C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\
CHR - Extension: Google Search = C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1\
CHR - Extension: Google Wallet = C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\
CHR - Extension: Gmail = C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2014/05/27 11:23:37 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Qualcomm®Atheros®)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [mcpltui_exe] C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe (McAfee, Inc.)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-670280924-550259233-2201882432-1000..\Run: [Backblaze] C:\Program Files (x86)\Backblaze\bzbui.exe ()
O4 - HKU\S-1-5-21-670280924-550259233-2201882432-1000..\Run: [updateMgr] C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: BtvStack = "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe" (Qualcomm®Atheros®)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert link target to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert selected links to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert selection to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Qualcomm®Atheros®)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.8.8.8 8.8.4.4 205.152.144.23 205.152.132.23
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{52E3D270-9F67-475E-B16A-1D6443366E50}: DhcpNameServer = 8.8.8.8 8.8.4.4 205.152.144.23 205.152.132.23
O18:64bit: - Protocol\Handler\ipp - No CLSID value found
O18:64bit: - Protocol\Handler\ipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/12/15 20:52:18 | 000,000,080 | ---- | M] () - E:\Autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014/05/27 11:33:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2014/05/27 11:30:46 | 000,000,000 | R--D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2014/05/27 11:23:25 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/05/27 09:18:51 | 000,000,000 | ---D | C] -- C:\Malwarebytes' Anti-Malware
[2014/05/26 10:19:40 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\SysWow64\sqlite3.dll
[2014/05/25 10:38:02 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2014/05/25 10:36:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2014/05/25 10:36:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2014/05/23 08:25:39 | 000,000,000 | ---D | C] -- C:\New folder
[2014/05/23 07:48:53 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2014/05/23 07:41:53 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\QuickScan
[2014/05/22 16:20:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2014/05/22 15:37:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
[2014/05/22 15:35:36 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014/05/22 15:35:22 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014/05/22 15:35:22 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014/05/22 15:35:22 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014/05/22 15:35:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2014/05/22 10:47:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot
[2014/05/21 11:27:06 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\TuneUp Software
[2014/05/21 11:16:30 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2014/05/21 11:16:29 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\MFAData
[2014/05/21 11:16:29 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2014/05/20 14:53:08 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\Norman Malware Cleaner
[2014/05/20 12:44:27 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2014/05/19 16:42:54 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/05/19 10:55:46 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2014/05/19 10:20:13 | 000,000,000 | ---D | C] -- C:\Adobe XI Pro
[2014/05/19 08:08:57 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2014/05/19 07:54:08 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\Documents\ProcAlyzer Dumps
[2014/05/16 10:51:07 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\CrashDumps
[2014/05/16 09:39:50 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\SUPERAntiSpyware.com
[2014/05/16 09:39:36 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2014/05/16 08:33:26 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2014/05/16 08:33:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Download Assistant
[2014/05/16 08:32:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2014/05/15 11:40:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2014/05/15 11:40:14 | 000,021,040 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe
[2014/05/15 11:21:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2014/05/15 11:21:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2014/05/15 03:25:44 | 000,000,000 | R--D | C] -- C:\Users\Barry Chapman\Virtual Machines
[2014/05/15 03:06:09 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/05/15 03:06:09 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/05/14 16:16:31 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\PDF24
[2014/05/14 15:56:37 | 000,000,000 | ---D | C] -- C:\Windows\Microsoft
[2014/05/14 15:56:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSR
[2014/05/14 15:54:30 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\wi_upd
[2014/05/14 11:56:55 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\Documents\Outlook Files
[2014/05/14 10:26:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2014/05/14 10:25:54 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2014/05/14 10:22:45 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2014/05/14 10:22:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2014/05/14 10:20:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2014/05/14 10:20:23 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2014/05/14 08:30:28 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\Secunia PSI
[2014/05/14 08:30:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Secunia
[2014/05/14 05:44:33 | 000,477,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014/05/14 05:44:33 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014/05/14 05:44:11 | 003,969,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2014/05/14 05:44:11 | 001,460,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2014/05/14 05:44:10 | 005,550,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2014/05/14 05:44:10 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2014/05/14 05:44:10 | 000,722,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\objsel.dll
[2014/05/14 05:44:10 | 000,538,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\objsel.dll
[2014/05/14 05:44:10 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2014/05/14 05:44:10 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2014/05/14 05:44:09 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2014/05/14 05:44:09 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cngprovider.dll
[2014/05/14 05:44:09 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adprovider.dll
[2014/05/14 05:44:09 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\capiprovider.dll
[2014/05/14 05:44:09 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpapiprovider.dll
[2014/05/14 05:44:09 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cngprovider.dll
[2014/05/14 05:44:09 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adprovider.dll
[2014/05/14 05:44:09 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\capiprovider.dll
[2014/05/14 05:44:09 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpapiprovider.dll
[2014/05/14 05:44:09 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dimsroam.dll
[2014/05/14 05:44:09 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wincredprovider.dll
[2014/05/14 05:44:09 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dimsroam.dll
[2014/05/14 05:44:09 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wincredprovider.dll
[2014/05/14 05:44:08 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2014/05/14 05:44:08 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2014/05/13 12:17:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backblaze
[2014/05/13 12:16:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Backblaze
[2014/05/13 12:16:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Backblaze
[2014/05/13 12:02:10 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\VMware
[2014/05/13 11:18:34 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2014/05/13 11:00:12 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\VMware
[2014/05/12 20:43:13 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\.asdm
[2014/05/12 20:43:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco Systems
[2014/05/12 13:51:55 | 000,000,000 | ---D | C] -- C:\Program Files\My Lockbox
[2014/05/12 07:16:46 | 000,000,000 | -H-D | C] -- C:\.bzvol
[2014/05/09 11:38:06 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\Documents\CCWin
[2014/05/09 07:41:14 | 000,063,568 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\vmx86.sys
[2014/05/09 07:40:35 | 000,354,896 | ---- | C] (VMware, Inc.) -- C:\Windows\SysWow64\vmnetdhcp.exe
[2014/05/09 07:40:33 | 000,434,256 | ---- | C] (VMware, Inc.) -- C:\Windows\SysWow64\vmnat.exe
[2014/05/09 07:40:32 | 000,030,800 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\vmnetuserif.sys
[2014/05/09 07:40:26 | 000,943,184 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\vnetlib64.dll
[2014/05/09 07:39:45 | 000,033,360 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\VMkbd.sys
[2014/05/09 07:39:43 | 000,039,024 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\hcmon.sys
[2014/05/09 07:39:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
[2014/05/09 07:39:13 | 000,000,000 | ---D | C] -- C:\ProgramData\VMware
[2014/05/09 07:39:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VMware
[2014/05/09 07:39:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\VMware
[2014/05/09 07:38:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\VMware
[2014/05/07 09:42:51 | 000,231,552 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXDFLT.DLL
[2014/05/07 09:42:51 | 000,102,672 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXTIFFN.DLL
[2014/05/07 09:42:51 | 000,049,424 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXTHK32.DLL
[2014/05/07 09:42:51 | 000,045,328 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXSLN.DLL
[2014/05/07 09:42:51 | 000,023,152 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXPERM.DLL
[2014/05/07 09:42:51 | 000,016,048 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXLOC.DLL
[2014/05/07 09:42:51 | 000,011,968 | ---- | C] (Pixel Translations Incorporated) -- C:\Windows\SysWow64\PIXMDLLC.CPL
[2014/05/07 09:42:51 | 000,006,416 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXTHK16.DLL
[2014/05/07 09:42:50 | 000,209,168 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXNOTEN.DLL
[2014/05/07 09:42:50 | 000,074,000 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXNAMEN.DLL
[2014/05/07 09:42:50 | 000,045,328 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXRAMN.DLL
[2014/05/07 09:42:50 | 000,045,328 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXPANN.DLL
[2014/05/07 09:42:50 | 000,045,328 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXMPN.DLL
[2014/05/07 09:42:50 | 000,045,328 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXMDLGN.DLL
[2014/05/07 09:42:49 | 000,753,936 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXANNOT.DLL
[2014/05/07 09:42:49 | 000,463,120 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXJP2K.DLL
[2014/05/07 09:42:49 | 000,327,680 | ---- | C] (The University of New South Wales) -- C:\Windows\SysWow64\PIXJP2KI.DLL
[2014/05/07 09:42:49 | 000,119,056 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXJBGN.DLL
[2014/05/07 09:42:49 | 000,094,480 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXAPS.DLL
[2014/05/07 09:42:49 | 000,069,904 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXDLGN.DLL
[2014/05/07 09:42:49 | 000,057,616 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXLZWN.DLL
[2014/05/07 09:29:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Canon Electronics
[2014/05/07 09:25:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CapturePerfect 3.1
[2014/05/06 16:16:12 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\ElevatedDiagnostics
[2014/05/06 15:56:54 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\Documents\My Documents from old
[2014/05/06 13:18:22 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2014/05/06 13:12:58 | 000,152,576 | ---- | C] (Canon Electronics) -- C:\Windows\SysNative\DR25SVC.dll
[2014/05/06 13:12:46 | 000,491,792 | ---- | C] (Captiva Software Corp.) -- C:\Windows\SysWow64\qd1.dll
[2014/05/06 10:10:41 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Oracle
[2014/05/06 10:09:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2014/05/06 10:09:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2014/05/06 10:05:04 | 000,313,256 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2014/05/06 10:04:56 | 000,189,352 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2014/05/06 10:04:56 | 000,189,352 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2014/05/06 10:04:56 | 000,108,968 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2014/05/06 10:04:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/05/06 10:04:48 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2014/05/06 09:31:13 | 000,233,744 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXMDLN.DLL
[2014/05/06 09:09:30 | 000,200,704 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\twpix32.dll
[2014/05/06 09:09:30 | 000,098,304 | ---- | C] (Cornerstone Imaging, Inc.) -- C:\Windows\SysWow64\Wiaext32.dll
[2014/05/06 09:09:30 | 000,023,152 | ---- | C] (Pixel Translations Incorporated) -- C:\Windows\System\Pixperm.dll
[2014/05/06 09:09:30 | 000,021,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System\Ctl3d.dll
[2014/05/06 09:09:30 | 000,016,064 | ---- | C] (Pixel Translations Incorporated) -- C:\Windows\System\Pixloc.dll
[2014/05/06 09:09:29 | 000,231,552 | ---- | C] (Pixel Translations Incorporated) -- C:\Windows\System\Pixdflt.dll
[2014/05/06 09:06:37 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\ISIS Drivers
[2014/05/06 09:06:37 | 000,000,000 | ---D | C] -- C:\ProgramData\ISIS Drivers
[2014/05/06 09:05:28 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\Desktop\CapturePerfect 3.0
[2014/05/06 08:51:55 | 000,000,000 | ---D | C] -- C:\DR Scanner
[2014/05/06 08:43:03 | 000,000,000 | ---D | C] -- C:\DR2580C
[2014/05/06 08:37:30 | 000,096,768 | ---- | C] (Canon Electronics Inc.) -- C:\Windows\SysNative\DR25CPL.dll
[2014/05/06 08:37:30 | 000,083,456 | ---- | C] (Canon Electronics Inc.) -- C:\Windows\SysNative\CeiUSB64.dll
[2014/05/06 07:52:59 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\CompatTel
[2014/05/06 07:29:31 | 000,000,000 | ---D | C] -- C:\CapturePerfect Upgrade
[2014/05/06 03:02:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2014/05/05 17:44:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon DR-2580C
[2014/05/05 16:56:07 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\AdobeUM
[2014/05/05 16:53:00 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\spool
[2014/05/05 16:53:00 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Adobe PDF
[2014/05/05 16:24:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2014/05/05 16:24:38 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2014/05/05 16:24:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2014/05/05 16:15:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
[2014/05/05 16:15:01 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Mouse and Keyboard Center
[2014/05/05 15:50:08 | 000,000,000 | ---D | C] -- C:\HP Universal Print Driver
[2014/05/05 14:53:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Landtech XML
[2014/05/05 14:52:53 | 000,204,800 | ---- | C] (Landtech Data Corporation) -- C:\Windows\SysWow64\ltwpvsw.DLL
[2014/05/05 14:52:53 | 000,065,536 | ---- | C] (Landtech Data Corp.) -- C:\Windows\SysWow64\LTWNode.exe
[2014/05/05 14:52:53 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Landtech XML
[2014/05/05 14:44:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Pervasive Software
[2014/05/05 14:44:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pervasive Software
[2014/05/05 14:44:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pervasive
[2014/05/05 14:22:07 | 000,000,000 | ---D | C] -- C:\LTAPPS
[2014/05/05 14:18:46 | 000,000,000 | ---D | C] -- C:\Wages
[2014/05/05 14:07:17 | 000,169,600 | ---- | C] (Wintertree Software Inc.) -- C:\Windows\SysWow64\WSpell.ocx
[2014/05/05 12:36:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WP-64
[2014/05/05 12:22:16 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Help
[2014/05/05 12:22:16 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\Help
[2014/05/05 11:26:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/05/05 10:49:21 | 001,355,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvbvm50.dll
[2014/05/05 10:49:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Medlin Accounting
[2014/05/05 10:49:20 | 000,000,000 | ---D | C] -- C:\MWACCT
[2014/05/05 10:49:04 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\Programs
[2014/05/05 10:40:33 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\QuickenWindow
[2014/05/05 10:36:26 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\IsolatedStorage
[2014/05/05 10:28:28 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\Documents\Quicken
[2014/05/05 10:24:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AnswerWorks 5.0
[2014/05/05 10:24:39 | 004,169,728 | ---- | C] (Amyuni Technologies
http://www.amyuni.com) -- C:\Windows\SysWow64\cdintf400.dll
brchapman
2014-05-27, 19:03
[2014/05/05 10:24:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quicken 2014
[2014/05/05 10:24:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intuit
[2014/05/05 10:24:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Quicken
[2014/05/05 10:24:08 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Intuit
[2014/05/05 10:23:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Intuit
[2014/05/05 10:13:09 | 000,000,000 | ---D | C] -- C:\Quicken 2014
[2014/05/05 09:43:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SWF Studio
[2014/05/05 08:58:28 | 000,000,000 | -HSD | C] -- C:\Users\Barry Chapman\AppData\Local\EmieUserList
[2014/05/05 08:58:28 | 000,000,000 | -HSD | C] -- C:\Users\Barry Chapman\AppData\Local\EmieSiteList
[2014/05/05 03:10:48 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/05/05 03:10:48 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/05/05 03:10:46 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/05/05 03:10:43 | 000,586,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/05/05 03:10:43 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014/05/05 03:10:43 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/05/05 03:10:43 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/05/05 03:10:42 | 000,752,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/05/05 03:10:42 | 000,628,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/05/05 03:10:42 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/05/05 03:10:42 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/05/05 03:10:42 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/05/05 03:10:42 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/05/05 03:10:41 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/05/05 03:10:41 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/05/05 03:10:41 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/05/05 03:10:41 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/05/05 03:10:41 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/05/05 03:10:41 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/05/05 03:10:39 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/05/05 03:10:39 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/05/05 03:10:39 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/05/05 03:10:39 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/05/05 03:10:39 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/05/05 03:10:38 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014/05/05 03:10:38 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/05/05 03:10:37 | 001,967,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/05/05 03:10:36 | 002,043,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/05/05 03:10:35 | 005,784,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/05/04 03:37:17 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2014/05/04 03:37:17 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2014/05/04 03:17:29 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2014/05/04 03:06:18 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2014/05/04 03:06:18 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2014/05/04 03:06:18 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2014/05/04 03:06:18 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2014/05/03 16:58:30 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2014/05/03 16:58:30 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2014/05/03 16:58:24 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2014/05/03 16:58:24 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2014/05/03 16:58:23 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wer.dll
[2014/05/03 16:58:23 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wer.dll
[2014/05/03 16:58:22 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2014/05/03 16:58:22 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2014/05/03 16:55:43 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2014/05/03 16:55:43 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2014/05/03 16:55:42 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2014/05/03 16:55:42 | 000,572,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2014/05/03 16:55:42 | 000,553,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2014/05/03 16:55:42 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2014/05/03 16:55:42 | 000,528,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll
[2014/05/03 16:55:42 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2014/05/03 16:55:42 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2014/05/03 16:55:42 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2014/05/03 16:55:42 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2014/05/03 16:55:42 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2014/05/03 16:55:42 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2014/05/03 16:55:42 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2014/05/03 16:55:42 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2014/05/03 16:55:42 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2014/05/03 16:55:42 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2014/05/03 16:55:35 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2014/05/03 16:55:35 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2014/05/03 16:55:09 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2014/05/03 16:55:09 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2014/05/03 16:53:46 | 000,376,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2014/05/03 16:53:44 | 000,190,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2014/05/03 16:53:44 | 000,027,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2014/05/03 16:53:44 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iologmsg.dll
[2014/05/03 16:53:44 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iologmsg.dll
[2014/05/03 16:53:38 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2014/05/03 16:53:38 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2014/05/03 16:53:37 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2014/05/03 16:53:37 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2014/05/03 16:53:37 | 000,124,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2014/05/03 16:53:37 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2014/05/03 16:53:36 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2014/05/03 16:53:36 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2014/05/03 16:53:36 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2014/05/03 16:53:36 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2014/05/03 16:53:36 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2014/05/03 16:53:36 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2014/05/03 16:53:36 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2014/05/03 16:53:36 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2014/05/03 16:53:35 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2014/05/03 16:53:35 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2014/05/03 16:53:30 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2014/05/03 16:46:07 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2014/05/03 16:40:07 | 000,000,000 | ---D | C] -- C:\Office 2000
[2014/05/03 16:34:04 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\Microsoft Help
[2014/05/03 16:34:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2014/05/03 16:26:05 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\WinRAR
[2014/05/03 16:23:38 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\Macromedia
[2014/05/03 16:21:15 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Mozilla
[2014/05/03 16:21:15 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\Mozilla
[2014/05/03 16:21:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2014/05/03 16:21:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2014/05/03 16:21:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/05/03 16:10:33 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014/05/03 16:10:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014/05/03 16:10:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR
[2014/05/03 15:48:38 | 001,098,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wab32res.dll
[2014/05/03 15:48:38 | 000,886,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wab32.dll
[2014/05/03 15:40:56 | 000,000,000 | ---D | C] -- C:\Windows\Msagent
[2014/05/03 15:40:38 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Microsoft Web Folders
[2014/05/03 15:33:02 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ftsrch.dll
[2014/05/03 15:33:02 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ftsrch.dll
[2014/05/03 15:33:02 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ftlx041e.dll
[2014/05/03 15:33:02 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ftlx041e.dll
[2014/05/03 15:33:02 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ftlx0411.dll
[2014/05/03 15:33:02 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ftlx0411.dll
[2014/05/03 14:40:10 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\Adobe
[2014/05/03 14:29:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\wp51
[2014/05/03 14:14:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FAX User Software
[2014/05/03 14:14:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kyocera
[2014/05/03 13:53:55 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Canon Electronics
[2014/05/03 13:38:36 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\Documents\Corel User Files
[2014/05/03 13:38:11 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Corel
[2014/05/03 13:31:52 | 000,021,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CTL3D.DLL
[2014/05/03 13:31:15 | 000,067,888 | ---- | C] (Canon Electronics Inc.) -- C:\Windows\SysWow64\SuStiUtl.dll
[2014/05/03 13:30:43 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\Desktop\Canon DR-2580C
[2014/05/03 13:30:41 | 000,106,496 | ---- | C] (Canon Electronics) -- C:\Windows\SysWow64\DR25SVC.dll
[2014/05/03 13:30:41 | 000,094,208 | ---- | C] (Canon Electronics Inc.) -- C:\Windows\SysWow64\DR25CPL.dll
[2014/05/03 13:30:41 | 000,036,864 | ---- | C] (Canon Electronics Inc.) -- C:\Windows\SysWow64\CeiUSB2.dll
[2014/05/03 13:30:41 | 000,014,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\usbscan.sys
[2014/05/03 13:30:38 | 000,180,224 | ---- | C] (Pegasus Imaging Corp.) -- C:\Windows\SysWow64\PIXN1120.DLL
[2014/05/03 13:30:38 | 000,176,128 | ---- | C] (Pegasus Imaging Corp.) -- C:\Windows\SysWow64\PIXN1520.DLL
[2014/05/03 13:30:38 | 000,114,688 | ---- | C] (Pegasus Imaging Corp.) -- C:\Windows\SysWow64\PIXN1320.DLL
[2014/05/03 13:30:38 | 000,051,712 | ---- | C] (Pegasus Imaging Corp.) -- C:\Windows\SysWow64\PIXN20.DLL
[2014/05/03 13:30:37 | 000,602,384 | ---- | C] (Pixel Translations Incorporated) -- C:\Windows\SysWow64\pixipdll.dll
[2014/05/03 13:30:37 | 000,155,648 | ---- | C] (Pegasus Imaging Corp.) -- C:\Windows\SysWow64\PIXN1020.DLL
[2014/05/03 13:30:36 | 000,401,484 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Msvcrtd.dll
[2014/05/03 13:30:36 | 000,221,456 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXDFLTN.DLL
[2014/05/03 13:30:36 | 000,074,000 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXLOCN.DLL
[2014/05/03 13:30:36 | 000,053,520 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXPERMN.DLL
[2014/05/03 13:30:36 | 000,000,000 | ---D | C] -- C:\Windows\PIXTRAN
[2014/05/03 13:30:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Canon Electronics
[2014/05/03 13:30:31 | 000,306,688 | ---- | C] (InstallShield Software Corporation) -- C:\Windows\IsUninst.exe
[2014/05/03 13:17:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WordPerfect Office 12
[2014/05/03 13:16:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Borland Shared
[2014/05/03 13:14:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WordPerfect Office 12
[2014/05/03 13:14:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Corel
[2014/05/03 12:01:21 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\PCDr
[2014/05/02 20:32:20 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2014/05/02 20:32:20 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2014/05/02 20:32:20 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2014/05/02 20:32:12 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2014/05/02 20:32:12 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2014/05/02 20:32:12 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2014/05/02 20:32:05 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2014/05/02 20:32:05 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2014/05/02 19:50:51 | 000,197,704 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\HipShieldK.sys
[2014/05/02 16:23:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/05/02 16:12:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2014/05/02 16:12:46 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\Google
[2014/05/02 16:10:13 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\Diagnostics
[2014/05/02 15:58:33 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\Apps
[2014/05/02 15:58:32 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\Deployment
[2014/05/02 15:45:07 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Opera Software
[2014/05/02 15:45:07 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\Opera Software
[2014/05/02 15:45:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera
[2014/05/02 15:42:10 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Macromedia
[2014/05/02 15:26:33 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Intel Corporation
[2014/05/02 15:25:54 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Dell
[2014/05/02 15:25:50 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\BMExplorer
[2014/05/02 15:25:49 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\Documents\Bluetooth Folder
[2014/05/02 15:25:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Atheros
[2014/05/02 15:25:33 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Leadertech
[2014/05/02 15:25:31 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Atheros
[2014/05/02 15:25:20 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Adobe
[2014/05/02 15:25:19 | 000,000,000 | R--D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014/05/02 15:25:19 | 000,000,000 | R--D | C] -- C:\Users\Barry Chapman\Searches
[2014/05/02 15:25:19 | 000,000,000 | R--D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014/05/02 15:25:19 | 000,000,000 | -H-D | C] -- C:\Users\Barry Chapman\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2014/05/02 15:25:10 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Identities
[2014/05/02 15:25:08 | 000,000,000 | R--D | C] -- C:\Users\Barry Chapman\Contacts
[2014/05/02 15:25:07 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\VirtualStore
[2014/05/02 15:23:34 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\softthinks
[2014/05/02 15:23:34 | 000,000,000 | ---D | C] -- C:\ProgramData\softthinks
[2014/05/02 15:17:44 | 000,000,000 | --SD | C] -- C:\Users\Barry Chapman\AppData\Roaming\Microsoft
[2014/05/02 15:17:44 | 000,000,000 | R--D | C] -- C:\Users\Barry Chapman\Videos
[2014/05/02 15:17:44 | 000,000,000 | R--D | C] -- C:\Users\Barry Chapman\Saved Games
[2014/05/02 15:17:44 | 000,000,000 | R--D | C] -- C:\Users\Barry Chapman\Pictures
[2014/05/02 15:17:44 | 000,000,000 | R--D | C] -- C:\Users\Barry Chapman\Music
[2014/05/02 15:17:44 | 000,000,000 | R--D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/05/02 15:17:44 | 000,000,000 | R--D | C] -- C:\Users\Barry Chapman\Links
[2014/05/02 15:17:44 | 000,000,000 | R--D | C] -- C:\Users\Barry Chapman\Favorites
[2014/05/02 15:17:44 | 000,000,000 | R--D | C] -- C:\Users\Barry Chapman\Downloads
[2014/05/02 15:17:44 | 000,000,000 | R--D | C] -- C:\Users\Barry Chapman\Documents
[2014/05/02 15:17:44 | 000,000,000 | R--D | C] -- C:\Users\Barry Chapman\Desktop
[2014/05/02 15:17:44 | 000,000,000 | R--D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/05/02 15:17:44 | 000,000,000 | -HSD | C] -- C:\Users\Barry Chapman\AppData\Local\Temporary Internet Files
[2014/05/02 15:17:44 | 000,000,000 | -HSD | C] -- C:\Users\Barry Chapman\Templates
[2014/05/02 15:17:44 | 000,000,000 | -HSD | C] -- C:\Users\Barry Chapman\Start Menu
[2014/05/02 15:17:44 | 000,000,000 | -HSD | C] -- C:\Users\Barry Chapman\SendTo
[2014/05/02 15:17:44 | 000,000,000 | -HSD | C] -- C:\Users\Barry Chapman\Recent
[2014/05/02 15:17:44 | 000,000,000 | -HSD | C] -- C:\Users\Barry Chapman\PrintHood
[2014/05/02 15:17:44 | 000,000,000 | -HSD | C] -- C:\Users\Barry Chapman\NetHood
[2014/05/02 15:17:44 | 000,000,000 | -HSD | C] -- C:\Users\Barry Chapman\Documents\My Videos
[2014/05/02 15:17:44 | 000,000,000 | -HSD | C] -- C:\Users\Barry Chapman\Documents\My Pictures
[2014/05/02 15:17:44 | 000,000,000 | -HSD | C] -- C:\Users\Barry Chapman\Documents\My Music
[2014/05/02 15:17:44 | 000,000,000 | -HSD | C] -- C:\Users\Barry Chapman\My Documents
[2014/05/02 15:17:44 | 000,000,000 | -HSD | C] -- C:\Users\Barry Chapman\Local Settings
[2014/05/02 15:17:44 | 000,000,000 | -HSD | C] -- C:\Users\Barry Chapman\AppData\Local\History
[2014/05/02 15:17:44 | 000,000,000 | -HSD | C] -- C:\Users\Barry Chapman\Cookies
[2014/05/02 15:17:44 | 000,000,000 | -HSD | C] -- C:\Users\Barry Chapman\Application Data
[2014/05/02 15:17:44 | 000,000,000 | -HSD | C] -- C:\Users\Barry Chapman\AppData\Local\Application Data
[2014/05/02 15:17:44 | 000,000,000 | -H-D | C] -- C:\Users\Barry Chapman\AppData
[2014/05/02 15:17:44 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\Temp
[2014/05/02 15:17:44 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\Microsoft
[2014/05/02 15:17:44 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Media Center Programs
========== Files - Modified Within 30 Days ==========
[2014/05/27 11:37:50 | 000,021,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/05/27 11:37:50 | 000,021,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/05/27 11:36:12 | 000,791,990 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/05/27 11:36:12 | 000,670,374 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/05/27 11:36:12 | 000,125,196 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/05/27 11:29:31 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/05/27 11:29:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/05/27 11:29:10 | 1008,427,006 | -HS- | M] () -- C:\hiberfil.sys
[2014/05/27 11:23:37 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2014/05/27 11:07:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/05/27 10:55:01 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/05/27 10:44:00 | 000,219,894 | ---- | M] () -- C:\Users\Barry Chapman\Documents\141042 revised hud 5-26.pdf
[2014/05/27 09:13:14 | 001,440,846 | ---- | M] () -- C:\Program Files (x86)\mbam-chameleon-1.62.1.1000.zip
[2014/05/25 11:49:58 | 000,004,447 | ---- | M] () -- C:\Users\Barry Chapman\Desktop\attach.zip
[2014/05/25 11:38:01 | 000,000,512 | ---- | M] () -- C:\Users\Barry Chapman\Desktop\MBR.dat
[2014/05/25 10:52:48 | 000,004,315 | ---- | M] () -- C:\Users\Barry Chapman\Desktop\attach.rar
[2014/05/25 10:37:03 | 000,001,159 | ---- | M] () -- C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2014/05/25 10:36:53 | 000,000,960 | ---- | M] () -- C:\Users\Barry Chapman\Desktop\ERUNT.lnk
[2014/05/23 09:52:06 | 000,201,978 | ---- | M] () -- C:\Users\Barry Chapman\Documents\141046 PRELIMINARY HUD.pdf
[2014/05/23 07:52:39 | 000,033,334 | ---- | M] () -- C:\ProgramData\1400845954.bdinstall.bin
[2014/05/23 07:52:28 | 000,000,189 | ---- | M] () -- C:\ProgramData\1400845920.2208.bin
[2014/05/23 07:52:24 | 000,002,061 | ---- | M] () -- C:\ProgramData\1400845920.2284.bin
[2014/05/23 07:52:14 | 000,039,641 | ---- | M] () -- C:\ProgramData\1400845920.2200.bin
[2014/05/23 07:48:44 | 624,028,561 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014/05/23 07:44:29 | 000,000,965 | ---- | M] () -- C:\ProgramData\1400845426.13472.bin
[2014/05/23 07:44:27 | 000,043,785 | ---- | M] () -- C:\ProgramData\1400845426.14224.bin
[2014/05/23 07:44:03 | 000,002,062 | ---- | M] () -- C:\ProgramData\1400845426.13672.bin
[2014/05/23 07:42:32 | 000,044,557 | ---- | M] () -- C:\ProgramData\1400845313.bdinstall.bin
[2014/05/22 15:48:56 | 000,042,188 | ---- | M] () -- C:\Users\Barry Chapman\Documents\141050 revised contract.pdf
[2014/05/22 15:35:06 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014/05/22 15:35:06 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014/05/22 15:35:06 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014/05/22 15:35:06 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014/05/22 15:20:40 | 000,103,981 | ---- | M] () -- C:\Users\Barry Chapman\Documents\141050 signed contract.pdf
[2014/05/22 13:23:30 | 000,051,706 | ---- | M] () -- C:\Windows\SysWow64\bddel.dat
[2014/05/22 13:12:59 | 000,202,050 | ---- | M] () -- C:\Users\Barry Chapman\Documents\141042 REVISED HUD.pdf
[2014/05/22 10:49:21 | 000,001,434 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2014/05/21 16:21:32 | 000,037,861 | ---- | M] () -- C:\Users\Barry Chapman\AppData\Roaming\Comma Separated Values (Windows).ADR
[2014/05/21 15:00:00 | 000,017,064 | ---- | M] () -- C:\Users\Barry Chapman\Documents\Martinez legal description.pdf
[2014/05/21 09:17:50 | 000,002,334 | ---- | M] () -- C:\Users\Barry Chapman\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/05/21 09:17:50 | 000,002,310 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/05/20 11:11:14 | 000,024,389 | ---- | M] () -- C:\Users\Barry Chapman\Documents\141042 preliminary HUD.pdf
[2014/05/20 09:17:06 | 000,166,076 | ---- | M] () -- C:\Users\Barry Chapman\Documents\141049 HICKMAN ucc1.pdf
[2014/05/19 14:46:28 | 000,126,434 | ---- | M] () -- C:\Users\Barry Chapman\Documents\141049 REVISED HUD.pdf
[2014/05/19 14:25:33 | 000,148,676 | ---- | M] () -- C:\Users\Barry Chapman\Documents\141049 HUD & LEGAL DESCR.pdf
[2014/05/19 14:11:04 | 000,129,944 | ---- | M] () -- C:\Users\Barry Chapman\Documents\141051 HUD.pdf
[2014/05/19 09:55:20 | 000,009,944 | ---- | M] () -- C:\Users\Barry Chapman\Documents\Clayton Homes Invoice-Turbide.pdf
[2014/05/16 11:13:50 | 000,111,023 | ---- | M] () -- C:\Users\Barry Chapman\Documents\Bunche Stree contract.pdf
[2014/05/15 11:40:19 | 000,000,656 | ---- | M] () -- C:\Windows\tasks\Check for updates (Spybot - Search & Destroy).job
[2014/05/15 11:40:19 | 000,000,628 | ---- | M] () -- C:\Windows\tasks\Refresh immunization (Spybot - Search & Destroy).job
[2014/05/15 11:40:19 | 000,000,458 | ---- | M] () -- C:\Windows\tasks\Scan the system (Spybot - Search & Destroy).job
[2014/05/15 11:36:53 | 000,000,085 | ---- | M] () -- C:\Windows\wininit.ini
[2014/05/14 15:27:56 | 000,002,453 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
[2014/05/14 15:14:45 | 000,494,176 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/05/14 15:08:15 | 000,001,520 | ---- | M] () -- C:\Users\Public\Documents\AcStd7_1_0.ini
[2014/05/14 14:39:51 | 000,129,908 | ---- | M] () -- C:\Users\Barry Chapman\Documents\Wiggins hud.pdf
[2014/05/14 11:41:08 | 000,001,186 | ---- | M] () -- C:\Users\Barry Chapman\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2014/05/14 08:36:30 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/05/14 08:36:30 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/05/13 15:37:53 | 000,125,914 | ---- | M] () -- C:\Users\Barry Chapman\Documents\141044 PREL HUD.pdf
[2014/05/13 12:25:15 | 000,144,192 | ---- | M] () -- C:\Users\Barry Chapman\Documents\141046 tax cert and plat.pdf
[2014/05/13 11:38:10 | 034,209,792 | ---- | M] () -- C:\Users\Barry Chapman\Desktop\CHAPMA11_20140505-2014-05-13.QDF-backup
[2014/05/13 11:13:54 | 000,007,605 | ---- | M] () -- C:\Users\Barry Chapman\AppData\Local\resmon.resmoncfg
[2014/05/13 10:04:35 | 000,000,000 | ---- | M] () -- C:\Users\Barry Chapman\AppData\Local\{89B78C50-3F1E-4624-B5B6-B21F413891C7}
[2014/05/13 09:04:13 | 000,025,833 | ---- | M] () -- C:\Users\Barry Chapman\Documents\Performance Monitor screen grab.gif
[2014/05/12 16:37:27 | 000,255,875 | ---- | M] () -- C:\Users\Barry Chapman\Documents\141046 commitment.pdf
[2014/05/12 16:26:00 | 000,010,295 | ---- | M] () -- C:\Users\Barry Chapman\Documents\141046 commitment.wpd
[2014/05/12 16:21:54 | 000,002,380 | ---- | M] () -- C:\Users\Barry Chapman\Documents\141046 DATA FILE.wpd
[2014/05/09 10:58:52 | 000,729,275 | ---- | M] () -- C:\Users\Barry Chapman\Documents\141039 signed docs.pdf
[2014/05/09 10:41:30 | 000,015,330 | ---- | M] () -- C:\Users\Barry Chapman\Documents\WIRE INSTRUCTIONS REAL ESTATE TRUST ACCT.pdf
[2014/05/09 07:41:18 | 000,001,070 | ---- | M] () -- C:\Users\Barry Chapman\Application Data\Microsoft\Internet Explorer\Quick Launch\VMware Player.lnk
[2014/05/09 07:39:33 | 000,807,106 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/05/09 07:39:32 | 000,002,187 | ---- | M] () -- C:\Users\Public\Desktop\VMware Player.lnk
[2014/05/09 02:14:03 | 000,477,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014/05/09 02:11:23 | 000,424,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014/05/07 15:51:16 | 000,088,239 | ---- | M] () -- C:\Users\Barry Chapman\Documents\martin aff doc.pdf
[2014/05/07 15:43:47 | 002,744,977 | ---- | M] () -- C:\Users\Barry Chapman\Documents\Gary Martin closing package.pdf
[2014/05/07 11:24:18 | 000,027,554 | ---- | M] () -- C:\Users\Barry Chapman\Documents\141041 revised note.pdf
[2014/05/07 09:44:56 | 000,532,504 | ---- | M] () -- C:\Users\Barry Chapman\Documents\revised note and sd to change dates.pdf
[2014/05/07 09:16:15 | 000,024,895 | ---- | M] () -- C:\Users\Barry Chapman\Documents\Old Republic Synovus letter.pdf
[2014/05/06 16:39:15 | 000,534,254 | ---- | M] () -- C:\Users\Barry Chapman\Documents\Tillman revised note & sd.pdf
[2014/05/06 13:22:33 | 000,000,125 | ---- | M] () -- C:\Windows\SetScan.ini
[2014/05/06 10:04:49 | 000,313,256 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2014/05/06 10:04:49 | 000,189,352 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2014/05/06 10:04:49 | 000,189,352 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2014/05/06 10:04:49 | 000,108,968 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2014/05/06 09:06:37 | 000,005,432 | ---- | M] () -- C:\Windows\pixcache.ini
[2014/05/05 23:00:47 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/05/05 22:10:52 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/05/05 16:54:47 | 000,002,039 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Acrobat 7.0 Standard.lnk
[2014/05/05 16:15:18 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_point64_01011.Wdf
[2014/05/05 16:12:32 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_dc3d_01011.Wdf
[2014/05/05 15:02:39 | 000,013,839 | ---- | M] () -- C:\Users\Barry Chapman\Documents\141000.pdf
[2014/05/05 14:53:30 | 000,001,534 | ---- | M] () -- C:\Users\Barry Chapman\Desktop\Landtech XML.lnk
[2014/05/05 14:52:53 | 000,204,800 | ---- | M] (Landtech Data Corporation) -- C:\Windows\SysWow64\ltwpvsw.DLL
[2014/05/05 14:52:53 | 000,065,536 | ---- | M] (Landtech Data Corp.) -- C:\Windows\SysWow64\LTWNode.exe
[2014/05/05 14:44:31 | 000,000,519 | ---- | M] () -- C:\Windows\ODBCINST.INI
[2014/05/05 14:44:25 | 000,002,781 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start Pervasive PSQL Workgroup Engine.lnk
[2014/05/05 11:17:49 | 000,000,580 | ---- | M] () -- C:\Users\Public\Desktop\Medlin Accounting.lnk
[2014/05/05 10:24:34 | 000,001,808 | ---- | M] () -- C:\Users\Public\Desktop\Quicken Deluxe 2014.lnk
[2014/05/05 10:24:31 | 000,000,126 | ---- | M] () -- C:\Windows\QUICKEN.INI
[2014/05/03 16:21:08 | 000,001,149 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/05/03 16:10:33 | 000,001,007 | ---- | M] () -- C:\Users\Public\Desktop\WinRAR.lnk
[2014/05/03 15:41:59 | 000,000,376 | ---- | M] () -- C:\Windows\ODBC.INI
[2014/05/03 13:38:12 | 000,061,678 | ---- | M] () -- C:\Users\Barry Chapman\AppData\Roaming\PFP120JPR.{PB
[2014/05/03 13:38:12 | 000,012,358 | ---- | M] () -- C:\Users\Barry Chapman\AppData\Roaming\PFP120JCM.{PB
[2014/05/03 13:17:14 | 000,002,607 | ---- | M] () -- C:\Users\Barry Chapman\Desktop\WordPerfect.lnk
[2014/05/02 15:31:58 | 000,001,409 | ---- | M] () -- C:\Users\Barry Chapman\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/05/02 15:15:22 | 000,041,450 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2014/05/02 15:15:22 | 000,041,450 | ---- | M] () -- C:\Windows\SysNative\license.rtf
========== Files Created - No Company Name ==========
[2014/05/27 10:44:00 | 000,219,894 | ---- | C] () -- C:\Users\Barry Chapman\Documents\141042 revised hud 5-26.pdf
[2014/05/27 09:25:05 | 001,440,846 | ---- | C] () -- C:\Program Files (x86)\mbam-chameleon-1.62.1.1000.zip
[2014/05/25 11:49:58 | 000,004,447 | ---- | C] () -- C:\Users\Barry Chapman\Desktop\attach.zip
[2014/05/25 11:38:01 | 000,000,512 | ---- | C] () -- C:\Users\Barry Chapman\Desktop\MBR.dat
[2014/05/25 10:52:48 | 000,004,315 | ---- | C] () -- C:\Users\Barry Chapman\Desktop\attach.rar
[2014/05/25 10:37:03 | 000,001,159 | ---- | C] () -- C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2014/05/25 10:36:53 | 000,000,960 | ---- | C] () -- C:\Users\Barry Chapman\Desktop\ERUNT.lnk
[2014/05/23 09:46:30 | 000,201,978 | ---- | C] () -- C:\Users\Barry Chapman\Documents\141046 PRELIMINARY HUD.pdf
[2014/05/23 07:52:39 | 000,033,334 | ---- | C] () -- C:\ProgramData\1400845954.bdinstall.bin
[2014/05/23 07:52:03 | 000,000,189 | ---- | C] () -- C:\ProgramData\1400845920.2208.bin
[2014/05/23 07:52:02 | 000,002,061 | ---- | C] () -- C:\ProgramData\1400845920.2284.bin
[2014/05/23 07:52:00 | 000,039,641 | ---- | C] () -- C:\ProgramData\1400845920.2200.bin
[2014/05/23 07:48:44 | 624,028,561 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2014/05/23 07:43:56 | 000,000,965 | ---- | C] () -- C:\ProgramData\1400845426.13472.bin
[2014/05/23 07:43:55 | 000,002,062 | ---- | C] () -- C:\ProgramData\1400845426.13672.bin
[2014/05/23 07:43:46 | 000,043,785 | ---- | C] () -- C:\ProgramData\1400845426.14224.bin
[2014/05/23 07:42:32 | 000,044,557 | ---- | C] () -- C:\ProgramData\1400845313.bdinstall.bin
[2014/05/22 15:48:57 | 000,042,188 | ---- | C] () -- C:\Users\Barry Chapman\Documents\141050 revised contract.pdf
[2014/05/22 15:20:41 | 000,103,981 | ---- | C] () -- C:\Users\Barry Chapman\Documents\141050 signed contract.pdf
[2014/05/22 13:22:39 | 000,051,706 | ---- | C] () -- C:\Windows\SysWow64\bddel.dat
[2014/05/22 13:12:59 | 000,202,050 | ---- | C] () -- C:\Users\Barry Chapman\Documents\141042 REVISED HUD.pdf
[2014/05/21 15:00:00 | 000,017,064 | ---- | C] () -- C:\Users\Barry Chapman\Documents\Martinez legal description.pdf
[2014/05/20 11:11:14 | 000,024,389 | ---- | C] () -- C:\Users\Barry Chapman\Documents\141042 preliminary HUD.pdf
[2014/05/20 09:17:02 | 000,166,076 | ---- | C] () -- C:\Users\Barry Chapman\Documents\141049 HICKMAN ucc1.pdf
[2014/05/19 14:46:28 | 000,126,434 | ---- | C] () -- C:\Users\Barry Chapman\Documents\141049 REVISED HUD.pdf
[2014/05/19 14:25:34 | 000,148,676 | ---- | C] () -- C:\Users\Barry Chapman\Documents\141049 HUD & LEGAL DESCR.pdf
[2014/05/19 14:11:05 | 000,129,944 | ---- | C] () -- C:\Users\Barry Chapman\Documents\141051 HUD.pdf
[2014/05/19 09:55:21 | 000,009,944 | ---- | C] () -- C:\Users\Barry Chapman\Documents\Clayton Homes Invoice-Turbide.pdf
[2014/05/16 11:15:34 | 000,111,023 | ---- | C] () -- C:\Users\Barry Chapman\Documents\Bunche Stree contract.pdf
[2014/05/15 11:40:19 | 000,000,656 | ---- | C] () -- C:\Windows\tasks\Check for updates (Spybot - Search & Destroy).job
[2014/05/15 11:40:19 | 000,000,628 | ---- | C] () -- C:\Windows\tasks\Refresh immunization (Spybot - Search & Destroy).job
[2014/05/15 11:40:19 | 000,000,458 | ---- | C] () -- C:\Windows\tasks\Scan the system (Spybot - Search & Destroy).job
[2014/05/15 11:40:16 | 000,001,446 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2014/05/15 11:40:16 | 000,001,434 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2014/05/15 11:36:51 | 000,000,085 | ---- | C] () -- C:\Windows\wininit.ini
[2014/05/14 14:43:14 | 000,129,908 | ---- | C] () -- C:\Users\Barry Chapman\Documents\Wiggins hud.pdf
[2014/05/14 14:40:55 | 000,002,453 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
[2014/05/14 14:34:35 | 000,001,520 | ---- | C] () -- C:\Users\Public\Documents\AcStd7_1_0.ini
[2014/05/14 11:41:08 | 000,001,186 | ---- | C] () -- C:\Users\Barry Chapman\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2014/05/13 15:37:54 | 000,125,914 | ---- | C] () -- C:\Users\Barry Chapman\Documents\141044 PREL HUD.pdf
[2014/05/13 12:25:15 | 000,144,192 | ---- | C] () -- C:\Users\Barry Chapman\Documents\141046 tax cert and plat.pdf
[2014/05/13 11:38:10 | 034,209,792 | ---- | C] () -- C:\Users\Barry Chapman\Desktop\CHAPMA11_20140505-2014-05-13.QDF-backup
[2014/05/13 10:04:35 | 000,000,000 | ---- | C] () -- C:\Users\Barry Chapman\AppData\Local\{89B78C50-3F1E-4624-B5B6-B21F413891C7}
[2014/05/13 09:04:13 | 000,025,833 | ---- | C] () -- C:\Users\Barry Chapman\Documents\Performance Monitor screen grab.gif
[2014/05/13 08:53:10 | 000,007,605 | ---- | C] () -- C:\Users\Barry Chapman\AppData\Local\resmon.resmoncfg
[2014/05/12 16:39:10 | 000,255,875 | ---- | C] () -- C:\Users\Barry Chapman\Documents\141046 commitment.pdf
[2014/05/12 16:26:00 | 000,010,295 | ---- | C] () -- C:\Users\Barry Chapman\Documents\141046 commitment.wpd
[2014/05/12 16:21:54 | 000,002,380 | ---- | C] () -- C:\Users\Barry Chapman\Documents\141046 DATA FILE.wpd
[2014/05/09 10:58:52 | 000,729,275 | ---- | C] () -- C:\Users\Barry Chapman\Documents\141039 signed docs.pdf
[2014/05/09 10:41:30 | 000,015,330 | ---- | C] () -- C:\Users\Barry Chapman\Documents\WIRE INSTRUCTIONS REAL ESTATE TRUST ACCT.pdf
[2014/05/09 07:41:18 | 000,001,070 | ---- | C] () -- C:\Users\Barry Chapman\Application Data\Microsoft\Internet Explorer\Quick Launch\VMware Player.lnk
[2014/05/09 07:39:32 | 000,002,187 | ---- | C] () -- C:\Users\Public\Desktop\VMware Player.lnk
[2014/05/07 15:51:16 | 000,088,239 | ---- | C] () -- C:\Users\Barry Chapman\Documents\martin aff doc.pdf
[2014/05/07 15:43:46 | 002,744,977 | ---- | C] () -- C:\Users\Barry Chapman\Documents\Gary Martin closing package.pdf
[2014/05/07 11:24:13 | 000,027,554 | ---- | C] () -- C:\Users\Barry Chapman\Documents\141041 revised note.pdf
[2014/05/07 09:47:05 | 000,532,504 | ---- | C] () -- C:\Users\Barry Chapman\Documents\revised note and sd to change dates.pdf
[2014/05/07 09:16:15 | 000,024,895 | ---- | C] () -- C:\Users\Barry Chapman\Documents\Old Republic Synovus letter.pdf
[2014/05/06 16:39:15 | 000,534,254 | ---- | C] () -- C:\Users\Barry Chapman\Documents\Tillman revised note & sd.pdf
[2014/05/06 09:09:30 | 000,063,248 | ---- | C] () -- C:\Windows\SysWow64\picn1120.ssm
[2014/05/05 17:43:05 | 000,005,432 | ---- | C] () -- C:\Windows\pixcache.ini
[2014/05/05 16:54:47 | 000,002,501 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat 7.0 Standard.lnk
[2014/05/05 16:54:47 | 000,002,459 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Distiller 7.0.lnk
[2014/05/05 16:54:47 | 000,002,039 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Acrobat 7.0 Standard.lnk
[2014/05/05 16:15:18 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_point64_01011.Wdf
[2014/05/05 16:12:32 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_dc3d_01011.Wdf
[2014/05/05 14:53:30 | 000,001,534 | ---- | C] () -- C:\Users\Barry Chapman\Desktop\Landtech XML.lnk
[2014/05/05 14:44:31 | 000,000,519 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2014/05/05 14:44:25 | 000,002,781 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start Pervasive PSQL Workgroup Engine.lnk
[2014/05/05 14:35:58 | 000,013,839 | ---- | C] () -- C:\Users\Barry Chapman\Documents\141000.pdf
[2014/05/05 11:45:19 | 000,037,861 | ---- | C] () -- C:\Users\Barry Chapman\AppData\Roaming\Comma Separated Values (Windows).ADR
[2014/05/05 10:49:21 | 000,000,580 | ---- | C] () -- C:\Users\Public\Desktop\Medlin Accounting.lnk
[2014/05/05 10:24:34 | 000,001,808 | ---- | C] () -- C:\Users\Public\Desktop\Quicken Deluxe 2014.lnk
[2014/05/05 10:24:06 | 000,000,126 | ---- | C] () -- C:\Windows\QUICKEN.INI
[2014/05/04 03:06:18 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2014/05/03 16:21:08 | 000,001,161 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2014/05/03 16:21:08 | 000,001,149 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/05/03 16:10:33 | 000,001,007 | ---- | C] () -- C:\Users\Public\Desktop\WinRAR.lnk
[2014/05/03 15:41:59 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2014/05/03 13:38:12 | 000,061,678 | ---- | C] () -- C:\Users\Barry Chapman\AppData\Roaming\PFP120JPR.{PB
[2014/05/03 13:38:12 | 000,012,358 | ---- | C] () -- C:\Users\Barry Chapman\AppData\Roaming\PFP120JCM.{PB
[2014/05/03 13:30:41 | 000,000,125 | ---- | C] () -- C:\Windows\SetScan.ini
[2014/05/03 13:17:14 | 000,002,607 | ---- | C] () -- C:\Users\Barry Chapman\Desktop\WordPerfect.lnk
[2014/05/02 16:23:30 | 000,002,334 | ---- | C] () -- C:\Users\Barry Chapman\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/05/02 16:23:30 | 000,002,310 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/05/02 16:12:54 | 000,000,912 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/05/02 16:12:54 | 000,000,908 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/05/02 15:31:58 | 000,001,409 | ---- | C] () -- C:\Users\Barry Chapman\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/05/02 15:25:20 | 000,001,415 | ---- | C] () -- C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/05/02 15:18:02 | 000,001,975 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Help Documentation.lnk
[2014/05/02 15:17:44 | 000,000,290 | ---- | C] () -- C:\Users\Barry Chapman\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2014/05/02 15:17:44 | 000,000,272 | ---- | C] () -- C:\Users\Barry Chapman\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2014/03/22 04:08:50 | 019,587,072 | ---- | C] () -- C:\Windows\SysWow64\igdfcl32.dll
[2014/03/22 04:08:50 | 000,241,152 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2014/03/22 04:08:50 | 000,109,056 | ---- | C] () -- C:\Windows\SysWow64\igdail32.dll
[2014/03/21 13:42:49 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2013/05/11 05:17:52 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
========== ZeroAccess Check ==========
[2014/05/20 18:36:38 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/24 22:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/24 22:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2014/05/03 13:53:55 | 000,000,000 | ---D | M] -- C:\Users\Barry Chapman\AppData\Roaming\Canon Electronics
[2014/05/16 08:33:26 | 000,000,000 | ---D | M] -- C:\Users\Barry Chapman\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2014/05/20 17:52:11 | 000,000,000 | ---D | M] -- C:\Users\Barry Chapman\AppData\Roaming\ISIS Drivers
[2014/05/02 15:25:33 | 000,000,000 | ---D | M] -- C:\Users\Barry Chapman\AppData\Roaming\Leadertech
[2014/05/20 17:26:37 | 000,000,000 | ---D | M] -- C:\Users\Barry Chapman\AppData\Roaming\Opera Software
[2014/05/06 10:10:41 | 000,000,000 | ---D | M] -- C:\Users\Barry Chapman\AppData\Roaming\Oracle
[2014/05/04 18:11:07 | 000,000,000 | ---D | M] -- C:\Users\Barry Chapman\AppData\Roaming\PCDr
[2014/05/23 07:41:53 | 000,000,000 | ---D | M] -- C:\Users\Barry Chapman\AppData\Roaming\QuickScan
[2014/05/21 11:27:06 | 000,000,000 | ---D | M] -- C:\Users\Barry Chapman\AppData\Roaming\TuneUp Software
[2014/05/20 17:52:15 | 000,000,000 | ---D | M] -- C:\Users\Barry Chapman\AppData\Roaming\wi_upd
========== Purity Check ==========
< End of report >
I really wanted to see the log from the fix . It looks like the proxy problem has not be resolved.
Download ComboFix from one of these locations:
Link 1 (http://download.bleepingcomputer.com/sUBs/ComboFix.exe)
Link 2 (http://www.forospyware.com/sUBs/ComboFix.exe)
* IMPORTANT !!! Save ComboFix.exe to your Desktop
Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
See this Link (http://www.bleepingcomputer.com/forums/topic114351.html) for programs that need to be disabled and instruction on how to disable them.
Remember to re-enable them when we're done.
Double click on ComboFix.exe & follow the prompts.
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
http://img.photobucket.com/albums/v706/ried7/RC1.png
Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
http://img.photobucket.com/albums/v706/ried7/RC2-1.png
Click on Yes, to continue scanning for malware.
When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
*If there is no internet connection when Combofix has completely finished then restart your computer to restore back the connections.
brchapman
2014-05-27, 20:33
Here's the Combofix log:
ComboFix 14-05-27.02 - Barry Chapman 05/27/2014 12:59:46.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.12205.8695 [GMT -4:00]
Running from: c:\users\Barry Chapman\Downloads\ComboFix.exe
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Spybot - Search and Destroy *Enabled/Updated* {20A26C15-1AF0-7CA3-9380-FAB824A7EE0D}
FW: McAfee Firewall *Disabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\1400845313.bdinstall.bin
c:\programdata\1400845426.13472.bin
c:\programdata\1400845426.13672.bin
c:\programdata\1400845426.14224.bin
c:\programdata\1400845920.2200.bin
c:\programdata\1400845920.2208.bin
c:\programdata\1400845920.2284.bin
c:\programdata\1400845954.bdinstall.bin
c:\windows\MICROSOFT
c:\windows\MICROSOFT\SystemUpdatekb70007\Installer.dll
c:\windows\MICROSOFT\SystemUpdatekb70007\InstallerLibrary.dll
c:\windows\MICROSOFT\SystemUpdatekb70007\Newtonsoft.Json.dll
c:\windows\MICROSOFT\SystemUpdatekb70007\SQLite.Interop.dll
c:\windows\MICROSOFT\SystemUpdatekb70007\System.Data.SQLite.dll
c:\windows\MICROSOFT\SystemUpdatekb70007\win32.reg
c:\windows\MICROSOFT\SystemUpdatekb70007\WindowsUpdater.exe
c:\windows\SysWow64\setup.ini
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SystemUpdatekb70007
-------\Service_SystemUpdatekb70007
.
.
((((((((((((((((((((((((( Files Created from 2014-04-27 to 2014-05-27 )))))))))))))))))))))))))))))))
.
.
2014-05-27 17:04 . 2014-05-27 17:04 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-05-27 15:23 . 2014-05-27 15:23 -------- d-----w- C:\_OTL
2014-05-27 13:18 . 2014-05-27 13:18 -------- d-----w- C:\Malwarebytes' Anti-Malware
2014-05-26 14:19 . 2010-08-30 12:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-05-25 14:36 . 2014-05-25 14:37 -------- d-----w- c:\program files (x86)\ERUNT
2014-05-25 13:09 . 2014-05-25 13:09 736952 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll
2014-05-25 12:59 . 2014-05-25 12:59 2876528 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2014-05-25 12:59 . 2014-05-25 12:59 42168 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2014-05-25 12:59 . 2014-05-25 12:59 539984 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2014-05-23 13:20 . 2014-05-20 05:26 10702536 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3456136A-31BD-44AD-AC9F-CC6C03C478DA}\mpengine.dll
2014-05-23 12:25 . 2014-05-23 12:25 -------- d-----w- C:\New folder
2014-05-22 19:35 . 2014-05-22 19:35 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-05-22 19:35 . 2014-05-22 19:35 -------- d-----w- c:\program files (x86)\Java
2014-05-22 14:47 . 2014-05-22 14:47 -------- d-----w- c:\program files (x86)\Spybot
2014-05-21 15:16 . 2014-05-21 15:16 -------- d--h--w- c:\programdata\Common Files
2014-05-21 15:16 . 2014-05-23 11:03 -------- d-----w- c:\programdata\MFAData
2014-05-20 16:44 . 2014-05-20 17:35 -------- d-----w- c:\programdata\HitmanPro
2014-05-19 20:42 . 2014-05-26 14:25 -------- d-----w- C:\AdwCleaner
2014-05-19 14:55 . 2014-05-19 14:55 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2014-05-19 14:20 . 2014-05-19 14:20 -------- d-----w- C:\Adobe XI Pro
2014-05-19 12:08 . 2014-05-20 22:24 -------- d-----w- c:\program files\SUPERAntiSpyware
2014-05-16 13:39 . 2014-05-16 13:39 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2014-05-16 12:33 . 2014-05-20 21:34 -------- d-----w- c:\program files (x86)\Adobe Download Assistant
2014-05-16 12:32 . 2014-05-19 14:19 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR
2014-05-15 15:40 . 2013-09-20 14:49 21040 ----a-w- c:\windows\system32\sdnclean64.exe
2014-05-15 15:21 . 2014-05-22 14:49 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2014-05-15 15:21 . 2014-05-22 14:51 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2
2014-05-15 07:06 . 2014-05-06 04:40 23544320 ----a-w- c:\windows\system32\mshtml.dll
2014-05-15 07:06 . 2014-05-06 03:00 84992 ----a-w- c:\windows\system32\mshtmled.dll
2014-05-15 07:06 . 2014-05-06 04:17 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-05-15 07:06 . 2014-05-06 03:07 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-05-14 19:56 . 2014-05-26 14:24 -------- d-----w- c:\program files (x86)\MSR
2014-05-14 14:25 . 2014-05-14 14:25 -------- d-----w- c:\windows\PCHEALTH
2014-05-14 14:22 . 2014-05-14 14:22 -------- d-----w- c:\program files\Microsoft Office
2014-05-14 14:22 . 2014-05-14 14:22 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2014-05-14 14:20 . 2014-05-14 14:20 -------- d-----r- C:\MSOCache
2014-05-14 12:30 . 2014-05-20 20:20 -------- d-----w- c:\program files (x86)\Secunia
2014-05-13 16:16 . 2014-05-20 21:44 -------- d-----w- c:\program files (x86)\Backblaze
2014-05-13 16:16 . 2014-05-13 16:16 -------- d-----w- c:\programdata\Backblaze
2014-05-13 00:43 . 2014-05-13 00:43 -------- d-----w- c:\program files (x86)\Cisco Systems
2014-05-12 17:51 . 2014-05-13 15:07 -------- d-----w- c:\program files\My Lockbox
2014-05-12 11:16 . 2014-05-13 16:17 -------- d-----w- C:\.bzvol
2014-05-09 11:41 . 2013-03-01 06:27 63568 ----a-w- c:\windows\system32\drivers\vmx86.sys
2014-05-09 11:40 . 2013-03-01 06:27 354896 ----a-w- c:\windows\SysWow64\vmnetdhcp.exe
2014-05-09 11:40 . 2013-03-01 06:26 434256 ----a-w- c:\windows\SysWow64\vmnat.exe
2014-05-09 11:40 . 2013-03-01 06:26 30800 ----a-w- c:\windows\system32\drivers\vmnetuserif.sys
2014-05-09 11:40 . 2013-03-01 06:27 943184 ----a-w- c:\windows\system32\vnetlib64.dll
2014-05-09 11:39 . 2013-03-01 06:26 33360 ----a-w- c:\windows\system32\drivers\VMkbd.sys
2014-05-09 11:39 . 2011-08-30 02:11 39024 ----a-w- c:\windows\system32\drivers\hcmon.sys
2014-05-09 11:39 . 2014-05-27 17:24 -------- d-----w- c:\programdata\VMware
2014-05-09 11:39 . 2014-05-09 11:39 -------- d-----w- c:\program files (x86)\VMware
2014-05-09 11:39 . 2014-05-09 11:39 -------- d-----w- c:\program files (x86)\Common Files\VMware
2014-05-09 11:38 . 2014-05-09 11:38 -------- d-----w- c:\program files\Common Files\VMware
2014-05-07 13:29 . 2014-05-07 13:29 -------- d-----w- c:\programdata\Canon Electronics
2014-05-06 17:18 . 2014-05-18 07:05 -------- d-----w- c:\windows\system32\MRT
2014-05-06 17:12 . 2012-12-17 12:56 152576 ----a-w- c:\windows\system32\DR25SVC.dll
2014-05-06 17:12 . 2009-05-13 20:08 491792 ----a-w- c:\windows\SysWow64\qd1.dll
2014-05-06 14:09 . 2014-05-06 14:09 -------- d-----w- c:\programdata\Oracle
2014-05-06 14:05 . 2014-05-06 14:04 313256 ----a-w- c:\windows\system32\javaws.exe
2014-05-06 14:04 . 2014-05-06 14:04 189352 ----a-w- c:\windows\system32\javaw.exe
2014-05-06 14:04 . 2014-05-06 14:04 189352 ----a-w- c:\windows\system32\java.exe
2014-05-06 14:04 . 2014-05-06 14:04 108968 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2014-05-06 14:04 . 2014-05-06 14:04 -------- d-----w- c:\program files\Java
2014-05-06 13:31 . 2006-05-17 01:40 233744 ----a-w- c:\windows\SysWow64\PIXMDLN.DLL
2014-05-06 13:09 . 2009-05-13 20:16 200704 ----a-w- c:\windows\SysWow64\twpix32.dll
2014-05-06 13:09 . 2009-05-13 20:05 21008 ----a-w- c:\windows\system\Ctl3d.dll
2014-05-06 13:09 . 2003-12-18 22:09 23152 ----a-w- c:\windows\system\Pixperm.dll
2014-05-06 13:09 . 2003-12-18 22:09 16064 ----a-w- c:\windows\system\Pixloc.dll
2014-05-06 13:09 . 1998-04-13 17:13 98304 ----a-w- c:\windows\SysWow64\Wiaext32.dll
2014-05-06 13:09 . 2003-12-18 22:09 231552 ----a-w- c:\windows\system\Pixdflt.dll
2014-05-06 13:06 . 2014-05-20 21:51 -------- d-----w- c:\programdata\ISIS Drivers
2014-05-06 12:51 . 2014-05-06 12:51 -------- d-----w- C:\DR Scanner
2014-05-06 12:43 . 2014-05-06 12:43 -------- d-----w- C:\DR2580C
2014-05-06 12:37 . 2008-11-11 23:00 96768 ----a-w- c:\windows\system32\DR25CPL.dll
2014-05-06 12:37 . 2007-04-24 11:53 83456 ----a-w- c:\windows\system32\CeiUSB64.dll
2014-05-06 11:52 . 2014-05-20 22:19 -------- d-s---w- c:\windows\system32\CompatTel
2014-05-06 11:29 . 2014-05-07 13:22 -------- d-----w- C:\CapturePerfect Upgrade
2014-05-06 07:02 . 2014-05-06 07:02 -------- d-----w- c:\program files (x86)\MSXML 4.0
2014-05-05 20:53 . 2014-05-20 22:03 -------- d-----w- c:\windows\SysWow64\spool
2014-05-05 20:24 . 2014-05-20 21:51 -------- d-----w- c:\program files\Microsoft Silverlight
2014-05-05 20:24 . 2014-05-20 21:45 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2014-05-05 20:15 . 2014-05-20 21:51 -------- d-----w- c:\program files\Microsoft Mouse and Keyboard Center
2014-05-05 19:50 . 2014-05-05 19:53 -------- d-----w- C:\HP Universal Print Driver
2014-05-05 18:52 . 2014-05-05 18:52 65536 ----a-w- c:\windows\SysWow64\LTWNode.exe
2014-05-05 18:52 . 2014-05-05 18:52 204800 ----a-w- c:\windows\SysWow64\ltwpvsw.DLL
2014-05-05 18:44 . 2014-05-05 18:44 -------- d-----w- c:\programdata\Pervasive Software
2014-05-05 18:44 . 2014-05-05 18:44 -------- d-----w- c:\program files (x86)\Pervasive Software
2014-05-05 18:22 . 2014-05-20 21:44 -------- d-----w- C:\LTAPPS
2014-05-05 18:18 . 2014-05-05 18:18 -------- d-----w- C:\Wages
2014-05-05 18:07 . 2001-06-01 18:17 169600 ----a-w- c:\windows\SysWow64\WSpell.ocx
2014-05-05 15:26 . 2014-05-05 15:26 -------- d-----w- c:\programdata\Malwarebytes
2014-05-05 14:49 . 1998-05-12 00:01 1355776 ----a-w- c:\windows\SysWow64\msvbvm50.dll
2014-05-05 14:49 . 2014-05-25 16:10 -------- d-----w- C:\MWACCT
2014-05-05 14:24 . 2014-05-20 21:44 -------- d-----w- c:\program files (x86)\Common Files\AnswerWorks 5.0
2014-05-05 14:24 . 2009-05-12 19:14 4169728 ----a-w- c:\windows\SysWow64\cdintf400.dll
2014-05-05 14:24 . 2014-05-05 14:24 -------- d-----w- c:\program files (x86)\Common Files\Intuit
2014-05-05 14:24 . 2014-05-20 21:46 -------- d-----w- c:\program files (x86)\Quicken
2014-05-05 14:23 . 2014-05-05 14:23 -------- d-----w- c:\programdata\Intuit
2014-05-05 14:13 . 2014-05-20 21:52 -------- d-----w- C:\Quicken 2014
2014-05-05 13:54 . 2008-05-07 23:59 99840 ----a-w- c:\windows\system32\Spool\prtprocs\x64\HPZPPLHN.DLL
2014-05-05 13:43 . 2014-05-05 13:43 -------- d-----w- c:\program files (x86)\Common Files\SWF Studio
2014-05-05 07:06 . 2014-05-05 07:06 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2014-05-04 07:37 . 2014-05-20 22:03 -------- d-----w- c:\windows\SysWow64\Wat
2014-05-04 07:37 . 2014-05-20 22:02 -------- d-----w- c:\windows\system32\Wat
2014-05-04 07:17 . 2014-05-04 07:17 -------- d-----w- c:\windows\Migration
2014-05-04 07:06 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2014-05-04 07:06 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2014-05-04 07:06 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2014-05-04 07:06 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2014-05-04 07:06 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2014-05-04 07:06 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2014-05-04 07:06 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2014-05-03 20:55 . 2014-02-07 01:23 3156480 ----a-w- c:\windows\system32\win32k.sys
2014-05-03 20:53 . 2013-11-26 11:40 376768 ----a-w- c:\windows\system32\drivers\netio.sys
2014-05-03 20:46 . 2014-05-03 20:46 -------- d-----w- c:\windows\system32\appmgmt
2014-05-03 20:40 . 2014-05-14 15:55 -------- d-----w- C:\Office 2000
2014-05-03 20:34 . 2014-05-22 20:23 -------- d-----w- c:\programdata\Microsoft Help
2014-05-03 20:21 . 2014-05-20 21:45 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2014-05-03 19:48 . 2009-07-14 01:41 886784 ----a-w- c:\windows\system32\wab32.dll
2014-05-03 19:48 . 2009-07-14 01:33 1098752 ----a-w- c:\windows\system32\wab32res.dll
2014-05-03 19:40 . 2014-05-20 21:55 -------- d-----w- c:\windows\Msagent
2014-05-03 19:33 . 2009-08-04 17:56 296960 ----a-w- c:\windows\winhlp32.exe
2014-05-03 19:33 . 2009-08-04 17:55 195072 ----a-w- c:\windows\SysWow64\ftsrch.dll
2014-05-03 19:33 . 2009-08-04 17:55 195072 ----a-w- c:\windows\system32\ftsrch.dll
2014-05-03 19:33 . 2009-08-04 17:55 9216 ----a-w- c:\windows\SysWow64\ftlx0411.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-14 12:36 . 2014-03-21 17:36 70832 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-14 12:36 . 2014-03-21 17:36 692400 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-04-15 06:34 . 2014-04-15 06:34 1070232 ----a-w- c:\windows\SysWow64\MSCOMCTL.OCX
2014-04-03 21:23 . 2012-11-08 22:40 70592 ----a-w- c:\windows\system32\drivers\cfwids.sys
2014-04-03 21:16 . 2012-11-08 22:37 346760 ----a-w- c:\windows\system32\drivers\mfewfpk.sys
2014-04-03 21:15 . 2014-03-21 17:52 189912 ----a-w- c:\windows\system32\mfevtps.exe
2014-04-03 21:10 . 2012-11-08 22:35 784760 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2014-04-03 21:08 . 2012-11-08 22:34 522360 ----a-w- c:\windows\system32\drivers\mfefirek.sys
2014-04-03 21:06 . 2012-11-08 22:34 311856 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2014-04-03 21:03 . 2012-11-08 22:33 177544 ----a-w- c:\windows\system32\drivers\mfeapfk.sys
2014-03-31 13:35 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-03-22 08:21 . 2014-03-22 08:21 360832 ----a-w- c:\windows\system32\drivers\vpcvmm.sys
2014-03-22 08:21 . 2014-03-22 08:21 936448 ----a-w- c:\windows\system32\vmsal.exe
2014-03-22 08:21 . 2014-03-22 08:21 793600 ----a-w- c:\windows\SysWow64\vmsal.exe
2014-03-22 08:21 . 2014-03-22 08:21 59392 ----a-w- c:\windows\system32\drivers\vpcnfltr.sys
2014-03-22 08:21 . 2014-03-22 08:21 562176 ----a-w- c:\windows\system32\VMCPropertyHandler.dll
2014-03-22 08:21 . 2014-03-22 08:21 4514816 ----a-w- c:\windows\system32\vpc.exe
2014-03-22 08:21 . 2014-03-22 08:21 2264064 ----a-w- c:\windows\system32\VPCWizard.exe
2014-03-22 08:21 . 2014-03-22 08:21 1369600 ----a-w- c:\windows\system32\VPCSettings.exe
2014-03-22 08:21 . 2014-03-22 08:21 1210368 ----a-w- c:\windows\system32\VMWindow.exe
2014-03-22 08:21 . 2014-03-22 08:21 95232 ----a-w- c:\windows\system32\drivers\vpcusb.sys
2014-03-22 08:21 . 2014-03-22 08:21 194944 ----a-w- c:\windows\system32\drivers\vpchbus.sys
2014-03-22 08:21 . 2014-03-22 08:21 15872 ----a-w- c:\windows\system32\vpchbuspipe.dll
2014-03-22 08:21 . 2014-03-22 08:21 86528 ----a-w- c:\windows\SysWow64\SearchFilterHost.exe
2014-03-22 08:21 . 2014-03-22 08:21 778752 ----a-w- c:\windows\system32\mssvp.dll
2014-03-22 08:21 . 2014-03-22 08:21 75264 ----a-w- c:\windows\system32\msscntrs.dll
2014-03-22 08:21 . 2014-03-22 08:21 666624 ----a-w- c:\windows\SysWow64\mssvp.dll
2014-03-22 08:21 . 2014-03-22 08:21 59392 ----a-w- c:\windows\SysWow64\msscntrs.dll
2014-03-22 08:21 . 2014-03-22 08:21 591872 ----a-w- c:\windows\system32\SearchIndexer.exe
2014-03-22 08:21 . 2014-03-22 08:21 491520 ----a-w- c:\windows\system32\mssph.dll
2014-03-22 08:21 . 2014-03-22 08:21 427520 ----a-w- c:\windows\SysWow64\SearchIndexer.exe
2014-03-22 08:21 . 2014-03-22 08:21 337408 ----a-w- c:\windows\SysWow64\mssph.dll
2014-03-22 08:21 . 2014-03-22 08:21 288256 ----a-w- c:\windows\system32\mssphtb.dll
2014-03-22 08:21 . 2014-03-22 08:21 249856 ----a-w- c:\windows\system32\SearchProtocolHost.exe
2014-03-22 08:21 . 2014-03-22 08:21 2315776 ----a-w- c:\windows\system32\tquery.dll
2014-03-22 08:21 . 2014-03-22 08:21 2223616 ----a-w- c:\windows\system32\mssrch.dll
2014-03-22 08:21 . 2014-03-22 08:21 197120 ----a-w- c:\windows\SysWow64\mssphtb.dll
2014-03-22 08:21 . 2014-03-22 08:21 164352 ----a-w- c:\windows\SysWow64\SearchProtocolHost.exe
2014-03-22 08:21 . 2014-03-22 08:21 1549312 ----a-w- c:\windows\SysWow64\tquery.dll
2014-03-22 08:21 . 2014-03-22 08:21 1401344 ----a-w- c:\windows\SysWow64\mssrch.dll
2014-03-22 08:21 . 2014-03-22 08:21 113664 ----a-w- c:\windows\system32\SearchFilterHost.exe
2014-03-22 08:21 . 2014-03-22 08:21 859648 ----a-w- c:\windows\system32\IKEEXT.DLL
2014-03-22 08:21 . 2014-03-22 08:21 830464 ----a-w- c:\windows\system32\nshwfp.dll
2014-03-22 08:21 . 2014-03-22 08:21 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2014-03-22 08:21 . 2014-03-22 08:21 656896 ----a-w- c:\windows\SysWow64\nshwfp.dll
2014-03-22 08:21 . 2014-03-22 08:21 46080 ----a-w- c:\windows\system32\atmlib.dll
2014-03-22 08:21 . 2014-03-22 08:21 41472 ----a-w- c:\windows\system32\lpk.dll
2014-03-22 08:21 . 2014-03-22 08:21 368128 ----a-w- c:\windows\system32\atmfd.dll
2014-03-22 08:21 . 2014-03-22 08:21 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2014-03-22 08:21 . 2014-03-22 08:21 324096 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2014-03-22 08:21 . 2014-03-22 08:21 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2014-03-22 08:21 . 2014-03-22 08:21 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2014-03-22 08:21 . 2014-03-22 08:21 216576 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
2014-03-22 08:21 . 2014-03-22 08:21 197120 ----a-w- c:\windows\system32\credui.dll
2014-03-22 08:21 . 2014-03-22 08:21 190464 ----a-w- c:\windows\system32\SmartcardCredentialProvider.dll
2014-03-22 08:21 . 2014-03-22 08:21 168960 ----a-w- c:\windows\SysWow64\credui.dll
2014-03-22 08:21 . 2014-03-22 08:21 152576 ----a-w- c:\windows\SysWow64\SmartcardCredentialProvider.dll
2014-03-22 08:21 . 2014-03-22 08:21 1474048 ----a-w- c:\windows\system32\crypt32.dll
2014-03-22 08:21 . 2014-03-22 08:21 14336 ----a-w- c:\windows\system32\dciman32.dll
2014-03-22 08:21 . 2014-03-22 08:21 1168384 ----a-w- c:\windows\SysWow64\crypt32.dll
2014-03-22 08:21 . 2014-03-22 08:21 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2014-03-22 08:21 . 2014-03-22 08:21 100864 ----a-w- c:\windows\system32\fontsub.dll
2014-03-22 08:21 . 2014-03-22 08:21 81920 ----a-w- c:\windows\SysWow64\davclnt.dll
2014-03-22 08:21 . 2014-03-22 08:21 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2014-03-22 08:21 . 2014-03-22 08:21 6656 ----a-w- c:\windows\system32\apisetschema.dll
2014-03-22 08:21 . 2014-03-22 08:21 6144 ---ha-w- c:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2014-03-22 08:21 . 2014-03-22 08:21 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-03-22 08:21 . 2014-03-22 08:21 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2014-03-22 08:21 . 2014-03-22 08:21 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-03-22 08:21 . 2014-03-22 08:21 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2014-03-22 08:21 . 2014-03-22 08:21 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2014-03-22 08:21 . 2014-03-22 08:21 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-03-22 08:21 . 2014-03-22 08:21 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-03-22 08:21 . 2014-03-22 08:21 43520 ----a-w- c:\windows\system32\csrsrv.dll
2014-03-22 08:21 . 2014-03-22 08:21 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-03-22 08:21 . 2014-03-22 08:21 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2014-03-22 08:21 . 2014-03-22 08:21 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2014-03-22 08:21 . 2014-03-22 08:21 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2014-03-22 08:21 . 2014-03-22 08:21 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2014-03-22 08:21 . 2014-03-22 08:21 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-03-22 08:21 . 2014-03-22 08:21 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-03-22 08:21 . 2014-03-22 08:21 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-03-22 08:21 . 2014-03-22 08:21 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-03-22 08:21 . 2014-03-22 08:21 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2014-03-22 08:21 . 2014-03-22 08:21 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-03-22 08:21 . 2014-03-22 08:21 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-03-22 08:21 . 2014-03-22 08:21 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2014-03-22 08:21 . 2014-03-22 08:21 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-03-22 08:21 . 2014-03-22 08:21 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2014-03-22 08:21 . 2014-03-22 08:21 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2014-03-22 08:21 . 2014-03-22 08:21 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-03-22 08:21 . 2014-03-22 08:21 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-03-22 08:21 . 2014-03-22 08:21 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-03-22 08:21 . 2014-03-22 08:21 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-03-22 08:21 . 2014-03-22 08:21 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-03-22 08:21 . 2014-03-22 08:21 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-03-22 08:21 . 2014-03-22 08:21 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-03-22 08:21 . 2014-03-22 08:21 338432 ----a-w- c:\windows\system32\conhost.exe
2014-03-22 08:21 . 2014-03-22 08:21 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2014-03-22 08:21 . 2014-03-22 08:21 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"updateMgr"="c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe" [2006-03-30 313472]
"Backblaze"="c:\program files (x86)\Backblaze\bzbui.exe" [2014-05-13 492136]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SDTray"="c:\program files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [2014-04-25 4101584]
"mcpltui_exe"="c:\program files\Common Files\McAfee\Platform\mcuicnt.exe" [2013-09-11 645168]
.
c:\users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
ERUNT AutoBackup.lnk - c:\program files (x86)\ERUNT\AUTOBACK.EXE %SystemRoot%\ERDNT\AutoBackup\#Date# /noconfirmdelete /noprogresswindow [2005-10-20 38912]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Acrobat Speed Launcher.lnk - c:\windows\Installer\{AC76BA86-1033-F400-BA7E-100000000002}\SC_Acrobat.exe [2014-5-5 25214]
Start Pervasive PSQL Workgroup Engine.lnk - c:\windows\Installer\{0A3238D7-AB32-1030-B717-F3E3F18B4A8C}\WGE.14A03FCD_EA43_4130_A5C0_F02D38895A13.exe -SRDE [2014-5-5 92854]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"DisableCAD"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"midi3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe\0bddel.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys;c:\windows\SYSNATIVE\drivers\HipShieldK.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 McAWFwk;McAfee Activation Service;c:\progra~1\COMMON~1\mcafee\actwiz\mcawfwk.exe;c:\progra~1\COMMON~1\mcafee\actwiz\mcawfwk.exe [x]
R3 mfencrk;McAfee Inc. mfencrk;c:\windows\system32\DRIVERS\mfencrk.sys;c:\windows\SYSNATIVE\DRIVERS\mfencrk.sys [x]
R3 netvsc;netvsc;c:\windows\system32\DRIVERS\netvsc60.sys;c:\windows\SYSNATIVE\DRIVERS\netvsc60.sys [x]
R3 SynthVid;SynthVid;c:\windows\system32\DRIVERS\VMBusVideoM.sys;c:\windows\SYSNATIVE\DRIVERS\VMBusVideoM.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 iaStorA;iaStorA;c:\windows\system32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\drivers\iaStorF.sys;c:\windows\SYSNATIVE\drivers\iaStorF.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys;c:\windows\SYSNATIVE\drivers\mfewfpk.sys [x]
S0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys;c:\windows\SYSNATIVE\DRIVERS\vmci.sys [x]
S1 SDHookDriver;Hook Test Driver;c:\program files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys;c:\program files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys [x]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [x]
S2 bzserv;Backblaze Service;c:\program files (x86)\Backblaze\bzserv.exe;c:\program files (x86)\Backblaze\bzserv.exe [x]
S2 DellDigitalDelivery;Dell Digital Delivery Service;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe [x]
S2 HomeNetSvc;McAfee Home Network;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 McAPExe;McAfee AP Service;c:\program files\McAfee\MSC\McAPExe.exe;c:\program files\McAfee\MSC\McAPExe.exe [x]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [x]
S2 McOobeSv2;McAfee OOBE Service2;c:\program files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [x]
S2 mcpltsvc;McAfee Platform Services;c:\program files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [x]
S2 mfecore;McAfee Anti-Malware Core;c:\program files\Common Files\McAfee\AMCore\mcshield.exe;c:\program files\Common Files\McAfee\AMCore\mcshield.exe [x]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [x]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe;c:\windows\SYSNATIVE\mfevtps.exe [x]
S2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe [x]
S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [x]
S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [x]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [x]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell Backup and Recovery\sftservice.exe;c:\program files (x86)\Dell Backup and Recovery\sftservice.exe [x]
S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [x]
S2 ZAtheros Wlan Agent;ZAtheros Wlan Agent;c:\program files (x86)\Dell Wireless\Ath_WlanAgent.exe;c:\program files (x86)\Dell Wireless\Ath_WlanAgent.exe [x]
S3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys;c:\windows\SYSNATIVE\drivers\cfwids.sys [x]
S3 dc3d;MS Hardware Device Detection Driver;c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys;c:\windows\SYSNATIVE\drivers\mfefirek.sys [x]
S3 mfencbdc;McAfee Inc. mfencbdc;c:\windows\system32\DRIVERS\mfencbdc.sys;c:\windows\SYSNATIVE\DRIVERS\mfencbdc.sys [x]
S3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-05-21 13:17 1091912 ----a-w- c:\program files (x86)\Google\Chrome\Application\35.0.1916.114\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-05-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-21 12:36]
.
2014-05-15 c:\windows\Tasks\Check for updates (Spybot - Search & Destroy).job
- c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-05-15 18:14]
.
2014-05-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-05-02 20:12]
.
2014-05-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-05-02 20:12]
.
2014-05-15 c:\windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
- c:\program files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-05-15 18:13]
.
2014-05-15 c:\windows\Tasks\Scan the system (Spybot - Search & Destroy).job
- c:\program files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-05-15 18:13]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DBARFileBackuped]
@="{831cebdd-6baf-4432-be76-9e0989c14aef}"
[HKEY_CLASSES_ROOT\CLSID\{831cebdd-6baf-4432-be76-9e0989c14aef}]
2010-11-21 03:23 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DBARFileNotBackuped]
@="{275e4fd7-21ef-45cf-a836-832e5d2cc1b3}"
[HKEY_CLASSES_ROOT\CLSID\{275e4fd7-21ef-45cf-a836-832e5d2cc1b3}]
2010-11-21 03:23 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-08-11 165872]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-08-11 407536]
"Persistence"="c:\windows\system32\igfxpers.exe" [2013-08-11 444400]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2013-07-27 7194840]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2013-07-29 1321688]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2013-07-30 36352]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = http=127.0.0.1:8118;https=127.0.0.1:8118
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Convert link target to Adobe PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert to existing PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 8.8.8.8 8.8.4.4 205.152.144.23 205.152.132.23
FF - ProfilePath - c:\users\Barry Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\76t9nm76.default\
FF - prefs.js: network.proxy.ssl_port - 8118
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Toolbar-Locked - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.13"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe
c:\windows\SysWOW64\vmnat.exe
c:\program files (x86)\VMware\VMware Player\vmware-authd.exe
c:\windows\SysWOW64\vmnetdhcp.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Completion time: 2014-05-27 13:29:23 - machine was rebooted
ComboFix-quarantined-files.txt 2014-05-27 17:29
.
Pre-Run: 401,124,175,872 bytes free
Post-Run: 400,572,882,944 bytes free
.
- - End Of File - - 5B6B3561063F4A3860330BE71BB71871
5C616939100B85E558DA92B899A0FC36
Hi,
I need you to read my instructions before you proceed with anything I ask you to do, we spend a great deal of time on these programs making sure that they run ok and do no damage to your system
Running from: c:\users\Barry Chapman\Downloads\ComboFix.exe <-- The instructions said to run Combofix from your desktop
* IMPORTANT !!! Save ComboFix.exe to your Desktop
Go ahead and run a new scan with OTL and post the log, you only get the extras log on the first run
brchapman
2014-05-27, 23:02
Here's the latest OTL; (btw, I had a heck of a time getting combofix to download and operate. By the time I got it to work at all, the download to desktop was forgotten-sorry)
OTL logfile created on: 5/27/2014 3:54:00 PM - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Barry Chapman\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17041)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
11.92 Gb Total Physical Memory | 8.68 Gb Available Physical Memory | 72.82% Memory free
23.84 Gb Paging File | 20.47 Gb Available in Paging File | 85.87% Paging File free
Paging file location(s): ?:\pagefile.sys
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 441.06 Gb Total Space | 372.64 Gb Free Space | 84.49% Space Free | Partition Type: NTFS
Computer Name: BARRYSNEW | User Name: Barry Chapman | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Barry Chapman\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files (x86)\Backblaze\bzserv.exe ()
PRC - C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe (SoftThinks SAS)
PRC - c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe (Dell Products, LP.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe (Atheros)
PRC - C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.)
PRC - C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.)
PRC - C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (VMware, Inc.)
========== Modules (No Company Name) ==========
MOD - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppgooglenaclpluginchrome.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libegl.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll ()
MOD - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ()
MOD - C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll ()
========== Services (SafeList) ==========
SRV:[b]64bit: - (McAPExe) -- C:\Program Files\mcafee\msc\McAPExe.exe (McAfee, Inc.)
SRV:64bit: - (mfevtp) -- C:\Windows\SysNative\mfevtps.exe (McAfee, Inc.)
SRV:64bit: - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe ()
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (mfecore) -- C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe (McAfee, Inc.)
SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (McODS) -- C:\Program Files\mcafee\virusscan\mcods.exe (McAfee, Inc.)
SRV:64bit: - (MSK80Service) -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McProxy) -- C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (mcpltsvc) -- C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McOobeSv2) -- C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNaiAnn) -- C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McMPFSvc) -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (HomeNetSvc) -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (IAStorDataMgrSvc) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV:64bit: - (RtkAudioService) -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor)
SRV:64bit: - (Intel(R) -- c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe (Intel(R) Corporation)
SRV:64bit: - (Intel(R) -- c:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
SRV:64bit: - (McAWFwk) -- c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe (McAfee, Inc.)
SRV:64bit: - (AERTFilters) -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Andrea Electronics Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (bzserv) -- C:\Program Files (x86)\Backblaze\bzserv.exe ()
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (SftService) -- C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe (SoftThinks SAS)
SRV - (DellDigitalDelivery) -- c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe (Dell Products, LP.)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (AtherosSvc) -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe (Windows (R) Win 7 DDK provider)
SRV - (ZAtheros Wlan Agent) -- C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe (Atheros)
SRV - (VMnetDHCP) -- C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.)
SRV - (VMware NAT Service) -- C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.)
SRV - (VMAuthdService) -- C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (VMware, Inc.)
SRV - (VMUSBArbService) -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe (VMware, Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (cfwids) -- C:\Windows\SysNative\drivers\cfwids.sys (McAfee, Inc.)
DRV:64bit: - (mfewfpk) -- C:\Windows\SysNative\drivers\mfewfpk.sys (McAfee, Inc.)
DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)
DRV:64bit: - (mfefirek) -- C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.)
DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\drivers\mfeavfk.sys (McAfee, Inc.)
DRV:64bit: - (mfeapfk) -- C:\Windows\SysNative\drivers\mfeapfk.sys (McAfee, Inc.)
DRV:64bit: - (vpcvmm) -- C:\Windows\SysNative\drivers\vpcvmm.sys (Microsoft Corporation)
DRV:64bit: - (vpcnfltr) -- C:\Windows\SysNative\drivers\vpcnfltr.sys (Microsoft Corporation)
DRV:64bit: - (vpcbus) -- C:\Windows\SysNative\drivers\vpchbus.sys (Microsoft Corporation)
DRV:64bit: - (vpcusb) -- C:\Windows\SysNative\drivers\vpcusb.sys (Microsoft Corporation)
DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation)
DRV:64bit: - (mfencrk) -- C:\Windows\SysNative\drivers\mfencrk.sys (McAfee, Inc.)
DRV:64bit: - (mfencbdc) -- C:\Windows\SysNative\drivers\mfencbdc.sys (McAfee, Inc.)
DRV:64bit: - (dc3d) -- C:\Windows\SysNative\drivers\dc3d.sys (Microsoft Corporation)
DRV:64bit: - (HipShieldK) -- C:\Windows\SysNative\drivers\HipShieldK.sys (McAfee, Inc.)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\TeeDriverx64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\drivers\iaStorA.sys (Intel Corporation)
DRV:64bit: - (iaStorF) -- C:\Windows\SysNative\drivers\iaStorF.sys (Intel Corporation)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\drivers\btath_a2dp.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\drivers\btath_hcrp.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\drivers\btath_rcp.sys (Qualcomm Atheros)
DRV:64bit: - (btath_avdt) -- C:\Windows\SysNative\drivers\btath_avdt.sys (Qualcomm Atheros)
DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\drivers\btath_flt.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\drivers\btath_lwflt.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_BUS) -- C:\Windows\SysNative\drivers\btath_bus.sys (Qualcomm Atheros)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Qualcomm Atheros Communications, Inc.)
DRV:64bit: - (iusb3hcs) -- C:\Windows\SysNative\drivers\iusb3hcs.sys (Intel Corporation)
DRV:64bit: - (iusb3xhc) -- C:\Windows\SysNative\drivers\iusb3xhc.sys (Intel Corporation)
DRV:64bit: - (iusb3hub) -- C:\Windows\SysNative\drivers\iusb3hub.sys (Intel Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (vmx86) -- C:\Windows\SysNative\drivers\vmx86.sys (VMware, Inc.)
DRV:64bit: - (vmkbd) -- C:\Windows\SysNative\drivers\VMkbd.sys (VMware, Inc.)
DRV:64bit: - (VMnetuserif) -- C:\Windows\SysNative\drivers\vmnetuserif.sys (VMware, Inc.)
DRV:64bit: - (VMnetBridge) -- C:\Windows\SysNative\drivers\vmnetbridge.sys (VMware, Inc.)
DRV:64bit: - (VMnetAdapter) -- C:\Windows\SysNative\drivers\vmnetadapter.sys (VMware, Inc.)
DRV:64bit: - (vmci) -- C:\Windows\SysNative\drivers\vmci.sys (VMware, Inc.)
DRV:64bit: - (hcmon) -- C:\Windows\SysNative\drivers\hcmon.sys (VMware, Inc.)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc60.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (SynthVid) -- C:\Windows\SysNative\drivers\VMBusVideoM.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (usbscan) -- C:\Windows\SysWOW64\drivers\usbscan.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {D81273E4-7658-47B6-8075-3D404C64D87C}
IE:64bit: - HKLM\..\SearchScopes\{D81273E4-7658-47B6-8075-3D404C64D87C}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=DCJB
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{D81273E4-7658-47B6-8075-3D404C64D87C}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=DCJB
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118
IE - HKU\S-1-5-21-670280924-550259233-2201882432-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-670280924-550259233-2201882432-1000\..\SearchScopes,DefaultScope = {D81273E4-7658-47B6-8075-3D404C64D87C}
IE - HKU\S-1-5-21-670280924-550259233-2201882432-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-670280924-550259233-2201882432-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0
FF - prefs.js..network.proxy.type: 1user_pref("network.proxy.http", "127.0.0.1");user_pref("network.proxy.http_port", 8118);user_pref("network.proxy.ssl", "127.0.0.1");user_pref("network.proxy.ssl_port", 8118);
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2014/05/25 10:10:50 | 000,000,000 | ---D | M]
[2014/05/03 16:21:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Barry Chapman\AppData\Roaming\Mozilla\Extensions
[2014/05/03 16:29:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Barry Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\76t9nm76.default\extensions
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_1\
CHR - Extension: Google Drive = C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1\
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5019_0\
CHR - Extension: YouTube = C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\
CHR - Extension: Google Search = C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1\
CHR - Extension: Google Wallet = C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\
CHR - Extension: Gmail = C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2014/05/27 13:24:18 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Qualcomm®Atheros®)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [CANON DR2580C SVC] C:\Windows\SysNative\DR25SVC.dll (Canon Electronics)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [mcpltui_exe] C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe (McAfee, Inc.)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-670280924-550259233-2201882432-1000..\Run: [Backblaze] C:\Program Files (x86)\Backblaze\bzbui.exe ()
O4 - HKU\S-1-5-21-670280924-550259233-2201882432-1000..\Run: [updateMgr] C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-670280924-550259233-2201882432-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-670280924-550259233-2201882432-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert link target to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert selected links to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert selection to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Qualcomm®Atheros®)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.8.8.8 8.8.4.4 205.152.144.23 205.152.132.23
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{52E3D270-9F67-475E-B16A-1D6443366E50}: DhcpNameServer = 8.8.8.8 8.8.4.4 205.152.144.23 205.152.132.23
O18:64bit: - Protocol\Handler\ipp - No CLSID value found
O18:64bit: - Protocol\Handler\ipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014/05/27 15:30:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2014/05/27 13:24:22 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2014/05/27 12:58:35 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2014/05/27 12:58:35 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2014/05/27 12:58:35 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2014/05/27 12:50:02 | 000,000,000 | ---D | C] -- C:\Qoobox
[2014/05/27 11:30:46 | 000,000,000 | R--D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2014/05/27 11:23:25 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/05/27 09:18:51 | 000,000,000 | ---D | C] -- C:\Malwarebytes' Anti-Malware
[2014/05/26 10:19:40 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\SysWow64\sqlite3.dll
[2014/05/25 10:38:02 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2014/05/25 10:36:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2014/05/25 10:36:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2014/05/23 08:25:39 | 000,000,000 | ---D | C] -- C:\New folder
[2014/05/23 07:48:53 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2014/05/23 07:41:53 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\QuickScan
[2014/05/22 16:20:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2014/05/22 15:37:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
[2014/05/22 15:35:36 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014/05/22 15:35:22 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014/05/22 15:35:22 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014/05/22 15:35:22 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014/05/22 15:35:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2014/05/22 10:47:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot
[2014/05/21 11:27:06 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\TuneUp Software
[2014/05/21 11:16:30 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2014/05/21 11:16:29 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\MFAData
[2014/05/21 11:16:29 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2014/05/20 14:53:08 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\Norman Malware Cleaner
[2014/05/20 12:44:27 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2014/05/19 16:42:54 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/05/19 10:55:46 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2014/05/19 10:20:13 | 000,000,000 | ---D | C] -- C:\Adobe XI Pro
[2014/05/19 08:08:57 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2014/05/19 07:54:08 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\Documents\ProcAlyzer Dumps
[2014/05/16 10:51:07 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\CrashDumps
[2014/05/16 09:39:50 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\SUPERAntiSpyware.com
[2014/05/16 09:39:36 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2014/05/16 08:33:26 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2014/05/16 08:33:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Download Assistant
[2014/05/16 08:32:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2014/05/15 11:40:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2014/05/15 11:40:14 | 000,021,040 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe
[2014/05/15 11:21:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2014/05/15 11:21:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2014/05/15 03:25:44 | 000,000,000 | R--D | C] -- C:\Users\Barry Chapman\Virtual Machines
[2014/05/15 03:06:09 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/05/15 03:06:09 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/05/14 16:16:31 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\PDF24
[2014/05/14 15:56:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSR
[2014/05/14 15:54:30 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\wi_upd
[2014/05/14 11:56:55 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\Documents\Outlook Files
[2014/05/14 10:26:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2014/05/14 10:25:54 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2014/05/14 10:22:45 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2014/05/14 10:22:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2014/05/14 10:20:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2014/05/14 10:20:23 | 000,000,000 | R--D | C] -- C:\MSOCache
[2014/05/14 08:30:28 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\Secunia PSI
[2014/05/14 08:30:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Secunia
[2014/05/14 05:44:33 | 000,477,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014/05/14 05:44:33 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014/05/14 05:44:11 | 003,969,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2014/05/14 05:44:11 | 001,460,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2014/05/14 05:44:10 | 005,550,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2014/05/14 05:44:10 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2014/05/14 05:44:10 | 000,722,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\objsel.dll
[2014/05/14 05:44:10 | 000,538,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\objsel.dll
[2014/05/14 05:44:10 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2014/05/14 05:44:10 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2014/05/14 05:44:09 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2014/05/14 05:44:09 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cngprovider.dll
[2014/05/14 05:44:09 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adprovider.dll
[2014/05/14 05:44:09 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\capiprovider.dll
[2014/05/14 05:44:09 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpapiprovider.dll
[2014/05/14 05:44:09 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cngprovider.dll
[2014/05/14 05:44:09 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adprovider.dll
[2014/05/14 05:44:09 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\capiprovider.dll
[2014/05/14 05:44:09 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpapiprovider.dll
[2014/05/14 05:44:09 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dimsroam.dll
[2014/05/14 05:44:09 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wincredprovider.dll
[2014/05/14 05:44:09 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dimsroam.dll
[2014/05/14 05:44:09 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wincredprovider.dll
[2014/05/14 05:44:08 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2014/05/14 05:44:08 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2014/05/13 12:17:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backblaze
[2014/05/13 12:16:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Backblaze
[2014/05/13 12:16:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Backblaze
[2014/05/13 12:02:10 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\VMware
[2014/05/13 11:18:34 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2014/05/13 11:00:12 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\VMware
[2014/05/12 20:43:13 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\.asdm
[2014/05/12 20:43:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco Systems
[2014/05/12 13:51:55 | 000,000,000 | ---D | C] -- C:\Program Files\My Lockbox
[2014/05/12 07:16:46 | 000,000,000 | ---D | C] -- C:\.bzvol
[2014/05/09 11:38:06 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\Documents\CCWin
[2014/05/09 07:41:14 | 000,063,568 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\vmx86.sys
[2014/05/09 07:40:35 | 000,354,896 | ---- | C] (VMware, Inc.) -- C:\Windows\SysWow64\vmnetdhcp.exe
[2014/05/09 07:40:33 | 000,434,256 | ---- | C] (VMware, Inc.) -- C:\Windows\SysWow64\vmnat.exe
[2014/05/09 07:40:32 | 000,030,800 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\vmnetuserif.sys
[2014/05/09 07:40:26 | 000,943,184 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\vnetlib64.dll
[2014/05/09 07:39:45 | 000,033,360 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\VMkbd.sys
[2014/05/09 07:39:43 | 000,039,024 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\hcmon.sys
[2014/05/09 07:39:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
[2014/05/09 07:39:13 | 000,000,000 | ---D | C] -- C:\ProgramData\VMware
[2014/05/09 07:39:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VMware
[2014/05/09 07:39:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\VMware
[2014/05/09 07:38:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\VMware
[2014/05/07 09:42:51 | 000,231,552 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXDFLT.DLL
[2014/05/07 09:42:51 | 000,102,672 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXTIFFN.DLL
[2014/05/07 09:42:51 | 000,049,424 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXTHK32.DLL
[2014/05/07 09:42:51 | 000,045,328 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXSLN.DLL
[2014/05/07 09:42:51 | 000,023,152 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXPERM.DLL
[2014/05/07 09:42:51 | 000,016,048 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXLOC.DLL
[2014/05/07 09:42:51 | 000,011,968 | ---- | C] (Pixel Translations Incorporated) -- C:\Windows\SysWow64\PIXMDLLC.CPL
[2014/05/07 09:42:51 | 000,006,416 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXTHK16.DLL
[2014/05/07 09:42:50 | 000,209,168 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXNOTEN.DLL
[2014/05/07 09:42:50 | 000,074,000 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXNAMEN.DLL
[2014/05/07 09:42:50 | 000,045,328 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXRAMN.DLL
[2014/05/07 09:42:50 | 000,045,328 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXPANN.DLL
[2014/05/07 09:42:50 | 000,045,328 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXMPN.DLL
[2014/05/07 09:42:50 | 000,045,328 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXMDLGN.DLL
[2014/05/07 09:42:49 | 000,753,936 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXANNOT.DLL
[2014/05/07 09:42:49 | 000,463,120 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXJP2K.DLL
[2014/05/07 09:42:49 | 000,327,680 | ---- | C] (The University of New South Wales) -- C:\Windows\SysWow64\PIXJP2KI.DLL
[2014/05/07 09:42:49 | 000,119,056 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXJBGN.DLL
[2014/05/07 09:42:49 | 000,094,480 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXAPS.DLL
[2014/05/07 09:42:49 | 000,069,904 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXDLGN.DLL
[2014/05/07 09:42:49 | 000,057,616 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXLZWN.DLL
[2014/05/07 09:29:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Canon Electronics
[2014/05/07 09:25:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CapturePerfect 3.1
[2014/05/06 16:16:12 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\ElevatedDiagnostics
[2014/05/06 15:56:54 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\Documents\My Documents from old
[2014/05/06 13:18:22 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2014/05/06 13:12:58 | 000,152,576 | ---- | C] (Canon Electronics) -- C:\Windows\SysNative\DR25SVC.dll
[2014/05/06 13:12:46 | 000,491,792 | ---- | C] (Captiva Software Corp.) -- C:\Windows\SysWow64\qd1.dll
[2014/05/06 10:10:41 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Oracle
[2014/05/06 10:09:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2014/05/06 10:09:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2014/05/06 10:05:04 | 000,313,256 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2014/05/06 10:04:56 | 000,189,352 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2014/05/06 10:04:56 | 000,189,352 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2014/05/06 10:04:56 | 000,108,968 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2014/05/06 10:04:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/05/06 10:04:48 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2014/05/06 09:31:13 | 000,233,744 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXMDLN.DLL
[2014/05/06 09:09:30 | 000,200,704 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\twpix32.dll
[2014/05/06 09:09:30 | 000,098,304 | ---- | C] (Cornerstone Imaging, Inc.) -- C:\Windows\SysWow64\Wiaext32.dll
[2014/05/06 09:09:30 | 000,023,152 | ---- | C] (Pixel Translations Incorporated) -- C:\Windows\System\Pixperm.dll
[2014/05/06 09:09:30 | 000,021,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System\Ctl3d.dll
[2014/05/06 09:09:30 | 000,016,064 | ---- | C] (Pixel Translations Incorporated) -- C:\Windows\System\Pixloc.dll
[2014/05/06 09:09:29 | 000,231,552 | ---- | C] (Pixel Translations Incorporated) -- C:\Windows\System\Pixdflt.dll
[2014/05/06 09:06:37 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\ISIS Drivers
[2014/05/06 09:06:37 | 000,000,000 | ---D | C] -- C:\ProgramData\ISIS Drivers
[2014/05/06 09:05:28 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\Desktop\CapturePerfect 3.0
[2014/05/06 08:51:55 | 000,000,000 | ---D | C] -- C:\DR Scanner
[2014/05/06 08:43:03 | 000,000,000 | ---D | C] -- C:\DR2580C
[2014/05/06 08:37:30 | 000,096,768 | ---- | C] (Canon Electronics Inc.) -- C:\Windows\SysNative\DR25CPL.dll
[2014/05/06 08:37:30 | 000,083,456 | ---- | C] (Canon Electronics Inc.) -- C:\Windows\SysNative\CeiUSB64.dll
[2014/05/06 07:52:59 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\CompatTel
[2014/05/06 07:29:31 | 000,000,000 | ---D | C] -- C:\CapturePerfect Upgrade
[2014/05/06 03:02:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2014/05/05 17:44:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon DR-2580C
[2014/05/05 16:56:07 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\AdobeUM
[2014/05/05 16:53:00 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\spool
[2014/05/05 16:53:00 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Adobe PDF
[2014/05/05 16:24:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2014/05/05 16:24:38 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2014/05/05 16:24:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2014/05/05 16:15:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
[2014/05/05 16:15:01 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Mouse and Keyboard Center
[2014/05/05 15:50:08 | 000,000,000 | ---D | C] -- C:\HP Universal Print Driver
[2014/05/05 14:53:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Landtech XML
[2014/05/05 14:52:53 | 000,204,800 | ---- | C] (Landtech Data Corporation) -- C:\Windows\SysWow64\ltwpvsw.DLL
[2014/05/05 14:52:53 | 000,065,536 | ---- | C] (Landtech Data Corp.) -- C:\Windows\SysWow64\LTWNode.exe
[2014/05/05 14:52:53 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Landtech XML
[2014/05/05 14:44:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Pervasive Software
[2014/05/05 14:44:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pervasive Software
[2014/05/05 14:44:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pervasive
[2014/05/05 14:22:07 | 000,000,000 | ---D | C] -- C:\LTAPPS
[2014/05/05 14:18:46 | 000,000,000 | ---D | C] -- C:\Wages
[2014/05/05 14:07:17 | 000,169,600 | ---- | C] (Wintertree Software Inc.) -- C:\Windows\SysWow64\WSpell.ocx
[2014/05/05 12:36:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WP-64
[2014/05/05 12:22:16 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Help
[2014/05/05 12:22:16 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\Help
[2014/05/05 11:26:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/05/05 10:49:21 | 001,355,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvbvm50.dll
[2014/05/05 10:49:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Medlin Accounting
[2014/05/05 10:49:20 | 000,000,000 | ---D | C] -- C:\MWACCT
[2014/05/05 10:49:04 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\Programs
[2014/05/05 10:40:33 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\QuickenWindow
[2014/05/05 10:36:26 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\IsolatedStorage
[2014/05/05 10:28:28 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\Documents\Quicken
[2014/05/05 10:24:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AnswerWorks 5.0
[2014/05/05 10:24:39 | 004,169,728 | ---- | C] (Amyuni Technolo
brchapman
2014-05-27, 23:03
Here's part 2:
http://www.amyuni.com) -- C:\Windows\SysWow64\cdintf400.dll
[2014/05/05 10:24:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quicken 2014
[2014/05/05 10:24:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intuit
[2014/05/05 10:24:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Quicken
[2014/05/05 10:24:08 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Intuit
[2014/05/05 10:23:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Intuit
[2014/05/05 10:13:09 | 000,000,000 | ---D | C] -- C:\Quicken 2014
[2014/05/05 09:43:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SWF Studio
[2014/05/05 08:58:28 | 000,000,000 | -HSD | C] -- C:\Users\Barry Chapman\AppData\Local\EmieUserList
[2014/05/05 08:58:28 | 000,000,000 | -HSD | C] -- C:\Users\Barry Chapman\AppData\Local\EmieSiteList
[2014/05/05 03:10:48 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/05/05 03:10:48 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/05/05 03:10:46 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/05/05 03:10:43 | 000,586,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/05/05 03:10:43 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014/05/05 03:10:43 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/05/05 03:10:43 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/05/05 03:10:42 | 000,752,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/05/05 03:10:42 | 000,628,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/05/05 03:10:42 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/05/05 03:10:42 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/05/05 03:10:42 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/05/05 03:10:42 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/05/05 03:10:41 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/05/05 03:10:41 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/05/05 03:10:41 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/05/05 03:10:41 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/05/05 03:10:41 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/05/05 03:10:41 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/05/05 03:10:39 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/05/05 03:10:39 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/05/05 03:10:39 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/05/05 03:10:39 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/05/05 03:10:39 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/05/05 03:10:38 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014/05/05 03:10:38 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/05/05 03:10:37 | 001,967,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/05/05 03:10:36 | 002,043,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/05/05 03:10:35 | 005,784,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/05/04 03:37:17 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2014/05/04 03:37:17 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2014/05/04 03:17:29 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2014/05/04 03:06:18 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2014/05/04 03:06:18 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2014/05/04 03:06:18 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2014/05/04 03:06:18 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2014/05/03 16:58:30 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2014/05/03 16:58:30 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2014/05/03 16:58:24 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2014/05/03 16:58:24 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2014/05/03 16:58:23 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wer.dll
[2014/05/03 16:58:23 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wer.dll
[2014/05/03 16:58:22 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2014/05/03 16:58:22 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2014/05/03 16:55:43 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2014/05/03 16:55:43 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2014/05/03 16:55:42 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2014/05/03 16:55:42 | 000,572,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2014/05/03 16:55:42 | 000,553,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2014/05/03 16:55:42 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2014/05/03 16:55:42 | 000,528,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll
[2014/05/03 16:55:42 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2014/05/03 16:55:42 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2014/05/03 16:55:42 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2014/05/03 16:55:42 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2014/05/03 16:55:42 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2014/05/03 16:55:42 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2014/05/03 16:55:42 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2014/05/03 16:55:42 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2014/05/03 16:55:42 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2014/05/03 16:55:42 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2014/05/03 16:55:35 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2014/05/03 16:55:35 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2014/05/03 16:55:09 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2014/05/03 16:55:09 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2014/05/03 16:53:46 | 000,376,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2014/05/03 16:53:44 | 000,190,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2014/05/03 16:53:44 | 000,027,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2014/05/03 16:53:44 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iologmsg.dll
[2014/05/03 16:53:44 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iologmsg.dll
[2014/05/03 16:53:38 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2014/05/03 16:53:38 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2014/05/03 16:53:37 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2014/05/03 16:53:37 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2014/05/03 16:53:37 | 000,124,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2014/05/03 16:53:37 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2014/05/03 16:53:36 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2014/05/03 16:53:36 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2014/05/03 16:53:36 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2014/05/03 16:53:36 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2014/05/03 16:53:36 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2014/05/03 16:53:36 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2014/05/03 16:53:36 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2014/05/03 16:53:36 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2014/05/03 16:53:35 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2014/05/03 16:53:35 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2014/05/03 16:53:30 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2014/05/03 16:46:07 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2014/05/03 16:40:07 | 000,000,000 | ---D | C] -- C:\Office 2000
[2014/05/03 16:34:04 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\Microsoft Help
[2014/05/03 16:34:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2014/05/03 16:26:05 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\WinRAR
[2014/05/03 16:23:38 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\Macromedia
[2014/05/03 16:21:15 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Mozilla
[2014/05/03 16:21:15 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\Mozilla
[2014/05/03 16:21:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2014/05/03 16:21:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2014/05/03 16:21:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/05/03 16:10:33 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014/05/03 16:10:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014/05/03 16:10:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR
[2014/05/03 15:48:38 | 001,098,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wab32res.dll
[2014/05/03 15:48:38 | 000,886,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wab32.dll
[2014/05/03 15:40:56 | 000,000,000 | ---D | C] -- C:\Windows\Msagent
[2014/05/03 15:40:38 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Microsoft Web Folders
[2014/05/03 15:33:02 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ftsrch.dll
[2014/05/03 15:33:02 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ftsrch.dll
[2014/05/03 15:33:02 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ftlx041e.dll
[2014/05/03 15:33:02 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ftlx041e.dll
[2014/05/03 15:33:02 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ftlx0411.dll
[2014/05/03 15:33:02 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ftlx0411.dll
[2014/05/03 14:40:10 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\Adobe
[2014/05/03 14:29:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\wp51
[2014/05/03 14:14:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FAX User Software
[2014/05/03 14:14:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kyocera
[2014/05/03 13:53:55 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Canon Electronics
[2014/05/03 13:38:36 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\Documents\Corel User Files
[2014/05/03 13:38:11 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Corel
[2014/05/03 13:31:52 | 000,021,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CTL3D.DLL
[2014/05/03 13:31:15 | 000,067,888 | ---- | C] (Canon Electronics Inc.) -- C:\Windows\SysWow64\SuStiUtl.dll
[2014/05/03 13:30:43 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\Desktop\Canon DR-2580C
[2014/05/03 13:30:41 | 000,106,496 | ---- | C] (Canon Electronics) -- C:\Windows\SysWow64\DR25SVC.dll
[2014/05/03 13:30:41 | 000,094,208 | ---- | C] (Canon Electronics Inc.) -- C:\Windows\SysWow64\DR25CPL.dll
[2014/05/03 13:30:41 | 000,036,864 | ---- | C] (Canon Electronics Inc.) -- C:\Windows\SysWow64\CeiUSB2.dll
[2014/05/03 13:30:41 | 000,014,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\usbscan.sys
[2014/05/03 13:30:38 | 000,180,224 | ---- | C] (Pegasus Imaging Corp.) -- C:\Windows\SysWow64\PIXN1120.DLL
[2014/05/03 13:30:38 | 000,176,128 | ---- | C] (Pegasus Imaging Corp.) -- C:\Windows\SysWow64\PIXN1520.DLL
[2014/05/03 13:30:38 | 000,114,688 | ---- | C] (Pegasus Imaging Corp.) -- C:\Windows\SysWow64\PIXN1320.DLL
[2014/05/03 13:30:38 | 000,051,712 | ---- | C] (Pegasus Imaging Corp.) -- C:\Windows\SysWow64\PIXN20.DLL
[2014/05/03 13:30:37 | 000,602,384 | ---- | C] (Pixel Translations Incorporated) -- C:\Windows\SysWow64\pixipdll.dll
[2014/05/03 13:30:37 | 000,155,648 | ---- | C] (Pegasus Imaging Corp.) -- C:\Windows\SysWow64\PIXN1020.DLL
[2014/05/03 13:30:36 | 000,401,484 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Msvcrtd.dll
[2014/05/03 13:30:36 | 000,221,456 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXDFLTN.DLL
[2014/05/03 13:30:36 | 000,074,000 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXLOCN.DLL
[2014/05/03 13:30:36 | 000,053,520 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\PIXPERMN.DLL
[2014/05/03 13:30:36 | 000,000,000 | ---D | C] -- C:\Windows\PIXTRAN
[2014/05/03 13:30:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Canon Electronics
[2014/05/03 13:30:31 | 000,306,688 | ---- | C] (InstallShield Software Corporation) -- C:\Windows\IsUninst.exe
[2014/05/03 13:17:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WordPerfect Office 12
[2014/05/03 13:16:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Borland Shared
[2014/05/03 13:14:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WordPerfect Office 12
[2014/05/03 13:14:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Corel
[2014/05/03 12:01:21 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\PCDr
[2014/05/02 20:32:20 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2014/05/02 20:32:20 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2014/05/02 20:32:20 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2014/05/02 20:32:12 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2014/05/02 20:32:12 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2014/05/02 20:32:12 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2014/05/02 20:32:05 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2014/05/02 20:32:05 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2014/05/02 19:50:51 | 000,197,704 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\HipShieldK.sys
[2014/05/02 16:23:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/05/02 16:12:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2014/05/02 16:12:46 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\Google
[2014/05/02 16:10:13 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\Diagnostics
[2014/05/02 15:58:33 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\Apps
[2014/05/02 15:58:32 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\Deployment
[2014/05/02 15:45:07 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Opera Software
[2014/05/02 15:45:07 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\Opera Software
[2014/05/02 15:45:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera
[2014/05/02 15:42:10 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Macromedia
[2014/05/02 15:26:33 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Intel Corporation
[2014/05/02 15:25:54 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Dell
[2014/05/02 15:25:50 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\BMExplorer
[2014/05/02 15:25:49 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\Documents\Bluetooth Folder
[2014/05/02 15:25:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Atheros
[2014/05/02 15:25:33 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Leadertech
[2014/05/02 15:25:31 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Atheros
[2014/05/02 15:25:20 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Adobe
[2014/05/02 15:25:19 | 000,000,000 | R--D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014/05/02 15:25:19 | 000,000,000 | R--D | C] -- C:\Users\Barry Chapman\Searches
[2014/05/02 15:25:19 | 000,000,000 | R--D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014/05/02 15:25:19 | 000,000,000 | -H-D | C] -- C:\Users\Barry Chapman\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2014/05/02 15:25:10 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Identities
[2014/05/02 15:25:08 | 000,000,000 | R--D | C] -- C:\Users\Barry Chapman\Contacts
[2014/05/02 15:25:07 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\VirtualStore
[2014/05/02 15:23:34 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\softthinks
[2014/05/02 15:23:34 | 000,000,000 | ---D | C] -- C:\ProgramData\softthinks
[2014/05/02 15:17:44 | 000,000,000 | --SD | C] -- C:\Users\Barry Chapman\AppData\Roaming\Microsoft
[2014/05/02 15:17:44 | 000,000,000 | R--D | C] -- C:\Users\Barry Chapman\Videos
[2014/05/02 15:17:44 | 000,000,000 | R--D | C] -- C:\Users\Barry Chapman\Saved Games
[2014/05/02 15:17:44 | 000,000,000 | R--D | C] -- C:\Users\Barry Chapman\Pictures
[2014/05/02 15:17:44 | 000,000,000 | R--D | C] -- C:\Users\Barry Chapman\Music
[2014/05/02 15:17:44 | 000,000,000 | R--D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/05/02 15:17:44 | 000,000,000 | R--D | C] -- C:\Users\Barry Chapman\Links
[2014/05/02 15:17:44 | 000,000,000 | R--D | C] -- C:\Users\Barry Chapman\Favorites
[2014/05/02 15:17:44 | 000,000,000 | R--D | C] -- C:\Users\Barry Chapman\Downloads
[2014/05/02 15:17:44 | 000,000,000 | R--D | C] -- C:\Users\Barry Chapman\Documents
[2014/05/02 15:17:44 | 000,000,000 | R--D | C] -- C:\Users\Barry Chapman\Desktop
[2014/05/02 15:17:44 | 000,000,000 | R--D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/05/02 15:17:44 | 000,000,000 | -HSD | C] -- C:\Users\Barry Chapman\AppData\Local\Temporary Internet Files
[2014/05/02 15:17:44 | 000,000,000 | -HSD | C] -- C:\Users\Barry Chapman\Templates
[2014/05/02 15:17:44 | 000,000,000 | -HSD | C] -- C:\Users\Barry Chapman\Start Menu
[2014/05/02 15:17:44 | 000,000,000 | -HSD | C] -- C:\Users\Barry Chapman\SendTo
[2014/05/02 15:17:44 | 000,000,000 | -HSD | C] -- C:\Users\Barry Chapman\Recent
[2014/05/02 15:17:44 | 000,000,000 | -HSD | C] -- C:\Users\Barry Chapman\PrintHood
[2014/05/02 15:17:44 | 000,000,000 | -HSD | C] -- C:\Users\Barry Chapman\NetHood
[2014/05/02 15:17:44 | 000,000,000 | -HSD | C] -- C:\Users\Barry Chapman\Documents\My Videos
[2014/05/02 15:17:44 | 000,000,000 | -HSD | C] -- C:\Users\Barry Chapman\Documents\My Pictures
[2014/05/02 15:17:44 | 000,000,000 | -HSD | C] -- C:\Users\Barry Chapman\Documents\My Music
[2014/05/02 15:17:44 | 000,000,000 | -HSD | C] -- C:\Users\Barry Chapman\My Documents
[2014/05/02 15:17:44 | 000,000,000 | -HSD | C] -- C:\Users\Barry Chapman\Local Settings
[2014/05/02 15:17:44 | 000,000,000 | -HSD | C] -- C:\Users\Barry Chapman\AppData\Local\History
[2014/05/02 15:17:44 | 000,000,000 | -HSD | C] -- C:\Users\Barry Chapman\Cookies
[2014/05/02 15:17:44 | 000,000,000 | -HSD | C] -- C:\Users\Barry Chapman\Application Data
[2014/05/02 15:17:44 | 000,000,000 | -HSD | C] -- C:\Users\Barry Chapman\AppData\Local\Application Data
[2014/05/02 15:17:44 | 000,000,000 | -H-D | C] -- C:\Users\Barry Chapman\AppData
[2014/05/02 15:17:44 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\Temp
[2014/05/02 15:17:44 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Local\Microsoft
[2014/05/02 15:17:44 | 000,000,000 | ---D | C] -- C:\Users\Barry Chapman\AppData\Roaming\Media Center Programs
========== Files - Modified Within 30 Days ==========
[2014/05/27 15:55:04 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/05/27 15:55:01 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/05/27 15:47:56 | 000,009,666 | ---- | M] () -- C:\Users\Barry Chapman\Documents\Clark Invoice.pdf
[2014/05/27 15:41:19 | 000,197,282 | ---- | M] () -- C:\Users\Barry Chapman\Documents\141042 REVISED HUD.pdf
[2014/05/27 15:40:08 | 000,000,008 | ---- | M] () -- C:\LTLASTFN.DAT
[2014/05/27 15:07:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/05/27 13:31:58 | 000,021,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/05/27 13:31:58 | 000,021,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/05/27 13:31:30 | 000,791,990 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/05/27 13:31:30 | 000,670,374 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/05/27 13:31:30 | 000,125,196 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/05/27 13:24:18 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014/05/27 13:23:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/05/27 13:23:26 | 1008,427,006 | -HS- | M] () -- C:\hiberfil.sys
[2014/05/27 12:51:02 | 000,001,540 | ---- | M] () -- C:\Users\Barry Chapman\Desktop\ComboFix.exe - Shortcut.lnk
[2014/05/27 10:44:00 | 000,219,894 | ---- | M] () -- C:\Users\Barry Chapman\Documents\141042 revised hud 5-26.pdf
[2014/05/27 09:13:14 | 001,440,846 | ---- | M] () -- C:\Program Files (x86)\mbam-chameleon-1.62.1.1000.zip
[2014/05/25 11:49:58 | 000,004,447 | ---- | M] () -- C:\Users\Barry Chapman\Desktop\attach.zip
[2014/05/25 11:38:01 | 000,000,512 | ---- | M] () -- C:\Users\Barry Chapman\Desktop\MBR.dat
[2014/05/25 10:52:48 | 000,004,315 | ---- | M] () -- C:\Users\Barry Chapman\Desktop\attach.rar
[2014/05/25 10:37:03 | 000,001,159 | ---- | M] () -- C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2014/05/25 10:36:53 | 000,000,960 | ---- | M] () -- C:\Users\Barry Chapman\Desktop\ERUNT.lnk
[2014/05/23 09:52:06 | 000,201,978 | ---- | M] () -- C:\Users\Barry Chapman\Documents\141046 PRELIMINARY HUD.pdf
[2014/05/23 07:48:44 | 624,028,561 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014/05/22 15:48:56 | 000,042,188 | ---- | M] () -- C:\Users\Barry Chapman\Documents\141050 revised contract.pdf
[2014/05/22 15:35:06 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014/05/22 15:35:06 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014/05/22 15:35:06 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014/05/22 15:35:06 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014/05/22 15:20:40 | 000,103,981 | ---- | M] () -- C:\Users\Barry Chapman\Documents\141050 signed contract.pdf
[2014/05/22 13:23:30 | 000,051,706 | ---- | M] () -- C:\Windows\SysWow64\bddel.dat
[2014/05/22 10:49:21 | 000,001,434 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2014/05/21 16:21:32 | 000,037,861 | ---- | M] () -- C:\Users\Barry Chapman\AppData\Roaming\Comma Separated Values (Windows).ADR
[2014/05/21 15:00:00 | 000,017,064 | ---- | M] () -- C:\Users\Barry Chapman\Documents\Martinez legal description.pdf
[2014/05/21 09:17:50 | 000,002,334 | ---- | M] () -- C:\Users\Barry Chapman\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/05/21 09:17:50 | 000,002,310 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/05/20 11:11:14 | 000,024,389 | ---- | M] () -- C:\Users\Barry Chapman\Documents\141042 preliminary HUD.pdf
[2014/05/20 09:17:06 | 000,166,076 | ---- | M] () -- C:\Users\Barry Chapman\Documents\141049 HICKMAN ucc1.pdf
[2014/05/19 14:46:28 | 000,126,434 | ---- | M] () -- C:\Users\Barry Chapman\Documents\141049 REVISED HUD.pdf
[2014/05/19 14:25:33 | 000,148,676 | ---- | M] () -- C:\Users\Barry Chapman\Documents\141049 HUD & LEGAL DESCR.pdf
[2014/05/19 14:11:04 | 000,129,944 | ---- | M] () -- C:\Users\Barry Chapman\Documents\141051 HUD.pdf
[2014/05/19 09:55:20 | 000,009,944 | ---- | M] () -- C:\Users\Barry Chapman\Documents\Clayton Homes Invoice-Turbide.pdf
[2014/05/16 11:13:50 | 000,111,023 | ---- | M] () -- C:\Users\Barry Chapman\Documents\Bunche Stree contract.pdf
[2014/05/15 11:40:19 | 000,000,656 | ---- | M] () -- C:\Windows\tasks\Check for updates (Spybot - Search & Destroy).job
[2014/05/15 11:40:19 | 000,000,628 | ---- | M] () -- C:\Windows\tasks\Refresh immunization (Spybot - Search & Destroy).job
[2014/05/15 11:40:19 | 000,000,458 | ---- | M] () -- C:\Windows\tasks\Scan the system (Spybot - Search & Destroy).job
[2014/05/14 15:27:56 | 000,002,453 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
[2014/05/14 15:14:45 | 000,494,176 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/05/14 15:08:15 | 000,001,520 | ---- | M] () -- C:\Users\Public\Documents\AcStd7_1_0.ini
[2014/05/14 14:39:51 | 000,129,908 | ---- | M] () -- C:\Users\Barry Chapman\Documents\Wiggins hud.pdf
[2014/05/14 11:41:08 | 000,001,186 | ---- | M] () -- C:\Users\Barry Chapman\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2014/05/14 08:36:30 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/05/14 08:36:30 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/05/13 15:37:53 | 000,125,914 | ---- | M] () -- C:\Users\Barry Chapman\Documents\141044 PREL HUD.pdf
[2014/05/13 12:25:15 | 000,144,192 | ---- | M] () -- C:\Users\Barry Chapman\Documents\141046 tax cert and plat.pdf
[2014/05/13 11:38:10 | 034,209,792 | ---- | M] () -- C:\Users\Barry Chapman\Desktop\CHAPMA11_20140505-2014-05-13.QDF-backup
[2014/05/13 11:13:54 | 000,007,605 | ---- | M] () -- C:\Users\Barry Chapman\AppData\Local\resmon.resmoncfg
[2014/05/13 10:04:35 | 000,000,000 | ---- | M] () -- C:\Users\Barry Chapman\AppData\Local\{89B78C50-3F1E-4624-B5B6-B21F413891C7}
[2014/05/13 09:04:13 | 000,025,833 | ---- | M] () -- C:\Users\Barry Chapman\Documents\Performance Monitor screen grab.gif
[2014/05/12 16:37:27 | 000,255,875 | ---- | M] () -- C:\Users\Barry Chapman\Documents\141046 commitment.pdf
[2014/05/12 16:26:00 | 000,010,295 | ---- | M] () -- C:\Users\Barry Chapman\Documents\141046 commitment.wpd
[2014/05/12 16:21:54 | 000,002,380 | ---- | M] () -- C:\Users\Barry Chapman\Documents\141046 DATA FILE.wpd
[2014/05/09 10:58:52 | 000,729,275 | ---- | M] () -- C:\Users\Barry Chapman\Documents\141039 signed docs.pdf
[2014/05/09 10:41:30 | 000,015,330 | ---- | M] () -- C:\Users\Barry Chapman\Documents\WIRE INSTRUCTIONS REAL ESTATE TRUST ACCT.pdf
[2014/05/09 07:41:18 | 000,001,070 | ---- | M] () -- C:\Users\Barry Chapman\Application Data\Microsoft\Internet Explorer\Quick Launch\VMware Player.lnk
[2014/05/09 07:39:33 | 000,807,106 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/05/09 07:39:32 | 000,002,187 | ---- | M] () -- C:\Users\Public\Desktop\VMware Player.lnk
[2014/05/09 02:14:03 | 000,477,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014/05/09 02:11:23 | 000,424,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014/05/07 15:51:16 | 000,088,239 | ---- | M] () -- C:\Users\Barry Chapman\Documents\martin aff doc.pdf
[2014/05/07 15:43:47 | 002,744,977 | ---- | M] () -- C:\Users\Barry Chapman\Documents\Gary Martin closing package.pdf
[2014/05/07 11:24:18 | 000,027,554 | ---- | M] () -- C:\Users\Barry Chapman\Documents\141041 revised note.pdf
[2014/05/07 09:44:56 | 000,532,504 | ---- | M] () -- C:\Users\Barry Chapman\Documents\revised note and sd to change dates.pdf
[2014/05/07 09:16:15 | 000,024,895 | ---- | M] () -- C:\Users\Barry Chapman\Documents\Old Republic Synovus letter.pdf
[2014/05/06 16:39:15 | 000,534,254 | ---- | M] () -- C:\Users\Barry Chapman\Documents\Tillman revised note & sd.pdf
[2014/05/06 13:22:33 | 000,000,125 | ---- | M] () -- C:\Windows\SetScan.ini
[2014/05/06 10:04:49 | 000,313,256 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2014/05/06 10:04:49 | 000,189,352 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2014/05/06 10:04:49 | 000,189,352 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2014/05/06 10:04:49 | 000,108,968 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2014/05/06 09:06:37 | 000,005,432 | ---- | M] () -- C:\Windows\pixcache.ini
[2014/05/05 23:00:47 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/05/05 22:10:52 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/05/05 16:54:47 | 000,002,039 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Acrobat 7.0 Standard.lnk
[2014/05/05 16:15:18 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_point64_01011.Wdf
[2014/05/05 16:12:32 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_dc3d_01011.Wdf
[2014/05/05 15:02:39 | 000,013,839 | ---- | M] () -- C:\Users\Barry Chapman\Documents\141000.pdf
[2014/05/05 14:53:30 | 000,001,534 | ---- | M] () -- C:\Users\Barry Chapman\Desktop\Landtech XML.lnk
[2014/05/05 14:52:53 | 000,204,800 | ---- | M] (Landtech Data Corporation) -- C:\Windows\SysWow64\ltwpvsw.DLL
[2014/05/05 14:52:53 | 000,065,536 | ---- | M] (Landtech Data Corp.) -- C:\Windows\SysWow64\LTWNode.exe
[2014/05/05 14:44:31 | 000,000,519 | ---- | M] () -- C:\Windows\ODBCINST.INI
[2014/05/05 14:44:25 | 000,002,781 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start Pervasive PSQL Workgroup Engine.lnk
[2014/05/05 11:17:49 | 000,000,580 | ---- | M] () -- C:\Users\Public\Desktop\Medlin Accounting.lnk
[2014/05/05 10:24:34 | 000,001,808 | ---- | M] () -- C:\Users\Public\Desktop\Quicken Deluxe 2014.lnk
[2014/05/05 10:24:31 | 000,000,126 | ---- | M] () -- C:\Windows\QUICKEN.INI
[2014/05/03 16:21:08 | 000,001,149 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/05/03 16:10:33 | 000,001,007 | ---- | M] () -- C:\Users\Public\Desktop\WinRAR.lnk
[2014/05/03 15:41:59 | 000,000,376 | ---- | M] () -- C:\Windows\ODBC.INI
[2014/05/03 13:38:12 | 000,061,678 | ---- | M] () -- C:\Users\Barry Chapman\AppData\Roaming\PFP120JPR.{PB
[2014/05/03 13:38:12 | 000,012,358 | ---- | M] () -- C:\Users\Barry Chapman\AppData\Roaming\PFP120JCM.{PB
[2014/05/03 13:17:14 | 000,002,607 | ---- | M] () -- C:\Users\Barry Chapman\Desktop\WordPerfect.lnk
[2014/05/02 15:31:58 | 000,001,409 | ---- | M] () -- C:\Users\Barry Chapman\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/05/02 15:15:22 | 000,041,450 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2014/05/02 15:15:22 | 000,041,450 | ---- | M] () -- C:\Windows\SysNative\license.rtf
========== Files Created - No Company Name ==========
[2014/05/27 15:49:26 | 000,009,666 | ---- | C] () -- C:\Users\Barry Chapman\Documents\Clark Invoice.pdf
[2014/05/27 13:59:01 | 000,000,008 | ---- | C] () -- C:\LTLASTFN.DAT
[2014/05/27 12:58:35 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2014/05/27 12:58:35 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2014/05/27 12:58:35 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2014/05/27 12:58:35 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2014/05/27 12:58:35 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2014/05/27 12:51:02 | 000,001,540 | ---- | C] () -- C:\Users\Barry Chapman\Desktop\ComboFix.exe - Shortcut.lnk
[2014/05/27 10:44:00 | 000,219,894 | ---- | C] () -- C:\Users\Barry Chapman\Documents\141042 revised hud 5-26.pdf
[2014/05/27 09:25:05 | 001,440,846 | ---- | C] () -- C:\Program Files (x86)\mbam-chameleon-1.62.1.1000.zip
[2014/05/25 11:49:58 | 000,004,447 | ---- | C] () -- C:\Users\Barry Chapman\Desktop\attach.zip
[2014/05/25 11:38:01 | 000,000,512 | ---- | C] () -- C:\Users\Barry Chapman\Desktop\MBR.dat
[2014/05/25 10:52:48 | 000,004,315 | ---- | C] () -- C:\Users\Barry Chapman\Desktop\attach.rar
[2014/05/25 10:37:03 | 000,001,159 | ---- | C] () -- C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2014/05/25 10:36:53 | 000,000,960 | ---- | C] () -- C:\Users\Barry Chapman\Desktop\ERUNT.lnk
[2014/05/23 09:46:30 | 000,201,978 | ---- | C] () -- C:\Users\Barry Chapman\Documents\141046 PRELIMINARY HUD.pdf
[2014/05/23 07:48:44 | 624,028,561 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2014/05/22 15:48:57 | 000,042,188 | ---- | C] () -- C:\Users\Barry Chapman\Documents\141050 revised contract.pdf
[2014/05/22 15:20:41 | 000,103,981 | ---- | C] () -- C:\Users\Barry Chapman\Documents\141050 signed contract.pdf
[2014/05/22 13:22:39 | 000,051,706 | ---- | C] () -- C:\Windows\SysWow64\bddel.dat
[2014/05/22 13:12:59 | 000,197,282 | ---- | C] () -- C:\Users\Barry Chapman\Documents\141042 REVISED HUD.pdf
[2014/05/21 15:00:00 | 000,017,064 | ---- | C] () -- C:\Users\Barry Chapman\Documents\Martinez legal description.pdf
[2014/05/20 11:11:14 | 000,024,389 | ---- | C] () -- C:\Users\Barry Chapman\Documents\141042 preliminary HUD.pdf
[2014/05/20 09:17:02 | 000,166,076 | ---- | C] () -- C:\Users\Barry Chapman\Documents\141049 HICKMAN ucc1.pdf
[2014/05/19 14:46:28 | 000,126,434 | ---- | C] () -- C:\Users\Barry Chapman\Documents\141049 REVISED HUD.pdf
[2014/05/19 14:25:34 | 000,148,676 | ---- | C] () -- C:\Users\Barry Chapman\Documents\141049 HUD & LEGAL DESCR.pdf
[2014/05/19 14:11:05 | 000,129,944 | ---- | C] () -- C:\Users\Barry Chapman\Documents\141051 HUD.pdf
[2014/05/19 09:55:21 | 000,009,944 | ---- | C] () -- C:\Users\Barry Chapman\Documents\Clayton Homes Invoice-Turbide.pdf
[2014/05/16 11:15:34 | 000,111,023 | ---- | C] () -- C:\Users\Barry Chapman\Documents\Bunche Stree contract.pdf
[2014/05/15 11:40:19 | 000,000,656 | ---- | C] () -- C:\Windows\tasks\Check for updates (Spybot - Search & Destroy).job
[2014/05/15 11:40:19 | 000,000,628 | ---- | C] () -- C:\Windows\tasks\Refresh immunization (Spybot - Search & Destroy).job
[2014/05/15 11:40:19 | 000,000,458 | ---- | C] () -- C:\Windows\tasks\Scan the system (Spybot - Search & Destroy).job
[2014/05/15 11:40:16 | 000,001,446 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2014/05/15 11:40:16 | 000,001,434 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2014/05/14 14:43:14 | 000,129,908 | ---- | C] () -- C:\Users\Barry Chapman\Documents\Wiggins hud.pdf
[2014/05/14 14:40:55 | 000,002,453 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
[2014/05/14 14:34:35 | 000,001,520 | ---- | C] () -- C:\Users\Public\Documents\AcStd7_1_0.ini
[2014/05/14 11:41:08 | 000,001,186 | ---- | C] () -- C:\Users\Barry Chapman\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2014/05/13 15:37:54 | 000,125,914 | ---- | C] () -- C:\Users\Barry Chapman\Documents\141044 PREL HUD.pdf
[2014/05/13 12:25:15 | 000,144,192 | ---- | C] () -- C:\Users\Barry Chapman\Documents\141046 tax cert and plat.pdf
[2014/05/13 11:38:10 | 034,209,792 | ---- | C] () -- C:\Users\Barry Chapman\Desktop\CHAPMA11_20140505-2014-05-13.QDF-backup
[2014/05/13 10:04:35 | 000,000,000 | ---- | C] () -- C:\Users\Barry Chapman\AppData\Local\{89B78C50-3F1E-4624-B5B6-B21F413891C7}
[2014/05/13 09:04:13 | 000,025,833 | ---- | C] () -- C:\Users\Barry Chapman\Documents\Performance Monitor screen grab.gif
[2014/05/13 08:53:10 | 000,007,605 | ---- | C] () -- C:\Users\Barry Chapman\AppData\Local\resmon.resmoncfg
[2014/05/12 16:39:10 | 000,255,875 | ---- | C] () -- C:\Users\Barry Chapman\Documents\141046 commitment.pdf
[2014/05/12 16:26:00 | 000,010,295 | ---- | C] () -- C:\Users\Barry Chapman\Documents\141046 commitment.wpd
[2014/05/12 16:21:54 | 000,002,380 | ---- | C] () -- C:\Users\Barry Chapman\Documents\141046 DATA FILE.wpd
[2014/05/09 10:58:52 | 000,729,275 | ---- | C] () -- C:\Users\Barry Chapman\Documents\141039 signed docs.pdf
[2014/05/09 10:41:30 | 000,015,330 | ---- | C] () -- C:\Users\Barry Chapman\Documents\WIRE INSTRUCTIONS REAL ESTATE TRUST ACCT.pdf
[2014/05/09 07:41:18 | 000,001,070 | ---- | C] () -- C:\Users\Barry Chapman\Application Data\Microsoft\Internet Explorer\Quick Launch\VMware Player.lnk
[2014/05/09 07:39:32 | 000,002,187 | ---- | C] () -- C:\Users\Public\Desktop\VMware Player.lnk
[2014/05/07 15:51:16 | 000,088,239 | ---- | C] () -- C:\Users\Barry Chapman\Documents\martin aff doc.pdf
[2014/05/07 15:43:46 | 002,744,977 | ---- | C] () -- C:\Users\Barry Chapman\Documents\Gary Martin closing package.pdf
[2014/05/07 11:24:13 | 000,027,554 | ---- | C] () -- C:\Users\Barry Chapman\Documents\141041 revised note.pdf
[2014/05/07 09:47:05 | 000,532,504 | ---- | C] () -- C:\Users\Barry Chapman\Documents\revised note and sd to change dates.pdf
[2014/05/07 09:16:15 | 000,024,895 | ---- | C] () -- C:\Users\Barry Chapman\Documents\Old Republic Synovus letter.pdf
[2014/05/06 16:39:15 | 000,534,254 | ---- | C] () -- C:\Users\Barry Chapman\Documents\Tillman revised note & sd.pdf
[2014/05/06 09:09:30 | 000,063,248 | ---- | C] () -- C:\Windows\SysWow64\picn1120.ssm
[2014/05/05 17:43:05 | 000,005,432 | ---- | C] () -- C:\Windows\pixcache.ini
[2014/05/05 16:54:47 | 000,002,501 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat 7.0 Standard.lnk
[2014/05/05 16:54:47 | 000,002,459 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Distiller 7.0.lnk
[2014/05/05 16:54:47 | 000,002,039 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Acrobat 7.0 Standard.lnk
[2014/05/05 16:15:18 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_point64_01011.Wdf
[2014/05/05 16:12:32 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_dc3d_01011.Wdf
[2014/05/05 14:53:30 | 000,001,534 | ---- | C] () -- C:\Users\Barry Chapman\Desktop\Landtech XML.lnk
[2014/05/05 14:44:31 | 000,000,519 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2014/05/05 14:44:25 | 000,002,781 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start Pervasive PSQL Workgroup Engine.lnk
[2014/05/05 14:35:58 | 000,013,839 | ---- | C] () -- C:\Users\Barry Chapman\Documents\141000.pdf
[2014/05/05 11:45:19 | 000,037,861 | ---- | C] () -- C:\Users\Barry Chapman\AppData\Roaming\Comma Separated Values (Windows).ADR
[2014/05/05 10:49:21 | 000,000,580 | ---- | C] () -- C:\Users\Public\Desktop\Medlin Accounting.lnk
[2014/05/05 10:24:34 | 000,001,808 | ---- | C] () -- C:\Users\Public\Desktop\Quicken Deluxe 2014.lnk
[2014/05/05 10:24:06 | 000,000,126 | ---- | C] () -- C:\Windows\QUICKEN.INI
[2014/05/04 03:06:18 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2014/05/03 16:21:08 | 000,001,161 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2014/05/03 16:21:08 | 000,001,149 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/05/03 16:10:33 | 000,001,007 | ---- | C] () -- C:\Users\Public\Desktop\WinRAR.lnk
[2014/05/03 15:41:59 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2014/05/03 13:38:12 | 000,061,678 | ---- | C] () -- C:\Users\Barry Chapman\AppData\Roaming\PFP120JPR.{PB
[2014/05/03 13:38:12 | 000,012,358 | ---- | C] () -- C:\Users\Barry Chapman\AppData\Roaming\PFP120JCM.{PB
[2014/05/03 13:30:41 | 000,000,125 | ---- | C] () -- C:\Windows\SetScan.ini
[2014/05/03 13:17:14 | 000,002,607 | ---- | C] () -- C:\Users\Barry Chapman\Desktop\WordPerfect.lnk
[2014/05/02 16:23:30 | 000,002,334 | ---- | C] () -- C:\Users\Barry Chapman\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/05/02 16:23:30 | 000,002,310 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/05/02 16:12:54 | 000,000,912 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/05/02 16:12:54 | 000,000,908 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/05/02 15:31:58 | 000,001,409 | ---- | C] () -- C:\Users\Barry Chapman\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/05/02 15:25:20 | 000,001,415 | ---- | C] () -- C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/05/02 15:18:02 | 000,001,975 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Help Documentation.lnk
[2014/05/02 15:17:44 | 000,000,290 | ---- | C] () -- C:\Users\Barry Chapman\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2014/05/02 15:17:44 | 000,000,272 | ---- | C] () -- C:\Users\Barry Chapman\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2014/03/22 04:08:50 | 019,587,072 | ---- | C] () -- C:\Windows\SysWow64\igdfcl32.dll
[2014/03/22 04:08:50 | 000,241,152 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2014/03/22 04:08:50 | 000,109,056 | ---- | C] () -- C:\Windows\SysWow64\igdail32.dll
[2014/03/21 13:42:49 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2013/05/11 05:17:52 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
========== ZeroAccess Check ==========
[2014/05/20 18:36:38 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/24 22:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/24 22:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2014/05/03 13:53:55 | 000,000,000 | ---D | M] -- C:\Users\Barry Chapman\AppData\Roaming\Canon Electronics
[2014/05/16 08:33:26 | 000,000,000 | ---D | M] -- C:\Users\Barry Chapman\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2014/05/20 17:52:11 | 000,000,000 | ---D | M] -- C:\Users\Barry Chapman\AppData\Roaming\ISIS Drivers
[2014/05/02 15:25:33 | 000,000,000 | ---D | M] -- C:\Users\Barry Chapman\AppData\Roaming\Leadertech
[2014/05/20 17:26:37 | 000,000,000 | ---D | M] -- C:\Users\Barry Chapman\AppData\Roaming\Opera Software
[2014/05/06 10:10:41 | 000,000,000 | ---D | M] -- C:\Users\Barry Chapman\AppData\Roaming\Oracle
[2014/05/04 18:11:07 | 000,000,000 | ---D | M] -- C:\Users\Barry Chapman\AppData\Roaming\PCDr
[2014/05/23 07:41:53 | 000,000,000 | ---D | M] -- C:\Users\Barry Chapman\AppData\Roaming\QuickScan
[2014/05/21 11:27:06 | 000,000,000 | ---D | M] -- C:\Users\Barry Chapman\AppData\Roaming\TuneUp Software
[2014/05/20 17:52:15 | 000,000,000 | ---D | M] -- C:\Users\Barry Chapman\AppData\Roaming\wi_upd
========== Purity Check ==========
< End of report >
What are you running on your system that needs a proxy server, this thing just wont go
Please download Farbar Recovery Scan Tool (http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/) and save it to your desktop.
Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
brchapman
2014-05-27, 23:27
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-05-2014 02
Ran by Barry Chapman (administrator) on BARRYSNEW on 27-05-2014 16:22:23
Running from C:\Users\Barry Chapman\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
() C:\Program Files (x86)\Backblaze\bzserv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(OldTimer Tools) C:\Users\Barry Chapman\Downloads\OTL.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7194840 2013-07-26] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-07-29] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286056 2013-07-29] (Intel Corporation)
HKLM\...\Run: [CANON DR2580C SVC] => C:\Windows\system32\DR25SVC.dll [152576 2012-12-17] (Canon Electronics)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101584 2014-04-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [645168 2013-09-11] (McAfee, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-670280924-550259233-2201882432-1000\...\Run: [updateMgr] => C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe [313472 2006-03-30] (Adobe Systems Incorporated)
HKU\S-1-5-21-670280924-550259233-2201882432-1000\...\Run: [Backblaze] => C:\Program Files (x86)\Backblaze\bzbui.exe [492136 2014-05-13] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
ShortcutTarget: Adobe Acrobat Speed Launcher.lnk -> C:\Windows\Installer\{AC76BA86-1033-F400-BA7E-100000000002}\SC_Acrobat.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start Pervasive PSQL Workgroup Engine.lnk
ShortcutTarget: Start Pervasive PSQL Workgroup Engine.lnk -> C:\Windows\Installer\{0A3238D7-AB32-1030-B717-F3E3F18B4A8C}\WGE.14A03FCD_EA43_4130_A5C0_F02D38895A13.exe ()
Startup: C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
ShortcutTarget: ERUNT AutoBackup.lnk -> C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
==================== Internet (Whitelisted) ====================
ProxyServer: http=127.0.0.1:8118;https=127.0.0.1:8118
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {D81273E4-7658-47B6-8075-3D404C64D87C} URL = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=DCJB
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {D81273E4-7658-47B6-8075-3D404C64D87C} URL = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=DCJB
SearchScopes: HKLM-x32 - {D81273E4-7658-47B6-8075-3D404C64D87C} URL = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=DCJB
SearchScopes: HKCU - DefaultScope {D81273E4-7658-47B6-8075-3D404C64D87C} URL =
SearchScopes: HKCU - {D81273E4-7658-47B6-8075-3D404C64D87C} URL =
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Qualcomm®Atheros®)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4 205.152.144.23 205.152.132.23
FireFox:
========
FF ProfilePath: C:\Users\Barry Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\76t9nm76.default
FF NetworkProxy: "type", 1);user_pref("network.proxy.http", "127.0.0.1");user_pref("network.proxy.http_port", 8118);user_pref("network.proxy.ssl", "127.0.0.1");user_pref("network.proxy.ssl_port", 8118
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-03-21]
Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR StartupUrls: "hxxp://www.google.com/"
CHR Extension: (Google Docs) - C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-02]
CHR Extension: (Google Drive) - C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-02]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-20]
CHR Extension: (YouTube) - C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-02]
CHR Extension: (Google Search) - C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-02]
CHR Extension: (Google Wallet) - C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-02]
CHR Extension: (Gmail) - C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-02]
==================== Services (Whitelisted) =================
R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [312448 2013-07-02] (Windows (R) Win 7 DDK provider)
R2 bzserv; C:\Program Files (x86)\Backblaze\bzserv.exe [234600 2014-05-13] ()
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [14696 2013-07-29] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-25] (Intel Corporation)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334760 2012-12-21] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.)
R2 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-03-18] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-04-03] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-04-03] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-19] (Realtek Semiconductor)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738200 2014-04-25] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [1915920 2014-04-04] (SoftThinks SAS)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [81536 2013-06-20] (Atheros)
==================== Drivers (Whitelisted) ====================
R3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [77464 2013-07-02] (Qualcomm Atheros)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70592 2014-04-03] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2013-07-24] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [177544 2014-04-03] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311856 2014-04-03] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [522360 2014-04-03] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [784760 2014-04-03] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [441264 2014-03-18] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96592 2014-03-18] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [346760 2014-04-03] (McAfee, Inc.)
R1 SDHookDriver; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys [64160 2014-04-25] ()
R3 usbscan; C:\Windows\SysWOW64\DRIVERS\usbscan.sys [14000 2002-05-13] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-27 16:22 - 2014-05-27 16:22 - 00019141 _____ () C:\Users\Barry Chapman\Desktop\FRST.txt
2014-05-27 16:22 - 2014-05-27 16:22 - 00000000 ____D () C:\FRST
2014-05-27 16:21 - 2014-05-27 16:21 - 02066944 _____ (Farbar) C:\Users\Barry Chapman\Desktop\FRST64.exe
2014-05-27 15:30 - 2014-05-27 15:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-05-27 13:59 - 2014-05-27 15:40 - 00000008 _____ () C:\LTLASTFN.DAT
2014-05-27 13:29 - 2014-05-27 13:29 - 00043987 _____ () C:\ComboFix.txt
2014-05-27 12:58 - 2011-06-26 02:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-27 12:58 - 2010-11-07 13:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-27 12:58 - 2009-04-20 00:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-27 12:58 - 2000-08-30 20:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-27 12:58 - 2000-08-30 20:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-27 12:58 - 2000-08-30 20:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-27 12:58 - 2000-08-30 20:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-27 12:58 - 2000-08-30 20:00 - 00068096 _____ () C:\Windows\zip.exe
2014-05-27 12:51 - 2014-05-27 12:51 - 00001540 _____ () C:\Users\Barry Chapman\Desktop\ComboFix.exe - Shortcut.lnk
2014-05-27 12:50 - 2014-05-27 13:29 - 00000000 ____D () C:\Qoobox
2014-05-27 12:46 - 2014-05-27 12:47 - 05203612 ____R () C:\Users\Barry Chapman\Downloads\ComboFix.exe
2014-05-27 11:30 - 2014-05-27 11:30 - 00000000 ___RD () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-05-27 11:23 - 2014-05-27 11:23 - 00000000 ____D () C:\_OTL
2014-05-27 10:03 - 2014-05-27 10:03 - 00056788 _____ () C:\Users\Barry Chapman\Downloads\Extras.Txt
2014-05-27 10:02 - 2014-05-27 15:57 - 00198204 _____ () C:\Users\Barry Chapman\Downloads\OTL.Txt
2014-05-27 09:54 - 2014-05-27 09:54 - 00602112 _____ (OldTimer Tools) C:\Users\Barry Chapman\Downloads\OTL.exe
2014-05-27 09:25 - 2014-05-27 09:13 - 01440846 _____ () C:\Program Files (x86)\mbam-chameleon-1.62.1.1000.zip
2014-05-27 09:18 - 2014-05-27 09:18 - 00000000 ____D () C:\Malwarebytes' Anti-Malware
2014-05-27 09:01 - 2014-05-27 09:01 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Barry Chapman\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-05-27 08:58 - 2014-05-27 08:58 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Barry Chapman\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-26 10:19 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-26 10:17 - 2014-05-26 10:17 - 01327971 _____ () C:\Users\Barry Chapman\Downloads\AdwCleaner.exe
2014-05-25 11:49 - 2014-05-25 11:49 - 00004447 _____ () C:\Users\Barry Chapman\Desktop\attach.zip
2014-05-25 11:38 - 2014-05-25 11:38 - 00002135 _____ () C:\Users\Barry Chapman\Desktop\aswMBR.txt
2014-05-25 11:38 - 2014-05-25 11:38 - 00000512 _____ () C:\Users\Barry Chapman\Desktop\MBR.dat
2014-05-25 10:52 - 2014-05-25 10:52 - 00004315 _____ () C:\Users\Barry Chapman\Desktop\attach.rar
2014-05-25 10:46 - 2014-05-25 10:46 - 00042419 _____ () C:\Users\Barry Chapman\Desktop\dds.txt
2014-05-25 10:46 - 2014-05-25 10:46 - 00020635 _____ () C:\Users\Barry Chapman\Desktop\attach.txt
2014-05-25 10:43 - 2014-05-25 10:43 - 04745728 _____ (AVAST Software) C:\Users\Barry Chapman\Downloads\aswMBR.exe
2014-05-25 10:38 - 2014-05-27 13:27 - 00000000 ____D () C:\Windows\ERDNT
2014-05-25 10:38 - 2014-05-25 10:38 - 00688992 ____R (Swearware) C:\Users\Barry Chapman\Downloads\dds (1).scr
2014-05-25 10:36 - 2014-05-25 10:37 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-05-25 10:36 - 2014-05-25 10:36 - 00791393 _____ (Lars Hederer ) C:\Users\Barry Chapman\Downloads\erunt-setup (2).exe
2014-05-25 10:36 - 2014-05-25 10:36 - 00000960 _____ () C:\Users\Barry Chapman\Desktop\ERUNT.lnk
2014-05-25 10:36 - 2014-05-25 10:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
2014-05-24 12:00 - 2014-05-24 12:00 - 00688992 _____ (Swearware) C:\Users\Barry Chapman\Downloads\dds.scr
2014-05-24 11:59 - 2014-05-24 11:59 - 00791393 _____ (Lars Hederer ) C:\Users\Barry Chapman\Downloads\erunt-setup (1).exe
2014-05-24 11:57 - 2014-05-24 11:57 - 00791393 _____ (Lars Hederer ) C:\Users\Barry Chapman\Downloads\erunt-setup.exe
2014-05-23 08:25 - 2014-05-23 08:25 - 00000000 ____D () C:\New folder
2014-05-23 07:48 - 2014-05-23 07:48 - 624028561 _____ () C:\Windows\MEMORY.DMP
2014-05-23 07:48 - 2014-05-23 07:48 - 00280128 _____ () C:\Windows\Minidump\052314-21138-01.dmp
2014-05-23 07:48 - 2014-05-23 07:48 - 00000000 ____D () C:\Windows\Minidump
2014-05-23 07:43 - 2014-05-23 07:43 - 00162208 _____ () C:\Users\Barry Chapman\Downloads\Antivirus_Free_Edition (1).exe
2014-05-23 07:41 - 2014-05-23 07:41 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\QuickScan
2014-05-23 07:40 - 2014-05-23 07:43 - 10447328 _____ () C:\Users\Barry Chapman\Downloads\Antivirus_Free_Edition_x64.exe
2014-05-23 07:39 - 2014-05-23 07:39 - 00162208 _____ () C:\Users\Barry Chapman\Downloads\Antivirus_Free_Edition.exe
2014-05-22 15:37 - 2014-05-22 15:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2014-05-22 15:35 - 2014-05-22 15:35 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-05-22 15:35 - 2014-05-22 15:35 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-05-22 15:35 - 2014-05-22 15:35 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-05-22 15:35 - 2014-05-22 15:35 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-05-22 15:35 - 2014-05-22 15:35 - 00000000 ____D () C:\Program Files (x86)\Java
2014-05-22 13:22 - 2014-05-22 13:23 - 00051706 _____ () C:\Windows\SysWOW64\bddel.dat
2014-05-22 10:47 - 2014-05-22 10:47 - 00000000 ____D () C:\Program Files (x86)\Spybot
2014-05-22 08:13 - 2014-05-22 09:31 - 00017970 _____ () C:\Users\Barry Chapman\Desktop\Nmc_2014-05-22_08-13-17.log
2014-05-22 08:08 - 2014-05-22 08:11 - 00003374 _____ () C:\Users\Barry Chapman\Desktop\Nmc_2014-05-22_08-08-46.log
2014-05-22 07:57 - 2014-05-22 08:06 - 332119856 _____ (Norman Shark AS) C:\Users\Barry Chapman\Downloads\Norman_Malware_Cleaner (1).exe
2014-05-21 11:27 - 2014-05-21 11:27 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\TuneUp Software
2014-05-21 11:16 - 2014-05-23 07:03 - 00000000 ____D () C:\ProgramData\MFAData
2014-05-21 11:16 - 2014-05-21 11:16 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\MFAData
2014-05-21 11:15 - 2014-05-21 11:15 - 04485528 _____ (AVG Technologies) C:\Users\Barry Chapman\Downloads\avg_free_stb_all_2014_4577_cnet.exe
2014-05-21 09:31 - 2014-05-21 10:04 - 00014960 _____ () C:\Users\Barry Chapman\Desktop\Nmc_2014-05-21_09-31-37.log
2014-05-21 09:01 - 2014-05-21 09:08 - 331917560 _____ (Norman Shark AS) C:\Users\Barry Chapman\Downloads\Norman_Malware_Cleaner.exe
2014-05-20 14:54 - 2014-05-20 15:49 - 00025110 _____ () C:\Users\Barry Chapman\Desktop\Nmc_2014-05-20_14-54-17.log
2014-05-20 14:53 - 2014-05-20 14:53 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Norman Malware Cleaner
2014-05-20 12:44 - 2014-05-20 13:35 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-05-20 12:34 - 2014-05-20 12:34 - 00000914 _____ () C:\Users\Barry Chapman\Desktop\JRT.txt
2014-05-20 10:29 - 2014-05-20 10:30 - 04957528 _____ (SurfRight B.V.) C:\Users\Barry Chapman\Downloads\Unconfirmed 912715.crdownload
2014-05-19 16:42 - 2014-05-26 10:25 - 00000000 ____D () C:\AdwCleaner
2014-05-19 10:55 - 2014-05-19 10:55 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-05-19 10:20 - 2014-05-19 10:20 - 00000000 ____D () C:\Adobe XI Pro
2014-05-19 08:08 - 2014-05-20 18:24 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-05-19 07:54 - 2014-05-19 07:54 - 00000000 ____D () C:\Users\Barry Chapman\Documents\ProcAlyzer Dumps
2014-05-16 10:51 - 2014-05-27 09:22 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\CrashDumps
2014-05-16 09:39 - 2014-05-16 09:39 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\SUPERAntiSpyware.com
2014-05-16 09:39 - 2014-05-16 09:39 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-05-16 08:33 - 2014-05-20 17:34 - 00000000 ____D () C:\Program Files (x86)\Adobe Download Assistant
2014-05-16 08:33 - 2014-05-16 08:33 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2014-05-16 08:32 - 2014-05-16 08:32 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-05-16 08:32 - 2014-05-16 08:32 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-05-15 15:02 - 2014-05-15 15:02 - 00560968 _____ (Safer-Networking Ltd. ) C:\Users\Barry Chapman\Downloads\spybot2-license (1).exe
2014-05-15 14:27 - 2014-05-15 14:27 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-05-15 13:05 - 2014-05-15 13:06 - 00560968 _____ (Safer-Networking Ltd. ) C:\Users\Barry Chapman\Downloads\spybot2-license.exe
2014-05-15 12:49 - 2009-06-10 17:00 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hosts.20140515-124903.backup
2014-05-15 11:40 - 2014-05-22 10:49 - 00001446 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-05-15 11:40 - 2014-05-22 10:49 - 00001434 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-05-15 11:40 - 2014-05-22 10:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-05-15 11:40 - 2014-05-15 11:40 - 00000656 _____ () C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2014-05-15 11:40 - 2014-05-15 11:40 - 00000628 _____ () C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2014-05-15 11:40 - 2014-05-15 11:40 - 00000458 _____ () C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job
2014-05-15 11:40 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2014-05-15 11:21 - 2014-05-22 10:51 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-05-15 11:21 - 2014-05-22 10:49 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-05-15 11:20 - 2014-05-15 10:56 - 46392680 _____ (Safer-Networking Ltd. ) C:\Users\Barry Chapman\Downloads\spybot-2.3 (1).exe
2014-05-15 03:25 - 2014-05-20 17:52 - 00000000 ___RD () C:\Users\Barry Chapman\Virtual Machines
2014-05-15 03:06 - 2014-05-06 00:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-15 03:06 - 2014-05-06 00:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-15 03:06 - 2014-05-05 23:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-15 03:06 - 2014-05-05 23:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-15 03:06 - 2014-05-05 23:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-15 03:06 - 2014-05-05 22:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-14 16:16 - 2014-05-14 16:16 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\PDF24
2014-05-14 15:56 - 2014-05-26 10:24 - 00000000 ____D () C:\Program Files (x86)\MSR
2014-05-14 15:56 - 2014-05-14 15:56 - 00004592 _____ () C:\Windows\System32\Tasks\IdleCrawler Runner
2014-05-14 15:54 - 2014-05-20 17:52 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\wi_upd
2014-05-14 15:53 - 2014-05-14 15:54 - 02271768 _____ () C:\Users\Barry Chapman\Downloads\Adobe.Acrobat.XI.Pro.v11.0.2.Multilingual.Cracked.exe
2014-05-14 15:26 - 2014-05-14 15:27 - 18873344 _____ () C:\Users\Barry Chapman\Downloads\AcrobatUpd714_all_incr.msp
2014-05-14 15:22 - 2014-05-14 15:23 - 14385152 _____ () C:\Users\Barry Chapman\Downloads\AcrobatUpd713_all_incr.msp
2014-05-14 15:21 - 2014-05-14 15:22 - 03972608 _____ () C:\Users\Barry Chapman\Downloads\AcrobatUpd712_all_incr (1).msp
2014-05-14 15:20 - 2014-05-14 15:20 - 06504448 _____ () C:\Users\Barry Chapman\Downloads\AcroUpd711_all_incr.msp
2014-05-14 14:34 - 2014-05-14 15:08 - 00001520 _____ () C:\Users\Public\Documents\AcStd7_1_0.ini
2014-05-14 11:56 - 2014-05-27 15:49 - 00000000 ____D () C:\Users\Barry Chapman\Documents\Outlook Files
2014-05-14 10:26 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-05-14 10:25 - 2014-05-14 10:25 - 00000000 ____D () C:\Windows\PCHEALTH
2014-05-14 10:22 - 2014-05-14 10:22 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-05-14 10:22 - 2014-05-14 10:22 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-05-14 10:20 - 2014-05-14 10:26 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-05-14 10:20 - 2014-05-14 10:20 - 00000000 ___RD () C:\MSOCache
2014-05-14 08:30 - 2014-05-20 16:20 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-05-14 08:30 - 2014-05-14 08:30 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Secunia PSI
2014-05-14 08:28 - 2014-05-14 08:29 - 05329480 _____ (Secunia) C:\Users\Barry Chapman\Downloads\PSISetup.exe
2014-05-14 05:44 - 2014-05-09 02:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-14 05:44 - 2014-05-09 02:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-14 05:44 - 2014-04-11 22:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 05:44 - 2014-04-11 22:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 05:44 - 2014-04-11 22:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 05:44 - 2014-04-11 22:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 05:44 - 2014-04-11 22:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 05:44 - 2014-04-11 22:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 05:44 - 2014-04-11 22:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-14 05:44 - 2014-04-11 22:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-14 05:44 - 2014-04-11 22:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-14 05:44 - 2014-03-24 22:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 05:44 - 2014-03-24 22:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-14 05:44 - 2014-03-04 05:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 05:44 - 2014-03-04 05:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 05:44 - 2014-03-04 05:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 05:44 - 2014-03-04 05:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 05:44 - 2014-03-04 05:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 05:44 - 2014-03-04 05:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 05:44 - 2014-03-04 05:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 05:44 - 2014-03-04 05:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 05:44 - 2014-03-04 05:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-14 05:44 - 2014-03-04 05:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 05:44 - 2014-03-04 05:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-14 05:44 - 2014-03-04 05:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-14 05:44 - 2014-03-04 05:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-14 05:44 - 2014-03-04 05:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-14 05:44 - 2014-03-04 05:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 05:44 - 2014-03-04 05:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 05:44 - 2014-03-04 05:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-14 05:44 - 2014-03-04 05:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-14 05:44 - 2014-03-04 05:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-14 05:44 - 2014-03-04 05:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-13 12:17 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backblaze
2014-05-13 12:16 - 2014-05-20 17:44 - 00000000 ____D () C:\Program Files (x86)\Backblaze
2014-05-13 12:16 - 2014-05-13 12:16 - 05033216 _____ () C:\Users\Barry Chapman\Downloads\install_backblaze.exe
2014-05-13 12:16 - 2014-05-13 12:16 - 00000000 ____D () C:\ProgramData\Backblaze
2014-05-13 12:02 - 2014-05-13 12:04 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\VMware
2014-05-13 11:38 - 2014-05-13 11:38 - 34209792 _____ () C:\Users\Barry Chapman\Desktop\CHAPMA11_20140505-2014-05-13.QDF-backup
2014-05-13 11:18 - 2014-05-20 17:55 - 00000000 ____D () C:\Windows\pss
2014-05-13 11:00 - 2014-05-20 17:52 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\VMware
2014-05-13 10:04 - 2014-05-13 10:04 - 00000000 _____ () C:\Users\Barry Chapman\AppData\Local\{89B78C50-3F1E-4624-B5B6-B21F413891C7}
2014-05-13 08:53 - 2014-05-13 11:13 - 00007605 _____ () C:\Users\Barry Chapman\AppData\Local\resmon.resmoncfg
2014-05-12 20:43 - 2014-05-12 20:58 - 00000000 ____D () C:\Users\Barry Chapman\.asdm
2014-05-12 20:43 - 2014-05-12 20:43 - 00000000 ____D () C:\Program Files (x86)\Cisco Systems
2014-05-12 16:26 - 2014-05-12 16:26 - 00010295 _____ () C:\Users\Barry Chapman\Documents\141046 commitment.wpd
2014-05-12 16:21 - 2014-05-12 16:21 - 00002380 _____ () C:\Users\Barry Chapman\Documents\141046 DATA FILE.wpd
2014-05-12 13:51 - 2014-05-13 11:07 - 00000000 ____D () C:\Program Files\My Lockbox
2014-05-12 13:50 - 2014-05-12 13:50 - 04090994 _____ () C:\Users\Barry Chapman\Downloads\mylockbox_setup.zip
2014-05-12 07:16 - 2014-05-13 12:17 - 00000000 ____D () C:\.bzvol
2014-05-09 11:38 - 2014-05-09 11:38 - 00000000 ____D () C:\Users\Barry Chapman\Documents\CCWin
2014-05-09 07:41 - 2013-03-01 02:27 - 00063568 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmx86.sys
2014-05-09 07:40 - 2013-03-01 02:27 - 00943184 _____ (VMware, Inc.) C:\Windows\system32\vnetlib64.dll
2014-05-09 07:40 - 2013-03-01 02:27 - 00354896 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
2014-05-09 07:40 - 2013-03-01 02:26 - 00434256 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
2014-05-09 07:40 - 2013-03-01 02:26 - 00030800 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmnetuserif.sys
2014-05-09 07:39 - 2014-05-27 13:24 - 00000000 ____D () C:\ProgramData\VMware
2014-05-09 07:39 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
2014-05-09 07:39 - 2014-05-09 07:39 - 00002187 _____ () C:\Users\Public\Desktop\VMware Player.lnk
2014-05-09 07:39 - 2014-05-09 07:39 - 00000000 ____D () C:\Program Files (x86)\VMware
2014-05-09 07:39 - 2013-03-01 02:26 - 00033360 _____ (VMware, Inc.) C:\Windows\system32\Drivers\VMkbd.sys
2014-05-09 07:39 - 2011-08-29 22:11 - 00039024 _____ (VMware, Inc.) C:\Windows\system32\Drivers\hcmon.sys
2014-05-09 07:38 - 2014-05-09 07:38 - 00000000 ____D () C:\Program Files\Common Files\VMware
2014-05-09 07:33 - 2014-05-09 07:35 - 114794792 _____ (VMware, Inc.) C:\Users\Barry Chapman\Downloads\VMware-player-4.0.6-1035888.exe
2014-05-07 09:42 - 2006-05-16 21:40 - 00753936 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXANNOT.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00463120 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXJP2K.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00209168 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXNOTEN.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00119056 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXJBGN.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00102672 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXTIFFN.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00094480 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXAPS.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00074000 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXNAMEN.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00069904 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXDLGN.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00057616 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXLZWN.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00049424 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXTHK32.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00045328 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXSLN.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00045328 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXRAMN.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00045328 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXPANN.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00045328 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXMPN.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00045328 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXMDLGN.DLL
2014-05-07 09:42 - 2006-05-16 21:23 - 00006416 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXTHK16.DLL
2014-05-07 09:42 - 2006-05-16 21:22 - 00231552 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXDFLT.DLL
2014-05-07 09:42 - 2006-05-16 21:22 - 00023152 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXPERM.DLL
2014-05-07 09:42 - 2006-05-16 21:22 - 00016048 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXLOC.DLL
2014-05-07 09:42 - 2006-05-16 21:19 - 00327680 ____N (The University of New South Wales) C:\Windows\SysWOW64\PIXJP2KI.DLL
2014-05-07 09:42 - 2006-05-16 21:19 - 00051959 ____N () C:\Windows\SysWOW64\PIXNAME.HLP
2014-05-07 09:42 - 2005-02-10 18:17 - 00011968 ____N (Pixel Translations Incorporated) C:\Windows\SysWOW64\PIXMDLLC.CPL
2014-05-07 09:29 - 2014-05-07 09:29 - 00000000 ____D () C:\ProgramData\Canon Electronics
2014-05-07 09:25 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CapturePerfect 3.1
2014-05-07 09:20 - 2014-05-07 09:22 - 79468544 _____ () C:\Users\Barry Chapman\Downloads\CP_Upgrade_V3137 (1).exe
2014-05-06 15:56 - 2014-05-06 15:59 - 00000000 ____D () C:\Users\Barry Chapman\Documents\My Documents from old
2014-05-06 14:42 - 2014-05-06 14:42 - 00119964 _____ () C:\Users\Barry Chapman\Downloads\GSCCCA Online Statement.htm
2014-05-06 13:18 - 2014-05-18 03:05 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-06 13:18 - 2014-05-15 03:03 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-06 13:12 - 2012-12-17 08:56 - 00152576 _____ (Canon Electronics) C:\Windows\system32\DR25SVC.dll
2014-05-06 13:12 - 2009-05-13 16:08 - 00491792 _____ (Captiva Software Corp.) C:\Windows\SysWOW64\qd1.dll
2014-05-06 13:09 - 2014-05-06 13:09 - 14393344 _____ () C:\Users\Barry Chapman\Downloads\2580DRIT_V18SP1 (1).exe
2014-05-06 10:10 - 2014-05-06 10:10 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Oracle
2014-05-06 10:09 - 2014-05-06 10:09 - 00000000 ____D () C:\ProgramData\Sun
2014-05-06 10:09 - 2014-05-06 10:09 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-06 10:07 - 2014-05-06 10:07 - 00921512 _____ (Oracle Corporation) C:\Users\Barry Chapman\Downloads\chromeinstall-7u55.exe
2014-05-06 10:05 - 2014-05-06 10:04 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-05-06 10:04 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-06 10:04 - 2014-05-06 10:04 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-05-06 10:04 - 2014-05-06 10:04 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-05-06 10:04 - 2014-05-06 10:04 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-05-06 10:04 - 2014-05-06 10:04 - 00000000 ____D () C:\Program Files\Java
2014-05-06 10:03 - 2014-05-06 10:04 - 30818216 _____ (Oracle Corporation) C:\Users\Barry Chapman\Downloads\jre-7u55-windows-x64.exe
2014-05-06 09:31 - 2006-05-16 21:40 - 00233744 _____ (EMC Corporation) C:\Windows\SysWOW64\PIXMDLN.DLL
2014-05-06 09:27 - 2014-05-06 09:27 - 28808192 _____ () C:\Users\Barry Chapman\Downloads\CP_Upgrade_Ver_3097 (1).exe
2014-05-06 09:09 - 2009-05-13 16:16 - 00200704 _____ (EMC Corporation) C:\Windows\SysWOW64\twpix32.dll
2014-05-06 09:09 - 2009-05-13 16:05 - 00021008 _____ (Microsoft Corporation) C:\Windows\system\Ctl3d.dll
2014-05-06 09:09 - 2003-12-18 18:09 - 00231552 _____ (Pixel Translations Incorporated) C:\Windows\system\Pixdflt.dll
2014-05-06 09:09 - 2003-12-18 18:09 - 00023152 _____ (Pixel Translations Incorporated) C:\Windows\system\Pixperm.dll
2014-05-06 09:09 - 2003-12-18 18:09 - 00016064 _____ (Pixel Translations Incorporated) C:\Windows\system\Pixloc.dll
2014-05-06 09:09 - 2002-11-06 11:21 - 00063248 _____ () C:\Windows\SysWOW64\picn1120.ssm
2014-05-06 09:09 - 1998-04-13 13:13 - 00098304 _____ (Cornerstone Imaging, Inc.) C:\Windows\SysWOW64\Wiaext32.dll
2014-05-06 09:06 - 2014-05-06 09:06 - 00000000 _____ () C:\Users\Barry Chapman\Sti_Trace.log
2014-05-06 09:05 - 2014-05-20 17:26 - 00000000 ____D () C:\Users\Barry Chapman\Desktop\CapturePerfect 3.0
2014-05-06 08:51 - 2014-05-06 08:51 - 00249856 _____ () C:\Users\Barry Chapman\Downloads\RepairReg.exe
2014-05-06 08:51 - 2014-05-06 08:51 - 00000000 ____D () C:\DR Scanner
2014-05-06 08:45 - 2014-05-06 08:47 - 79468544 _____ () C:\Users\Barry Chapman\Downloads\CP_Upgrade_V3137.exe
2014-05-06 08:43 - 2014-05-06 08:43 - 00000000 ____D () C:\DR2580C
2014-05-06 08:42 - 2014-05-06 08:42 - 14393344 _____ () C:\Users\Barry Chapman\Downloads\2580DRIT_V18SP1.exe
2014-05-06 08:37 - 2008-11-11 19:00 - 00096768 _____ (Canon Electronics Inc.) C:\Windows\system32\DR25CPL.dll
2014-05-06 08:37 - 2007-04-24 07:53 - 00083456 _____ (Canon Electronics Inc.) C:\Windows\system32\CeiUSB64.dll
2014-05-06 08:35 - 2014-05-06 08:35 - 00000000 ____D () C:\Users\Barry Chapman\Downloads\d1041mux
2014-05-06 08:34 - 2014-05-06 08:35 - 13259652 _____ () C:\Users\Barry Chapman\Downloads\d1041mux.zip
2014-05-06 07:52 - 2014-05-20 18:19 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-06 07:31 - 2014-05-06 07:31 - 00003228 _____ () C:\Windows\System32\Tasks\{E819857F-629F-4F7B-9FE3-F8B1467A5C1B}
2014-05-06 07:29 - 2014-05-07 09:22 - 00000000 ____D () C:\CapturePerfect Upgrade
2014-05-06 03:03 - 2014-05-06 03:03 - 00288324 _____ () C:\Windows\msxml4-KB973688-enu.LOG
2014-05-06 03:02 - 2014-05-06 03:03 - 00292408 _____ () C:\Windows\msxml4-KB954430-enu.LOG
2014-05-06 03:02 - 2014-05-06 03:02 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-05-05 17:52 - 2014-05-05 19:26 - 28808192 _____ () C:\Users\Barry Chapman\Downloads\CP_Upgrade_Ver_3097.exe
2014-05-05 17:44 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon DR-2580C
2014-05-05 17:43 - 2014-05-06 09:06 - 00005432 _____ () C:\Windows\pixcache.ini
2014-05-05 17:43 - 2014-05-05 17:43 - 00003050 _____ () C:\Windows\System32\Tasks\{BEA2EFCD-E2FA-474A-BB2F-ADE6F46BED5D}
2014-05-05 16:56 - 2014-05-05 16:56 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\AdobeUM
2014-05-05 16:54 - 2014-05-14 15:27 - 00002501 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat 7.0 Standard.lnk
2014-05-05 16:54 - 2014-05-14 14:44 - 00002459 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Distiller 7.0.lnk
2014-05-05 16:54 - 2014-05-05 16:54 - 00002039 _____ () C:\Users\Public\Desktop\Adobe Acrobat 7.0 Standard.lnk
2014-05-05 16:53 - 2014-05-20 18:03 - 00000000 ____D () C:\Windows\SysWOW64\spool
2014-05-05 16:53 - 2014-05-19 10:44 - 00000000 ____D () C:\Users\Public\Documents\Adobe PDF
2014-05-05 16:24 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-05-05 16:24 - 2014-05-20 17:51 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-05-05 16:24 - 2014-05-20 17:45 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-05-05 16:23 - 2014-05-05 16:24 - 13084896 _____ (Microsoft Corporation) C:\Users\Barry Chapman\Downloads\Silverlight_x64 (1).exe
2014-05-05 16:23 - 2014-05-05 16:23 - 13084896 _____ (Microsoft Corporation) C:\Users\Barry Chapman\Downloads\Silverlight_x64.exe
2014-05-05 16:15 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
2014-05-05 16:15 - 2014-05-20 17:51 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-05-05 16:15 - 2014-05-05 16:15 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_point64_01011.Wdf
2014-05-05 16:12 - 2014-05-05 16:12 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_dc3d_01011.Wdf
2014-05-05 15:52 - 2014-05-05 15:53 - 19495200 _____ () C:\Users\Barry Chapman\Downloads\upd-ps-x64-5.8.0.17508.exe
2014-05-05 15:50 - 2014-05-05 15:53 - 00000000 ____D () C:\HP Universal Print Driver
2014-05-05 15:49 - 2014-05-05 15:49 - 18409760 _____ () C:\Users\Barry Chapman\Downloads\upd-pcl6-x64-5.8.0.17508.exe
2014-05-05 14:53 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Landtech XML
2014-05-05 14:53 - 2014-05-05 14:53 - 00001534 _____ () C:\Users\Barry Chapman\Desktop\Landtech XML.lnk
2014-05-05 14:52 - 2014-05-05 14:52 - 00204800 _____ (Landtech Data Corporation) C:\Windows\SysWOW64\ltwpvsw.DLL
2014-05-05 14:52 - 2014-05-05 14:52 - 00065536 _____ (Landtech Data Corp.) C:\Windows\SysWOW64\LTWNode.exe
2014-05-05 14:52 - 2014-05-05 14:52 - 00004726 _____ () C:\Windows\BOOTSTRAP.LOG
2014-05-05 14:52 - 2014-05-05 14:52 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Landtech XML
2014-05-05 14:44 - 2014-05-05 14:44 - 00000519 _____ () C:\Windows\ODBCINST.INI
2014-05-05 14:44 - 2014-05-05 14:44 - 00000000 ____D () C:\ProgramData\Pervasive Software
2014-05-05 14:44 - 2014-05-05 14:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pervasive
2014-05-05 14:44 - 2014-05-05 14:44 - 00000000 ____D () C:\Program Files (x86)\Pervasive Software
2014-05-05 14:18 - 2014-05-05 14:18 - 00000000 ____D () C:\Wages
2014-05-05 14:15 - 2014-05-05 14:17 - 88823072 _____ () C:\Users\Barry Chapman\Downloads\PSQL-Workgroup-10.30.022.000-win.x86.exe
2014-05-05 14:07 - 2001-06-01 14:17 - 00169600 _____ (Wintertree Software Inc.) C:\Windows\SysWOW64\WSpell.ocx
2014-05-05 12:36 - 2014-05-20 17:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WP-64
2014-05-05 12:34 - 2014-05-05 12:34 - 32856361 _____ (wpdos.org ) C:\Users\Barry Chapman\Downloads\WP64DOSBox-Setup.exe
2014-05-05 12:22 - 2014-05-14 13:26 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Help
2014-05-05 12:22 - 2014-05-09 09:28 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Help
2014-05-05 11:45 - 2014-05-21 16:21 - 00037861 _____ () C:\Users\Barry Chapman\AppData\Roaming\Comma Separated Values (Windows).ADR
2014-05-05 11:40 - 2014-05-05 11:40 - 00321535 _____ () C:\Users\Barry Chapman\Downloads\contacts.csv
2014-05-05 11:26 - 2014-05-05 11:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-05 11:25 - 2014-05-05 11:25 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Barry Chapman\Downloads\mbam-setup-2.0.1.1004 (1).exe
2014-05-05 11:24 - 2014-05-05 11:25 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Barry Chapman\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-05 11:16 - 2014-05-05 11:17 - 01069064 _____ (Medlin Accounting Software ) C:\Users\Barry Chapman\Downloads\_05-01-2014_medlin_PR_4-6.exe
2014-05-05 10:49 - 2014-05-25 12:10 - 00000000 ____D () C:\MWACCT
2014-05-05 10:49 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Medlin Accounting
2014-05-05 10:49 - 2014-05-05 11:17 - 00000580 _____ () C:\Users\Public\Desktop\Medlin Accounting.lnk
2014-05-05 10:49 - 1998-05-11 20:01 - 01355776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvbvm50.dll
2014-05-05 10:40 - 2014-05-05 10:40 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\QuickenWindow
2014-05-05 10:36 - 2014-05-05 10:36 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\IsolatedStorage
2014-05-05 10:28 - 2014-05-05 10:28 - 00000000 ____D () C:\Users\Barry Chapman\Documents\Quicken
2014-05-05 10:24 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quicken 2014
2014-05-05 10:24 - 2014-05-20 17:46 - 00000000 ____D () C:\Program Files (x86)\Quicken
2014-05-05 10:24 - 2014-05-05 10:24 - 00001808 _____ () C:\Users\Public\Desktop\Quicken Deluxe 2014.lnk
2014-05-05 10:24 - 2014-05-05 10:24 - 00000126 _____ () C:\Windows\QUICKEN.INI
2014-05-05 10:24 - 2014-05-05 10:24 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Intuit
2014-05-05 10:24 - 2009-05-12 15:14 - 04169728 _____ (Amyuni Technologies http://www.amyuni.com) C:\Windows\SysWOW64\cdintf400.dll
2014-05-05 10:23 - 2014-05-05 10:23 - 00000000 ____D () C:\ProgramData\Intuit
2014-05-05 10:18 - 2014-05-05 10:21 - 112168720 _____ (Intuit Inc. ) C:\Users\Barry Chapman\Downloads\QW14DLX.exe
2014-05-05 10:13 - 2014-05-20 17:52 - 00000000 ____D () C:\Quicken 2014
2014-05-05 08:58 - 2014-05-05 08:58 - 00000000 __SHD () C:\Users\Barry Chapman\AppData\Local\EmieUserList
2014-05-05 08:58 - 2014-05-05 08:58 - 00000000 __SHD () C:\Users\Barry Chapman\AppData\Local\EmieSiteList
2014-05-05 03:10 - 2014-03-06 05:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-05 03:10 - 2014-03-06 04:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-05 03:10 - 2014-03-06 04:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
brchapman
2014-05-27, 23:27
:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-05 03:10 - 2014-03-06 04:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-05 03:10 - 2014-03-06 04:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-05 03:10 - 2014-03-06 04:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-05 03:10 - 2014-03-06 04:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-05 03:10 - 2014-03-06 04:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-05 03:10 - 2014-03-06 04:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-05 03:10 - 2014-03-06 04:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-05 03:10 - 2014-03-06 04:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-05 03:10 - 2014-03-06 04:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-05 03:10 - 2014-03-06 04:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-05 03:10 - 2014-03-06 04:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-05 03:10 - 2014-03-06 04:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-05 03:10 - 2014-03-06 04:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-05 03:10 - 2014-03-06 04:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-05 03:10 - 2014-03-06 03:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-05 03:10 - 2014-03-06 03:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-05 03:10 - 2014-03-06 03:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-05 03:10 - 2014-03-06 03:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-05 03:10 - 2014-03-06 03:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-05 03:10 - 2014-03-06 03:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-05 03:10 - 2014-03-06 03:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-05 03:10 - 2014-03-06 03:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-05 03:10 - 2014-03-06 03:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-05 03:10 - 2014-03-06 03:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-05 03:10 - 2014-03-06 03:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-05 03:10 - 2014-03-06 03:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-05 03:10 - 2014-03-06 03:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-05 03:10 - 2014-03-06 03:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-05 03:10 - 2014-03-06 03:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-05 03:10 - 2014-03-06 03:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-05 03:10 - 2014-03-06 02:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-05 03:10 - 2014-03-06 02:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-05 03:10 - 2014-03-06 02:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-05 03:10 - 2014-03-06 02:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-05 03:10 - 2014-03-06 02:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-05 03:10 - 2014-03-06 01:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-05 03:10 - 2014-03-06 01:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-05 03:10 - 2014-03-06 01:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-05 03:10 - 2014-03-06 01:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-05 03:10 - 2014-03-06 01:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-05 03:06 - 2014-05-05 03:06 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-05-05 03:06 - 2014-05-05 03:06 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-05-04 03:06 - 2012-07-25 23:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2014-05-04 03:06 - 2012-07-25 23:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-05-04 03:06 - 2012-07-25 23:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-05-04 03:06 - 2012-07-25 23:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-05-04 03:06 - 2012-07-25 23:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2014-05-04 03:06 - 2012-07-25 22:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-05-04 03:06 - 2012-07-25 22:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-05-04 03:06 - 2012-06-02 10:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-05-03 16:58 - 2014-01-28 22:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-05-03 16:58 - 2014-01-28 22:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-05-03 16:58 - 2014-01-27 22:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-05-03 16:58 - 2013-12-31 19:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-05-03 16:58 - 2013-12-31 19:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-05-03 16:58 - 2013-12-05 22:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-05-03 16:58 - 2013-12-05 22:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-05-03 16:58 - 2013-12-05 22:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-05-03 16:58 - 2013-12-05 22:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-05-03 16:58 - 2013-11-23 14:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-05-03 16:58 - 2013-11-23 13:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-05-03 16:58 - 2011-04-09 02:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-05-03 16:58 - 2011-04-09 01:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-05-03 16:55 - 2014-02-06 21:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-05-03 16:55 - 2013-12-24 19:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-05-03 16:55 - 2013-12-24 18:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-05-03 16:55 - 2013-12-03 22:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-05-03 16:55 - 2013-12-03 22:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-05-03 16:55 - 2013-12-03 22:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-05-03 16:55 - 2013-12-03 22:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-05-03 16:55 - 2013-12-03 22:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-05-03 16:55 - 2013-12-03 22:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-05-03 16:55 - 2013-12-03 22:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-05-03 16:55 - 2013-12-03 22:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-05-03 16:55 - 2013-12-03 22:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-05-03 16:55 - 2013-12-03 22:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-05-03 16:55 - 2013-12-03 22:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-05-03 16:55 - 2013-12-03 22:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-05-03 16:55 - 2013-12-03 22:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-05-03 16:55 - 2013-12-03 22:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-05-03 16:55 - 2013-12-03 21:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-05-03 16:55 - 2013-12-03 21:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-05-03 16:55 - 2013-12-03 21:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-05-03 16:55 - 2013-12-03 21:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-05-03 16:55 - 2013-11-26 21:42 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-05-03 16:55 - 2013-11-26 21:42 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-05-03 16:55 - 2013-11-26 21:42 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-05-03 16:55 - 2013-11-26 21:42 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-05-03 16:55 - 2013-11-26 21:42 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-05-03 16:55 - 2013-11-26 04:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-05-03 16:55 - 2013-11-22 18:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-05-03 16:53 - 2014-03-04 05:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-05-03 16:53 - 2014-03-04 05:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-05-03 16:53 - 2014-03-04 05:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-05-03 16:53 - 2014-03-04 05:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-05-03 16:53 - 2014-03-04 05:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-05-03 16:53 - 2014-03-04 05:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-05-03 16:53 - 2014-03-04 05:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-05-03 16:53 - 2014-03-04 05:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-05-03 16:53 - 2014-03-04 05:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-05-03 16:53 - 2014-03-04 04:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-05-03 16:53 - 2014-03-04 04:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-05-03 16:53 - 2014-02-03 22:37 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-05-03 16:53 - 2014-02-03 22:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-05-03 16:53 - 2014-02-03 22:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-05-03 16:53 - 2014-02-03 22:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-05-03 16:53 - 2014-02-03 22:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-05-03 16:53 - 2014-02-03 22:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-05-03 16:53 - 2014-02-03 22:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-05-03 16:53 - 2014-02-03 22:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-05-03 16:53 - 2014-02-03 22:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-05-03 16:53 - 2014-01-23 22:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-05-03 16:53 - 2013-11-26 07:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-05-03 16:53 - 2013-07-20 06:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-05-03 16:53 - 2013-07-20 06:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-05-03 16:53 - 2011-02-18 06:51 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2014-05-03 16:53 - 2011-02-18 01:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2014-05-03 16:46 - 2014-05-03 16:46 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-05-03 16:40 - 2014-05-14 11:55 - 00000000 ____D () C:\Office 2000
2014-05-03 16:36 - 2014-05-20 18:02 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-05-03 16:34 - 2014-05-22 16:23 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-03 16:34 - 2014-05-20 17:52 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Microsoft Help
2014-05-03 16:32 - 2014-05-20 17:52 - 00000000 ____D () C:\Users\Barry Chapman\Downloads\DVD_Office_2010_32Bit
2014-05-03 16:26 - 2014-05-03 16:26 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\WinRAR
2014-05-03 16:23 - 2014-05-03 16:23 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Macromedia
2014-05-03 16:21 - 2014-05-20 17:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-03 16:21 - 2014-05-20 17:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-03 16:21 - 2014-05-03 16:21 - 00001161 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-03 16:21 - 2014-05-03 16:21 - 00001149 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-03 16:21 - 2014-05-03 16:21 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Mozilla
2014-05-03 16:21 - 2014-05-03 16:21 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Mozilla
2014-05-03 16:21 - 2014-05-03 16:21 - 00000000 ____D () C:\ProgramData\Mozilla
2014-05-03 16:19 - 2014-05-03 16:19 - 00282960 _____ (Mozilla) C:\Users\Barry Chapman\Downloads\Firefox Setup Stub 29.0.exe
2014-05-03 16:11 - 2014-05-03 16:30 - 628097024 _____ () C:\Users\Barry Chapman\Downloads\DVD_Office_2010_32Bit.iso
2014-05-03 16:10 - 2014-05-20 17:52 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-05-03 16:10 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-05-03 16:10 - 2014-05-20 17:46 - 00000000 ____D () C:\Program Files (x86)\WinRAR
2014-05-03 16:10 - 2014-05-03 16:10 - 01766784 _____ () C:\Users\Barry Chapman\Downloads\wrar500.exe
2014-05-03 16:10 - 2014-05-03 16:10 - 00001007 _____ () C:\Users\Public\Desktop\WinRAR.lnk
2014-05-03 15:48 - 2009-07-13 21:41 - 00886784 _____ (Microsoft Corporation) C:\Windows\system32\wab32.dll
2014-05-03 15:48 - 2009-07-13 21:33 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\wab32res.dll
2014-05-03 15:41 - 2014-05-03 15:41 - 00000376 _____ () C:\Windows\ODBC.INI
2014-05-03 15:40 - 2014-05-20 17:55 - 00000000 ____D () C:\Windows\Msagent
2014-05-03 15:40 - 2014-05-03 15:40 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Microsoft Web Folders
2014-05-03 15:33 - 2009-08-04 13:56 - 00296960 _____ (Microsoft Corporation) C:\Windows\winhlp32.exe
2014-05-03 15:33 - 2009-08-04 13:55 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftsrch.dll
2014-05-03 15:33 - 2009-08-04 13:55 - 00195072 _____ (Microsoft Corporation) C:\Windows\system32\ftsrch.dll
2014-05-03 15:33 - 2009-08-04 13:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftlx041e.dll
2014-05-03 15:33 - 2009-08-04 13:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\ftlx041e.dll
2014-05-03 15:33 - 2009-08-04 13:55 - 00009216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftlx0411.dll
2014-05-03 15:33 - 2009-08-04 13:55 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\ftlx0411.dll
2014-05-03 15:20 - 2014-05-03 15:20 - 00718172 _____ () C:\Users\Barry Chapman\Downloads\Windows6.1-KB917607-x64.msu
2014-05-03 15:20 - 2014-05-03 15:20 - 00703811 _____ () C:\Users\Barry Chapman\Downloads\Windows6.1-KB917607-x86.msu
2014-05-03 14:40 - 2014-05-20 11:10 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Adobe
2014-05-03 14:29 - 2014-05-20 17:50 - 00000000 ____D () C:\Program Files (x86)\wp51
2014-05-03 14:14 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FAX User Software
2014-05-03 14:14 - 2014-05-03 14:14 - 00000000 ____D () C:\Program Files (x86)\Kyocera
2014-05-03 14:02 - 2014-05-03 14:02 - 00003102 _____ () C:\Windows\System32\Tasks\{274EC4EA-7BEE-46DD-B238-1777098F3282}
2014-05-03 13:53 - 2014-05-03 13:53 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Canon Electronics
2014-05-03 13:38 - 2014-05-03 13:52 - 00000000 ____D () C:\Users\Barry Chapman\Documents\Corel User Files
2014-05-03 13:38 - 2014-05-03 13:38 - 00061678 _____ () C:\Users\Barry Chapman\AppData\Roaming\PFP120JPR.{PB
2014-05-03 13:38 - 2014-05-03 13:38 - 00012358 _____ () C:\Users\Barry Chapman\AppData\Roaming\PFP120JCM.{PB
2014-05-03 13:38 - 2014-05-03 13:38 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Corel
2014-05-03 13:31 - 2013-07-04 13:57 - 00067888 _____ (Canon Electronics Inc.) C:\Windows\SysWOW64\SuStiUtl.dll
2014-05-03 13:31 - 2006-05-16 21:19 - 00021008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CTL3D.DLL
2014-05-03 13:30 - 2014-05-20 17:55 - 00000000 ____D () C:\Windows\PIXTRAN
2014-05-03 13:30 - 2014-05-20 17:52 - 00000000 ____D () C:\Users\Barry Chapman\Desktop\Canon DR-2580C
2014-05-03 13:30 - 2014-05-07 09:25 - 00000000 ____D () C:\Program Files (x86)\Canon Electronics
2014-05-03 13:30 - 2014-05-06 13:22 - 00000125 _____ () C:\Windows\SetScan.ini
2014-05-03 13:30 - 2014-05-06 13:12 - 00017862 _____ () C:\Windows\DPINST.LOG
2014-05-03 13:30 - 2009-05-13 16:05 - 00401484 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Msvcrtd.dll
2014-05-03 13:30 - 2006-05-16 21:40 - 00221456 _____ (EMC Corporation) C:\Windows\SysWOW64\PIXDFLTN.DLL
2014-05-03 13:30 - 2006-05-16 21:40 - 00180224 _____ (Pegasus Imaging Corp.) C:\Windows\SysWOW64\PIXN1120.DLL
2014-05-03 13:30 - 2006-05-16 21:40 - 00176128 _____ (Pegasus Imaging Corp.) C:\Windows\SysWOW64\PIXN1520.DLL
2014-05-03 13:30 - 2006-05-16 21:40 - 00155648 _____ (Pegasus Imaging Corp.) C:\Windows\SysWOW64\PIXN1020.DLL
2014-05-03 13:30 - 2006-05-16 21:40 - 00114688 _____ (Pegasus Imaging Corp.) C:\Windows\SysWOW64\PIXN1320.DLL
2014-05-03 13:30 - 2006-05-16 21:40 - 00074000 _____ (EMC Corporation) C:\Windows\SysWOW64\PIXLOCN.DLL
2014-05-03 13:30 - 2006-05-16 21:40 - 00053520 _____ (EMC Corporation) C:\Windows\SysWOW64\PIXPERMN.DLL
2014-05-03 13:30 - 2006-05-16 21:40 - 00051712 _____ (Pegasus Imaging Corp.) C:\Windows\SysWOW64\PIXN20.DLL
2014-05-03 13:30 - 2005-08-09 17:34 - 00094208 _____ (Canon Electronics Inc.) C:\Windows\SysWOW64\DR25CPL.dll
2014-05-03 13:30 - 2005-06-14 08:29 - 00036864 _____ (Canon Electronics Inc.) C:\Windows\SysWOW64\CeiUSB2.dll
2014-05-03 13:30 - 2005-02-15 13:18 - 00106496 _____ (Canon Electronics) C:\Windows\SysWOW64\DR25SVC.dll
2014-05-03 13:30 - 2002-09-25 16:02 - 00602384 _____ (Pixel Translations Incorporated) C:\Windows\SysWOW64\pixipdll.dll
2014-05-03 13:30 - 2002-05-13 22:55 - 00014000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Drivers\usbscan.sys
2014-05-03 13:30 - 1998-10-29 16:45 - 00306688 _____ (InstallShield Software Corporation) C:\Windows\IsUninst.exe
2014-05-03 13:17 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WordPerfect Office 12
2014-05-03 13:17 - 2014-05-03 13:17 - 00002607 _____ () C:\Users\Barry Chapman\Desktop\WordPerfect.lnk
2014-05-03 13:14 - 2014-05-05 12:18 - 00000000 ____D () C:\Program Files (x86)\WordPerfect Office 12
2014-05-03 12:01 - 2014-05-04 18:11 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\PCDr
2014-05-02 20:32 - 2012-06-02 18:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-05-02 20:32 - 2012-06-02 18:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-05-02 20:32 - 2012-06-02 18:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-05-02 20:32 - 2012-06-02 18:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-05-02 20:32 - 2012-06-02 18:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-05-02 20:32 - 2012-06-02 18:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-05-02 20:32 - 2012-06-02 18:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-05-02 20:32 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-05-02 20:32 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-05-02 19:50 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
2014-05-02 16:23 - 2014-05-21 09:17 - 00002310 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-02 16:23 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-02 16:12 - 2014-05-27 15:55 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-02 16:12 - 2014-05-27 15:55 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-02 16:12 - 2014-05-22 15:36 - 00000000 ____D () C:\Program Files (x86)\Google
2014-05-02 16:12 - 2014-05-07 15:50 - 00003908 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-02 16:12 - 2014-05-07 15:50 - 00003656 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-02 16:12 - 2014-05-02 16:23 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Google
2014-05-02 15:58 - 2014-05-20 13:56 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Deployment
2014-05-02 15:58 - 2014-05-02 15:58 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Apps\2.0
2014-05-02 15:45 - 2014-05-20 17:32 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-05-02 15:45 - 2014-05-20 17:26 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Opera Software
2014-05-02 15:45 - 2014-05-15 14:40 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Opera Software
2014-05-02 15:42 - 2014-05-02 15:42 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Macromedia
2014-05-02 15:26 - 2014-05-02 15:26 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Intel Corporation
2014-05-02 15:25 - 2014-05-27 12:36 - 00003440 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
2014-05-02 15:25 - 2014-05-25 10:37 - 00000000 ___RD () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-02 15:25 - 2014-05-20 17:52 - 00000000 ___RD () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-02 15:25 - 2014-05-20 17:51 - 00000000 ____D () C:\ProgramData\Atheros
2014-05-02 15:25 - 2014-05-20 16:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Adobe
2014-05-02 15:25 - 2014-05-20 16:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\VirtualStore
2014-05-02 15:25 - 2014-05-13 08:51 - 00000000 ____D () C:\Users\Barry Chapman\Documents\Bluetooth Folder
2014-05-02 15:25 - 2014-05-02 15:25 - 00004004 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2014-05-02 15:25 - 2014-05-02 15:25 - 00003214 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest
2014-05-02 15:25 - 2014-05-02 15:25 - 00001415 _____ () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-02 15:25 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Leadertech
2014-05-02 15:25 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Dell
2014-05-02 15:25 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Atheros
2014-05-02 15:25 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\BMExplorer
2014-05-02 15:23 - 2014-05-13 16:30 - 00000000 ____D () C:\ProgramData\softthinks
2014-05-02 15:23 - 2014-05-02 15:23 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\softthinks
2014-05-02 15:23 - 2013-12-05 03:16 - 00000114 ____H () C:\DBAR_Ver.txt
2014-05-02 15:18 - 2014-05-20 18:27 - 00132680 _____ () C:\Users\Barry Chapman\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-02 15:18 - 2014-05-02 15:18 - 00001975 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Help Documentation.lnk
2014-05-02 15:17 - 2014-05-20 18:25 - 00000000 ____D () C:\Users\Barry Chapman
2014-05-02 15:17 - 2014-05-20 17:52 - 00000000 ___RD () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-02 15:17 - 2014-05-20 17:52 - 00000000 ___RD () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-02 15:17 - 2014-05-02 15:17 - 00000020 ___SH () C:\Users\Barry Chapman\ntuser.ini
==================== One Month Modified Files and Folders =======
2014-05-27 16:22 - 2014-05-27 16:22 - 00019141 _____ () C:\Users\Barry Chapman\Desktop\FRST.txt
2014-05-27 16:22 - 2014-05-27 16:22 - 00000000 ____D () C:\FRST
2014-05-27 16:21 - 2014-05-27 16:21 - 02066944 _____ (Farbar) C:\Users\Barry Chapman\Desktop\FRST64.exe
2014-05-27 16:07 - 2014-03-21 13:36 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-27 15:57 - 2014-05-27 10:02 - 00198204 _____ () C:\Users\Barry Chapman\Downloads\OTL.Txt
2014-05-27 15:55 - 2014-05-02 16:12 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-27 15:55 - 2014-05-02 16:12 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-27 15:49 - 2014-05-14 11:56 - 00000000 ____D () C:\Users\Barry Chapman\Documents\Outlook Files
2014-05-27 15:46 - 2009-07-14 01:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-05-27 15:40 - 2014-05-27 13:59 - 00000008 _____ () C:\LTLASTFN.DAT
2014-05-27 15:30 - 2014-05-27 15:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-05-27 15:23 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-05-27 13:31 - 2009-07-14 01:13 - 00791990 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-27 13:31 - 2009-07-14 00:45 - 00021312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-27 13:31 - 2009-07-14 00:45 - 00021312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-27 13:29 - 2014-05-27 13:29 - 00043987 _____ () C:\ComboFix.txt
2014-05-27 13:29 - 2014-05-27 12:50 - 00000000 ____D () C:\Qoobox
2014-05-27 13:29 - 2009-07-13 23:20 - 00000000 __RHD () C:\Users\Default
2014-05-27 13:28 - 2014-03-22 04:31 - 01430462 _____ () C:\Windows\WindowsUpdate.log
2014-05-27 13:27 - 2014-05-25 10:38 - 00000000 ____D () C:\Windows\ERDNT
2014-05-27 13:26 - 2014-03-21 13:56 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery
2014-05-27 13:24 - 2014-05-09 07:39 - 00000000 ____D () C:\ProgramData\VMware
2014-05-27 13:24 - 2009-07-13 22:34 - 00000215 _____ () C:\Windows\system.ini
2014-05-27 13:23 - 2010-11-20 23:47 - 00310102 _____ () C:\Windows\PFRO.log
2014-05-27 13:23 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-27 13:23 - 2009-07-14 00:51 - 00042071 _____ () C:\Windows\setupact.log
2014-05-27 12:51 - 2014-05-27 12:51 - 00001540 _____ () C:\Users\Barry Chapman\Desktop\ComboFix.exe - Shortcut.lnk
2014-05-27 12:47 - 2014-05-27 12:46 - 05203612 ____R () C:\Users\Barry Chapman\Downloads\ComboFix.exe
2014-05-27 12:36 - 2014-05-02 15:25 - 00003440 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
2014-05-27 11:30 - 2014-05-27 11:30 - 00000000 ___RD () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-05-27 11:23 - 2014-05-27 11:23 - 00000000 ____D () C:\_OTL
2014-05-27 10:03 - 2014-05-27 10:03 - 00056788 _____ () C:\Users\Barry Chapman\Downloads\Extras.Txt
2014-05-27 09:54 - 2014-05-27 09:54 - 00602112 _____ (OldTimer Tools) C:\Users\Barry Chapman\Downloads\OTL.exe
2014-05-27 09:22 - 2014-05-16 10:51 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\CrashDumps
2014-05-27 09:18 - 2014-05-27 09:18 - 00000000 ____D () C:\Malwarebytes' Anti-Malware
2014-05-27 09:13 - 2014-05-27 09:25 - 01440846 _____ () C:\Program Files (x86)\mbam-chameleon-1.62.1.1000.zip
2014-05-27 09:01 - 2014-05-27 09:01 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Barry Chapman\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-05-27 08:58 - 2014-05-27 08:58 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Barry Chapman\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-26 10:25 - 2014-05-19 16:42 - 00000000 ____D () C:\AdwCleaner
2014-05-26 10:24 - 2014-05-14 15:56 - 00000000 ____D () C:\Program Files (x86)\MSR
2014-05-26 10:17 - 2014-05-26 10:17 - 01327971 _____ () C:\Users\Barry Chapman\Downloads\AdwCleaner.exe
2014-05-26 10:07 - 2014-03-21 13:52 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-05-25 12:10 - 2014-05-05 10:49 - 00000000 ____D () C:\MWACCT
2014-05-25 11:49 - 2014-05-25 11:49 - 00004447 _____ () C:\Users\Barry Chapman\Desktop\attach.zip
2014-05-25 11:38 - 2014-05-25 11:38 - 00002135 _____ () C:\Users\Barry Chapman\Desktop\aswMBR.txt
2014-05-25 11:38 - 2014-05-25 11:38 - 00000512 _____ () C:\Users\Barry Chapman\Desktop\MBR.dat
2014-05-25 10:52 - 2014-05-25 10:52 - 00004315 _____ () C:\Users\Barry Chapman\Desktop\attach.rar
2014-05-25 10:46 - 2014-05-25 10:46 - 00042419 _____ () C:\Users\Barry Chapman\Desktop\dds.txt
2014-05-25 10:46 - 2014-05-25 10:46 - 00020635 _____ () C:\Users\Barry Chapman\Desktop\attach.txt
2014-05-25 10:43 - 2014-05-25 10:43 - 04745728 _____ (AVAST Software) C:\Users\Barry Chapman\Downloads\aswMBR.exe
2014-05-25 10:38 - 2014-05-25 10:38 - 00688992 ____R (Swearware) C:\Users\Barry Chapman\Downloads\dds (1).scr
2014-05-25 10:37 - 2014-05-25 10:36 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-05-25 10:37 - 2014-05-02 15:25 - 00000000 ___RD () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-25 10:36 - 2014-05-25 10:36 - 00791393 _____ (Lars Hederer ) C:\Users\Barry Chapman\Downloads\erunt-setup (2).exe
2014-05-25 10:36 - 2014-05-25 10:36 - 00000960 _____ () C:\Users\Barry Chapman\Desktop\ERUNT.lnk
2014-05-25 10:36 - 2014-05-25 10:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
2014-05-24 12:00 - 2014-05-24 12:00 - 00688992 _____ (Swearware) C:\Users\Barry Chapman\Downloads\dds.scr
2014-05-24 11:59 - 2014-05-24 11:59 - 00791393 _____ (Lars Hederer ) C:\Users\Barry Chapman\Downloads\erunt-setup (1).exe
2014-05-24 11:57 - 2014-05-24 11:57 - 00791393 _____ (Lars Hederer ) C:\Users\Barry Chapman\Downloads\erunt-setup.exe
2014-05-23 08:25 - 2014-05-23 08:25 - 00000000 ____D () C:\New folder
2014-05-23 07:59 - 2009-07-13 23:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-23 07:48 - 2014-05-23 07:48 - 624028561 _____ () C:\Windows\MEMORY.DMP
2014-05-23 07:48 - 2014-05-23 07:48 - 00280128 _____ () C:\Windows\Minidump\052314-21138-01.dmp
2014-05-23 07:48 - 2014-05-23 07:48 - 00000000 ____D () C:\Windows\Minidump
2014-05-23 07:43 - 2014-05-23 07:43 - 00162208 _____ () C:\Users\Barry Chapman\Downloads\Antivirus_Free_Edition (1).exe
2014-05-23 07:43 - 2014-05-23 07:40 - 10447328 _____ () C:\Users\Barry Chapman\Downloads\Antivirus_Free_Edition_x64.exe
2014-05-23 07:41 - 2014-05-23 07:41 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\QuickScan
2014-05-23 07:39 - 2014-05-23 07:39 - 00162208 _____ () C:\Users\Barry Chapman\Downloads\Antivirus_Free_Edition.exe
2014-05-23 07:03 - 2014-05-21 11:16 - 00000000 ____D () C:\ProgramData\MFAData
2014-05-22 16:23 - 2014-05-03 16:34 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-22 16:19 - 2009-07-13 22:34 - 00000510 _____ () C:\Windows\win.ini
2014-05-22 15:37 - 2014-05-22 15:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2014-05-22 15:36 - 2014-05-02 16:12 - 00000000 ____D () C:\Program Files (x86)\Google
2014-05-22 15:35 - 2014-05-22 15:35 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-05-22 15:35 - 2014-05-22 15:35 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-05-22 15:35 - 2014-05-22 15:35 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-05-22 15:35 - 2014-05-22 15:35 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-05-22 15:35 - 2014-05-22 15:35 - 00000000 ____D () C:\Program Files (x86)\Java
2014-05-22 13:23 - 2014-05-22 13:22 - 00051706 _____ () C:\Windows\SysWOW64\bddel.dat
2014-05-22 10:51 - 2014-05-15 11:21 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-05-22 10:49 - 2014-05-15 11:40 - 00001446 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-05-22 10:49 - 2014-05-15 11:40 - 00001434 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-05-22 10:49 - 2014-05-15 11:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-05-22 10:49 - 2014-05-15 11:21 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-05-22 10:47 - 2014-05-22 10:47 - 00000000 ____D () C:\Program Files (x86)\Spybot
2014-05-22 09:31 - 2014-05-22 08:13 - 00017970 _____ () C:\Users\Barry Chapman\Desktop\Nmc_2014-05-22_08-13-17.log
2014-05-22 08:11 - 2014-05-22 08:08 - 00003374 _____ () C:\Users\Barry Chapman\Desktop\Nmc_2014-05-22_08-08-46.log
2014-05-22 08:06 - 2014-05-22 07:57 - 332119856 _____ (Norman Shark AS) C:\Users\Barry Chapman\Downloads\Norman_Malware_Cleaner (1).exe
2014-05-21 16:21 - 2014-05-05 11:45 - 00037861 _____ () C:\Users\Barry Chapman\AppData\Roaming\Comma Separated Values (Windows).ADR
2014-05-21 11:27 - 2014-05-21 11:27 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\TuneUp Software
2014-05-21 11:16 - 2014-05-21 11:16 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\MFAData
2014-05-21 11:15 - 2014-05-21 11:15 - 04485528 _____ (AVG Technologies) C:\Users\Barry Chapman\Downloads\avg_free_stb_all_2014_4577_cnet.exe
2014-05-21 11:11 - 2014-03-21 13:52 - 00000000 ____D () C:\ProgramData\McAfee
2014-05-21 10:04 - 2014-05-21 09:31 - 00014960 _____ () C:\Users\Barry Chapman\Desktop\Nmc_2014-05-21_09-31-37.log
2014-05-21 09:17 - 2014-05-02 16:23 - 00002310 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-21 09:08 - 2014-05-21 09:01 - 331917560 _____ (Norman Shark AS) C:\Users\Barry Chapman\Downloads\Norman_Malware_Cleaner.exe
2014-05-20 18:49 - 2014-03-21 13:52 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2014-05-20 18:27 - 2014-05-02 15:18 - 00132680 _____ () C:\Users\Barry Chapman\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-20 18:25 - 2014-05-02 15:17 - 00000000 ____D () C:\Users\Barry Chapman
2014-05-20 18:24 - 2014-05-19 08:08 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-05-20 18:24 - 2014-03-21 13:45 - 00000000 ____D () C:\Program Files (x86)\Dell Wireless
2014-05-20 18:19 - 2014-05-06 07:52 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-20 18:19 - 2014-03-22 04:22 - 00000000 ____D () C:\Windows\system32\Drivers\tr-TR
2014-05-20 18:19 - 2014-03-22 04:22 - 00000000 ____D () C:\Windows\system32\Drivers\th-TH
2014-05-20 18:19 - 2014-03-22 04:22 - 00000000 ____D () C:\Windows\system32\Drivers\ro-RO
2014-05-20 18:19 - 2014-03-22 04:22 - 00000000 ____D () C:\Windows\system32\Drivers\he-IL
2014-05-20 18:19 - 2014-03-22 04:22 - 00000000 ____D () C:\Windows\system32\Drivers\ar-SA
2014-05-20 18:19 - 2010-11-21 03:17 - 00000000 ____D () C:\Windows\ShellNew
2014-05-20 18:19 - 2010-11-21 03:17 - 00000000 ____D () C:\Program Files\Windows Journal
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Windows\system32\WinBioPlugIns
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Windows\Offline Web Pages
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Windows\addins
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files\DVD Maker
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 __RSD () C:\Windows\Media
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\TAPI
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\uk-UA
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\th-TH
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\sr-Latn-CS
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\sppui
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\sl-SI
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\sk-SK
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Setup
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\ro-RO
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Recovery
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\ras
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\migwiz
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\manifeststore
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\lv-LV
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\lt-LT
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\InstallShield
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\icsxml
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\hr-HR
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\he-IL
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\et-EE
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\com
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\bg-BG
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\ar-SA
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\AdvancedInstallers
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\uk-UA
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\th-TH
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\sysprep
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\sppui
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\sl-SI
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\sk-SK
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Setup
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\ro-RO
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\ras
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\oobe
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Msdtc
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\migwiz
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\manifeststore
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\lv-LV
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\lt-LT
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\icsxml
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\ias
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\hr-HR
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\he-IL
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\et-EE
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\com
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\bg-BG
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\ar-SA
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\servicing
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\L2Schemas
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\IME
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\Cursors
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\Services
2014-05-20 18:03 - 2014-05-05 16:53 - 00000000 ____D () C:\Windows\SysWOW64\spool
2014-05-20 18:03 - 2014-03-21 13:42 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-05-20 18:03 - 2014-03-21 13:36 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-05-20 18:02 - 2014-05-03 16:36 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-05-20 18:02 - 2014-03-21 13:36 - 00000000 ____D () C:\Windows\system32\Macromed
2014-05-20 18:02 - 2009-07-14 01:32 - 00000000 ____D () C:\Windows\system32\restore
2014-05-20 18:02 - 2009-07-14 01:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-05-20 18:02 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-20 18:02 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system
2014-05-20 17:55 - 2014-05-13 11:18 - 00000000 ____D () C:\Windows\pss
2014-05-20 17:55 - 2014-05-03 15:40 - 00000000 ____D () C:\Windows\Msagent
2014-05-20 17:55 - 2014-05-03 13:30 - 00000000 ____D () C:\Windows\PIXTRAN
2014-05-20 17:53 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\Help
2014-05-20 17:52 - 2014-05-15 03:25 - 00000000 ___RD () C:\Users\Barry Chapman\Virtual Machines
2014-05-20 17:52 - 2014-05-14 15:54 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\wi_upd
2014-05-20 17:52 - 2014-05-14 10:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-05-20 17:52 - 2014-05-13 12:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backblaze
2014-05-20 17:52 - 2014-05-13 11:00 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\VMware
2014-05-20 17:52 - 2014-05-09 07:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
2014-05-20 17:52 - 2014-05-07 09:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CapturePerfect 3.1
2014-05-20 17:52 - 2014-05-06 10:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-20 17:52 - 2014-05-05 17:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon DR-2580C
2014-05-20 17:52 - 2014-05-05 16:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-05-20 17:52 - 2014-05-05 16:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
2014-05-20 17:52 - 2014-05-05 14:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Landtech XML
2014-05-20 17:52 - 2014-05-05 10:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Medlin Accounting
2014-05-20 17:52 - 2014-05-05 10:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quicken 2014
2014-05-20 17:52 - 2014-05-05 10:13 - 00000000 ____D () C:\Quicken 2014
2014-05-20 17:52 - 2014-05-03 16:34 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Microsoft Help
2014-05-20 17:52 - 2014-05-03 16:32 - 00000000 ____D () C:\Users\Barry Chapman\Downloads\DVD_Office_2010_32Bit
2014-05-20 17:52 - 2014-05-03 16:10 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-05-20 17:52 - 2014-05-03 16:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-05-20 17:52 - 2014-05-03 14:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FAX User Software
2014-05-20 17:52 - 2014-05-03 13:30 - 00000000 ____D () C:\Users\Barry Chapman\Desktop\Canon DR-2580C
2014-05-20 17:52 - 2014-05-03 13:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WordPerfect Office 12
2014-05-20 17:52 - 2014-05-02 16:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-20 17:52 - 2014-05-02 15:25 - 00000000 ___RD () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-20 17:52 - 2014-05-02 15:17 - 00000000 ___RD () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-20 17:52 - 2014-05-02 15:17 - 00000000 ___RD () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-20 17:52 - 2014-03-22 04:22 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Virtual PC
2014-05-20 17:52 - 2014-03-21 13:49 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2014-05-20 17:52 - 2014-03-21 13:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HotSpot
2014-05-20 17:52 - 2014-03-21 13:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atheros Smart Net
2014-05-20 17:52 - 2014-03-21 13:46 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BT Program
2014-05-20 17:52 - 2014-03-21 13:43 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2014-05-20 17:52 - 2014-03-21 13:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Audio
2014-05-20 17:52 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\AppCompat
2014-05-20 17:51 - 2014-05-05 16:24 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-05-20 17:51 - 2014-05-05 16:15 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-05-20 17:51 - 2014-05-02 15:25 - 00000000 ____D () C:\ProgramData\Atheros
2014-05-20 17:51 - 2014-03-21 13:52 - 00000000 ____D () C:\Program Files\mcafee.com
2014-05-20 17:51 - 2014-03-21 13:52 - 00000000 ____D () C:\Program Files\mcafee
2014-05-20 17:51 - 2014-03-21 13:50 - 00000000 ____D () C:\Program Files\My Dell
2014-05-20 17:51 - 2014-03-21 13:50 - 00000000 ____D () C:\Program Files\Dell Support Center
2014-05-20 17:51 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-05-20 17:50 - 2014-05-03 14:29 - 00000000 ____D () C:\Program Files (x86)\wp51
2014-05-20 17:46 - 2014-05-05 10:24 - 00000000 ____D () C:\Program Files (x86)\Quicken
2014-05-20 17:46 - 2014-05-03 16:10 - 00000000 ____D () C:\Program Files (x86)\WinRAR
2014-05-20 17:45 - 2014-05-05 16:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-05-20 17:45 - 2014-05-03 16:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-20 17:45 - 2014-05-03 16:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-20 17:45 - 2014-03-21 13:52 - 00000000 ____D () C:\Program Files (x86)\mcafee.com
2014-05-20 17:44 - 2014-05-13 12:16 - 00000000 ____D () C:\Program Files (x86)\Backblaze
2014-05-20 17:44 - 2014-03-21 13:55 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-05-20 17:44 - 2014-03-21 13:50 - 00000000 ____D () C:\Program Files (x86)\Dell Digital Delivery
2014-05-20 17:34 - 2014-05-16 08:33 - 00000000 ____D () C:\Program Files (x86)\Adobe Download Assistant
2014-05-20 17:32 - 2014-05-02 15:45 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-05-20 17:27 - 2014-05-05 12:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WP-64
2014-05-20 17:26 - 2014-05-06 09:05 - 00000000 ____D () C:\Users\Barry Chapman\Desktop\CapturePerfect 3.0
2014-05-20 17:26 - 2014-05-02 15:45 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Opera Software
2014-05-20 16:57 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\registration
2014-05-20 16:25 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Adobe
2014-05-20 16:25 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\VirtualStore
2014-05-20 16:25 - 2014-03-21 13:55 - 00000000 ____D () C:\ProgramData\Adobe
2014-05-20 16:25 - 2014-03-21 13:50 - 00000000 ____D () C:\ProgramData\PCDr
2014-05-20 16:20 - 2014-05-14 08:30 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-05-20 15:49 - 2014-05-20 14:54 - 00025110 _____ () C:\Users\Barry Chapman\Desktop\Nmc_2014-05-20_14-54-17.log
2014-05-20 14:53 - 2014-05-20 14:53 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Norman Malware Cleaner
2014-05-20 13:56 - 2014-05-02 15:58 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Deployment
2014-05-20 13:35 - 2014-05-20 12:44 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-05-20 12:34 - 2014-05-20 12:34 - 00000914 _____ () C:\Users\Barry Chapman\Desktop\JRT.txt
2014-05-20 11:10 - 2014-05-03 14:40 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Adobe
2014-05-20 10:30 - 2014-05-20 10:29 - 04957528 _____ (SurfRight B.V.) C:\Users\Barry Chapman\Downloads\Unconfirmed 912715.crdownload
2014-05-19 10:55 - 2014-05-19 10:55 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-05-19 10:44 - 2014-05-05 16:53 - 00000000 ____D () C:\Users\Public\Documents\Adobe PDF
2014-05-19 10:20 - 2014-05-19 10:20 - 00000000 ____D () C:\Adobe XI Pro
2014-05-19 07:54 - 2014-05-19 07:54 - 00000000 ____D () C:\Users\Barry Chapman\Documents\ProcAlyzer Dumps
2014-05-18 03:05 - 2014-05-06 13:18 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-16 09:39 - 2014-05-16 09:39 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\SUPERAntiSpyware.com
2014-05-16 09:39 - 2014-05-16 09:39 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-05-16 08:33 - 2014-05-16 08:33 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2014-05-16 08:32 - 2014-05-16 08:32 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-05-16 08:32 - 2014-05-16 08:32 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-05-15 15:02 - 2014-05-15 15:02 - 00560968 _____ (Safer-Networking Ltd. ) C:\Users\Barry Chapman\Downloads\spybot2-license (1).exe
2014-05-15 14:40 - 2014-05-02 15:45 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Opera Software
2014-05-15 14:27 - 2014-05-15 14:27 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-05-15 13:06 - 2014-05-15 13:05 - 00560968 _____ (Safer-Networking Ltd. ) C:\Users\Barry Chapman\Downloads\spybot2-license.exe
2014-05-15 11:40 - 2014-05-15 11:40 - 00000656 _____ () C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2014-05-15 11:40 - 2014-05-15 11:40 - 00000628 _____ () C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2014-05-15 11:40 - 2014-05-15 11:40 - 00000458 _____ () C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job
2014-05-15 10:56 - 2014-05-15 11:20 - 46392680 _____ (Safer-Networking Ltd. ) C:\Users\Barry Chapman\Downloads\spybot-2.3 (1).exe
2014-05-15 03:28 - 2009-07-14 01:08 - 00014614 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-15 03:03 - 2014-05-06 13:18 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-14 16:16 - 2014-05-14 16:16 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\PDF24
2014-05-14 15:56 - 2014-05-14 15:56 - 00004592 _____ () C:\Windows\System32\Tasks\IdleCrawler Runner
2014-05-14 15:54 - 2014-05-14 15:53 - 02271768 _____ () C:\Users\Barry Chapman\Downloads\Adobe.Acrobat.XI.Pro.v11.0.2.Multilingual.Cracked.exe
2014-05-14 15:27 - 2014-05-14 15:26 - 18873344 _____ () C:\Users\Barry Chapman\Downloads\AcrobatUpd714_all_incr.msp
2014-05-14 15:27 - 2014-05-05 16:54 - 00002501 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat 7.0 Standard.lnk
2014-05-14 15:23 - 2014-05-14 15:22 - 14385152 _____ () C:\Users\Barry Chapman\Downloads\AcrobatUpd713_all_incr.msp
2014-05-14 15:22 - 2014-05-14 15:21 - 03972608 _____ () C:\Users\Barry Chapman\Downloads\AcrobatUpd712_all_incr (1).msp
2014-05-14 15:20 - 2014-05-14 15:20 - 06504448 _____ () C:\Users\Barry Chapman\Downloads\AcroUpd711_all_incr.msp
2014-05-14 15:14 - 2009-07-14 00:45 - 00494176 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-14 15:08 - 2014-05-14 14:34 - 00001520 _____ () C:\Users\Public\Documents\AcStd7_1_0.ini
2014-05-14 14:44 - 2014-05-05 16:54 - 00002459 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Distiller 7.0.lnk
2014-05-14 13:26 - 2014-05-05 12:22 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Help
2014-05-14 11:55 - 2014-05-03 16:40 - 00000000 ____D () C:\Office 2000
2014-05-14 10:26 - 2014-05-14 10:20 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-05-14 10:25 - 2014-05-14 10:25 - 00000000 ____D () C:\Windows\PCHEALTH
2014-05-14 10:22 - 2014-05-14 10:22 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-05-14 10:22 - 2014-05-14 10:22 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-05-14 10:20 - 2014-05-14 10:20 - 00000000 ___RD () C:\MSOCache
2014-05-14 08:36 - 2014-03-21 13:36 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-14 08:36 - 2014-03-21 13:36 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-14 08:36 - 2014-03-21 13:36 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-14 08:30 - 2014-05-14 08:30 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Secunia PSI
2014-05-14 08:29 - 2014-05-14 08:28 - 05329480 _____ (Secunia) C:\Users\Barry Chapman\Downloads\PSISetup.exe
2014-05-13 16:30 - 2014-05-02 15:23 - 00000000 ____D () C:\ProgramData\softthinks
2014-05-13 12:17 - 2014-05-12 07:16 - 00000000 ____D () C:\.bzvol
2014-05-13 12:16 - 2014-05-13 12:16 - 05033216 _____ () C:\Users\Barry Chapman\Downloads\install_backblaze.exe
2014-05-13 12:16 - 2014-05-13 12:16 - 00000000 ____D () C:\ProgramData\Backblaze
2014-05-13 12:04 - 2014-05-13 12:02 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\VMware
2014-05-13 11:38 - 2014-05-13 11:38 - 34209792 _____ () C:\Users\Barry Chapman\Desktop\CHAPMA11_20140505-2014-05-13.QDF-backup
2014-05-13 11:13 - 2014-05-13 08:53 - 00007605 _____ () C:\Users\Barry Chapman\AppData\Local\resmon.resmoncfg
2014-05-13 11:07 - 2014-05-12 13:51 - 00000000 ____D () C:\Program Files\My Lockbox
2014-05-13 11:07 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\spool
2014-05-13 10:04 - 2014-05-13 10:04 - 00000000 _____ () C:\Users\Barry Chapman\AppData\Local\{89B78C50-3F1E-4624-B5B6-B21F413891C7}
2014-05-13 09:55 - 2010-11-21 03:16 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-05-13 08:51 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\Documents\Bluetooth Folder
2014-05-12 20:58 - 2014-05-12 20:43 - 00000000 ____D () C:\Users\Barry Chapman\.asdm
2014-05-12 20:43 - 2014-05-12 20:43 - 00000000 ____D () C:\Program Files (x86)\Cisco Systems
2014-05-12 16:26 - 2014-05-12 16:26 - 00010295 _____ () C:\Users\Barry Chapman\Documents\141046 commitment.wpd
2014-05-12 16:21 - 2014-05-12 16:21 - 00002380 _____ () C:\Users\Barry Chapman\Documents\141046 DATA FILE.wpd
2014-05-12 13:50 - 2014-05-12 13:50 - 04090994 _____ () C:\Users\Barry Chapman\Downloads\mylockbox_setup.zip
2014-05-09 11:38 - 2014-05-09 11:38 - 00000000 ____D () C:\Users\Barry Chapman\Documents\CCWin
2014-05-09 09:28 - 2014-05-05 12:22 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Help
2014-05-09 07:39 - 2014-05-09 07:39 - 00002187 _____ () C:\Users\Public\Desktop\VMware Player.lnk
2014-05-09 07:39 - 2014-05-09 07:39 - 00000000 ____D () C:\Program Files (x86)\VMware
brchapman
2014-05-27, 23:28
2014-05-09 07:39 - 2011-02-10 10:33 - 00807106 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-05-09 07:38 - 2014-05-09 07:38 - 00000000 ____D () C:\Program Files\Common Files\VMware
2014-05-09 07:35 - 2014-05-09 07:33 - 114794792 _____ (VMware, Inc.) C:\Users\Barry Chapman\Downloads\VMware-player-4.0.6-1035888.exe
2014-05-09 02:14 - 2014-05-14 05:44 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 02:11 - 2014-05-14 05:44 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-07 15:50 - 2014-05-02 16:12 - 00003908 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-07 15:50 - 2014-05-02 16:12 - 00003656 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-07 09:29 - 2014-05-07 09:29 - 00000000 ____D () C:\ProgramData\Canon Electronics
2014-05-07 09:25 - 2014-05-03 13:30 - 00000000 ____D () C:\Program Files (x86)\Canon Electronics
2014-05-07 09:25 - 2014-03-21 13:42 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-07 09:22 - 2014-05-07 09:20 - 79468544 _____ () C:\Users\Barry Chapman\Downloads\CP_Upgrade_V3137 (1).exe
2014-05-07 09:22 - 2014-05-06 07:29 - 00000000 ____D () C:\CapturePerfect Upgrade
2014-05-06 15:59 - 2014-05-06 15:56 - 00000000 ____D () C:\Users\Barry Chapman\Documents\My Documents from old
2014-05-06 14:42 - 2014-05-06 14:42 - 00119964 _____ () C:\Users\Barry Chapman\Downloads\GSCCCA Online Statement.htm
2014-05-06 13:22 - 2014-05-03 13:30 - 00000125 _____ () C:\Windows\SetScan.ini
2014-05-06 13:12 - 2014-05-03 13:30 - 00017862 _____ () C:\Windows\DPINST.LOG
2014-05-06 13:09 - 2014-05-06 13:09 - 14393344 _____ () C:\Users\Barry Chapman\Downloads\2580DRIT_V18SP1 (1).exe
2014-05-06 10:10 - 2014-05-06 10:10 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Oracle
2014-05-06 10:09 - 2014-05-06 10:09 - 00000000 ____D () C:\ProgramData\Sun
2014-05-06 10:09 - 2014-05-06 10:09 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-06 10:07 - 2014-05-06 10:07 - 00921512 _____ (Oracle Corporation) C:\Users\Barry Chapman\Downloads\chromeinstall-7u55.exe
2014-05-06 10:04 - 2014-05-06 10:05 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-05-06 10:04 - 2014-05-06 10:04 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-05-06 10:04 - 2014-05-06 10:04 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-05-06 10:04 - 2014-05-06 10:04 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-05-06 10:04 - 2014-05-06 10:04 - 00000000 ____D () C:\Program Files\Java
2014-05-06 10:04 - 2014-05-06 10:03 - 30818216 _____ (Oracle Corporation) C:\Users\Barry Chapman\Downloads\jre-7u55-windows-x64.exe
2014-05-06 09:27 - 2014-05-06 09:27 - 28808192 _____ () C:\Users\Barry Chapman\Downloads\CP_Upgrade_Ver_3097 (1).exe
2014-05-06 09:06 - 2014-05-06 09:06 - 00000000 _____ () C:\Users\Barry Chapman\Sti_Trace.log
2014-05-06 09:06 - 2014-05-05 17:43 - 00005432 _____ () C:\Windows\pixcache.ini
2014-05-06 08:51 - 2014-05-06 08:51 - 00249856 _____ () C:\Users\Barry Chapman\Downloads\RepairReg.exe
2014-05-06 08:51 - 2014-05-06 08:51 - 00000000 ____D () C:\DR Scanner
2014-05-06 08:47 - 2014-05-06 08:45 - 79468544 _____ () C:\Users\Barry Chapman\Downloads\CP_Upgrade_V3137.exe
2014-05-06 08:43 - 2014-05-06 08:43 - 00000000 ____D () C:\DR2580C
2014-05-06 08:42 - 2014-05-06 08:42 - 14393344 _____ () C:\Users\Barry Chapman\Downloads\2580DRIT_V18SP1.exe
2014-05-06 08:35 - 2014-05-06 08:35 - 00000000 ____D () C:\Users\Barry Chapman\Downloads\d1041mux
2014-05-06 08:35 - 2014-05-06 08:34 - 13259652 _____ () C:\Users\Barry Chapman\Downloads\d1041mux.zip
2014-05-06 07:31 - 2014-05-06 07:31 - 00003228 _____ () C:\Windows\System32\Tasks\{E819857F-629F-4F7B-9FE3-F8B1467A5C1B}
2014-05-06 03:03 - 2014-05-06 03:03 - 00288324 _____ () C:\Windows\msxml4-KB973688-enu.LOG
2014-05-06 03:03 - 2014-05-06 03:02 - 00292408 _____ () C:\Windows\msxml4-KB954430-enu.LOG
2014-05-06 03:02 - 2014-05-06 03:02 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-05-06 00:40 - 2014-05-15 03:06 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 00:17 - 2014-05-15 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-05 23:25 - 2014-05-15 03:06 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-05 23:07 - 2014-05-15 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-05 23:00 - 2014-05-15 03:06 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-05 22:10 - 2014-05-15 03:06 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-05 19:26 - 2014-05-05 17:52 - 28808192 _____ () C:\Users\Barry Chapman\Downloads\CP_Upgrade_Ver_3097.exe
2014-05-05 17:48 - 2014-03-21 13:55 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-05 17:43 - 2014-05-05 17:43 - 00003050 _____ () C:\Windows\System32\Tasks\{BEA2EFCD-E2FA-474A-BB2F-ADE6F46BED5D}
2014-05-05 16:56 - 2014-05-05 16:56 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\AdobeUM
2014-05-05 16:54 - 2014-05-05 16:54 - 00002039 _____ () C:\Users\Public\Desktop\Adobe Acrobat 7.0 Standard.lnk
2014-05-05 16:24 - 2014-05-05 16:23 - 13084896 _____ (Microsoft Corporation) C:\Users\Barry Chapman\Downloads\Silverlight_x64 (1).exe
2014-05-05 16:23 - 2014-05-05 16:23 - 13084896 _____ (Microsoft Corporation) C:\Users\Barry Chapman\Downloads\Silverlight_x64.exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_point64_01011.Wdf
2014-05-05 16:12 - 2014-05-05 16:12 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_dc3d_01011.Wdf
2014-05-05 15:53 - 2014-05-05 15:52 - 19495200 _____ () C:\Users\Barry Chapman\Downloads\upd-ps-x64-5.8.0.17508.exe
2014-05-05 15:53 - 2014-05-05 15:50 - 00000000 ____D () C:\HP Universal Print Driver
2014-05-05 15:49 - 2014-05-05 15:49 - 18409760 _____ () C:\Users\Barry Chapman\Downloads\upd-pcl6-x64-5.8.0.17508.exe
2014-05-05 14:53 - 2014-05-05 14:53 - 00001534 _____ () C:\Users\Barry Chapman\Desktop\Landtech XML.lnk
2014-05-05 14:52 - 2014-05-05 14:52 - 00204800 _____ (Landtech Data Corporation) C:\Windows\SysWOW64\ltwpvsw.DLL
2014-05-05 14:52 - 2014-05-05 14:52 - 00065536 _____ (Landtech Data Corp.) C:\Windows\SysWOW64\LTWNode.exe
2014-05-05 14:52 - 2014-05-05 14:52 - 00004726 _____ () C:\Windows\BOOTSTRAP.LOG
2014-05-05 14:52 - 2014-05-05 14:52 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Landtech XML
2014-05-05 14:44 - 2014-05-05 14:44 - 00000519 _____ () C:\Windows\ODBCINST.INI
2014-05-05 14:44 - 2014-05-05 14:44 - 00000000 ____D () C:\ProgramData\Pervasive Software
2014-05-05 14:44 - 2014-05-05 14:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pervasive
2014-05-05 14:44 - 2014-05-05 14:44 - 00000000 ____D () C:\Program Files (x86)\Pervasive Software
2014-05-05 14:18 - 2014-05-05 14:18 - 00000000 ____D () C:\Wages
2014-05-05 14:17 - 2014-05-05 14:15 - 88823072 _____ () C:\Users\Barry Chapman\Downloads\PSQL-Workgroup-10.30.022.000-win.x86.exe
2014-05-05 12:34 - 2014-05-05 12:34 - 32856361 _____ (wpdos.org ) C:\Users\Barry Chapman\Downloads\WP64DOSBox-Setup.exe
2014-05-05 12:18 - 2014-05-03 13:14 - 00000000 ____D () C:\Program Files (x86)\WordPerfect Office 12
2014-05-05 11:40 - 2014-05-05 11:40 - 00321535 _____ () C:\Users\Barry Chapman\Downloads\contacts.csv
2014-05-05 11:26 - 2014-05-05 11:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-05 11:25 - 2014-05-05 11:25 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Barry Chapman\Downloads\mbam-setup-2.0.1.1004 (1).exe
2014-05-05 11:25 - 2014-05-05 11:24 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Barry Chapman\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-05 11:17 - 2014-05-05 11:16 - 01069064 _____ (Medlin Accounting Software ) C:\Users\Barry Chapman\Downloads\_05-01-2014_medlin_PR_4-6.exe
2014-05-05 11:17 - 2014-05-05 10:49 - 00000580 _____ () C:\Users\Public\Desktop\Medlin Accounting.lnk
2014-05-05 10:40 - 2014-05-05 10:40 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\QuickenWindow
2014-05-05 10:36 - 2014-05-05 10:36 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\IsolatedStorage
2014-05-05 10:28 - 2014-05-05 10:28 - 00000000 ____D () C:\Users\Barry Chapman\Documents\Quicken
2014-05-05 10:24 - 2014-05-05 10:24 - 00001808 _____ () C:\Users\Public\Desktop\Quicken Deluxe 2014.lnk
2014-05-05 10:24 - 2014-05-05 10:24 - 00000126 _____ () C:\Windows\QUICKEN.INI
2014-05-05 10:24 - 2014-05-05 10:24 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Intuit
2014-05-05 10:23 - 2014-05-05 10:23 - 00000000 ____D () C:\ProgramData\Intuit
2014-05-05 10:21 - 2014-05-05 10:18 - 112168720 _____ (Intuit Inc. ) C:\Users\Barry Chapman\Downloads\QW14DLX.exe
2014-05-05 08:58 - 2014-05-05 08:58 - 00000000 __SHD () C:\Users\Barry Chapman\AppData\Local\EmieUserList
2014-05-05 08:58 - 2014-05-05 08:58 - 00000000 __SHD () C:\Users\Barry Chapman\AppData\Local\EmieSiteList
2014-05-05 03:06 - 2014-05-05 03:06 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-05-05 03:06 - 2014-05-05 03:06 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-05-04 18:11 - 2014-05-03 12:01 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\PCDr
2014-05-04 03:39 - 2011-02-10 10:25 - 00000000 ____D () C:\dell
2014-05-03 16:46 - 2014-05-03 16:46 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-05-03 16:30 - 2014-05-03 16:11 - 628097024 _____ () C:\Users\Barry Chapman\Downloads\DVD_Office_2010_32Bit.iso
2014-05-03 16:26 - 2014-05-03 16:26 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\WinRAR
2014-05-03 16:23 - 2014-05-03 16:23 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Macromedia
2014-05-03 16:21 - 2014-05-03 16:21 - 00001161 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-03 16:21 - 2014-05-03 16:21 - 00001149 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-03 16:21 - 2014-05-03 16:21 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Mozilla
2014-05-03 16:21 - 2014-05-03 16:21 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Mozilla
2014-05-03 16:21 - 2014-05-03 16:21 - 00000000 ____D () C:\ProgramData\Mozilla
2014-05-03 16:19 - 2014-05-03 16:19 - 00282960 _____ (Mozilla) C:\Users\Barry Chapman\Downloads\Firefox Setup Stub 29.0.exe
2014-05-03 16:10 - 2014-05-03 16:10 - 01766784 _____ () C:\Users\Barry Chapman\Downloads\wrar500.exe
2014-05-03 16:10 - 2014-05-03 16:10 - 00001007 _____ () C:\Users\Public\Desktop\WinRAR.lnk
2014-05-03 15:41 - 2014-05-03 15:41 - 00000376 _____ () C:\Windows\ODBC.INI
2014-05-03 15:40 - 2014-05-03 15:40 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Microsoft Web Folders
2014-05-03 15:20 - 2014-05-03 15:20 - 00718172 _____ () C:\Users\Barry Chapman\Downloads\Windows6.1-KB917607-x64.msu
2014-05-03 15:20 - 2014-05-03 15:20 - 00703811 _____ () C:\Users\Barry Chapman\Downloads\Windows6.1-KB917607-x86.msu
2014-05-03 14:14 - 2014-05-03 14:14 - 00000000 ____D () C:\Program Files (x86)\Kyocera
2014-05-03 14:02 - 2014-05-03 14:02 - 00003102 _____ () C:\Windows\System32\Tasks\{274EC4EA-7BEE-46DD-B238-1777098F3282}
2014-05-03 13:53 - 2014-05-03 13:53 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Canon Electronics
2014-05-03 13:52 - 2014-05-03 13:38 - 00000000 ____D () C:\Users\Barry Chapman\Documents\Corel User Files
2014-05-03 13:38 - 2014-05-03 13:38 - 00061678 _____ () C:\Users\Barry Chapman\AppData\Roaming\PFP120JPR.{PB
2014-05-03 13:38 - 2014-05-03 13:38 - 00012358 _____ () C:\Users\Barry Chapman\AppData\Roaming\PFP120JCM.{PB
2014-05-03 13:38 - 2014-05-03 13:38 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Corel
2014-05-03 13:17 - 2014-05-03 13:17 - 00002607 _____ () C:\Users\Barry Chapman\Desktop\WordPerfect.lnk
2014-05-02 16:23 - 2014-05-02 16:12 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Google
2014-05-02 15:58 - 2014-05-02 15:58 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Apps\2.0
2014-05-02 15:42 - 2014-05-02 15:42 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Macromedia
2014-05-02 15:26 - 2014-05-02 15:26 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Intel Corporation
2014-05-02 15:25 - 2014-05-02 15:25 - 00004004 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2014-05-02 15:25 - 2014-05-02 15:25 - 00003214 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest
2014-05-02 15:25 - 2014-05-02 15:25 - 00001415 _____ () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-02 15:25 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Leadertech
2014-05-02 15:25 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Dell
2014-05-02 15:25 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Atheros
2014-05-02 15:25 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\BMExplorer
2014-05-02 15:23 - 2014-05-02 15:23 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\softthinks
2014-05-02 15:18 - 2014-05-02 15:18 - 00001975 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Help Documentation.lnk
2014-05-02 15:17 - 2014-05-02 15:17 - 00000020 ___SH () C:\Users\Barry Chapman\ntuser.ini
2014-05-02 15:09 - 2011-02-10 10:25 - 00000000 ____D () C:\Windows\panther
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-05-27 15:15
==================== End Of Log ============================
brchapman
2014-05-27, 23:33
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-05-2014 02
Ran by Barry Chapman at 2014-05-27 16:22:50
Running from C:\Users\Barry Chapman\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Spybot - Search and Destroy (Enabled - Up to date) {20A26C15-1AF0-7CA3-9380-FAB824A7EE0D}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}
==================== Installed Programs ======================
Accidental Damage Services Agreement (HKLM-x32\...\{EF85FEF4-EB92-4075-A6D2-5F519BB30A2C}) (Version: 2.0.0 - Dell Inc.)
Adobe Acrobat 7.0 Standard - English, Français, Deutsch (x32 Version: 7.1.4 - Adobe Systems) Hidden
Adobe Acrobat 7.1.2 Standard - English, Français, Deutsch (HKLM-x32\...\Adobe Acrobat 7.0 Standard - English, Français, Deutsch - V) (Version: 7.1.2 - )
Adobe Acrobat 7.1.4 - CPSID_50030 (HKLM-x32\...\Adobe Acrobat 7.0 Standard - EFG - V_714) (Version: - Adobe Systems Incorporated)
Adobe Acrobat 7.1.4 Standard - English, Français, Deutsch (HKLM-x32\...\Adobe Acrobat 7.0 Standard - EFG - V) (Version: 7.1.4 - Adobe Systems)
Adobe Flash Player 13 ActiveX (HKLM-x32\...\{1BBE4C53-634B-44B3-8693-314ED6260557}) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\{ADEE751B-09AE-4DA7-9658-DCF90E8F9ED7}) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Backblaze (HKLM-x32\...\Backblaze) (Version: - Backblaze, Inc)
Banctec Service Agreement (HKLM-x32\...\{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}) (Version: 2.0.0 - Dell Inc.)
Canon DR-2580C Driver (HKLM-x32\...\{09AAA659-ACF9-47B3-B362-C216693C7A11}) (Version: 1.8.10911.16001 - Canon Electronics Inc.)
Canon DR-2580C Driver (HKLM-x32\...\DR-2580C Driver) (Version: - )
CapturePerfect 3.0 Help & Manual (HKLM-x32\...\{AF809A35-F15C-47EC-B21A-E1A62D4FC7DC}) (Version: 3.0.9710.901 - Canon Electronics Inc.)
CapturePerfect 3.1 (HKLM-x32\...\{50600275-223D-455E-959E-DCA40A037B7B}) (Version: 3.1.3713.1220 - Canon Electronics Inc.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Complete Care Business Service Agreement (HKLM-x32\...\{0ECFCB07-9BFE-4970-ACA1-D568D982760B}) (Version: 2.0.0 - Dell Inc.)
Consumer In-Home Service Agreement (HKLM-x32\...\{F47C37A4-7189-430A-B81D-739FF8A7A554}) (Version: 2.0.0 - Dell Inc.)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{349F73CA-653A-43A6-AE77-970B07D6EDA0}) (Version: - Microsoft)
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.7.1.0 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.7.1.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{03A9F528-A754-460F-B2C1-AC125A147114}) (Version: 2.8.5000.0 - Dell Products, LP)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Home Systems Service Agreement (HKLM-x32\...\{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}) (Version: 2.0.0 - Dell Inc.)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
DR-2580C Job Tool (HKLM-x32\...\DR-2580C Job Tool) (Version: - )
DSC/AA Factory Installer (Version: 3.4.6299.48 - PC-Doctor, Inc.) Hidden
ERUNT 1.1j (HKLM-x32\...\ERUNT_is1) (Version: - Lars Hederer)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{D1D4D7EA-62B8-4665-9FF7-02A91B925CC9}) (Version: 1.0.18.74 - Google)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3272 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.7.3.1001 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.7.3.1001 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.28.487.1 - Intel Corporation) Hidden
iSEEK AnswerWorks English Runtime (HKLM-x32\...\{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}) (Version: 010.000.0101 - Vantage Linguistics)
Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle)
Kyocera Address Book for Network FAX (HKLM-x32\...\{A79B3745-665C-11D6-AF01-0010B5A02D6F}) (Version: - )
McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 12.8.958 - McAfee, Inc.)
Medlin Accounting (HKLM-x32\...\Medlin Accounting Shareware_is1) (Version: - Medlin Accounting Software)
Medlin Payroll (HKLM-x32\...\Medlin Payroll_is1) (Version: - Medlin Accounting Software)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (Version: 2.3.188.0 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Standard 2010 (HKLM-x32\...\Office14.STANDARD) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Standard 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 29.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 29.0 (x86 en-US)) (Version: 29.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
Pervasive PSQL v10 SP3 Workgroup (32-bit) (x32 Version: 10.30.024 - Pervasive Software) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Premium Service Agreement (HKLM-x32\...\{C33AA6D6-F5EC-48F3-AFDC-8141345D473A}) (Version: 2.0.0 - Dell Inc.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.230 - Qualcomm Atheros Communications)
QualxServ Service Agreement (HKLM-x32\...\{903679E8-44C8-4C07-9600-05C92654FC50}) (Version: 2.0.0 - Dell Inc.)
Quicken 2014 (HKLM-x32\...\{0877F595-254F-45F4-991D-3F72E86B17CE}) (Version: 23.1.7.6 - Intuit)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.30164 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7004 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.3.39 - Safer-Networking Ltd.)
System Update kb70007 (x32 Version: 1.0.0 - MSR) Hidden
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.STANDARD_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.STANDARD_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.STANDARD_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.STANDARD_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.STANDARD_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.STANDARD_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.STANDARD_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VmciSockets (Version: 9.1.55.1 - VMware, Inc.) Hidden
VMware Player (HKLM-x32\...\VMware_Player) (Version: 4.0.6.35970 - VMware, Inc)
VMware Player (x32 Version: 4.0.6.35970 - VMware, Inc.) Hidden
WinRAR 5.00 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
WordPerfect Office 12 (HKLM-x32\...\{AF19F291-F22F-4798-9662-525305AE9E48}) (Version: 12.0.0.238 - Corel Corporation)
==================== Restore Points =========================
21-05-2014 15:25:30 Installed AVG 2014
21-05-2014 15:25:58 Installed AVG 2014
22-05-2014 07:00:19 Windows Update
22-05-2014 19:03:06 Removed AVG 2014
22-05-2014 19:06:22 Removed AVG 2014
22-05-2014 20:16:37 Windows Update
23-05-2014 12:00:45 Removed eBay
27-05-2014 16:58:38 ComboFix created restore point
==================== Hosts content: ==========================
2009-07-13 22:34 - 2014-05-27 13:24 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {077C7B83-177E-4303-B3EA-F8A77A3C5CE9} - System32\Tasks\Microsoft\Windows\Maintenance\IdleCrawler Update => %LOCALAPPDATA%\IdleCrawler\IdleCrawler.exe
Task: {32A0E73B-EFD8-4D88-9D04-F6F64A433085} - \GPUpdate No Task File <==== ATTENTION
Task: {43DFF7B8-4797-4A4A-B78B-33ADA25BC180} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-02] (Google Inc.)
Task: {4C2AF6FD-2687-4C8D-A7F4-E104F274CB26} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {5166FAF2-DB53-495B-8896-024439BC8B2F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {7499B43F-CB2C-4756-ABEB-9B64B6BB7604} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {8276F5C2-C228-4A11-ACFF-3BA9BB36B08F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {96215AC2-338F-47F7-B636-4AD6640EB0D1} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {97B09C86-C0BC-42F1-A4C9-9BD3289AF05E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-02] (Google Inc.)
Task: {A9592231-8CF8-4171-9470-D8EA7EDEFEA7} - System32\Tasks\IdleCrawler Runner => %LOCALAPPDATA%\IdleCrawler\IdleCrawler.exe
Task: {B2741F82-A9CB-4696-8509-D076A1512BC2} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {C4657AEC-314C-45AE-9542-E0C813C05E23} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {CEBF4317-93E6-4AD4-8753-6F1C3361BA42} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {DDA180FD-F011-47FE-8677-FCE48FB9ADC1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14] (Adobe Systems Incorporated)
Task: {F0BA3ADD-9CB0-4A88-B8CF-3A860443A0BD} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {F984D935-EE3F-4199-A0CE-AB7F80C56D01} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {FB458647-6CF9-4BCF-95CB-FD96097B1EC6} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
==================== Loaded Modules (whitelisted) =============
2014-05-13 12:17 - 2014-05-13 12:17 - 00234600 _____ () C:\Program Files (x86)\Backblaze\bzserv.exe
2014-05-15 11:40 - 2014-04-25 14:11 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-05-22 10:49 - 2014-04-25 14:11 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-05-15 11:40 - 2014-04-25 14:11 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-05-15 11:40 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-05-15 11:40 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2013-03-01 02:27 - 2013-03-01 02:27 - 01260624 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll
2014-01-13 11:03 - 2014-01-13 11:03 - 00110088 _____ () c:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2014-03-21 13:40 - 2013-09-04 09:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-05-21 09:17 - 2014-05-13 19:40 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
2014-05-21 09:17 - 2014-05-13 19:40 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libegl.dll
2014-05-21 09:17 - 2014-05-13 19:40 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll
2014-05-21 09:17 - 2014-05-13 19:40 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
2014-05-21 09:17 - 2014-05-13 19:40 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2013-02-14 15:46 - 2013-02-14 15:46 - 01044048 _____ () C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2014-05-21 09:17 - 2014-05-13 19:40 - 13695816 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
==================== EXE Association (whitelisted) =============
==================== Disabled items from MSCONFIG ==============
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Acrobat Speed Launcher.lnk => C:\Windows\pss\Adobe Acrobat Speed Launcher.lnk.CommonStartup
MSCONFIG\startupreg: Acrobat Assistant 7.0 => "C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: CANON DR2580C SVC => rundll32.exe DR25SVC.dll,EntryPointUserMessage
MSCONFIG\startupreg: mcpltui_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
MSCONFIG\startupreg: RtHDVBg_PushButton => "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /IM
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/27/2014 01:24:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/27/2014 11:29:57 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/27/2014 09:22:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0x2a38
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3
Error: (05/27/2014 09:05:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0xaa0
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3
Error: (05/27/2014 08:55:00 AM) (Source: MsiInstaller) (EventID: 11311) (User: BarrysNew)
Description: Product: Adobe Acrobat 7.0 Standard - English, Français, Deutsch -- Error 1311.Source file not found(cabinet): C:\Program Files (x86)\Adobe\Acrobat 7.0\Setup Files\AcroStan\EFG\Data1.cab. Verify that the file exists and that you can access it.
Error: (05/27/2014 08:53:40 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/27/2014 08:00:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 1.0.0.500, time stamp: 0x533d8de2
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0x78c
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3
Error: (05/27/2014 08:00:05 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/27/2014 07:59:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 1.0.0.500, time stamp: 0x533d8de2
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0x5a4
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3
Error: (05/27/2014 07:47:18 AM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)
Description: Chrome has encountered a fatal error.
ver=35.0.1916.114;lang=;id=;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\6f3b415a-54b9-4de8-a4a4-58ba5c3d94df.dmp
System errors:
=============
Error: (05/27/2014 01:04:42 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
Error: (05/27/2014 01:04:07 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
Error: (05/27/2014 01:01:50 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
Error: (05/27/2014 00:58:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Spybot-S&D 2 Security Center Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (05/27/2014 00:58:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Spybot-S&D 2 Updating Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (05/27/2014 00:58:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Spybot-S&D 2 Scanner Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (05/27/2014 11:29:50 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SystemUpdatekb70007 service failed to start due to the following error:
%%1053
Error: (05/27/2014 11:29:50 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the SystemUpdatekb70007 service to connect.
Error: (05/27/2014 11:23:25 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Adobe Acrobat Update Service service terminated unexpectedly. It has done this 1 time(s).
Error: (05/27/2014 08:02:32 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084McNaiAnn{C90134D2-4AE9-407A-919A-4A2EF09C6C51}
Microsoft Office Sessions:
=========================
Error: (05/27/2014 01:24:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/27/2014 11:29:57 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/27/2014 09:22:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd2a3801cf79aeb489ed46C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dllf36c9b59-e5a1-11e3-848b-142d271ccbca
Error: (05/27/2014 09:05:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fdaa001cf79ac5d6a265dC:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll9c92df27-e59f-11e3-848b-142d271ccbca
Error: (05/27/2014 08:55:00 AM) (Source: MsiInstaller) (EventID: 11311) (User: BarrysNew)
Description: Product: Adobe Acrobat 7.0 Standard - English, Français, Deutsch -- Error 1311.Source file not found(cabinet): C:\Program Files (x86)\Adobe\Acrobat 7.0\Setup Files\AcroStan\EFG\Data1.cab. Verify that the file exists and that you can access it.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (05/27/2014 08:53:40 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/27/2014 08:00:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.500533d8de2MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd78c01cf79a33aec636dC:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll81a76a98-e596-11e3-b064-afc890ab93b6
Error: (05/27/2014 08:00:05 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/27/2014 07:59:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.500533d8de2MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd5a401cf79a3075d351dC:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll4e692b12-e596-11e3-b064-afc890ab93b6
Error: (05/27/2014 07:47:18 AM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)
Description: Chrome has encountered a fatal error.
ver=35.0.1916.114;lang=;id=;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\6f3b415a-54b9-4de8-a4a4-58ba5c3d94df.dmp
CodeIntegrity Errors:
===================================
Date: 2014-05-27 16:19:59.738
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-05-27 16:06:14.833
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-05-27 15:49:16.463
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-05-27 14:16:26.373
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-05-27 13:53:33.974
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-05-27 13:43:02.080
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-05-27 13:29:30.152
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-05-27 13:22:49.205
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-05-27 13:22:49.205
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-05-27 13:04:44.832
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Percentage of memory in use: 30%
Total physical RAM: 12204.95 MB
Available physical RAM: 8422.4 MB
Total Pagefile: 24408.08 MB
Available Pagefile: 20529.71 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:441.06 GB) (Free:372.49 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: 24A51785)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=25 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=441 GB) - (Type=07 NTFS)
==================== End Of Log ============================
brchapman
2014-05-27, 23:34
I don't know of anything that requires a proxy server unless it is vmware, but I don't think that is it.
Open Notepad and paste this in
Start
ProxyServer: http=127.0.0.1:8118;https=127.0.0.1:8118
FF NetworkProxy: "type", 1);user_pref("network.proxy.http", "127.0.0.1");user_pref("network.proxy.http_port", 8118);user_pref("network.proxy.ssl", "127.0.0.1");user_pref("network.proxy.ssl_port", 8118
End
Paste this into the open notepad. save it to the Desktop as fixlist.txt
NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.
It needs to be saved Next to the "Farbar Recovery Scan Tool" (FRST) program (If asked to overwrite existing one please allow)
Run FRST/FRST64 and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.
brchapman
2014-05-28, 00:28
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-05-2014 02
Ran by Barry Chapman at 2014-05-27 17:27:50 Run:1
Running from C:\Users\Barry Chapman\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
ProxyServer: http=127.0.0.1:8118;https=127.0.0.1:8118
FF NetworkProxy: "type", 1);user_pref("network.proxy.http", "127.0.0.1");user_pref("network.proxy.http_port", 8118);user_pref("network.proxy.ssl", "127.0.0.1");user_pref("network.proxy.ssl_port", 8118
End
*****************
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => Value deleted successfully.
Firefox Proxy settings were reset.
==== End of Fixlog ====
Run a new scan with FSRT and lets see if its gone.
I know when your new to all this it can be confusing but so far your doing fine
brchapman
2014-05-28, 00:34
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-05-2014 02
Ran by Barry Chapman (administrator) on BARRYSNEW on 27-05-2014 17:32:00
Running from C:\Users\Barry Chapman\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
() C:\Program Files (x86)\Backblaze\bzserv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(OldTimer Tools) C:\Users\Barry Chapman\Downloads\OTL.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7194840 2013-07-26] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-07-29] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286056 2013-07-29] (Intel Corporation)
HKLM\...\Run: [CANON DR2580C SVC] => C:\Windows\system32\DR25SVC.dll [152576 2012-12-17] (Canon Electronics)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101584 2014-04-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [645168 2013-09-11] (McAfee, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoFolderOptions] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-670280924-550259233-2201882432-1000\...\Run: [updateMgr] => C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe [313472 2006-03-30] (Adobe Systems Incorporated)
HKU\S-1-5-21-670280924-550259233-2201882432-1000\...\Run: [Backblaze] => C:\Program Files (x86)\Backblaze\bzbui.exe [492136 2014-05-13] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
ShortcutTarget: Adobe Acrobat Speed Launcher.lnk -> C:\Windows\Installer\{AC76BA86-1033-F400-BA7E-100000000002}\SC_Acrobat.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start Pervasive PSQL Workgroup Engine.lnk
ShortcutTarget: Start Pervasive PSQL Workgroup Engine.lnk -> C:\Windows\Installer\{0A3238D7-AB32-1030-B717-F3E3F18B4A8C}\WGE.14A03FCD_EA43_4130_A5C0_F02D38895A13.exe ()
Startup: C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
ShortcutTarget: ERUNT AutoBackup.lnk -> C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {D81273E4-7658-47B6-8075-3D404C64D87C} URL = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=DCJB
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {D81273E4-7658-47B6-8075-3D404C64D87C} URL = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=DCJB
SearchScopes: HKLM-x32 - {D81273E4-7658-47B6-8075-3D404C64D87C} URL = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=DCJB
SearchScopes: HKCU - DefaultScope {D81273E4-7658-47B6-8075-3D404C64D87C} URL =
SearchScopes: HKCU - {D81273E4-7658-47B6-8075-3D404C64D87C} URL =
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Qualcomm®Atheros®)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4 205.152.144.23 205.152.132.23
FireFox:
========
FF ProfilePath: C:\Users\Barry Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\76t9nm76.default
FF NetworkProxy: "type", 1);user_pref("network.proxy.http", "127.0.0.1");user_pref("network.proxy.http_port", 8118);user_pref("network.proxy.ssl", "127.0.0.1");user_pref("network.cookie.cookieBehavior", 1
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-03-21]
Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR StartupUrls: "hxxp://www.google.com/"
CHR Extension: (Google Docs) - C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-02]
CHR Extension: (Google Drive) - C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-02]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-20]
CHR Extension: (YouTube) - C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-02]
CHR Extension: (Google Search) - C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-02]
CHR Extension: (Google Wallet) - C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-02]
CHR Extension: (Gmail) - C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-02]
==================== Services (Whitelisted) =================
R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [312448 2013-07-02] (Windows (R) Win 7 DDK provider)
R2 bzserv; C:\Program Files (x86)\Backblaze\bzserv.exe [234600 2014-05-13] ()
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [14696 2013-07-29] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-25] (Intel Corporation)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334760 2012-12-21] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.)
R2 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-03-18] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-04-03] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-04-03] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-19] (Realtek Semiconductor)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738200 2014-04-25] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [1915920 2014-04-04] (SoftThinks SAS)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [81536 2013-06-20] (Atheros)
==================== Drivers (Whitelisted) ====================
R3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [77464 2013-07-02] (Qualcomm Atheros)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70592 2014-04-03] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2013-07-24] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [177544 2014-04-03] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311856 2014-04-03] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [522360 2014-04-03] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [784760 2014-04-03] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [441264 2014-03-18] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96592 2014-03-18] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [346760 2014-04-03] (McAfee, Inc.)
R1 SDHookDriver; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys [64160 2014-04-25] ()
R3 usbscan; C:\Windows\SysWOW64\DRIVERS\usbscan.sys [14000 2002-05-13] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-27 16:22 - 2014-05-27 17:32 - 00018850 _____ () C:\Users\Barry Chapman\Desktop\FRST.txt
2014-05-27 16:22 - 2014-05-27 17:32 - 00000000 ____D () C:\FRST
2014-05-27 16:22 - 2014-05-27 16:23 - 00038207 _____ () C:\Users\Barry Chapman\Desktop\Addition.txt
2014-05-27 16:21 - 2014-05-27 16:21 - 02066944 _____ (Farbar) C:\Users\Barry Chapman\Desktop\FRST64.exe
2014-05-27 15:30 - 2014-05-27 15:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-05-27 13:59 - 2014-05-27 15:40 - 00000008 _____ () C:\LTLASTFN.DAT
2014-05-27 13:29 - 2014-05-27 13:29 - 00043987 _____ () C:\ComboFix.txt
2014-05-27 12:58 - 2011-06-26 02:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-27 12:58 - 2010-11-07 13:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-27 12:58 - 2009-04-20 00:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-27 12:58 - 2000-08-30 20:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-27 12:58 - 2000-08-30 20:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-27 12:58 - 2000-08-30 20:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-27 12:58 - 2000-08-30 20:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-27 12:58 - 2000-08-30 20:00 - 00068096 _____ () C:\Windows\zip.exe
2014-05-27 12:51 - 2014-05-27 12:51 - 00001540 _____ () C:\Users\Barry Chapman\Desktop\ComboFix.exe - Shortcut.lnk
2014-05-27 12:50 - 2014-05-27 13:29 - 00000000 ____D () C:\Qoobox
2014-05-27 12:46 - 2014-05-27 12:47 - 05203612 ____R () C:\Users\Barry Chapman\Downloads\ComboFix.exe
2014-05-27 11:30 - 2014-05-27 11:30 - 00000000 ___RD () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-05-27 11:23 - 2014-05-27 11:23 - 00000000 ____D () C:\_OTL
2014-05-27 10:03 - 2014-05-27 10:03 - 00056788 _____ () C:\Users\Barry Chapman\Downloads\Extras.Txt
2014-05-27 10:02 - 2014-05-27 15:57 - 00198204 _____ () C:\Users\Barry Chapman\Downloads\OTL.Txt
2014-05-27 09:54 - 2014-05-27 09:54 - 00602112 _____ (OldTimer Tools) C:\Users\Barry Chapman\Downloads\OTL.exe
2014-05-27 09:25 - 2014-05-27 09:13 - 01440846 _____ () C:\Program Files (x86)\mbam-chameleon-1.62.1.1000.zip
2014-05-27 09:18 - 2014-05-27 09:18 - 00000000 ____D () C:\Malwarebytes' Anti-Malware
2014-05-27 09:01 - 2014-05-27 09:01 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Barry Chapman\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-05-27 08:58 - 2014-05-27 08:58 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Barry Chapman\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-26 10:19 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-26 10:17 - 2014-05-26 10:17 - 01327971 _____ () C:\Users\Barry Chapman\Downloads\AdwCleaner.exe
2014-05-25 11:49 - 2014-05-25 11:49 - 00004447 _____ () C:\Users\Barry Chapman\Desktop\attach.zip
2014-05-25 11:38 - 2014-05-25 11:38 - 00002135 _____ () C:\Users\Barry Chapman\Desktop\aswMBR.txt
2014-05-25 11:38 - 2014-05-25 11:38 - 00000512 _____ () C:\Users\Barry Chapman\Desktop\MBR.dat
2014-05-25 10:52 - 2014-05-25 10:52 - 00004315 _____ () C:\Users\Barry Chapman\Desktop\attach.rar
2014-05-25 10:46 - 2014-05-25 10:46 - 00042419 _____ () C:\Users\Barry Chapman\Desktop\dds.txt
2014-05-25 10:46 - 2014-05-25 10:46 - 00020635 _____ () C:\Users\Barry Chapman\Desktop\attach.txt
2014-05-25 10:43 - 2014-05-25 10:43 - 04745728 _____ (AVAST Software) C:\Users\Barry Chapman\Downloads\aswMBR.exe
2014-05-25 10:38 - 2014-05-27 13:27 - 00000000 ____D () C:\Windows\ERDNT
2014-05-25 10:38 - 2014-05-25 10:38 - 00688992 ____R (Swearware) C:\Users\Barry Chapman\Downloads\dds (1).scr
2014-05-25 10:36 - 2014-05-25 10:37 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-05-25 10:36 - 2014-05-25 10:36 - 00791393 _____ (Lars Hederer ) C:\Users\Barry Chapman\Downloads\erunt-setup (2).exe
2014-05-25 10:36 - 2014-05-25 10:36 - 00000960 _____ () C:\Users\Barry Chapman\Desktop\ERUNT.lnk
2014-05-25 10:36 - 2014-05-25 10:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
2014-05-24 12:00 - 2014-05-24 12:00 - 00688992 _____ (Swearware) C:\Users\Barry Chapman\Downloads\dds.scr
2014-05-24 11:59 - 2014-05-24 11:59 - 00791393 _____ (Lars Hederer ) C:\Users\Barry Chapman\Downloads\erunt-setup (1).exe
2014-05-24 11:57 - 2014-05-24 11:57 - 00791393 _____ (Lars Hederer ) C:\Users\Barry Chapman\Downloads\erunt-setup.exe
2014-05-23 08:25 - 2014-05-23 08:25 - 00000000 ____D () C:\New folder
2014-05-23 07:48 - 2014-05-23 07:48 - 624028561 _____ () C:\Windows\MEMORY.DMP
2014-05-23 07:48 - 2014-05-23 07:48 - 00280128 _____ () C:\Windows\Minidump\052314-21138-01.dmp
2014-05-23 07:48 - 2014-05-23 07:48 - 00000000 ____D () C:\Windows\Minidump
2014-05-23 07:43 - 2014-05-23 07:43 - 00162208 _____ () C:\Users\Barry Chapman\Downloads\Antivirus_Free_Edition (1).exe
2014-05-23 07:41 - 2014-05-23 07:41 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\QuickScan
2014-05-23 07:40 - 2014-05-23 07:43 - 10447328 _____ () C:\Users\Barry Chapman\Downloads\Antivirus_Free_Edition_x64.exe
2014-05-23 07:39 - 2014-05-23 07:39 - 00162208 _____ () C:\Users\Barry Chapman\Downloads\Antivirus_Free_Edition.exe
2014-05-22 15:37 - 2014-05-22 15:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2014-05-22 15:35 - 2014-05-22 15:35 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-05-22 15:35 - 2014-05-22 15:35 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-05-22 15:35 - 2014-05-22 15:35 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-05-22 15:35 - 2014-05-22 15:35 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-05-22 15:35 - 2014-05-22 15:35 - 00000000 ____D () C:\Program Files (x86)\Java
2014-05-22 13:22 - 2014-05-22 13:23 - 00051706 _____ () C:\Windows\SysWOW64\bddel.dat
2014-05-22 10:47 - 2014-05-22 10:47 - 00000000 ____D () C:\Program Files (x86)\Spybot
2014-05-22 08:13 - 2014-05-22 09:31 - 00017970 _____ () C:\Users\Barry Chapman\Desktop\Nmc_2014-05-22_08-13-17.log
2014-05-22 08:08 - 2014-05-22 08:11 - 00003374 _____ () C:\Users\Barry Chapman\Desktop\Nmc_2014-05-22_08-08-46.log
2014-05-22 07:57 - 2014-05-22 08:06 - 332119856 _____ (Norman Shark AS) C:\Users\Barry Chapman\Downloads\Norman_Malware_Cleaner (1).exe
2014-05-21 11:27 - 2014-05-21 11:27 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\TuneUp Software
2014-05-21 11:16 - 2014-05-23 07:03 - 00000000 ____D () C:\ProgramData\MFAData
2014-05-21 11:16 - 2014-05-21 11:16 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\MFAData
2014-05-21 11:15 - 2014-05-21 11:15 - 04485528 _____ (AVG Technologies) C:\Users\Barry Chapman\Downloads\avg_free_stb_all_2014_4577_cnet.exe
2014-05-21 09:31 - 2014-05-21 10:04 - 00014960 _____ () C:\Users\Barry Chapman\Desktop\Nmc_2014-05-21_09-31-37.log
2014-05-21 09:01 - 2014-05-21 09:08 - 331917560 _____ (Norman Shark AS) C:\Users\Barry Chapman\Downloads\Norman_Malware_Cleaner.exe
2014-05-20 14:54 - 2014-05-20 15:49 - 00025110 _____ () C:\Users\Barry Chapman\Desktop\Nmc_2014-05-20_14-54-17.log
2014-05-20 14:53 - 2014-05-20 14:53 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Norman Malware Cleaner
2014-05-20 12:44 - 2014-05-20 13:35 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-05-20 12:34 - 2014-05-20 12:34 - 00000914 _____ () C:\Users\Barry Chapman\Desktop\JRT.txt
2014-05-20 10:29 - 2014-05-20 10:30 - 04957528 _____ (SurfRight B.V.) C:\Users\Barry Chapman\Downloads\Unconfirmed 912715.crdownload
2014-05-19 16:42 - 2014-05-26 10:25 - 00000000 ____D () C:\AdwCleaner
2014-05-19 10:55 - 2014-05-19 10:55 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-05-19 10:20 - 2014-05-19 10:20 - 00000000 ____D () C:\Adobe XI Pro
2014-05-19 08:08 - 2014-05-20 18:24 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-05-19 07:54 - 2014-05-19 07:54 - 00000000 ____D () C:\Users\Barry Chapman\Documents\ProcAlyzer Dumps
2014-05-16 10:51 - 2014-05-27 09:22 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\CrashDumps
2014-05-16 09:39 - 2014-05-16 09:39 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\SUPERAntiSpyware.com
2014-05-16 09:39 - 2014-05-16 09:39 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-05-16 08:33 - 2014-05-20 17:34 - 00000000 ____D () C:\Program Files (x86)\Adobe Download Assistant
2014-05-16 08:33 - 2014-05-16 08:33 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2014-05-16 08:32 - 2014-05-16 08:32 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-05-16 08:32 - 2014-05-16 08:32 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-05-15 15:02 - 2014-05-15 15:02 - 00560968 _____ (Safer-Networking Ltd. ) C:\Users\Barry Chapman\Downloads\spybot2-license (1).exe
2014-05-15 14:27 - 2014-05-15 14:27 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-05-15 13:05 - 2014-05-15 13:06 - 00560968 _____ (Safer-Networking Ltd. ) C:\Users\Barry Chapman\Downloads\spybot2-license.exe
2014-05-15 12:49 - 2009-06-10 17:00 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hosts.20140515-124903.backup
2014-05-15 11:40 - 2014-05-22 10:49 - 00001446 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-05-15 11:40 - 2014-05-22 10:49 - 00001434 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-05-15 11:40 - 2014-05-22 10:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-05-15 11:40 - 2014-05-15 11:40 - 00000656 _____ () C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2014-05-15 11:40 - 2014-05-15 11:40 - 00000628 _____ () C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2014-05-15 11:40 - 2014-05-15 11:40 - 00000458 _____ () C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job
2014-05-15 11:40 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2014-05-15 11:21 - 2014-05-22 10:51 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-05-15 11:21 - 2014-05-22 10:49 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-05-15 11:20 - 2014-05-15 10:56 - 46392680 _____ (Safer-Networking Ltd. ) C:\Users\Barry Chapman\Downloads\spybot-2.3 (1).exe
2014-05-15 03:25 - 2014-05-20 17:52 - 00000000 ___RD () C:\Users\Barry Chapman\Virtual Machines
2014-05-15 03:06 - 2014-05-06 00:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-15 03:06 - 2014-05-06 00:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-15 03:06 - 2014-05-05 23:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-15 03:06 - 2014-05-05 23:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-15 03:06 - 2014-05-05 23:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-15 03:06 - 2014-05-05 22:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-14 16:16 - 2014-05-14 16:16 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\PDF24
2014-05-14 15:56 - 2014-05-26 10:24 - 00000000 ____D () C:\Program Files (x86)\MSR
2014-05-14 15:56 - 2014-05-14 15:56 - 00004592 _____ () C:\Windows\System32\Tasks\IdleCrawler Runner
2014-05-14 15:54 - 2014-05-20 17:52 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\wi_upd
2014-05-14 15:53 - 2014-05-14 15:54 - 02271768 _____ () C:\Users\Barry Chapman\Downloads\Adobe.Acrobat.XI.Pro.v11.0.2.Multilingual.Cracked.exe
2014-05-14 15:26 - 2014-05-14 15:27 - 18873344 _____ () C:\Users\Barry Chapman\Downloads\AcrobatUpd714_all_incr.msp
2014-05-14 15:22 - 2014-05-14 15:23 - 14385152 _____ () C:\Users\Barry Chapman\Downloads\AcrobatUpd713_all_incr.msp
2014-05-14 15:21 - 2014-05-14 15:22 - 03972608 _____ () C:\Users\Barry Chapman\Downloads\AcrobatUpd712_all_incr (1).msp
2014-05-14 15:20 - 2014-05-14 15:20 - 06504448 _____ () C:\Users\Barry Chapman\Downloads\AcroUpd711_all_incr.msp
2014-05-14 14:34 - 2014-05-14 15:08 - 00001520 _____ () C:\Users\Public\Documents\AcStd7_1_0.ini
2014-05-14 11:56 - 2014-05-27 17:24 - 00000000 ____D () C:\Users\Barry Chapman\Documents\Outlook Files
2014-05-14 10:26 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-05-14 10:25 - 2014-05-14 10:25 - 00000000 ____D () C:\Windows\PCHEALTH
2014-05-14 10:22 - 2014-05-14 10:22 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-05-14 10:22 - 2014-05-14 10:22 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-05-14 10:20 - 2014-05-14 10:26 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-05-14 10:20 - 2014-05-14 10:20 - 00000000 ___RD () C:\MSOCache
2014-05-14 08:30 - 2014-05-20 16:20 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-05-14 08:30 - 2014-05-14 08:30 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Secunia PSI
2014-05-14 08:28 - 2014-05-14 08:29 - 05329480 _____ (Secunia) C:\Users\Barry Chapman\Downloads\PSISetup.exe
2014-05-14 05:44 - 2014-05-09 02:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-14 05:44 - 2014-05-09 02:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-14 05:44 - 2014-04-11 22:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 05:44 - 2014-04-11 22:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 05:44 - 2014-04-11 22:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 05:44 - 2014-04-11 22:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 05:44 - 2014-04-11 22:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 05:44 - 2014-04-11 22:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 05:44 - 2014-04-11 22:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-14 05:44 - 2014-04-11 22:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-14 05:44 - 2014-04-11 22:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-14 05:44 - 2014-03-24 22:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 05:44 - 2014-03-24 22:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-14 05:44 - 2014-03-04 05:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 05:44 - 2014-03-04 05:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 05:44 - 2014-03-04 05:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 05:44 - 2014-03-04 05:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 05:44 - 2014-03-04 05:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 05:44 - 2014-03-04 05:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 05:44 - 2014-03-04 05:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 05:44 - 2014-03-04 05:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 05:44 - 2014-03-04 05:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-14 05:44 - 2014-03-04 05:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 05:44 - 2014-03-04 05:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-14 05:44 - 2014-03-04 05:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-14 05:44 - 2014-03-04 05:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-14 05:44 - 2014-03-04 05:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-14 05:44 - 2014-03-04 05:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 05:44 - 2014-03-04 05:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 05:44 - 2014-03-04 05:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-14 05:44 - 2014-03-04 05:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-14 05:44 - 2014-03-04 05:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-14 05:44 - 2014-03-04 05:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-13 12:17 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backblaze
2014-05-13 12:16 - 2014-05-20 17:44 - 00000000 ____D () C:\Program Files (x86)\Backblaze
2014-05-13 12:16 - 2014-05-13 12:16 - 05033216 _____ () C:\Users\Barry Chapman\Downloads\install_backblaze.exe
2014-05-13 12:16 - 2014-05-13 12:16 - 00000000 ____D () C:\ProgramData\Backblaze
2014-05-13 12:02 - 2014-05-13 12:04 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\VMware
2014-05-13 11:38 - 2014-05-13 11:38 - 34209792 _____ () C:\Users\Barry Chapman\Desktop\CHAPMA11_20140505-2014-05-13.QDF-backup
2014-05-13 11:18 - 2014-05-20 17:55 - 00000000 ____D () C:\Windows\pss
2014-05-13 11:00 - 2014-05-20 17:52 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\VMware
2014-05-13 10:04 - 2014-05-13 10:04 - 00000000 _____ () C:\Users\Barry Chapman\AppData\Local\{89B78C50-3F1E-4624-B5B6-B21F413891C7}
2014-05-13 08:53 - 2014-05-13 11:13 - 00007605 _____ () C:\Users\Barry Chapman\AppData\Local\resmon.resmoncfg
2014-05-12 20:43 - 2014-05-12 20:58 - 00000000 ____D () C:\Users\Barry Chapman\.asdm
2014-05-12 20:43 - 2014-05-12 20:43 - 00000000 ____D () C:\Program Files (x86)\Cisco Systems
2014-05-12 16:26 - 2014-05-12 16:26 - 00010295 _____ () C:\Users\Barry Chapman\Documents\141046 commitment.wpd
2014-05-12 16:21 - 2014-05-12 16:21 - 00002380 _____ () C:\Users\Barry Chapman\Documents\141046 DATA FILE.wpd
2014-05-12 13:51 - 2014-05-13 11:07 - 00000000 ____D () C:\Program Files\My Lockbox
2014-05-12 13:50 - 2014-05-12 13:50 - 04090994 _____ () C:\Users\Barry Chapman\Downloads\mylockbox_setup.zip
2014-05-12 07:16 - 2014-05-13 12:17 - 00000000 ____D () C:\.bzvol
2014-05-09 11:38 - 2014-05-09 11:38 - 00000000 ____D () C:\Users\Barry Chapman\Documents\CCWin
2014-05-09 07:41 - 2013-03-01 02:27 - 00063568 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmx86.sys
2014-05-09 07:40 - 2013-03-01 02:27 - 00943184 _____ (VMware, Inc.) C:\Windows\system32\vnetlib64.dll
2014-05-09 07:40 - 2013-03-01 02:27 - 00354896 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
2014-05-09 07:40 - 2013-03-01 02:26 - 00434256 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
2014-05-09 07:40 - 2013-03-01 02:26 - 00030800 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmnetuserif.sys
2014-05-09 07:39 - 2014-05-27 13:24 - 00000000 ____D () C:\ProgramData\VMware
2014-05-09 07:39 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
2014-05-09 07:39 - 2014-05-09 07:39 - 00002187 _____ () C:\Users\Public\Desktop\VMware Player.lnk
2014-05-09 07:39 - 2014-05-09 07:39 - 00000000 ____D () C:\Program Files (x86)\VMware
2014-05-09 07:39 - 2013-03-01 02:26 - 00033360 _____ (VMware, Inc.) C:\Windows\system32\Drivers\VMkbd.sys
2014-05-09 07:39 - 2011-08-29 22:11 - 00039024 _____ (VMware, Inc.) C:\Windows\system32\Drivers\hcmon.sys
2014-05-09 07:38 - 2014-05-09 07:38 - 00000000 ____D () C:\Program Files\Common Files\VMware
2014-05-09 07:33 - 2014-05-09 07:35 - 114794792 _____ (VMware, Inc.) C:\Users\Barry Chapman\Downloads\VMware-player-4.0.6-1035888.exe
2014-05-07 09:42 - 2006-05-16 21:40 - 00753936 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXANNOT.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00463120 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXJP2K.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00209168 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXNOTEN.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00119056 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXJBGN.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00102672 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXTIFFN.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00094480 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXAPS.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00074000 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXNAMEN.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00069904 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXDLGN.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00057616 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXLZWN.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00049424 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXTHK32.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00045328 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXSLN.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00045328 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXRAMN.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00045328 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXPANN.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00045328 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXMPN.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00045328 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXMDLGN.DLL
2014-05-07 09:42 - 2006-05-16 21:23 - 00006416 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXTHK16.DLL
2014-05-07 09:42 - 2006-05-16 21:22 - 00231552 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXDFLT.DLL
2014-05-07 09:42 - 2006-05-16 21:22 - 00023152 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXPERM.DLL
2014-05-07 09:42 - 2006-05-16 21:22 - 00016048 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXLOC.DLL
2014-05-07 09:42 - 2006-05-16 21:19 - 00327680 ____N (The University of New South Wales) C:\Windows\SysWOW64\PIXJP2KI.DLL
2014-05-07 09:42 - 2006-05-16 21:19 - 00051959 ____N () C:\Windows\SysWOW64\PIXNAME.HLP
2014-05-07 09:42 - 2005-02-10 18:17 - 00011968 ____N (Pixel Translations Incorporated) C:\Windows\SysWOW64\PIXMDLLC.CPL
2014-05-07 09:29 - 2014-05-07 09:29 - 00000000 ____D () C:\ProgramData\Canon Electronics
2014-05-07 09:25 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CapturePerfect 3.1
2014-05-07 09:20 - 2014-05-07 09:22 - 79468544 _____ () C:\Users\Barry Chapman\Downloads\CP_Upgrade_V3137 (1).exe
2014-05-06 15:56 - 2014-05-06 15:59 - 00000000 ____D () C:\Users\Barry Chapman\Documents\My Documents from old
2014-05-06 14:42 - 2014-05-06 14:42 - 00119964 _____ () C:\Users\Barry Chapman\Downloads\GSCCCA Online Statement.htm
2014-05-06 13:18 - 2014-05-18 03:05 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-06 13:18 - 2014-05-15 03:03 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-06 13:12 - 2012-12-17 08:56 - 00152576 _____ (Canon Electronics) C:\Windows\system32\DR25SVC.dll
2014-05-06 13:12 - 2009-05-13 16:08 - 00491792 _____ (Captiva Software Corp.) C:\Windows\SysWOW64\qd1.dll
2014-05-06 13:09 - 2014-05-06 13:09 - 14393344 _____ () C:\Users\Barry Chapman\Downloads\2580DRIT_V18SP1 (1).exe
2014-05-06 10:10 - 2014-05-06 10:10 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Oracle
2014-05-06 10:09 - 2014-05-06 10:09 - 00000000 ____D () C:\ProgramData\Sun
2014-05-06 10:09 - 2014-05-06 10:09 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-06 10:07 - 2014-05-06 10:07 - 00921512 _____ (Oracle Corporation) C:\Users\Barry Chapman\Downloads\chromeinstall-7u55.exe
2014-05-06 10:05 - 2014-05-06 10:04 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-05-06 10:04 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-06 10:04 - 2014-05-06 10:04 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-05-06 10:04 - 2014-05-06 10:04 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-05-06 10:04 - 2014-05-06 10:04 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-05-06 10:04 - 2014-05-06 10:04 - 00000000 ____D () C:\Program Files\Java
2014-05-06 10:03 - 2014-05-06 10:04 - 30818216 _____ (Oracle Corporation) C:\Users\Barry Chapman\Downloads\jre-7u55-windows-x64.exe
2014-05-06 09:31 - 2006-05-16 21:40 - 00233744 _____ (EMC Corporation) C:\Windows\SysWOW64\PIXMDLN.DLL
2014-05-06 09:27 - 2014-05-06 09:27 - 28808192 _____ () C:\Users\Barry Chapman\Downloads\CP_Upgrade_Ver_3097 (1).exe
2014-05-06 09:09 - 2009-05-13 16:16 - 00200704 _____ (EMC Corporation) C:\Windows\SysWOW64\twpix32.dll
2014-05-06 09:09 - 2009-05-13 16:05 - 00021008 _____ (Microsoft Corporation) C:\Windows\system\Ctl3d.dll
2014-05-06 09:09 - 2003-12-18 18:09 - 00231552 _____ (Pixel Translations Incorporated) C:\Windows\system\Pixdflt.dll
2014-05-06 09:09 - 2003-12-18 18:09 - 00023152 _____ (Pixel Translations Incorporated) C:\Windows\system\Pixperm.dll
2014-05-06 09:09 - 2003-12-18 18:09 - 00016064 _____ (Pixel Translations Incorporated) C:\Windows\system\Pixloc.dll
2014-05-06 09:09 - 2002-11-06 11:21 - 00063248 _____ () C:\Windows\SysWOW64\picn1120.ssm
2014-05-06 09:09 - 1998-04-13 13:13 - 00098304 _____ (Cornerstone Imaging, Inc.) C:\Windows\SysWOW64\Wiaext32.dll
2014-05-06 09:06 - 2014-05-06 09:06 - 00000000 _____ () C:\Users\Barry Chapman\Sti_Trace.log
2014-05-06 09:05 - 2014-05-20 17:26 - 00000000 ____D () C:\Users\Barry Chapman\Desktop\CapturePerfect 3.0
2014-05-06 08:51 - 2014-05-06 08:51 - 00249856 _____ () C:\Users\Barry Chapman\Downloads\RepairReg.exe
2014-05-06 08:51 - 2014-05-06 08:51 - 00000000 ____D () C:\DR Scanner
2014-05-06 08:45 - 2014-05-06 08:47 - 79468544 _____ () C:\Users\Barry Chapman\Downloads\CP_Upgrade_V3137.exe
2014-05-06 08:43 - 2014-05-06 08:43 - 00000000 ____D () C:\DR2580C
2014-05-06 08:42 - 2014-05-06 08:42 - 14393344 _____ () C:\Users\Barry Chapman\Downloads\2580DRIT_V18SP1.exe
2014-05-06 08:37 - 2008-11-11 19:00 - 00096768 _____ (Canon Electronics Inc.) C:\Windows\system32\DR25CPL.dll
2014-05-06 08:37 - 2007-04-24 07:53 - 00083456 _____ (Canon Electronics Inc.) C:\Windows\system32\CeiUSB64.dll
2014-05-06 08:35 - 2014-05-06 08:35 - 00000000 ____D () C:\Users\Barry Chapman\Downloads\d1041mux
2014-05-06 08:34 - 2014-05-06 08:35 - 13259652 _____ () C:\Users\Barry Chapman\Downloads\d1041mux.zip
2014-05-06 07:52 - 2014-05-20 18:19 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-06 07:31 - 2014-05-06 07:31 - 00003228 _____ () C:\Windows\System32\Tasks\{E819857F-629F-4F7B-9FE3-F8B1467A5C1B}
2014-05-06 07:29 - 2014-05-07 09:22 - 00000000 ____D () C:\CapturePerfect Upgrade
2014-05-06 03:03 - 2014-05-06 03:03 - 00288324 _____ () C:\Windows\msxml4-KB973688-enu.LOG
2014-05-06 03:02 - 2014-05-06 03:03 - 00292408 _____ () C:\Windows\msxml4-KB954430-enu.LOG
2014-05-06 03:02 - 2014-05-06 03:02 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-05-05 17:52 - 2014-05-05 19:26 - 28808192 _____ () C:\Users\Barry Chapman\Downloads\CP_Upgrade_Ver_3097.exe
2014-05-05 17:44 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon DR-2580C
2014-05-05 17:43 - 2014-05-06 09:06 - 00005432 _____ () C:\Windows\pixcache.ini
2014-05-05 17:43 - 2014-05-05 17:43 - 00003050 _____ () C:\Windows\System32\Tasks\{BEA2EFCD-E2FA-474A-BB2F-ADE6F46BED5D}
2014-05-05 16:56 - 2014-05-05 16:56 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\AdobeUM
2014-05-05 16:54 - 2014-05-14 15:27 - 00002501 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat 7.0 Standard.lnk
2014-05-05 16:54 - 2014-05-14 14:44 - 00002459 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Distiller 7.0.lnk
2014-05-05 16:54 - 2014-05-05 16:54 - 00002039 _____ () C:\Users\Public\Desktop\Adobe Acrobat 7.0 Standard.lnk
2014-05-05 16:53 - 2014-05-20 18:03 - 00000000 ____D () C:\Windows\SysWOW64\spool
2014-05-05 16:53 - 2014-05-19 10:44 - 00000000 ____D () C:\Users\Public\Documents\Adobe PDF
2014-05-05 16:24 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-05-05 16:24 - 2014-05-20 17:51 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-05-05 16:24 - 2014-05-20 17:45 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-05-05 16:23 - 2014-05-05 16:24 - 13084896 _____ (Microsoft Corporation) C:\Users\Barry Chapman\Downloads\Silverlight_x64 (1).exe
2014-05-05 16:23 - 2014-05-05 16:23 - 13084896 _____ (Microsoft Corporation) C:\Users\Barry Chapman\Downloads\Silverlight_x64.exe
2014-05-05 16:15 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
2014-05-05 16:15 - 2014-05-20 17:51 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-05-05 16:15 - 2014-05-05 16:15 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_point64_01011.Wdf
2014-05-05 16:12 - 2014-05-05 16:12 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_dc3d_01011.Wdf
2014-05-05 15:52 - 2014-05-05 15:53 - 19495200 _____ () C:\Users\Barry Chapman\Downloads\upd-ps-x64-5.8.0.17508.exe
2014-05-05 15:50 - 2014-05-05 15:53 - 00000000 ____D () C:\HP Universal Print Driver
2014-05-05 15:49 - 2014-05-05 15:49 - 18409760 _____ () C:\Users\Barry Chapman\Downloads\upd-pcl6-x64-5.8.0.17508.exe
2014-05-05 14:53 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Landtech XML
2014-05-05 14:53 - 2014-05-05 14:53 - 00001534 _____ () C:\Users\Barry Chapman\Desktop\Landtech XML.lnk
2014-05-05 14:52 - 2014-05-05 14:52 - 00204800 _____ (Landtech Data Corporation) C:\Windows\SysWOW64\ltwpvsw.DLL
2014-05-05 14:52 - 2014-05-05 14:52 - 00065536 _____ (Landtech Data Corp.) C:\Windows\SysWOW64\LTWNode.exe
2014-05-05 14:52 - 2014-05-05 14:52 - 00004726 _____ () C:\Windows\BOOTSTRAP.LOG
2014-05-05 14:52 - 2014-05-05 14:52 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Landtech XML
2014-05-05 14:44 - 2014-05-05 14:44 - 00000519 _____ () C:\Windows\ODBCINST.INI
2014-05-05 14:44 - 2014-05-05 14:44 - 00000000 ____D () C:\ProgramData\Pervasive Software
2014-05-05 14:44 - 2014-05-05 14:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pervasive
2014-05-05 14:44 - 2014-05-05 14:44 - 00000000 ____D () C:\Program Files (x86)\Pervasive Software
2014-05-05 14:18 - 2014-05-05 14:18 - 00000000 ____D () C:\Wages
2014-05-05 14:15 - 2014-05-05 14:17 - 88823072 _____ () C:\Users\Barry Chapman\Downloads\PSQL-Workgroup-10.30.022.000-win.x86.exe
2014-05-05 14:07 - 2001-06-01 14:17 - 00169600 _____ (Wintertree Software Inc.) C:\Windows\SysWOW64\WSpell.ocx
brchapman
2014-05-28, 00:37
2014-05-05 12:36 - 2014-05-20 17:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WP-64
2014-05-05 12:34 - 2014-05-05 12:34 - 32856361 _____ (wpdos.org ) C:\Users\Barry Chapman\Downloads\WP64DOSBox-Setup.exe
2014-05-05 12:22 - 2014-05-14 13:26 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Help
2014-05-05 12:22 - 2014-05-09 09:28 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Help
2014-05-05 11:45 - 2014-05-21 16:21 - 00037861 _____ () C:\Users\Barry Chapman\AppData\Roaming\Comma Separated Values (Windows).ADR
2014-05-05 11:40 - 2014-05-05 11:40 - 00321535 _____ () C:\Users\Barry Chapman\Downloads\contacts.csv
2014-05-05 11:26 - 2014-05-05 11:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-05 11:25 - 2014-05-05 11:25 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Barry Chapman\Downloads\mbam-setup-2.0.1.1004 (1).exe
2014-05-05 11:24 - 2014-05-05 11:25 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Barry Chapman\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-05 11:16 - 2014-05-05 11:17 - 01069064 _____ (Medlin Accounting Software ) C:\Users\Barry Chapman\Downloads\_05-01-2014_medlin_PR_4-6.exe
2014-05-05 10:49 - 2014-05-25 12:10 - 00000000 ____D () C:\MWACCT
2014-05-05 10:49 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Medlin Accounting
2014-05-05 10:49 - 2014-05-05 11:17 - 00000580 _____ () C:\Users\Public\Desktop\Medlin Accounting.lnk
2014-05-05 10:49 - 1998-05-11 20:01 - 01355776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvbvm50.dll
2014-05-05 10:40 - 2014-05-05 10:40 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\QuickenWindow
2014-05-05 10:36 - 2014-05-05 10:36 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\IsolatedStorage
2014-05-05 10:28 - 2014-05-05 10:28 - 00000000 ____D () C:\Users\Barry Chapman\Documents\Quicken
2014-05-05 10:24 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quicken 2014
2014-05-05 10:24 - 2014-05-20 17:46 - 00000000 ____D () C:\Program Files (x86)\Quicken
2014-05-05 10:24 - 2014-05-05 10:24 - 00001808 _____ () C:\Users\Public\Desktop\Quicken Deluxe 2014.lnk
2014-05-05 10:24 - 2014-05-05 10:24 - 00000126 _____ () C:\Windows\QUICKEN.INI
2014-05-05 10:24 - 2014-05-05 10:24 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Intuit
2014-05-05 10:24 - 2009-05-12 15:14 - 04169728 _____ (Amyuni Technologies http://www.amyuni.com) C:\Windows\SysWOW64\cdintf400.dll
2014-05-05 10:23 - 2014-05-05 10:23 - 00000000 ____D () C:\ProgramData\Intuit
2014-05-05 10:18 - 2014-05-05 10:21 - 112168720 _____ (Intuit Inc. ) C:\Users\Barry Chapman\Downloads\QW14DLX.exe
2014-05-05 10:13 - 2014-05-20 17:52 - 00000000 ____D () C:\Quicken 2014
2014-05-05 08:58 - 2014-05-05 08:58 - 00000000 __SHD () C:\Users\Barry Chapman\AppData\Local\EmieUserList
2014-05-05 08:58 - 2014-05-05 08:58 - 00000000 __SHD () C:\Users\Barry Chapman\AppData\Local\EmieSiteList
2014-05-05 03:10 - 2014-03-06 05:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-05 03:10 - 2014-03-06 04:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-05 03:10 - 2014-03-06 04:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-05 03:10 - 2014-03-06 04:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-05 03:10 - 2014-03-06 04:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-05 03:10 - 2014-03-06 04:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-05 03:10 - 2014-03-06 04:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-05 03:10 - 2014-03-06 04:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-05 03:10 - 2014-03-06 04:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-05 03:10 - 2014-03-06 04:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-05 03:10 - 2014-03-06 04:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-05 03:10 - 2014-03-06 04:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-05 03:10 - 2014-03-06 04:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-05 03:10 - 2014-03-06 04:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-05 03:10 - 2014-03-06 04:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-05 03:10 - 2014-03-06 04:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-05 03:10 - 2014-03-06 04:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-05 03:10 - 2014-03-06 04:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-05 03:10 - 2014-03-06 03:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-05 03:10 - 2014-03-06 03:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-05 03:10 - 2014-03-06 03:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-05 03:10 - 2014-03-06 03:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-05 03:10 - 2014-03-06 03:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-05 03:10 - 2014-03-06 03:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-05 03:10 - 2014-03-06 03:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-05 03:10 - 2014-03-06 03:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-05 03:10 - 2014-03-06 03:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-05 03:10 - 2014-03-06 03:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-05 03:10 - 2014-03-06 03:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-05 03:10 - 2014-03-06 03:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-05 03:10 - 2014-03-06 03:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-05 03:10 - 2014-03-06 03:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-05 03:10 - 2014-03-06 03:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-05 03:10 - 2014-03-06 03:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-05 03:10 - 2014-03-06 02:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-05 03:10 - 2014-03-06 02:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-05 03:10 - 2014-03-06 02:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-05 03:10 - 2014-03-06 02:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-05 03:10 - 2014-03-06 02:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-05 03:10 - 2014-03-06 01:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-05 03:10 - 2014-03-06 01:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-05 03:10 - 2014-03-06 01:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-05 03:10 - 2014-03-06 01:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-05 03:10 - 2014-03-06 01:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-05 03:06 - 2014-05-05 03:06 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-05-05 03:06 - 2014-05-05 03:06 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-05-04 03:06 - 2012-07-25 23:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2014-05-04 03:06 - 2012-07-25 23:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-05-04 03:06 - 2012-07-25 23:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-05-04 03:06 - 2012-07-25 23:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-05-04 03:06 - 2012-07-25 23:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2014-05-04 03:06 - 2012-07-25 22:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-05-04 03:06 - 2012-07-25 22:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-05-04 03:06 - 2012-06-02 10:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-05-03 16:58 - 2014-01-28 22:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-05-03 16:58 - 2014-01-28 22:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-05-03 16:58 - 2014-01-27 22:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-05-03 16:58 - 2013-12-31 19:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-05-03 16:58 - 2013-12-31 19:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-05-03 16:58 - 2013-12-05 22:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-05-03 16:58 - 2013-12-05 22:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-05-03 16:58 - 2013-12-05 22:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-05-03 16:58 - 2013-12-05 22:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-05-03 16:58 - 2013-11-23 14:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-05-03 16:58 - 2013-11-23 13:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-05-03 16:58 - 2011-04-09 02:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-05-03 16:58 - 2011-04-09 01:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-05-03 16:55 - 2014-02-06 21:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-05-03 16:55 - 2013-12-24 19:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-05-03 16:55 - 2013-12-24 18:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-05-03 16:55 - 2013-12-03 22:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-05-03 16:55 - 2013-12-03 22:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-05-03 16:55 - 2013-12-03 22:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-05-03 16:55 - 2013-12-03 22:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-05-03 16:55 - 2013-12-03 22:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-05-03 16:55 - 2013-12-03 22:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-05-03 16:55 - 2013-12-03 22:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-05-03 16:55 - 2013-12-03 22:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-05-03 16:55 - 2013-12-03 22:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-05-03 16:55 - 2013-12-03 22:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-05-03 16:55 - 2013-12-03 22:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-05-03 16:55 - 2013-12-03 22:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-05-03 16:55 - 2013-12-03 22:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-05-03 16:55 - 2013-12-03 22:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-05-03 16:55 - 2013-12-03 21:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-05-03 16:55 - 2013-12-03 21:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-05-03 16:55 - 2013-12-03 21:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-05-03 16:55 - 2013-12-03 21:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-05-03 16:55 - 2013-11-26 21:42 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-05-03 16:55 - 2013-11-26 21:42 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-05-03 16:55 - 2013-11-26 21:42 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-05-03 16:55 - 2013-11-26 21:42 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-05-03 16:55 - 2013-11-26 21:42 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-05-03 16:55 - 2013-11-26 04:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-05-03 16:55 - 2013-11-22 18:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-05-03 16:53 - 2014-03-04 05:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-05-03 16:53 - 2014-03-04 05:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-05-03 16:53 - 2014-03-04 05:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-05-03 16:53 - 2014-03-04 05:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-05-03 16:53 - 2014-03-04 05:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-05-03 16:53 - 2014-03-04 05:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-05-03 16:53 - 2014-03-04 05:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-05-03 16:53 - 2014-03-04 05:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-05-03 16:53 - 2014-03-04 05:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-05-03 16:53 - 2014-03-04 04:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-05-03 16:53 - 2014-03-04 04:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-05-03 16:53 - 2014-02-03 22:37 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-05-03 16:53 - 2014-02-03 22:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-05-03 16:53 - 2014-02-03 22:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-05-03 16:53 - 2014-02-03 22:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-05-03 16:53 - 2014-02-03 22:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-05-03 16:53 - 2014-02-03 22:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-05-03 16:53 - 2014-02-03 22:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-05-03 16:53 - 2014-02-03 22:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-05-03 16:53 - 2014-02-03 22:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-05-03 16:53 - 2014-01-23 22:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-05-03 16:53 - 2013-11-26 07:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-05-03 16:53 - 2013-07-20 06:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-05-03 16:53 - 2013-07-20 06:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-05-03 16:53 - 2011-02-18 06:51 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2014-05-03 16:53 - 2011-02-18 01:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2014-05-03 16:46 - 2014-05-03 16:46 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-05-03 16:40 - 2014-05-14 11:55 - 00000000 ____D () C:\Office 2000
2014-05-03 16:36 - 2014-05-20 18:02 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-05-03 16:34 - 2014-05-22 16:23 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-03 16:34 - 2014-05-20 17:52 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Microsoft Help
2014-05-03 16:32 - 2014-05-20 17:52 - 00000000 ____D () C:\Users\Barry Chapman\Downloads\DVD_Office_2010_32Bit
2014-05-03 16:26 - 2014-05-03 16:26 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\WinRAR
2014-05-03 16:23 - 2014-05-03 16:23 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Macromedia
2014-05-03 16:21 - 2014-05-20 17:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-03 16:21 - 2014-05-20 17:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-03 16:21 - 2014-05-03 16:21 - 00001161 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-03 16:21 - 2014-05-03 16:21 - 00001149 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-03 16:21 - 2014-05-03 16:21 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Mozilla
2014-05-03 16:21 - 2014-05-03 16:21 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Mozilla
2014-05-03 16:21 - 2014-05-03 16:21 - 00000000 ____D () C:\ProgramData\Mozilla
2014-05-03 16:19 - 2014-05-03 16:19 - 00282960 _____ (Mozilla) C:\Users\Barry Chapman\Downloads\Firefox Setup Stub 29.0.exe
2014-05-03 16:11 - 2014-05-03 16:30 - 628097024 _____ () C:\Users\Barry Chapman\Downloads\DVD_Office_2010_32Bit.iso
2014-05-03 16:10 - 2014-05-20 17:52 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-05-03 16:10 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-05-03 16:10 - 2014-05-20 17:46 - 00000000 ____D () C:\Program Files (x86)\WinRAR
2014-05-03 16:10 - 2014-05-03 16:10 - 01766784 _____ () C:\Users\Barry Chapman\Downloads\wrar500.exe
2014-05-03 16:10 - 2014-05-03 16:10 - 00001007 _____ () C:\Users\Public\Desktop\WinRAR.lnk
2014-05-03 15:48 - 2009-07-13 21:41 - 00886784 _____ (Microsoft Corporation) C:\Windows\system32\wab32.dll
2014-05-03 15:48 - 2009-07-13 21:33 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\wab32res.dll
2014-05-03 15:41 - 2014-05-03 15:41 - 00000376 _____ () C:\Windows\ODBC.INI
2014-05-03 15:40 - 2014-05-20 17:55 - 00000000 ____D () C:\Windows\Msagent
2014-05-03 15:40 - 2014-05-03 15:40 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Microsoft Web Folders
2014-05-03 15:33 - 2009-08-04 13:56 - 00296960 _____ (Microsoft Corporation) C:\Windows\winhlp32.exe
2014-05-03 15:33 - 2009-08-04 13:55 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftsrch.dll
2014-05-03 15:33 - 2009-08-04 13:55 - 00195072 _____ (Microsoft Corporation) C:\Windows\system32\ftsrch.dll
2014-05-03 15:33 - 2009-08-04 13:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftlx041e.dll
2014-05-03 15:33 - 2009-08-04 13:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\ftlx041e.dll
2014-05-03 15:33 - 2009-08-04 13:55 - 00009216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftlx0411.dll
2014-05-03 15:33 - 2009-08-04 13:55 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\ftlx0411.dll
2014-05-03 15:20 - 2014-05-03 15:20 - 00718172 _____ () C:\Users\Barry Chapman\Downloads\Windows6.1-KB917607-x64.msu
2014-05-03 15:20 - 2014-05-03 15:20 - 00703811 _____ () C:\Users\Barry Chapman\Downloads\Windows6.1-KB917607-x86.msu
2014-05-03 14:40 - 2014-05-20 11:10 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Adobe
2014-05-03 14:29 - 2014-05-20 17:50 - 00000000 ____D () C:\Program Files (x86)\wp51
2014-05-03 14:14 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FAX User Software
2014-05-03 14:14 - 2014-05-03 14:14 - 00000000 ____D () C:\Program Files (x86)\Kyocera
2014-05-03 14:02 - 2014-05-03 14:02 - 00003102 _____ () C:\Windows\System32\Tasks\{274EC4EA-7BEE-46DD-B238-1777098F3282}
2014-05-03 13:53 - 2014-05-03 13:53 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Canon Electronics
2014-05-03 13:38 - 2014-05-03 13:52 - 00000000 ____D () C:\Users\Barry Chapman\Documents\Corel User Files
2014-05-03 13:38 - 2014-05-03 13:38 - 00061678 _____ () C:\Users\Barry Chapman\AppData\Roaming\PFP120JPR.{PB
2014-05-03 13:38 - 2014-05-03 13:38 - 00012358 _____ () C:\Users\Barry Chapman\AppData\Roaming\PFP120JCM.{PB
2014-05-03 13:38 - 2014-05-03 13:38 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Corel
2014-05-03 13:31 - 2013-07-04 13:57 - 00067888 _____ (Canon Electronics Inc.) C:\Windows\SysWOW64\SuStiUtl.dll
2014-05-03 13:31 - 2006-05-16 21:19 - 00021008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CTL3D.DLL
2014-05-03 13:30 - 2014-05-20 17:55 - 00000000 ____D () C:\Windows\PIXTRAN
2014-05-03 13:30 - 2014-05-20 17:52 - 00000000 ____D () C:\Users\Barry Chapman\Desktop\Canon DR-2580C
2014-05-03 13:30 - 2014-05-07 09:25 - 00000000 ____D () C:\Program Files (x86)\Canon Electronics
2014-05-03 13:30 - 2014-05-06 13:22 - 00000125 _____ () C:\Windows\SetScan.ini
2014-05-03 13:30 - 2014-05-06 13:12 - 00017862 _____ () C:\Windows\DPINST.LOG
2014-05-03 13:30 - 2009-05-13 16:05 - 00401484 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Msvcrtd.dll
2014-05-03 13:30 - 2006-05-16 21:40 - 00221456 _____ (EMC Corporation) C:\Windows\SysWOW64\PIXDFLTN.DLL
2014-05-03 13:30 - 2006-05-16 21:40 - 00180224 _____ (Pegasus Imaging Corp.) C:\Windows\SysWOW64\PIXN1120.DLL
2014-05-03 13:30 - 2006-05-16 21:40 - 00176128 _____ (Pegasus Imaging Corp.) C:\Windows\SysWOW64\PIXN1520.DLL
2014-05-03 13:30 - 2006-05-16 21:40 - 00155648 _____ (Pegasus Imaging Corp.) C:\Windows\SysWOW64\PIXN1020.DLL
2014-05-03 13:30 - 2006-05-16 21:40 - 00114688 _____ (Pegasus Imaging Corp.) C:\Windows\SysWOW64\PIXN1320.DLL
2014-05-03 13:30 - 2006-05-16 21:40 - 00074000 _____ (EMC Corporation) C:\Windows\SysWOW64\PIXLOCN.DLL
2014-05-03 13:30 - 2006-05-16 21:40 - 00053520 _____ (EMC Corporation) C:\Windows\SysWOW64\PIXPERMN.DLL
2014-05-03 13:30 - 2006-05-16 21:40 - 00051712 _____ (Pegasus Imaging Corp.) C:\Windows\SysWOW64\PIXN20.DLL
2014-05-03 13:30 - 2005-08-09 17:34 - 00094208 _____ (Canon Electronics Inc.) C:\Windows\SysWOW64\DR25CPL.dll
2014-05-03 13:30 - 2005-06-14 08:29 - 00036864 _____ (Canon Electronics Inc.) C:\Windows\SysWOW64\CeiUSB2.dll
2014-05-03 13:30 - 2005-02-15 13:18 - 00106496 _____ (Canon Electronics) C:\Windows\SysWOW64\DR25SVC.dll
2014-05-03 13:30 - 2002-09-25 16:02 - 00602384 _____ (Pixel Translations Incorporated) C:\Windows\SysWOW64\pixipdll.dll
2014-05-03 13:30 - 2002-05-13 22:55 - 00014000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Drivers\usbscan.sys
2014-05-03 13:30 - 1998-10-29 16:45 - 00306688 _____ (InstallShield Software Corporation) C:\Windows\IsUninst.exe
2014-05-03 13:17 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WordPerfect Office 12
2014-05-03 13:17 - 2014-05-03 13:17 - 00002607 _____ () C:\Users\Barry Chapman\Desktop\WordPerfect.lnk
2014-05-03 13:14 - 2014-05-05 12:18 - 00000000 ____D () C:\Program Files (x86)\WordPerfect Office 12
2014-05-03 12:01 - 2014-05-04 18:11 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\PCDr
2014-05-02 20:32 - 2012-06-02 18:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-05-02 20:32 - 2012-06-02 18:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-05-02 20:32 - 2012-06-02 18:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-05-02 20:32 - 2012-06-02 18:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-05-02 20:32 - 2012-06-02 18:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-05-02 20:32 - 2012-06-02 18:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-05-02 20:32 - 2012-06-02 18:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-05-02 20:32 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-05-02 20:32 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-05-02 19:50 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
2014-05-02 16:23 - 2014-05-21 09:17 - 00002310 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-02 16:23 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-02 16:12 - 2014-05-27 16:55 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-02 16:12 - 2014-05-27 15:55 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-02 16:12 - 2014-05-22 15:36 - 00000000 ____D () C:\Program Files (x86)\Google
2014-05-02 16:12 - 2014-05-07 15:50 - 00003908 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-02 16:12 - 2014-05-07 15:50 - 00003656 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-02 16:12 - 2014-05-02 16:23 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Google
2014-05-02 15:58 - 2014-05-20 13:56 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Deployment
2014-05-02 15:58 - 2014-05-02 15:58 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Apps\2.0
2014-05-02 15:45 - 2014-05-20 17:32 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-05-02 15:45 - 2014-05-20 17:26 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Opera Software
2014-05-02 15:45 - 2014-05-15 14:40 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Opera Software
2014-05-02 15:42 - 2014-05-02 15:42 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Macromedia
2014-05-02 15:26 - 2014-05-02 15:26 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Intel Corporation
2014-05-02 15:25 - 2014-05-27 12:36 - 00003440 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
2014-05-02 15:25 - 2014-05-25 10:37 - 00000000 ___RD () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-02 15:25 - 2014-05-20 17:52 - 00000000 ___RD () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-02 15:25 - 2014-05-20 17:51 - 00000000 ____D () C:\ProgramData\Atheros
2014-05-02 15:25 - 2014-05-20 16:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Adobe
2014-05-02 15:25 - 2014-05-20 16:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\VirtualStore
2014-05-02 15:25 - 2014-05-13 08:51 - 00000000 ____D () C:\Users\Barry Chapman\Documents\Bluetooth Folder
2014-05-02 15:25 - 2014-05-02 15:25 - 00004004 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2014-05-02 15:25 - 2014-05-02 15:25 - 00003214 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest
2014-05-02 15:25 - 2014-05-02 15:25 - 00001415 _____ () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-02 15:25 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Leadertech
2014-05-02 15:25 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Dell
2014-05-02 15:25 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Atheros
2014-05-02 15:25 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\BMExplorer
2014-05-02 15:23 - 2014-05-13 16:30 - 00000000 ____D () C:\ProgramData\softthinks
2014-05-02 15:23 - 2014-05-02 15:23 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\softthinks
2014-05-02 15:23 - 2013-12-05 03:16 - 00000114 ____H () C:\DBAR_Ver.txt
2014-05-02 15:18 - 2014-05-20 18:27 - 00132680 _____ () C:\Users\Barry Chapman\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-02 15:18 - 2014-05-02 15:18 - 00001975 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Help Documentation.lnk
2014-05-02 15:17 - 2014-05-20 18:25 - 00000000 ____D () C:\Users\Barry Chapman
2014-05-02 15:17 - 2014-05-20 17:52 - 00000000 ___RD () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-02 15:17 - 2014-05-20 17:52 - 00000000 ___RD () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-02 15:17 - 2014-05-02 15:17 - 00000020 ___SH () C:\Users\Barry Chapman\ntuser.ini
==================== One Month Modified Files and Folders =======
2014-05-27 17:32 - 2014-05-27 16:22 - 00018850 _____ () C:\Users\Barry Chapman\Desktop\FRST.txt
2014-05-27 17:32 - 2014-05-27 16:22 - 00000000 ____D () C:\FRST
2014-05-27 17:24 - 2014-05-14 11:56 - 00000000 ____D () C:\Users\Barry Chapman\Documents\Outlook Files
2014-05-27 17:07 - 2014-03-21 13:36 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-27 16:55 - 2014-05-02 16:12 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-27 16:23 - 2014-05-27 16:22 - 00038207 _____ () C:\Users\Barry Chapman\Desktop\Addition.txt
2014-05-27 16:21 - 2014-05-27 16:21 - 02066944 _____ (Farbar) C:\Users\Barry Chapman\Desktop\FRST64.exe
2014-05-27 15:57 - 2014-05-27 10:02 - 00198204 _____ () C:\Users\Barry Chapman\Downloads\OTL.Txt
2014-05-27 15:55 - 2014-05-02 16:12 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-27 15:46 - 2009-07-14 01:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-05-27 15:40 - 2014-05-27 13:59 - 00000008 _____ () C:\LTLASTFN.DAT
2014-05-27 15:30 - 2014-05-27 15:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-05-27 15:23 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-05-27 13:31 - 2009-07-14 01:13 - 00791990 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-27 13:31 - 2009-07-14 00:45 - 00021312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-27 13:31 - 2009-07-14 00:45 - 00021312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-27 13:29 - 2014-05-27 13:29 - 00043987 _____ () C:\ComboFix.txt
2014-05-27 13:29 - 2014-05-27 12:50 - 00000000 ____D () C:\Qoobox
2014-05-27 13:29 - 2009-07-13 23:20 - 00000000 __RHD () C:\Users\Default
2014-05-27 13:28 - 2014-03-22 04:31 - 01430462 _____ () C:\Windows\WindowsUpdate.log
2014-05-27 13:27 - 2014-05-25 10:38 - 00000000 ____D () C:\Windows\ERDNT
2014-05-27 13:26 - 2014-03-21 13:56 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery
2014-05-27 13:24 - 2014-05-09 07:39 - 00000000 ____D () C:\ProgramData\VMware
2014-05-27 13:24 - 2009-07-13 22:34 - 00000215 _____ () C:\Windows\system.ini
2014-05-27 13:23 - 2010-11-20 23:47 - 00310102 _____ () C:\Windows\PFRO.log
2014-05-27 13:23 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-27 13:23 - 2009-07-14 00:51 - 00042071 _____ () C:\Windows\setupact.log
2014-05-27 12:51 - 2014-05-27 12:51 - 00001540 _____ () C:\Users\Barry Chapman\Desktop\ComboFix.exe - Shortcut.lnk
2014-05-27 12:47 - 2014-05-27 12:46 - 05203612 ____R () C:\Users\Barry Chapman\Downloads\ComboFix.exe
2014-05-27 12:36 - 2014-05-02 15:25 - 00003440 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
2014-05-27 11:30 - 2014-05-27 11:30 - 00000000 ___RD () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-05-27 11:23 - 2014-05-27 11:23 - 00000000 ____D () C:\_OTL
2014-05-27 10:03 - 2014-05-27 10:03 - 00056788 _____ () C:\Users\Barry Chapman\Downloads\Extras.Txt
2014-05-27 09:54 - 2014-05-27 09:54 - 00602112 _____ (OldTimer Tools) C:\Users\Barry Chapman\Downloads\OTL.exe
2014-05-27 09:22 - 2014-05-16 10:51 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\CrashDumps
2014-05-27 09:18 - 2014-05-27 09:18 - 00000000 ____D () C:\Malwarebytes' Anti-Malware
2014-05-27 09:13 - 2014-05-27 09:25 - 01440846 _____ () C:\Program Files (x86)\mbam-chameleon-1.62.1.1000.zip
2014-05-27 09:01 - 2014-05-27 09:01 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Barry Chapman\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-05-27 08:58 - 2014-05-27 08:58 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Barry Chapman\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-26 10:25 - 2014-05-19 16:42 - 00000000 ____D () C:\AdwCleaner
2014-05-26 10:24 - 2014-05-14 15:56 - 00000000 ____D () C:\Program Files (x86)\MSR
2014-05-26 10:17 - 2014-05-26 10:17 - 01327971 _____ () C:\Users\Barry Chapman\Downloads\AdwCleaner.exe
2014-05-26 10:07 - 2014-03-21 13:52 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-05-25 12:10 - 2014-05-05 10:49 - 00000000 ____D () C:\MWACCT
2014-05-25 11:49 - 2014-05-25 11:49 - 00004447 _____ () C:\Users\Barry Chapman\Desktop\attach.zip
2014-05-25 11:38 - 2014-05-25 11:38 - 00002135 _____ () C:\Users\Barry Chapman\Desktop\aswMBR.txt
2014-05-25 11:38 - 2014-05-25 11:38 - 00000512 _____ () C:\Users\Barry Chapman\Desktop\MBR.dat
2014-05-25 10:52 - 2014-05-25 10:52 - 00004315 _____ () C:\Users\Barry Chapman\Desktop\attach.rar
2014-05-25 10:46 - 2014-05-25 10:46 - 00042419 _____ () C:\Users\Barry Chapman\Desktop\dds.txt
2014-05-25 10:46 - 2014-05-25 10:46 - 00020635 _____ () C:\Users\Barry Chapman\Desktop\attach.txt
2014-05-25 10:43 - 2014-05-25 10:43 - 04745728 _____ (AVAST Software) C:\Users\Barry Chapman\Downloads\aswMBR.exe
2014-05-25 10:38 - 2014-05-25 10:38 - 00688992 ____R (Swearware) C:\Users\Barry Chapman\Downloads\dds (1).scr
2014-05-25 10:37 - 2014-05-25 10:36 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-05-25 10:37 - 2014-05-02 15:25 - 00000000 ___RD () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-25 10:36 - 2014-05-25 10:36 - 00791393 _____ (Lars Hederer ) C:\Users\Barry Chapman\Downloads\erunt-setup (2).exe
2014-05-25 10:36 - 2014-05-25 10:36 - 00000960 _____ () C:\Users\Barry Chapman\Desktop\ERUNT.lnk
2014-05-25 10:36 - 2014-05-25 10:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
2014-05-24 12:00 - 2014-05-24 12:00 - 00688992 _____ (Swearware) C:\Users\Barry Chapman\Downloads\dds.scr
2014-05-24 11:59 - 2014-05-24 11:59 - 00791393 _____ (Lars Hederer ) C:\Users\Barry Chapman\Downloads\erunt-setup (1).exe
2014-05-24 11:57 - 2014-05-24 11:57 - 00791393 _____ (Lars Hederer ) C:\Users\Barry Chapman\Downloads\erunt-setup.exe
2014-05-23 08:25 - 2014-05-23 08:25 - 00000000 ____D () C:\New folder
2014-05-23 07:59 - 2009-07-13 23:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-23 07:48 - 2014-05-23 07:48 - 624028561 _____ () C:\Windows\MEMORY.DMP
2014-05-23 07:48 - 2014-05-23 07:48 - 00280128 _____ () C:\Windows\Minidump\052314-21138-01.dmp
2014-05-23 07:48 - 2014-05-23 07:48 - 00000000 ____D () C:\Windows\Minidump
2014-05-23 07:43 - 2014-05-23 07:43 - 00162208 _____ () C:\Users\Barry Chapman\Downloads\Antivirus_Free_Edition (1).exe
2014-05-23 07:43 - 2014-05-23 07:40 - 10447328 _____ () C:\Users\Barry Chapman\Downloads\Antivirus_Free_Edition_x64.exe
2014-05-23 07:41 - 2014-05-23 07:41 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\QuickScan
2014-05-23 07:39 - 2014-05-23 07:39 - 00162208 _____ () C:\Users\Barry Chapman\Downloads\Antivirus_Free_Edition.exe
2014-05-23 07:03 - 2014-05-21 11:16 - 00000000 ____D () C:\ProgramData\MFAData
2014-05-22 16:23 - 2014-05-03 16:34 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-22 16:19 - 2009-07-13 22:34 - 00000510 _____ () C:\Windows\win.ini
2014-05-22 15:37 - 2014-05-22 15:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2014-05-22 15:36 - 2014-05-02 16:12 - 00000000 ____D () C:\Program Files (x86)\Google
2014-05-22 15:35 - 2014-05-22 15:35 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-05-22 15:35 - 2014-05-22 15:35 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-05-22 15:35 - 2014-05-22 15:35 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-05-22 15:35 - 2014-05-22 15:35 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-05-22 15:35 - 2014-05-22 15:35 - 00000000 ____D () C:\Program Files (x86)\Java
2014-05-22 13:23 - 2014-05-22 13:22 - 00051706 _____ () C:\Windows\SysWOW64\bddel.dat
2014-05-22 10:51 - 2014-05-15 11:21 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-05-22 10:49 - 2014-05-15 11:40 - 00001446 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-05-22 10:49 - 2014-05-15 11:40 - 00001434 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-05-22 10:49 - 2014-05-15 11:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-05-22 10:49 - 2014-05-15 11:21 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-05-22 10:47 - 2014-05-22 10:47 - 00000000 ____D () C:\Program Files (x86)\Spybot
2014-05-22 09:31 - 2014-05-22 08:13 - 00017970 _____ () C:\Users\Barry Chapman\Desktop\Nmc_2014-05-22_08-13-17.log
brchapman
2014-05-28, 00:37
:08 - 00003374 _____ () C:\Users\Barry Chapman\Desktop\Nmc_2014-05-22_08-08-46.log
2014-05-22 08:06 - 2014-05-22 07:57 - 332119856 _____ (Norman Shark AS) C:\Users\Barry Chapman\Downloads\Norman_Malware_Cleaner (1).exe
2014-05-21 16:21 - 2014-05-05 11:45 - 00037861 _____ () C:\Users\Barry Chapman\AppData\Roaming\Comma Separated Values (Windows).ADR
2014-05-21 11:27 - 2014-05-21 11:27 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\TuneUp Software
2014-05-21 11:16 - 2014-05-21 11:16 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\MFAData
2014-05-21 11:15 - 2014-05-21 11:15 - 04485528 _____ (AVG Technologies) C:\Users\Barry Chapman\Downloads\avg_free_stb_all_2014_4577_cnet.exe
2014-05-21 11:11 - 2014-03-21 13:52 - 00000000 ____D () C:\ProgramData\McAfee
2014-05-21 10:04 - 2014-05-21 09:31 - 00014960 _____ () C:\Users\Barry Chapman\Desktop\Nmc_2014-05-21_09-31-37.log
2014-05-21 09:17 - 2014-05-02 16:23 - 00002310 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-21 09:08 - 2014-05-21 09:01 - 331917560 _____ (Norman Shark AS) C:\Users\Barry Chapman\Downloads\Norman_Malware_Cleaner.exe
2014-05-20 18:49 - 2014-03-21 13:52 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2014-05-20 18:27 - 2014-05-02 15:18 - 00132680 _____ () C:\Users\Barry Chapman\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-20 18:25 - 2014-05-02 15:17 - 00000000 ____D () C:\Users\Barry Chapman
2014-05-20 18:24 - 2014-05-19 08:08 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-05-20 18:24 - 2014-03-21 13:45 - 00000000 ____D () C:\Program Files (x86)\Dell Wireless
2014-05-20 18:19 - 2014-05-06 07:52 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-20 18:19 - 2014-03-22 04:22 - 00000000 ____D () C:\Windows\system32\Drivers\tr-TR
2014-05-20 18:19 - 2014-03-22 04:22 - 00000000 ____D () C:\Windows\system32\Drivers\th-TH
2014-05-20 18:19 - 2014-03-22 04:22 - 00000000 ____D () C:\Windows\system32\Drivers\ro-RO
2014-05-20 18:19 - 2014-03-22 04:22 - 00000000 ____D () C:\Windows\system32\Drivers\he-IL
2014-05-20 18:19 - 2014-03-22 04:22 - 00000000 ____D () C:\Windows\system32\Drivers\ar-SA
2014-05-20 18:19 - 2010-11-21 03:17 - 00000000 ____D () C:\Windows\ShellNew
2014-05-20 18:19 - 2010-11-21 03:17 - 00000000 ____D () C:\Program Files\Windows Journal
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Windows\system32\WinBioPlugIns
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Windows\Offline Web Pages
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Windows\addins
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files\DVD Maker
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 __RSD () C:\Windows\Media
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\TAPI
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\uk-UA
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\th-TH
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\sr-Latn-CS
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\sppui
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\sl-SI
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\sk-SK
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Setup
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\ro-RO
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Recovery
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\ras
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\migwiz
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\manifeststore
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\lv-LV
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\lt-LT
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\InstallShield
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\icsxml
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\hr-HR
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\he-IL
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\et-EE
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\com
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\bg-BG
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\ar-SA
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\AdvancedInstallers
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\uk-UA
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\th-TH
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\sysprep
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\sppui
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\sl-SI
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\sk-SK
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Setup
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\ro-RO
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\ras
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\oobe
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Msdtc
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\migwiz
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\manifeststore
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\lv-LV
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\lt-LT
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\icsxml
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\ias
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\hr-HR
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\he-IL
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\et-EE
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\com
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\bg-BG
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\ar-SA
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\servicing
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\L2Schemas
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\IME
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\Cursors
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\Services
2014-05-20 18:03 - 2014-05-05 16:53 - 00000000 ____D () C:\Windows\SysWOW64\spool
2014-05-20 18:03 - 2014-03-21 13:42 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-05-20 18:03 - 2014-03-21 13:36 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-05-20 18:02 - 2014-05-03 16:36 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-05-20 18:02 - 2014-03-21 13:36 - 00000000 ____D () C:\Windows\system32\Macromed
2014-05-20 18:02 - 2009-07-14 01:32 - 00000000 ____D () C:\Windows\system32\restore
2014-05-20 18:02 - 2009-07-14 01:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-05-20 18:02 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-20 18:02 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system
2014-05-20 17:55 - 2014-05-13 11:18 - 00000000 ____D () C:\Windows\pss
2014-05-20 17:55 - 2014-05-03 15:40 - 00000000 ____D () C:\Windows\Msagent
2014-05-20 17:55 - 2014-05-03 13:30 - 00000000 ____D () C:\Windows\PIXTRAN
2014-05-20 17:53 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\Help
2014-05-20 17:52 - 2014-05-15 03:25 - 00000000 ___RD () C:\Users\Barry Chapman\Virtual Machines
2014-05-20 17:52 - 2014-05-14 15:54 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\wi_upd
2014-05-20 17:52 - 2014-05-14 10:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-05-20 17:52 - 2014-05-13 12:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backblaze
2014-05-20 17:52 - 2014-05-13 11:00 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\VMware
2014-05-20 17:52 - 2014-05-09 07:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
2014-05-20 17:52 - 2014-05-07 09:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CapturePerfect 3.1
2014-05-20 17:52 - 2014-05-06 10:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-20 17:52 - 2014-05-05 17:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon DR-2580C
2014-05-20 17:52 - 2014-05-05 16:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-05-20 17:52 - 2014-05-05 16:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
2014-05-20 17:52 - 2014-05-05 14:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Landtech XML
2014-05-20 17:52 - 2014-05-05 10:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Medlin Accounting
2014-05-20 17:52 - 2014-05-05 10:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quicken 2014
2014-05-20 17:52 - 2014-05-05 10:13 - 00000000 ____D () C:\Quicken 2014
2014-05-20 17:52 - 2014-05-03 16:34 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Microsoft Help
2014-05-20 17:52 - 2014-05-03 16:32 - 00000000 ____D () C:\Users\Barry Chapman\Downloads\DVD_Office_2010_32Bit
2014-05-20 17:52 - 2014-05-03 16:10 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-05-20 17:52 - 2014-05-03 16:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-05-20 17:52 - 2014-05-03 14:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FAX User Software
2014-05-20 17:52 - 2014-05-03 13:30 - 00000000 ____D () C:\Users\Barry Chapman\Desktop\Canon DR-2580C
2014-05-20 17:52 - 2014-05-03 13:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WordPerfect Office 12
2014-05-20 17:52 - 2014-05-02 16:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-20 17:52 - 2014-05-02 15:25 - 00000000 ___RD () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-20 17:52 - 2014-05-02 15:17 - 00000000 ___RD () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-20 17:52 - 2014-05-02 15:17 - 00000000 ___RD () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-20 17:52 - 2014-03-22 04:22 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Virtual PC
2014-05-20 17:52 - 2014-03-21 13:49 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2014-05-20 17:52 - 2014-03-21 13:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HotSpot
2014-05-20 17:52 - 2014-03-21 13:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atheros Smart Net
2014-05-20 17:52 - 2014-03-21 13:46 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BT Program
2014-05-20 17:52 - 2014-03-21 13:43 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2014-05-20 17:52 - 2014-03-21 13:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Audio
2014-05-20 17:52 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\AppCompat
2014-05-20 17:51 - 2014-05-05 16:24 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-05-20 17:51 - 2014-05-05 16:15 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-05-20 17:51 - 2014-05-02 15:25 - 00000000 ____D () C:\ProgramData\Atheros
2014-05-20 17:51 - 2014-03-21 13:52 - 00000000 ____D () C:\Program Files\mcafee.com
2014-05-20 17:51 - 2014-03-21 13:52 - 00000000 ____D () C:\Program Files\mcafee
2014-05-20 17:51 - 2014-03-21 13:50 - 00000000 ____D () C:\Program Files\My Dell
2014-05-20 17:51 - 2014-03-21 13:50 - 00000000 ____D () C:\Program Files\Dell Support Center
2014-05-20 17:51 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-05-20 17:50 - 2014-05-03 14:29 - 00000000 ____D () C:\Program Files (x86)\wp51
2014-05-20 17:46 - 2014-05-05 10:24 - 00000000 ____D () C:\Program Files (x86)\Quicken
2014-05-20 17:46 - 2014-05-03 16:10 - 00000000 ____D () C:\Program Files (x86)\WinRAR
2014-05-20 17:45 - 2014-05-05 16:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-05-20 17:45 - 2014-05-03 16:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-20 17:45 - 2014-05-03 16:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-20 17:45 - 2014-03-21 13:52 - 00000000 ____D () C:\Program Files (x86)\mcafee.com
2014-05-20 17:44 - 2014-05-13 12:16 - 00000000 ____D () C:\Program Files (x86)\Backblaze
2014-05-20 17:44 - 2014-03-21 13:55 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-05-20 17:44 - 2014-03-21 13:50 - 00000000 ____D () C:\Program Files (x86)\Dell Digital Delivery
2014-05-20 17:34 - 2014-05-16 08:33 - 00000000 ____D () C:\Program Files (x86)\Adobe Download Assistant
2014-05-20 17:32 - 2014-05-02 15:45 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-05-20 17:27 - 2014-05-05 12:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WP-64
2014-05-20 17:26 - 2014-05-06 09:05 - 00000000 ____D () C:\Users\Barry Chapman\Desktop\CapturePerfect 3.0
2014-05-20 17:26 - 2014-05-02 15:45 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Opera Software
2014-05-20 16:57 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\registration
2014-05-20 16:25 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Adobe
2014-05-20 16:25 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\VirtualStore
2014-05-20 16:25 - 2014-03-21 13:55 - 00000000 ____D () C:\ProgramData\Adobe
2014-05-20 16:25 - 2014-03-21 13:50 - 00000000 ____D () C:\ProgramData\PCDr
2014-05-20 16:20 - 2014-05-14 08:30 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-05-20 15:49 - 2014-05-20 14:54 - 00025110 _____ () C:\Users\Barry Chapman\Desktop\Nmc_2014-05-20_14-54-17.log
2014-05-20 14:53 - 2014-05-20 14:53 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Norman Malware Cleaner
2014-05-20 13:56 - 2014-05-02 15:58 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Deployment
2014-05-20 13:35 - 2014-05-20 12:44 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-05-20 12:34 - 2014-05-20 12:34 - 00000914 _____ () C:\Users\Barry Chapman\Desktop\JRT.txt
2014-05-20 11:10 - 2014-05-03 14:40 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Adobe
2014-05-20 10:30 - 2014-05-20 10:29 - 04957528 _____ (SurfRight B.V.) C:\Users\Barry Chapman\Downloads\Unconfirmed 912715.crdownload
2014-05-19 10:55 - 2014-05-19 10:55 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-05-19 10:44 - 2014-05-05 16:53 - 00000000 ____D () C:\Users\Public\Documents\Adobe PDF
2014-05-19 10:20 - 2014-05-19 10:20 - 00000000 ____D () C:\Adobe XI Pro
2014-05-19 07:54 - 2014-05-19 07:54 - 00000000 ____D () C:\Users\Barry Chapman\Documents\ProcAlyzer Dumps
2014-05-18 03:05 - 2014-05-06 13:18 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-16 09:39 - 2014-05-16 09:39 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\SUPERAntiSpyware.com
2014-05-16 09:39 - 2014-05-16 09:39 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-05-16 08:33 - 2014-05-16 08:33 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2014-05-16 08:32 - 2014-05-16 08:32 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-05-16 08:32 - 2014-05-16 08:32 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-05-15 15:02 - 2014-05-15 15:02 - 00560968 _____ (Safer-Networking Ltd. ) C:\Users\Barry Chapman\Downloads\spybot2-license (1).exe
2014-05-15 14:40 - 2014-05-02 15:45 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Opera Software
2014-05-15 14:27 - 2014-05-15 14:27 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-05-15 13:06 - 2014-05-15 13:05 - 00560968 _____ (Safer-Networking Ltd. ) C:\Users\Barry Chapman\Downloads\spybot2-license.exe
2014-05-15 11:40 - 2014-05-15 11:40 - 00000656 _____ () C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2014-05-15 11:40 - 2014-05-15 11:40 - 00000628 _____ () C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2014-05-15 11:40 - 2014-05-15 11:40 - 00000458 _____ () C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job
2014-05-15 10:56 - 2014-05-15 11:20 - 46392680 _____ (Safer-Networking Ltd. ) C:\Users\Barry Chapman\Downloads\spybot-2.3 (1).exe
2014-05-15 03:28 - 2009-07-14 01:08 - 00014614 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-15 03:03 - 2014-05-06 13:18 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-14 16:16 - 2014-05-14 16:16 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\PDF24
2014-05-14 15:56 - 2014-05-14 15:56 - 00004592 _____ () C:\Windows\System32\Tasks\IdleCrawler Runner
2014-05-14 15:54 - 2014-05-14 15:53 - 02271768 _____ () C:\Users\Barry Chapman\Downloads\Adobe.Acrobat.XI.Pro.v11.0.2.Multilingual.Cracked.exe
2014-05-14 15:27 - 2014-05-14 15:26 - 18873344 _____ () C:\Users\Barry Chapman\Downloads\AcrobatUpd714_all_incr.msp
2014-05-14 15:27 - 2014-05-05 16:54 - 00002501 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat 7.0 Standard.lnk
2014-05-14 15:23 - 2014-05-14 15:22 - 14385152 _____ () C:\Users\Barry Chapman\Downloads\AcrobatUpd713_all_incr.msp
2014-05-14 15:22 - 2014-05-14 15:21 - 03972608 _____ () C:\Users\Barry Chapman\Downloads\AcrobatUpd712_all_incr (1).msp
2014-05-14 15:20 - 2014-05-14 15:20 - 06504448 _____ () C:\Users\Barry Chapman\Downloads\AcroUpd711_all_incr.msp
2014-05-14 15:14 - 2009-07-14 00:45 - 00494176 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-14 15:08 - 2014-05-14 14:34 - 00001520 _____ () C:\Users\Public\Documents\AcStd7_1_0.ini
2014-05-14 14:44 - 2014-05-05 16:54 - 00002459 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Distiller 7.0.lnk
2014-05-14 13:26 - 2014-05-05 12:22 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Help
2014-05-14 11:55 - 2014-05-03 16:40 - 00000000 ____D () C:\Office 2000
2014-05-14 10:26 - 2014-05-14 10:20 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-05-14 10:25 - 2014-05-14 10:25 - 00000000 ____D () C:\Windows\PCHEALTH
2014-05-14 10:22 - 2014-05-14 10:22 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-05-14 10:22 - 2014-05-14 10:22 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-05-14 10:20 - 2014-05-14 10:20 - 00000000 ___RD () C:\MSOCache
2014-05-14 08:36 - 2014-03-21 13:36 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-14 08:36 - 2014-03-21 13:36 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-14 08:36 - 2014-03-21 13:36 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-14 08:30 - 2014-05-14 08:30 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Secunia PSI
2014-05-14 08:29 - 2014-05-14 08:28 - 05329480 _____ (Secunia) C:\Users\Barry Chapman\Downloads\PSISetup.exe
2014-05-13 16:30 - 2014-05-02 15:23 - 00000000 ____D () C:\ProgramData\softthinks
2014-05-13 12:17 - 2014-05-12 07:16 - 00000000 ____D () C:\.bzvol
2014-05-13 12:16 - 2014-05-13 12:16 - 05033216 _____ () C:\Users\Barry Chapman\Downloads\install_backblaze.exe
2014-05-13 12:16 - 2014-05-13 12:16 - 00000000 ____D () C:\ProgramData\Backblaze
2014-05-13 12:04 - 2014-05-13 12:02 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\VMware
2014-05-13 11:38 - 2014-05-13 11:38 - 34209792 _____ () C:\Users\Barry Chapman\Desktop\CHAPMA11_20140505-2014-05-13.QDF-backup
2014-05-13 11:13 - 2014-05-13 08:53 - 00007605 _____ () C:\Users\Barry Chapman\AppData\Local\resmon.resmoncfg
2014-05-13 11:07 - 2014-05-12 13:51 - 00000000 ____D () C:\Program Files\My Lockbox
2014-05-13 11:07 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\spool
2014-05-13 10:04 - 2014-05-13 10:04 - 00000000 _____ () C:\Users\Barry Chapman\AppData\Local\{89B78C50-3F1E-4624-B5B6-B21F413891C7}
2014-05-13 09:55 - 2010-11-21 03:16 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-05-13 08:51 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\Documents\Bluetooth Folder
2014-05-12 20:58 - 2014-05-12 20:43 - 00000000 ____D () C:\Users\Barry Chapman\.asdm
2014-05-12 20:43 - 2014-05-12 20:43 - 00000000 ____D () C:\Program Files (x86)\Cisco Systems
2014-05-12 16:26 - 2014-05-12 16:26 - 00010295 _____ () C:\Users\Barry Chapman\Documents\141046 commitment.wpd
2014-05-12 16:21 - 2014-05-12 16:21 - 00002380 _____ () C:\Users\Barry Chapman\Documents\141046 DATA FILE.wpd
2014-05-12 13:50 - 2014-05-12 13:50 - 04090994 _____ () C:\Users\Barry Chapman\Downloads\mylockbox_setup.zip
2014-05-09 11:38 - 2014-05-09 11:38 - 00000000 ____D () C:\Users\Barry Chapman\Documents\CCWin
2014-05-09 09:28 - 2014-05-05 12:22 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Help
2014-05-09 07:39 - 2014-05-09 07:39 - 00002187 _____ () C:\Users\Public\Desktop\VMware Player.lnk
2014-05-09 07:39 - 2014-05-09 07:39 - 00000000 ____D () C:\Program Files (x86)\VMware
2014-05-09 07:39 - 2011-02-10 10:33 - 00807106 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-05-09 07:38 - 2014-05-09 07:38 - 00000000 ____D () C:\Program Files\Common Files\VMware
2014-05-09 07:35 - 2014-05-09 07:33 - 114794792 _____ (VMware, Inc.) C:\Users\Barry Chapman\Downloads\VMware-player-4.0.6-1035888.exe
2014-05-09 02:14 - 2014-05-14 05:44 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 02:11 - 2014-05-14 05:44 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-07 15:50 - 2014-05-02 16:12 - 00003908 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-07 15:50 - 2014-05-02 16:12 - 00003656 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-07 09:29 - 2014-05-07 09:29 - 00000000 ____D () C:\ProgramData\Canon Electronics
2014-05-07 09:25 - 2014-05-03 13:30 - 00000000 ____D () C:\Program Files (x86)\Canon Electronics
2014-05-07 09:25 - 2014-03-21 13:42 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-07 09:22 - 2014-05-07 09:20 - 79468544 _____ () C:\Users\Barry Chapman\Downloads\CP_Upgrade_V3137 (1).exe
2014-05-07 09:22 - 2014-05-06 07:29 - 00000000 ____D () C:\CapturePerfect Upgrade
2014-05-06 15:59 - 2014-05-06 15:56 - 00000000 ____D () C:\Users\Barry Chapman\Documents\My Documents from old
2014-05-06 14:42 - 2014-05-06 14:42 - 00119964 _____ () C:\Users\Barry Chapman\Downloads\GSCCCA Online Statement.htm
2014-05-06 13:22 - 2014-05-03 13:30 - 00000125 _____ () C:\Windows\SetScan.ini
2014-05-06 13:12 - 2014-05-03 13:30 - 00017862 _____ () C:\Windows\DPINST.LOG
2014-05-06 13:09 - 2014-05-06 13:09 - 14393344 _____ () C:\Users\Barry Chapman\Downloads\2580DRIT_V18SP1 (1).exe
2014-05-06 10:10 - 2014-05-06 10:10 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Oracle
2014-05-06 10:09 - 2014-05-06 10:09 - 00000000 ____D () C:\ProgramData\Sun
2014-05-06 10:09 - 2014-05-06 10:09 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-06 10:07 - 2014-05-06 10:07 - 00921512 _____ (Oracle Corporation) C:\Users\Barry Chapman\Downloads\chromeinstall-7u55.exe
2014-05-06 10:04 - 2014-05-06 10:05 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-05-06 10:04 - 2014-05-06 10:04 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-05-06 10:04 - 2014-05-06 10:04 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-05-06 10:04 - 2014-05-06 10:04 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-05-06 10:04 - 2014-05-06 10:04 - 00000000 ____D () C:\Program Files\Java
2014-05-06 10:04 - 2014-05-06 10:03 - 30818216 _____ (Oracle Corporation) C:\Users\Barry Chapman\Downloads\jre-7u55-windows-x64.exe
2014-05-06 09:27 - 2014-05-06 09:27 - 28808192 _____ () C:\Users\Barry Chapman\Downloads\CP_Upgrade_Ver_3097 (1).exe
2014-05-06 09:06 - 2014-05-06 09:06 - 00000000 _____ () C:\Users\Barry Chapman\Sti_Trace.log
2014-05-06 09:06 - 2014-05-05 17:43 - 00005432 _____ () C:\Windows\pixcache.ini
2014-05-06 08:51 - 2014-05-06 08:51 - 00249856 _____ () C:\Users\Barry Chapman\Downloads\RepairReg.exe
2014-05-06 08:51 - 2014-05-06 08:51 - 00000000 ____D () C:\DR Scanner
2014-05-06 08:47 - 2014-05-06 08:45 - 79468544 _____ () C:\Users\Barry Chapman\Downloads\CP_Upgrade_V3137.exe
2014-05-06 08:43 - 2014-05-06 08:43 - 00000000 ____D () C:\DR2580C
2014-05-06 08:42 - 2014-05-06 08:42 - 14393344 _____ () C:\Users\Barry Chapman\Downloads\2580DRIT_V18SP1.exe
2014-05-06 08:35 - 2014-05-06 08:35 - 00000000 ____D () C:\Users\Barry Chapman\Downloads\d1041mux
2014-05-06 08:35 - 2014-05-06 08:34 - 13259652 _____ () C:\Users\Barry Chapman\Downloads\d1041mux.zip
2014-05-06 07:31 - 2014-05-06 07:31 - 00003228 _____ () C:\Windows\System32\Tasks\{E819857F-629F-4F7B-9FE3-F8B1467A5C1B}
2014-05-06 03:03 - 2014-05-06 03:03 - 00288324 _____ () C:\Windows\msxml4-KB973688-enu.LOG
2014-05-06 03:03 - 2014-05-06 03:02 - 00292408 _____ () C:\Windows\msxml4-KB954430-enu.LOG
2014-05-06 03:02 - 2014-05-06 03:02 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-05-06 00:40 - 2014-05-15 03:06 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 00:17 - 2014-05-15 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-05 23:25 - 2014-05-15 03:06 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-05 23:07 - 2014-05-15 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-05 23:00 - 2014-05-15 03:06 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-05 22:10 - 2014-05-15 03:06 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-05 19:26 - 2014-05-05 17:52 - 28808192 _____ () C:\Users\Barry Chapman\Downloads\CP_Upgrade_Ver_3097.exe
2014-05-05 17:48 - 2014-03-21 13:55 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-05 17:43 - 2014-05-05 17:43 - 00003050 _____ () C:\Windows\System32\Tasks\{BEA2EFCD-E2FA-474A-BB2F-ADE6F46BED5D}
2014-05-05 16:56 - 2014-05-05 16:56 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\AdobeUM
2014-05-05 16:54 - 2014-05-05 16:54 - 00002039 _____ () C:\Users\Public\Desktop\Adobe Acrobat 7.0 Standard.lnk
2014-05-05 16:24 - 2014-05-05 16:23 - 13084896 _____ (Microsoft Corporation) C:\Users\Barry Chapman\Downloads\Silverlight_x64 (1).exe
2014-05-05 16:23 - 2014-05-05 16:23 - 13084896 _____ (Microsoft Corporation) C:\Users\Barry Chapman\Downloads\Silverlight_x64.exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_point64_01011.Wdf
2014-05-05 16:12 - 2014-05-05 16:12 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_dc3d_01011.Wdf
2014-05-05 15:53 - 2014-05-05 15:52 - 19495200 _____ () C:\Users\Barry Chapman\Downloads\upd-ps-x64-5.8.0.17508.exe
2014-05-05 15:53 - 2014-05-05 15:50 - 00000000 ____D () C:\HP Universal Print Driver
2014-05-05 15:49 - 2014-05-05 15:49 - 18409760 _____ () C:\Users\Barry Chapman\Downloads\upd-pcl6-x64-5.8.0.17508.exe
2014-05-05 14:53 - 2014-05-05 14:53 - 00001534 _____ () C:\Users\Barry Chapman\Desktop\Landtech XML.lnk
2014-05-05 14:52 - 2014-05-05 14:52 - 00204800 _____ (Landtech Data Corporation) C:\Windows\SysWOW64\ltwpvsw.DLL
2014-05-05 14:52 - 2014-05-05 14:52 - 00065536 _____ (Landtech Data Corp.) C:\Windows\SysWOW64\LTWNode.exe
2014-05-05 14:52 - 2014-05-05 14:52 - 00004726 _____ () C:\Windows\BOOTSTRAP.LOG
2014-05-05 14:52 - 2014-05-05 14:52 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Landtech XML
2014-05-05 14:44 - 2014-05-05 14:44 - 00000519 _____ () C:\Windows\ODBCINST.INI
2014-05-05 14:44 - 2014-05-05 14:44 - 00000000 ____D () C:\ProgramData\Pervasive Software
2014-05-05 14:44 - 2014-05-05 14:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pervasive
2014-05-05 14:44 - 2014-05-05 14:44 - 00000000 ____D () C:\Program Files (x86)\Pervasive Software
2014-05-05 14:18 - 2014-05-05 14:18 - 00000000 ____D () C:\Wages
2014-05-05 14:17 - 2014-05-05 14:15 - 88823072 _____ () C:\Users\Barry Chapman\Downloads\PSQL-Workgroup-10.30.022.000-win.x86.exe
2014-05-05 12:34 - 2014-05-05 12:34 - 32856361 _____ (wpdos.org ) C:\Users\Barry Chapman\Downloads\WP64DOSBox-Setup.exe
2014-05-05 12:18 - 2014-05-03 13:14 - 00000000 ____D () C:\Program Files (x86)\WordPerfect Office 12
2014-05-05 11:40 - 2014-05-05 11:40 - 00321535 _____ () C:\Users\Barry Chapman\Downloads\contacts.csv
2014-05-05 11:26 - 2014-05-05 11:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-05 11:25 - 2014-05-05 11:25 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Barry Chapman\Downloads\mbam-setup-2.0.1.1004 (1).exe
2014-05-05 11:25 - 2014-05-05 11:24 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Barry Chapman\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-05 11:17 - 2014-05-05 11:16 - 01069064 _____ (Medlin Accounting Software ) C:\Users\Barry Chapman\Downloads\_05-01-2014_medlin_PR_4-6.exe
2014-05-05 11:17 - 2014-05-05 10:49 - 00000580 _____ () C:\Users\Public\Desktop\Medlin Accounting.lnk
2014-05-05 10:40 - 2014-05-05 10:40 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\QuickenWindow
2014-05-05 10:36 - 2014-05-05 10:36 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\IsolatedStorage
2014-05-05 10:28 - 2014-05-05 10:28 - 00000000 ____D () C:\Users\Barry Chapman\Documents\Quicken
2014-05-05 10:24 - 2014-05-05 10:24 - 00001808 _____ () C:\Users\Public\Desktop\Quicken Deluxe 2014.lnk
2014-05-05 10:24 - 2014-05-05 10:24 - 00000126 _____ () C:\Windows\QUICKEN.INI
2014-05-05 10:24 - 2014-05-05 10:24 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Intuit
2014-05-05 10:23 - 2014-05-05 10:23 - 00000000 ____D () C:\ProgramData\Intuit
2014-05-05 10:21 - 2014-05-05 10:18 - 112168720 _____ (Intuit Inc. ) C:\Users\Barry Chapman\Downloads\QW14DLX.exe
2014-05-05 08:58 - 2014-05-05 08:58 - 00000000 __SHD () C:\Users\Barry Chapman\AppData\Local\EmieUserList
2014-05-05 08:58 - 2014-05-05 08:58 - 00000000 __SHD () C:\Users\Barry Chapman\AppData\Local\EmieSiteList
2014-05-05 03:06 - 2014-05-05 03:06 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-05-05 03:06 - 2014-05-05 03:06 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-05-04 18:11 - 2014-05-03 12:01 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\PCDr
2014-05-04 03:39 - 2011-02-10 10:25 - 00000000 ____D () C:\dell
2014-05-03 16:46 - 2014-05-03 16:46 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-05-03 16:30 - 2014-05-03 16:11 - 628097024 _____ () C:\Users\Barry Chapman\Downloads\DVD_Office_2010_32Bit.iso
2014-05-03 16:26 - 2014-05-03 16:26 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\WinRAR
2014-05-03 16:23 - 2014-05-03 16:23 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Macromedia
2014-05-03 16:21 - 2014-05-03 16:21 - 00001161 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-03 16:21 - 2014-05-03 16:21 - 00001149 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-03 16:21 - 2014-05-03 16:21 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Mozilla
2014-05-03 16:21 - 2014-05-03 16:21 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Mozilla
2014-05-03 16:21 - 2014-05-03 16:21 - 00000000 ____D () C:\ProgramData\Mozilla
2014-05-03 16:19 - 2014-05-03 16:19 - 00282960 _____ (Mozilla) C:\Users\Barry Chapman\Downloads\Firefox Setup Stub 29.0.exe
2014-05-03 16:10 - 2014-05-03 16:10 - 01766784 _____ () C:\Users\Barry Chapman\Downloads\wrar500.exe
2014-05-03 16:10 - 2014-05-03 16:10 - 00001007 _____ () C:\Users\Public\Desktop\WinRAR.lnk
2014-05-03 15:41 - 2014-05-03 15:41 - 00000376 _____ () C:\Windows\ODBC.INI
2014-05-03 15:40 - 2014-05-03 15:40 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Microsoft Web Folders
2014-05-03 15:20 - 2014-05-03 15:20 - 00718172 _____ () C:\Users\Barry Chapman\Downloads\Windows6.1-KB917607-x64.msu
2014-05-03 15:20 - 2014-05-03 15:20 - 00703811 _____ () C:\Users\Barry Chapman\Downloads\Windows6.1-KB917607-x86.msu
2014-05-03 14:14 - 2014-05-03 14:14 - 00000000 ____D () C:\Program Files (x86)\Kyocera
2014-05-03 14:02 - 2014-05-03 14:02 - 00003102 _____ () C:\Windows\System32\Tasks\{274EC4EA-7BEE-46DD-B238-1777098F3282}
2014-05-03 13:53 - 2014-05-03 13:53 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Canon Electronics
2014-05-03 13:52 - 2014-05-03 13:38 - 00000000 ____D () C:\Users\Barry Chapman\Documents\Corel User Files
2014-05-03 13:38 - 2014-05-03 13:38 - 00061678 _____ () C:\Users\Barry Chapman\AppData\Roaming\PFP120JPR.{PB
2014-05-03 13:38 - 2014-05-03 13:38 - 00012358 _____ () C:\Users\Barry Chapman\AppData\Roaming\PFP120JCM.{PB
2014-05-03 13:38 - 2014-05-03 13:38 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Corel
2014-05-03 13:17 - 2014-05-03 13:17 - 00002607 _____ () C:\Users\Barry Chapman\Desktop\WordPerfect.lnk
2014-05-02 16:23 - 2014-05-02 16:12 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Google
2014-05-02 15:58 - 2014-05-02 15:58 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Apps\2.0
2014-05-02 15:42 - 2014-05-02 15:42 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Macromedia
2014-05-02 15:26 - 2014-05-02 15:26 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Intel Corporation
2014-05-02 15:25 - 2014-05-02 15:25 - 00004004 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2014-05-02 15:25 - 2014-05-02 15:25 - 00003214 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest
2014-05-02 15:25 - 2014-05-02 15:25 - 00001415 _____ () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-02 15:25 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Leadertech
2014-05-02 15:25 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Dell
2014-05-02 15:25 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Atheros
2014-05-02 15:25 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\BMExplorer
2014-05-02 15:23 - 2014-05-02 15:23 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\softthinks
2014-05-02 15:18 - 2014-05-02 15:18 - 00001975 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Help Documentation.lnk
2014-05-02 15:17 - 2014-05-02 15:17 - 00000020 ___SH () C:\Users\Barry Chapman\ntuser.ini
2014-05-02 15:09 - 2011-02-10 10:25 - 00000000 ____D () C:\Windows\panther
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-05-27 15:15
==================== End Of Log ============================
Darn, that was quick, thanks for staying on top of this.
It looks like FSRT removed the proxy from Internet Explorer but not from Firefox
Open Firefox
Click on Help > Troubleshooting Information > Reset Firefox to its default state
Close FF
Then reboot
Run a new scan with FSRT and lets see if its gone
brchapman
2014-05-28, 00:44
It won't load. It gives me a couldn't load xpcom error. I don't use it and can uninstall if that will fix the problem...
Lets uninstall FF , then run FSRT and post a new log
brchapman
2014-05-28, 01:06
can't uninstall firefox. the uninstall command doesn't work nor does the helper.exe file located in the program uninstall file for Mozilla. I tried to delete the folder, but it requires administrative permission and I'm too new to know how to log on as administrator (even though I am the administrator).
brchapman
2014-05-28, 01:17
Ok, got firefox uninstalled. I'll run the FSRT again and post the log.
brchapman
2014-05-28, 01:19
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-05-2014 02
Ran by Barry Chapman (administrator) on BARRYSNEW on 27-05-2014 18:17:21
Running from C:\Users\Barry Chapman\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
() C:\Program Files (x86)\Backblaze\bzserv.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Pervasive Software Inc.) C:\Program Files (x86)\Pervasive Software\PSQL\bin\w3dbsmgr.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files (x86)\Backblaze\bzbui.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\ehome\ehrecvr.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7194840 2013-07-26] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-07-29] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286056 2013-07-29] (Intel Corporation)
HKLM\...\Run: [CANON DR2580C SVC] => C:\Windows\system32\DR25SVC.dll [152576 2012-12-17] (Canon Electronics)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101584 2014-04-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [645168 2013-09-11] (McAfee, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoFolderOptions] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-670280924-550259233-2201882432-1000\...\Run: [updateMgr] => C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe [313472 2006-03-30] (Adobe Systems Incorporated)
HKU\S-1-5-21-670280924-550259233-2201882432-1000\...\Run: [Backblaze] => C:\Program Files (x86)\Backblaze\bzbui.exe [492136 2014-05-13] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
ShortcutTarget: Adobe Acrobat Speed Launcher.lnk -> C:\Windows\Installer\{AC76BA86-1033-F400-BA7E-100000000002}\SC_Acrobat.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start Pervasive PSQL Workgroup Engine.lnk
ShortcutTarget: Start Pervasive PSQL Workgroup Engine.lnk -> C:\Windows\Installer\{0A3238D7-AB32-1030-B717-F3E3F18B4A8C}\WGE.14A03FCD_EA43_4130_A5C0_F02D38895A13.exe ()
Startup: C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
ShortcutTarget: ERUNT AutoBackup.lnk -> C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {D81273E4-7658-47B6-8075-3D404C64D87C} URL = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=DCJB
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {D81273E4-7658-47B6-8075-3D404C64D87C} URL = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=DCJB
SearchScopes: HKLM-x32 - {D81273E4-7658-47B6-8075-3D404C64D87C} URL = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=DCJB
SearchScopes: HKCU - DefaultScope {D81273E4-7658-47B6-8075-3D404C64D87C} URL =
SearchScopes: HKCU - {D81273E4-7658-47B6-8075-3D404C64D87C} URL =
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Qualcomm®Atheros®)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4 205.152.144.23 205.152.132.23
FireFox:
========
FF ProfilePath: C:\Users\Barry Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\76t9nm76.default
FF NetworkProxy: "type", 1);user_pref("network.proxy.http", "127.0.0.1");user_pref("network.proxy.http_port", 8118);user_pref("network.proxy.ssl", "127.0.0.1");user_pref("network.cookie.cookieBehavior", 1
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-03-21]
Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR StartupUrls: "hxxp://www.google.com/"
CHR Extension: (Google Docs) - C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-02]
CHR Extension: (Google Drive) - C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-02]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-20]
CHR Extension: (YouTube) - C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-02]
CHR Extension: (Google Search) - C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-02]
CHR Extension: (Google Wallet) - C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-02]
CHR Extension: (Gmail) - C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-02]
==================== Services (Whitelisted) =================
R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [312448 2013-07-02] (Windows (R) Win 7 DDK provider)
R2 bzserv; C:\Program Files (x86)\Backblaze\bzserv.exe [234600 2014-05-13] ()
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [14696 2013-07-29] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-25] (Intel Corporation)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334760 2012-12-21] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.)
R2 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-03-18] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-04-03] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-04-03] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-19] (Realtek Semiconductor)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738200 2014-04-25] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [1915920 2014-04-04] (SoftThinks SAS)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [81536 2013-06-20] (Atheros)
==================== Drivers (Whitelisted) ====================
R3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [77464 2013-07-02] (Qualcomm Atheros)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70592 2014-04-03] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2013-07-24] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [177544 2014-04-03] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311856 2014-04-03] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [522360 2014-04-03] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [784760 2014-04-03] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [441264 2014-03-18] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96592 2014-03-18] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [346760 2014-04-03] (McAfee, Inc.)
R1 SDHookDriver; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys [64160 2014-04-25] ()
R3 usbscan; C:\Windows\SysWOW64\DRIVERS\usbscan.sys [14000 2002-05-13] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-27 18:17 - 2014-05-27 18:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-05-27 18:13 - 2014-05-27 18:13 - 00132680 _____ () C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-27 18:13 - 2014-05-27 18:13 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\WinRAR
2014-05-27 18:13 - 2014-05-27 18:13 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Intel Corporation
2014-05-27 18:12 - 2014-05-27 18:12 - 00001460 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-27 18:12 - 2014-05-27 18:12 - 00000000 ___RD () C:\Users\Administrator\Virtual Machines
2014-05-27 18:12 - 2014-05-27 18:12 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-27 18:12 - 2014-05-27 18:12 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-27 18:12 - 2014-05-27 18:12 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Adobe
2014-05-27 18:12 - 2014-05-27 18:12 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-05-27 18:11 - 2014-05-27 18:12 - 00000000 ____D () C:\Users\Administrator
2014-05-27 18:11 - 2014-05-27 18:11 - 00000020 ___SH () C:\Users\Administrator\ntuser.ini
2014-05-27 18:11 - 2014-05-20 18:19 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-27 18:11 - 2014-05-20 18:19 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-27 18:11 - 2014-05-16 08:32 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Macromedia
2014-05-27 18:11 - 2014-05-05 03:06 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Microsoft Help
2014-05-27 16:22 - 2014-05-27 18:17 - 00020399 _____ () C:\Users\Barry Chapman\Desktop\FRST.txt
2014-05-27 16:22 - 2014-05-27 18:17 - 00000000 ____D () C:\FRST
2014-05-27 16:22 - 2014-05-27 17:32 - 00038057 _____ () C:\Users\Barry Chapman\Desktop\Addition.txt
2014-05-27 16:21 - 2014-05-27 16:21 - 02066944 _____ (Farbar) C:\Users\Barry Chapman\Desktop\FRST64.exe
2014-05-27 13:59 - 2014-05-27 15:40 - 00000008 _____ () C:\LTLASTFN.DAT
2014-05-27 13:29 - 2014-05-27 13:29 - 00043987 _____ () C:\ComboFix.txt
2014-05-27 12:58 - 2011-06-26 02:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-27 12:58 - 2010-11-07 13:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-27 12:58 - 2009-04-20 00:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-27 12:58 - 2000-08-30 20:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-27 12:58 - 2000-08-30 20:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-27 12:58 - 2000-08-30 20:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-27 12:58 - 2000-08-30 20:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-27 12:58 - 2000-08-30 20:00 - 00068096 _____ () C:\Windows\zip.exe
2014-05-27 12:51 - 2014-05-27 12:51 - 00001540 _____ () C:\Users\Barry Chapman\Desktop\ComboFix.exe - Shortcut.lnk
2014-05-27 12:50 - 2014-05-27 13:29 - 00000000 ____D () C:\Qoobox
2014-05-27 12:46 - 2014-05-27 12:47 - 05203612 ____R () C:\Users\Barry Chapman\Downloads\ComboFix.exe
2014-05-27 11:30 - 2014-05-27 11:30 - 00000000 ___RD () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-05-27 11:23 - 2014-05-27 11:23 - 00000000 ____D () C:\_OTL
2014-05-27 10:03 - 2014-05-27 10:03 - 00056788 _____ () C:\Users\Barry Chapman\Downloads\Extras.Txt
2014-05-27 10:02 - 2014-05-27 15:57 - 00198204 _____ () C:\Users\Barry Chapman\Downloads\OTL.Txt
2014-05-27 09:54 - 2014-05-27 09:54 - 00602112 _____ (OldTimer Tools) C:\Users\Barry Chapman\Downloads\OTL.exe
2014-05-27 09:25 - 2014-05-27 09:13 - 01440846 _____ () C:\Program Files (x86)\mbam-chameleon-1.62.1.1000.zip
2014-05-27 09:18 - 2014-05-27 09:18 - 00000000 ____D () C:\Malwarebytes' Anti-Malware
2014-05-27 09:01 - 2014-05-27 09:01 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Barry Chapman\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-05-27 08:58 - 2014-05-27 08:58 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Barry Chapman\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-26 10:19 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-26 10:17 - 2014-05-26 10:17 - 01327971 _____ () C:\Users\Barry Chapman\Downloads\AdwCleaner.exe
2014-05-25 11:49 - 2014-05-25 11:49 - 00004447 _____ () C:\Users\Barry Chapman\Desktop\attach.zip
2014-05-25 11:38 - 2014-05-25 11:38 - 00002135 _____ () C:\Users\Barry Chapman\Desktop\aswMBR.txt
2014-05-25 11:38 - 2014-05-25 11:38 - 00000512 _____ () C:\Users\Barry Chapman\Desktop\MBR.dat
2014-05-25 10:52 - 2014-05-25 10:52 - 00004315 _____ () C:\Users\Barry Chapman\Desktop\attach.rar
2014-05-25 10:46 - 2014-05-25 10:46 - 00042419 _____ () C:\Users\Barry Chapman\Desktop\dds.txt
2014-05-25 10:46 - 2014-05-25 10:46 - 00020635 _____ () C:\Users\Barry Chapman\Desktop\attach.txt
2014-05-25 10:43 - 2014-05-25 10:43 - 04745728 _____ (AVAST Software) C:\Users\Barry Chapman\Downloads\aswMBR.exe
2014-05-25 10:38 - 2014-05-27 13:27 - 00000000 ____D () C:\Windows\ERDNT
2014-05-25 10:38 - 2014-05-25 10:38 - 00688992 ____R (Swearware) C:\Users\Barry Chapman\Downloads\dds (1).scr
2014-05-25 10:36 - 2014-05-25 10:37 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-05-25 10:36 - 2014-05-25 10:36 - 00791393 _____ (Lars Hederer ) C:\Users\Barry Chapman\Downloads\erunt-setup (2).exe
2014-05-25 10:36 - 2014-05-25 10:36 - 00000960 _____ () C:\Users\Barry Chapman\Desktop\ERUNT.lnk
2014-05-25 10:36 - 2014-05-25 10:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
2014-05-24 12:00 - 2014-05-24 12:00 - 00688992 _____ (Swearware) C:\Users\Barry Chapman\Downloads\dds.scr
2014-05-24 11:59 - 2014-05-24 11:59 - 00791393 _____ (Lars Hederer ) C:\Users\Barry Chapman\Downloads\erunt-setup (1).exe
2014-05-24 11:57 - 2014-05-24 11:57 - 00791393 _____ (Lars Hederer ) C:\Users\Barry Chapman\Downloads\erunt-setup.exe
2014-05-23 08:25 - 2014-05-23 08:25 - 00000000 ____D () C:\New folder
2014-05-23 07:48 - 2014-05-23 07:48 - 624028561 _____ () C:\Windows\MEMORY.DMP
2014-05-23 07:48 - 2014-05-23 07:48 - 00280128 _____ () C:\Windows\Minidump\052314-21138-01.dmp
2014-05-23 07:48 - 2014-05-23 07:48 - 00000000 ____D () C:\Windows\Minidump
2014-05-23 07:43 - 2014-05-23 07:43 - 00162208 _____ () C:\Users\Barry Chapman\Downloads\Antivirus_Free_Edition (1).exe
2014-05-23 07:41 - 2014-05-23 07:41 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\QuickScan
2014-05-23 07:40 - 2014-05-23 07:43 - 10447328 _____ () C:\Users\Barry Chapman\Downloads\Antivirus_Free_Edition_x64.exe
2014-05-23 07:39 - 2014-05-23 07:39 - 00162208 _____ () C:\Users\Barry Chapman\Downloads\Antivirus_Free_Edition.exe
2014-05-22 15:37 - 2014-05-22 15:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2014-05-22 15:35 - 2014-05-22 15:35 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-05-22 15:35 - 2014-05-22 15:35 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-05-22 15:35 - 2014-05-22 15:35 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-05-22 15:35 - 2014-05-22 15:35 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-05-22 15:35 - 2014-05-22 15:35 - 00000000 ____D () C:\Program Files (x86)\Java
2014-05-22 13:22 - 2014-05-22 13:23 - 00051706 _____ () C:\Windows\SysWOW64\bddel.dat
2014-05-22 10:47 - 2014-05-22 10:47 - 00000000 ____D () C:\Program Files (x86)\Spybot
2014-05-22 08:13 - 2014-05-22 09:31 - 00017970 _____ () C:\Users\Barry Chapman\Desktop\Nmc_2014-05-22_08-13-17.log
2014-05-22 08:08 - 2014-05-22 08:11 - 00003374 _____ () C:\Users\Barry Chapman\Desktop\Nmc_2014-05-22_08-08-46.log
2014-05-22 07:57 - 2014-05-22 08:06 - 332119856 _____ (Norman Shark AS) C:\Users\Barry Chapman\Downloads\Norman_Malware_Cleaner (1).exe
2014-05-21 11:27 - 2014-05-21 11:27 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\TuneUp Software
2014-05-21 11:16 - 2014-05-23 07:03 - 00000000 ____D () C:\ProgramData\MFAData
2014-05-21 11:16 - 2014-05-21 11:16 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\MFAData
2014-05-21 11:15 - 2014-05-21 11:15 - 04485528 _____ (AVG Technologies) C:\Users\Barry Chapman\Downloads\avg_free_stb_all_2014_4577_cnet.exe
2014-05-21 09:31 - 2014-05-21 10:04 - 00014960 _____ () C:\Users\Barry Chapman\Desktop\Nmc_2014-05-21_09-31-37.log
2014-05-21 09:01 - 2014-05-21 09:08 - 331917560 _____ (Norman Shark AS) C:\Users\Barry Chapman\Downloads\Norman_Malware_Cleaner.exe
2014-05-20 14:54 - 2014-05-20 15:49 - 00025110 _____ () C:\Users\Barry Chapman\Desktop\Nmc_2014-05-20_14-54-17.log
2014-05-20 14:53 - 2014-05-20 14:53 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Norman Malware Cleaner
2014-05-20 12:44 - 2014-05-20 13:35 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-05-20 12:34 - 2014-05-20 12:34 - 00000914 _____ () C:\Users\Barry Chapman\Desktop\JRT.txt
2014-05-20 10:29 - 2014-05-20 10:30 - 04957528 _____ (SurfRight B.V.) C:\Users\Barry Chapman\Downloads\Unconfirmed 912715.crdownload
2014-05-19 16:42 - 2014-05-26 10:25 - 00000000 ____D () C:\AdwCleaner
2014-05-19 10:55 - 2014-05-19 10:55 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-05-19 10:20 - 2014-05-19 10:20 - 00000000 ____D () C:\Adobe XI Pro
2014-05-19 08:08 - 2014-05-20 18:24 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-05-19 07:54 - 2014-05-19 07:54 - 00000000 ____D () C:\Users\Barry Chapman\Documents\ProcAlyzer Dumps
2014-05-16 10:51 - 2014-05-27 09:22 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\CrashDumps
2014-05-16 09:39 - 2014-05-16 09:39 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\SUPERAntiSpyware.com
2014-05-16 09:39 - 2014-05-16 09:39 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-05-16 08:33 - 2014-05-20 17:34 - 00000000 ____D () C:\Program Files (x86)\Adobe Download Assistant
2014-05-16 08:33 - 2014-05-16 08:33 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2014-05-16 08:32 - 2014-05-16 08:32 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-05-16 08:32 - 2014-05-16 08:32 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-05-15 15:02 - 2014-05-15 15:02 - 00560968 _____ (Safer-Networking Ltd. ) C:\Users\Barry Chapman\Downloads\spybot2-license (1).exe
2014-05-15 14:27 - 2014-05-15 14:27 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-05-15 13:05 - 2014-05-15 13:06 - 00560968 _____ (Safer-Networking Ltd. ) C:\Users\Barry Chapman\Downloads\spybot2-license.exe
2014-05-15 12:49 - 2009-06-10 17:00 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hosts.20140515-124903.backup
2014-05-15 11:40 - 2014-05-22 10:49 - 00001446 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-05-15 11:40 - 2014-05-22 10:49 - 00001434 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-05-15 11:40 - 2014-05-22 10:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-05-15 11:40 - 2014-05-15 11:40 - 00000656 _____ () C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2014-05-15 11:40 - 2014-05-15 11:40 - 00000628 _____ () C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2014-05-15 11:40 - 2014-05-15 11:40 - 00000458 _____ () C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job
2014-05-15 11:40 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2014-05-15 11:21 - 2014-05-22 10:51 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-05-15 11:21 - 2014-05-22 10:49 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-05-15 11:20 - 2014-05-15 10:56 - 46392680 _____ (Safer-Networking Ltd. ) C:\Users\Barry Chapman\Downloads\spybot-2.3 (1).exe
2014-05-15 03:25 - 2014-05-20 17:52 - 00000000 ___RD () C:\Users\Barry Chapman\Virtual Machines
2014-05-15 03:06 - 2014-05-06 00:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-15 03:06 - 2014-05-06 00:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-15 03:06 - 2014-05-05 23:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-15 03:06 - 2014-05-05 23:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-15 03:06 - 2014-05-05 23:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-15 03:06 - 2014-05-05 22:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-14 16:16 - 2014-05-14 16:16 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\PDF24
2014-05-14 15:56 - 2014-05-26 10:24 - 00000000 ____D () C:\Program Files (x86)\MSR
2014-05-14 15:56 - 2014-05-14 15:56 - 00004592 _____ () C:\Windows\System32\Tasks\IdleCrawler Runner
2014-05-14 15:54 - 2014-05-20 17:52 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\wi_upd
2014-05-14 15:53 - 2014-05-14 15:54 - 02271768 _____ () C:\Users\Barry Chapman\Downloads\Adobe.Acrobat.XI.Pro.v11.0.2.Multilingual.Cracked.exe
2014-05-14 15:26 - 2014-05-14 15:27 - 18873344 _____ () C:\Users\Barry Chapman\Downloads\AcrobatUpd714_all_incr.msp
2014-05-14 15:22 - 2014-05-14 15:23 - 14385152 _____ () C:\Users\Barry Chapman\Downloads\AcrobatUpd713_all_incr.msp
2014-05-14 15:21 - 2014-05-14 15:22 - 03972608 _____ () C:\Users\Barry Chapman\Downloads\AcrobatUpd712_all_incr (1).msp
2014-05-14 15:20 - 2014-05-14 15:20 - 06504448 _____ () C:\Users\Barry Chapman\Downloads\AcroUpd711_all_incr.msp
2014-05-14 14:34 - 2014-05-14 15:08 - 00001520 _____ () C:\Users\Public\Documents\AcStd7_1_0.ini
2014-05-14 11:56 - 2014-05-27 18:11 - 00000000 ____D () C:\Users\Barry Chapman\Documents\Outlook Files
2014-05-14 10:26 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-05-14 10:25 - 2014-05-14 10:25 - 00000000 ____D () C:\Windows\PCHEALTH
2014-05-14 10:22 - 2014-05-14 10:22 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-05-14 10:22 - 2014-05-14 10:22 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-05-14 10:20 - 2014-05-14 10:26 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-05-14 10:20 - 2014-05-14 10:20 - 00000000 ___RD () C:\MSOCache
2014-05-14 08:30 - 2014-05-20 16:20 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-05-14 08:30 - 2014-05-14 08:30 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Secunia PSI
2014-05-14 08:28 - 2014-05-14 08:29 - 05329480 _____ (Secunia) C:\Users\Barry Chapman\Downloads\PSISetup.exe
2014-05-14 05:44 - 2014-05-09 02:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-14 05:44 - 2014-05-09 02:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-14 05:44 - 2014-04-11 22:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 05:44 - 2014-04-11 22:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 05:44 - 2014-04-11 22:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 05:44 - 2014-04-11 22:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 05:44 - 2014-04-11 22:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 05:44 - 2014-04-11 22:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 05:44 - 2014-04-11 22:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-14 05:44 - 2014-04-11 22:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-14 05:44 - 2014-04-11 22:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-14 05:44 - 2014-03-24 22:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 05:44 - 2014-03-24 22:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-14 05:44 - 2014-03-04 05:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 05:44 - 2014-03-04 05:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 05:44 - 2014-03-04 05:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 05:44 - 2014-03-04 05:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 05:44 - 2014-03-04 05:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 05:44 - 2014-03-04 05:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 05:44 - 2014-03-04 05:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 05:44 - 2014-03-04 05:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 05:44 - 2014-03-04 05:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-14 05:44 - 2014-03-04 05:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 05:44 - 2014-03-04 05:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-14 05:44 - 2014-03-04 05:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-14 05:44 - 2014-03-04 05:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-14 05:44 - 2014-03-04 05:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-14 05:44 - 2014-03-04 05:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 05:44 - 2014-03-04 05:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 05:44 - 2014-03-04 05:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-14 05:44 - 2014-03-04 05:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-14 05:44 - 2014-03-04 05:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-14 05:44 - 2014-03-04 05:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-13 12:17 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backblaze
2014-05-13 12:16 - 2014-05-20 17:44 - 00000000 ____D () C:\Program Files (x86)\Backblaze
2014-05-13 12:16 - 2014-05-13 12:16 - 05033216 _____ () C:\Users\Barry Chapman\Downloads\install_backblaze.exe
2014-05-13 12:16 - 2014-05-13 12:16 - 00000000 ____D () C:\ProgramData\Backblaze
2014-05-13 12:02 - 2014-05-13 12:04 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\VMware
2014-05-13 11:38 - 2014-05-13 11:38 - 34209792 _____ () C:\Users\Barry Chapman\Desktop\CHAPMA11_20140505-2014-05-13.QDF-backup
2014-05-13 11:18 - 2014-05-20 17:55 - 00000000 ____D () C:\Windows\pss
2014-05-13 11:00 - 2014-05-20 17:52 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\VMware
2014-05-13 10:04 - 2014-05-13 10:04 - 00000000 _____ () C:\Users\Barry Chapman\AppData\Local\{89B78C50-3F1E-4624-B5B6-B21F413891C7}
2014-05-13 08:53 - 2014-05-13 11:13 - 00007605 _____ () C:\Users\Barry Chapman\AppData\Local\resmon.resmoncfg
2014-05-12 20:43 - 2014-05-12 20:58 - 00000000 ____D () C:\Users\Barry Chapman\.asdm
2014-05-12 20:43 - 2014-05-12 20:43 - 00000000 ____D () C:\Program Files (x86)\Cisco Systems
2014-05-12 16:26 - 2014-05-12 16:26 - 00010295 _____ () C:\Users\Barry Chapman\Documents\141046 commitment.wpd
2014-05-12 16:21 - 2014-05-12 16:21 - 00002380 _____ () C:\Users\Barry Chapman\Documents\141046 DATA FILE.wpd
2014-05-12 13:51 - 2014-05-13 11:07 - 00000000 ____D () C:\Program Files\My Lockbox
2014-05-12 13:50 - 2014-05-12 13:50 - 04090994 _____ () C:\Users\Barry Chapman\Downloads\mylockbox_setup.zip
2014-05-12 07:16 - 2014-05-13 12:17 - 00000000 ____D () C:\.bzvol
2014-05-09 11:38 - 2014-05-09 11:38 - 00000000 ____D () C:\Users\Barry Chapman\Documents\CCWin
2014-05-09 07:41 - 2013-03-01 02:27 - 00063568 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmx86.sys
2014-05-09 07:40 - 2013-03-01 02:27 - 00943184 _____ (VMware, Inc.) C:\Windows\system32\vnetlib64.dll
2014-05-09 07:40 - 2013-03-01 02:27 - 00354896 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
2014-05-09 07:40 - 2013-03-01 02:26 - 00434256 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
2014-05-09 07:40 - 2013-03-01 02:26 - 00030800 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmnetuserif.sys
2014-05-09 07:39 - 2014-05-27 13:24 - 00000000 ____D () C:\ProgramData\VMware
2014-05-09 07:39 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
2014-05-09 07:39 - 2014-05-09 07:39 - 00002187 _____ () C:\Users\Public\Desktop\VMware Player.lnk
2014-05-09 07:39 - 2014-05-09 07:39 - 00000000 ____D () C:\Program Files (x86)\VMware
2014-05-09 07:39 - 2013-03-01 02:26 - 00033360 _____ (VMware, Inc.) C:\Windows\system32\Drivers\VMkbd.sys
2014-05-09 07:39 - 2011-08-29 22:11 - 00039024 _____ (VMware, Inc.) C:\Windows\system32\Drivers\hcmon.sys
2014-05-09 07:38 - 2014-05-09 07:38 - 00000000 ____D () C:\Program Files\Common Files\VMware
2014-05-09 07:33 - 2014-05-09 07:35 - 114794792 _____ (VMware, Inc.) C:\Users\Barry Chapman\Downloads\VMware-player-4.0.6-1035888.exe
2014-05-07 09:42 - 2006-05-16 21:40 - 00753936 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXANNOT.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00463120 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXJP2K.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00209168 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXNOTEN.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00119056 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXJBGN.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00102672 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXTIFFN.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00094480 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXAPS.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00074000 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXNAMEN.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00069904 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXDLGN.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00057616 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXLZWN.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00049424 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXTHK32.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00045328 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXSLN.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00045328 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXRAMN.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00045328 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXPANN.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00045328 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXMPN.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00045328 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXMDLGN.DLL
2014-05-07 09:42 - 2006-05-16 21:23 - 00006416 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXTHK16.DLL
2014-05-07 09:42 - 2006-05-16 21:22 - 00231552 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXDFLT.DLL
2014-05-07 09:42 - 2006-05-16 21:22 - 00023152 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXPERM.DLL
2014-05-07 09:42 - 2006-05-16 21:22 - 00016048 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXLOC.DLL
2014-05-07 09:42 - 2006-05-16 21:19 - 00327680 ____N (The University of New South Wales) C:\Windows\SysWOW64\PIXJP2KI.DLL
2014-05-07 09:42 - 2006-05-16 21:19 - 00051959 ____N () C:\Windows\SysWOW64\PIXNAME.HLP
2014-05-07 09:42 - 2005-02-10 18:17 - 00011968 ____N (Pixel Translations Incorporated) C:\Windows\SysWOW64\PIXMDLLC.CPL
2014-05-07 09:29 - 2014-05-07 09:29 - 00000000 ____D () C:\ProgramData\Canon Electronics
2014-05-07 09:25 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CapturePerfect 3.1
2014-05-07 09:20 - 2014-05-07 09:22 - 79468544 _____ () C:\Users\Barry Chapman\Downloads\CP_Upgrade_V3137 (1).exe
2014-05-06 15:56 - 2014-05-06 15:59 - 00000000 ____D () C:\Users\Barry Chapman\Documents\My Documents from old
2014-05-06 14:42 - 2014-05-06 14:42 - 00119964 _____ () C:\Users\Barry Chapman\Downloads\GSCCCA Online Statement.htm
2014-05-06 13:18 - 2014-05-18 03:05 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-06 13:18 - 2014-05-15 03:03 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-06 13:12 - 2012-12-17 08:56 - 00152576 _____ (Canon Electronics) C:\Windows\system32\DR25SVC.dll
2014-05-06 13:12 - 2009-05-13 16:08 - 00491792 _____ (Captiva Software Corp.) C:\Windows\SysWOW64\qd1.dll
2014-05-06 13:09 - 2014-05-06 13:09 - 14393344 _____ () C:\Users\Barry Chapman\Downloads\2580DRIT_V18SP1 (1).exe
2014-05-06 10:10 - 2014-05-06 10:10 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Oracle
2014-05-06 10:09 - 2014-05-06 10:09 - 00000000 ____D () C:\ProgramData\Sun
2014-05-06 10:09 - 2014-05-06 10:09 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-06 10:07 - 2014-05-06 10:07 - 00921512 _____ (Oracle Corporation) C:\Users\Barry Chapman\Downloads\chromeinstall-7u55.exe
2014-05-06 10:05 - 2014-05-06 10:04 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-05-06 10:04 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-06 10:04 - 2014-05-06 10:04 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-05-06 10:04 - 2014-05-06 10:04 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-05-06 10:04 - 2014-05-06 10:04 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-05-06 10:04 - 2014-05-06 10:04 - 00000000 ____D () C:\Program Files\Java
2014-05-06 10:03 - 2014-05-06 10:04 - 30818216 _____ (Oracle Corporation) C:\Users\Barry Chapman\Downloads\jre-7u55-windows-x64.exe
2014-05-06 09:31 - 2006-05-16 21:40 - 00233744 _____ (EMC Corporation) C:\Windows\SysWOW64\PIXMDLN.DLL
2014-05-06 09:27 - 2014-05-06 09:27 - 28808192 _____ () C:\Users\Barry Chapman\Downloads\CP_Upgrade_Ver_3097 (1).exe
2014-05-06 09:09 - 2009-05-13 16:16 - 00200704 _____ (EMC Corporation) C:\Windows\SysWOW64\twpix32.dll
2014-05-06 09:09 - 2009-05-13 16:05 - 00021008 _____ (Microsoft Corporation) C:\Windows\system\Ctl3d.dll
2014-05-06 09:09 - 2003-12-18 18:09 - 00231552 _____ (Pixel Translations Incorporated) C:\Windows\system\Pixdflt.dll
2014-05-06 09:09 - 2003-12-18 18:09 - 00023152 _____ (Pixel Translations Incorporated) C:\Windows\system\Pixperm.dll
2014-05-06 09:09 - 2003-12-18 18:09 - 00016064 _____ (Pixel Translations Incorporated) C:\Windows\system\Pixloc.dll
2014-05-06 09:09 - 2002-11-06 11:21 - 00063248 _____ () C:\Windows\SysWOW64\picn1120.ssm
2014-05-06 09:09 - 1998-04-13 13:13 - 00098304 _____ (Cornerstone Imaging, Inc.) C:\Windows\SysWOW64\Wiaext32.dll
2014-05-06 09:06 - 2014-05-06 09:06 - 00000000 _____ () C:\Users\Barry Chapman\Sti_Trace.log
2014-05-06 09:05 - 2014-05-20 17:26 - 00000000 ____D () C:\Users\Barry Chapman\Desktop\CapturePerfect 3.0
2014-05-06 08:51 - 2014-05-06 08:51 - 00249856 _____ () C:\Users\Barry Chapman\Downloads\RepairReg.exe
2014-05-06 08:51 - 2014-05-06 08:51 - 00000000 ____D () C:\DR Scanner
2014-05-06 08:45 - 2014-05-06 08:47 - 79468544 _____ () C:\Users\Barry Chapman\Downloads\CP_Upgrade_V3137.exe
2014-05-06 08:43 - 2014-05-06 08:43 - 00000000 ____D () C:\DR2580C
2014-05-06 08:42 - 2014-05-06 08:42 - 14393344 _____ () C:\Users\Barry Chapman\Downloads\2580DRIT_V18SP1.exe
2014-05-06 08:37 - 2008-11-11 19:00 - 00096768 _____ (Canon Electronics Inc.) C:\Windows\system32\DR25CPL.dll
2014-05-06 08:37 - 2007-04-24 07:53 - 00083456 _____ (Canon Electronics Inc.) C:\Windows\system32\CeiUSB64.dll
2014-05-06 08:35 - 2014-05-06 08:35 - 00000000 ____D () C:\Users\Barry Chapman\Downloads\d1041mux
2014-05-06 08:34 - 2014-05-06 08:35 - 13259652 _____ () C:\Users\Barry Chapman\Downloads\d1041mux.zip
2014-05-06 07:52 - 2014-05-20 18:19 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-06 07:31 - 2014-05-06 07:31 - 00003228 _____ () C:\Windows\System32\Tasks\{E819857F-629F-4F7B-9FE3-F8B1467A5C1B}
2014-05-06 07:29 - 2014-05-07 09:22 - 00000000 ____D () C:\CapturePerfect Upgrade
2014-05-06 03:03 - 2014-05-06 03:03 - 00288324 _____ () C:\Windows\msxml4-KB973688-enu.LOG
2014-05-06 03:02 - 2014-05-06 03:03 - 00292408 _____ () C:\Windows\msxml4-KB954430-enu.LOG
2014-05-06 03:02 - 2014-05-06 03:02 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-05-05 17:52 - 2014-05-05 19:26 - 28808192 _____ () C:\Users\Barry Chapman\Downloads\CP_Upgrade_Ver_3097.exe
2014-05-05 17:44 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon DR-2580C
2014-05-05 17:43 - 2014-05-06 09:06 - 00005432 _____ () C:\Windows\pixcache.ini
2014-05-05 17:43 - 2014-05-05 17:43 - 00003050 _____ () C:\Windows\System32\Tasks\{BEA2EFCD-E2FA-474A-BB2F-ADE6F46BED5D}
2014-05-05 16:56 - 2014-05-05 16:56 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\AdobeUM
2014-05-05 16:54 - 2014-05-14 15:27 - 00002501 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat 7.0 Standard.lnk
2014-05-05 16:54 - 2014-05-14 14:44 - 00002459 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Distiller 7.0.lnk
2014-05-05 16:54 - 2014-05-05 16:54 - 00002039 _____ () C:\Users\Public\Desktop\Adobe Acrobat 7.0 Standard.lnk
2014-05-05 16:53 - 2014-05-20 18:03 - 00000000 ____D () C:\Windows\SysWOW64\spool
2014-05-05 16:53 - 2014-05-19 10:44 - 00000000 ____D () C:\Users\Public\Documents\Adobe PDF
2014-05-05 16:24 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-05-05 16:24 - 2014-05-20 17:51 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-05-05 16:24 - 2014-05-20 17:45 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-05-05 16:23 - 2014-05-05 16:24 - 13084896 _____ (Microsoft Corporation) C:\Users\Barry Chapman\Downloads\Silverlight_x64 (1).exe
2014-05-05 16:23 - 2014-05-05 16:23 - 13084896 _____ (Microsoft Corporation) C:\Users\Barry Chapman\Downloads\Silverlight_x64.exe
2014-05-05 16:15 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
2014-05-05 16:15 - 2014-05-20 17:51 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-05-05 16:15 - 2014-05-05 16:15 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_point64_01011.Wdf
2014-05-05 16:12 - 2014-05-05 16:12 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_dc3d_01011.Wdf
2014-05-05 15:52 - 2014-05-05 15:53 - 19495200 _____ () C:\Users\Barry Chapman\Downloads\upd-ps-x64-5.8.0.17508.exe
2014-05-05 15:50 - 2014-05-05 15:53 - 00000000 ____D () C:\HP Universal Print Driver
2014-05-05 15:49 - 2014-05-05 15:49 - 18409760 _____ () C:\Users\Barry Chapman\Downloads\upd-pcl6-x64-5.8.0.17508.exe
2014-05-05 14:53 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Landtech XML
2014-05-05 14:53 - 2014-05-05 14:53 - 00001534 _____ () C:\Users\Barry Chapman\Desktop\Landtech XML.lnk
2014-05-05 14:52 - 2014-05-05 14:52 - 00204800 _____ (Landtech Data Corporation) C:\Windows\SysWOW64\ltwpvsw.DLL
2014-05-05 14:52 - 2014-05-05 14:52 - 00065536 _____ (Landtech Data Corp.) C:\Windows\SysWOW64\LTWNode.exe
2014-05-05 14:52 - 2014-05-05 14:52 - 00004726 _____ () C:\Windows\BOOTSTRAP.LOG
2014-05-05 14:52 - 2014-05-05 14:52 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Landtech XML
2014-05-05 14:44 - 2014-05-05 14:44 - 00000519 _____ () C:\Windows\ODBCINST.INI
2014-05-05 14:44 - 2014-05-05 14:44 - 00000000 ____D () C:\ProgramData\Pervasive Software
2014-05-05 14:44 - 2014-05-05 14:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pervasive
2014-05-05 14:44 - 2014-05-05 14:44 - 00000000 ____D () C:\Program Files (x86)\Pervasive Software
2014-05-05 14:18 - 2014-05-05 14:18 - 00000000 ____D () C:\Wages
2014-05-05 14:15 - 2014-05-05 14:17 - 88823072 _____ () C:\Users\Barry Chapman\Downloads\PSQL-Workgroup-10.30.022.000-win.x86.exe
2014-05-05 14:07 - 2001-06-01 14:17 - 00169600 _____ (Wintertree Software Inc.) C:\Windows\SysWOW64\WSpell.ocx
2014-05-05 12:36 - 2014-05-20 17:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WP-64
2014-05-05 12:34 - 2014-05-05 12:34 - 32856361 _____ (wpdos.org ) C:\Users\Barry Chapman\Downloads\WP64DOSBox-Setup.exe
2014-05-05 12:22 - 2014-05-14 13:26 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Help
2014-05-05 12:22 - 2014-05-09 09:28 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Help
2014-05-05 11:45 - 2014-05-21 16:21 - 00037861 _____ () C:\Users\Barry Chapman\AppData\Roaming\Comma Separated Values (Windows).ADR
2014-05-05 11:40 - 2014-05-05 11:40 - 00321535 _____ () C:\Users\Barry Chapman\Downloads\contacts.csv
2014-05-05 11:26 - 2014-05-05 11:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-05 11:25 - 2014-05-05 11:25 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Barry Chapman\Downloads\mbam-setup-2.0.1.1004 (1).exe
2014-05-05 11:24 - 2014-05-05 11:25 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Barry Chapman\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-05 11:16 - 2014-05-05 11:17 - 01069064 _____ (Medlin Accounting Software ) C:\Users\Barry Chapman\Downloads\_05-01-2014_medlin_PR_4-6.exe
2014-05-05 10:49 - 2014-05-25 12:10 - 00000000 ____D () C:\MWACCT
2014-05-05 10:49 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Medlin Accounting
2014-05-05 10:49 - 2014-05-05 11:17 - 00000580 _____ () C:\Users\Public\Desktop\Medlin Accounting.lnk
2014-05-05 10:49 - 1998-05-11 20:01 - 01355776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvbvm50.dll
2014-05-05 10:40 - 2014-05-05 10:40 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\QuickenWindow
2014-05-05 10:36 - 2014-05-05 10:36 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\IsolatedStorage
2014-05-05 10:28 - 2014-05-05 10:28 - 00000000 ____D () C:\Users\Barry Chapman\Documents\Quicken
2014-05-05 10:24 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quicken 2014
2014-05-05 10:24 - 2014-05-20 17:46 - 00000000 ____D () C:\Program Files (x86)\Quicken
brchapman
2014-05-28, 01:20
:24 - 00001808 _____ () C:\Users\Public\Desktop\Quicken Deluxe 2014.lnk
2014-05-05 10:24 - 2014-05-05 10:24 - 00000126 _____ () C:\Windows\QUICKEN.INI
2014-05-05 10:24 - 2014-05-05 10:24 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Intuit
2014-05-05 10:24 - 2009-05-12 15:14 - 04169728 _____ (Amyuni Technologies http://www.amyuni.com) C:\Windows\SysWOW64\cdintf400.dll
2014-05-05 10:23 - 2014-05-05 10:23 - 00000000 ____D () C:\ProgramData\Intuit
2014-05-05 10:18 - 2014-05-05 10:21 - 112168720 _____ (Intuit Inc. ) C:\Users\Barry Chapman\Downloads\QW14DLX.exe
2014-05-05 10:13 - 2014-05-20 17:52 - 00000000 ____D () C:\Quicken 2014
2014-05-05 08:58 - 2014-05-05 08:58 - 00000000 __SHD () C:\Users\Barry Chapman\AppData\Local\EmieUserList
2014-05-05 08:58 - 2014-05-05 08:58 - 00000000 __SHD () C:\Users\Barry Chapman\AppData\Local\EmieSiteList
2014-05-05 03:10 - 2014-03-06 05:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-05 03:10 - 2014-03-06 04:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-05 03:10 - 2014-03-06 04:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-05 03:10 - 2014-03-06 04:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-05 03:10 - 2014-03-06 04:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-05 03:10 - 2014-03-06 04:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-05 03:10 - 2014-03-06 04:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-05 03:10 - 2014-03-06 04:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-05 03:10 - 2014-03-06 04:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-05 03:10 - 2014-03-06 04:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-05 03:10 - 2014-03-06 04:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-05 03:10 - 2014-03-06 04:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-05 03:10 - 2014-03-06 04:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-05 03:10 - 2014-03-06 04:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-05 03:10 - 2014-03-06 04:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-05 03:10 - 2014-03-06 04:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-05 03:10 - 2014-03-06 04:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-05 03:10 - 2014-03-06 04:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-05 03:10 - 2014-03-06 03:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-05 03:10 - 2014-03-06 03:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-05 03:10 - 2014-03-06 03:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-05 03:10 - 2014-03-06 03:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-05 03:10 - 2014-03-06 03:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-05 03:10 - 2014-03-06 03:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-05 03:10 - 2014-03-06 03:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-05 03:10 - 2014-03-06 03:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-05 03:10 - 2014-03-06 03:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-05 03:10 - 2014-03-06 03:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-05 03:10 - 2014-03-06 03:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-05 03:10 - 2014-03-06 03:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-05 03:10 - 2014-03-06 03:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-05 03:10 - 2014-03-06 03:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-05 03:10 - 2014-03-06 03:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-05 03:10 - 2014-03-06 03:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-05 03:10 - 2014-03-06 02:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-05 03:10 - 2014-03-06 02:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-05 03:10 - 2014-03-06 02:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-05 03:10 - 2014-03-06 02:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-05 03:10 - 2014-03-06 02:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-05 03:10 - 2014-03-06 01:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-05 03:10 - 2014-03-06 01:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-05 03:10 - 2014-03-06 01:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-05 03:10 - 2014-03-06 01:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-05 03:10 - 2014-03-06 01:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-05 03:06 - 2014-05-05 03:06 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-05-05 03:06 - 2014-05-05 03:06 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-05-04 03:06 - 2012-07-25 23:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2014-05-04 03:06 - 2012-07-25 23:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-05-04 03:06 - 2012-07-25 23:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-05-04 03:06 - 2012-07-25 23:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-05-04 03:06 - 2012-07-25 23:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2014-05-04 03:06 - 2012-07-25 22:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-05-04 03:06 - 2012-07-25 22:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-05-04 03:06 - 2012-06-02 10:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-05-03 16:58 - 2014-01-28 22:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-05-03 16:58 - 2014-01-28 22:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-05-03 16:58 - 2014-01-27 22:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-05-03 16:58 - 2013-12-31 19:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-05-03 16:58 - 2013-12-31 19:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-05-03 16:58 - 2013-12-05 22:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-05-03 16:58 - 2013-12-05 22:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-05-03 16:58 - 2013-12-05 22:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-05-03 16:58 - 2013-12-05 22:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-05-03 16:58 - 2013-11-23 14:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-05-03 16:58 - 2013-11-23 13:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-05-03 16:58 - 2011-04-09 02:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-05-03 16:58 - 2011-04-09 01:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-05-03 16:55 - 2014-02-06 21:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-05-03 16:55 - 2013-12-24 19:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-05-03 16:55 - 2013-12-24 18:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-05-03 16:55 - 2013-12-03 22:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-05-03 16:55 - 2013-12-03 22:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-05-03 16:55 - 2013-12-03 22:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-05-03 16:55 - 2013-12-03 22:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-05-03 16:55 - 2013-12-03 22:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-05-03 16:55 - 2013-12-03 22:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-05-03 16:55 - 2013-12-03 22:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-05-03 16:55 - 2013-12-03 22:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-05-03 16:55 - 2013-12-03 22:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-05-03 16:55 - 2013-12-03 22:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-05-03 16:55 - 2013-12-03 22:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-05-03 16:55 - 2013-12-03 22:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-05-03 16:55 - 2013-12-03 22:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-05-03 16:55 - 2013-12-03 22:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-05-03 16:55 - 2013-12-03 21:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-05-03 16:55 - 2013-12-03 21:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-05-03 16:55 - 2013-12-03 21:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-05-03 16:55 - 2013-12-03 21:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-05-03 16:55 - 2013-11-26 21:42 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-05-03 16:55 - 2013-11-26 21:42 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-05-03 16:55 - 2013-11-26 21:42 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-05-03 16:55 - 2013-11-26 21:42 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-05-03 16:55 - 2013-11-26 21:42 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-05-03 16:55 - 2013-11-26 04:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-05-03 16:55 - 2013-11-22 18:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-05-03 16:53 - 2014-03-04 05:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-05-03 16:53 - 2014-03-04 05:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-05-03 16:53 - 2014-03-04 05:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-05-03 16:53 - 2014-03-04 05:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-05-03 16:53 - 2014-03-04 05:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-05-03 16:53 - 2014-03-04 05:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-05-03 16:53 - 2014-03-04 05:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-05-03 16:53 - 2014-03-04 05:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-05-03 16:53 - 2014-03-04 05:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-05-03 16:53 - 2014-03-04 04:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-05-03 16:53 - 2014-03-04 04:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-05-03 16:53 - 2014-02-03 22:37 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-05-03 16:53 - 2014-02-03 22:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-05-03 16:53 - 2014-02-03 22:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-05-03 16:53 - 2014-02-03 22:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-05-03 16:53 - 2014-02-03 22:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-05-03 16:53 - 2014-02-03 22:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-05-03 16:53 - 2014-02-03 22:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-05-03 16:53 - 2014-02-03 22:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-05-03 16:53 - 2014-02-03 22:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-05-03 16:53 - 2014-01-23 22:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-05-03 16:53 - 2013-11-26 07:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-05-03 16:53 - 2013-07-20 06:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-05-03 16:53 - 2013-07-20 06:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-05-03 16:53 - 2011-02-18 06:51 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2014-05-03 16:53 - 2011-02-18 01:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2014-05-03 16:46 - 2014-05-03 16:46 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-05-03 16:40 - 2014-05-14 11:55 - 00000000 ____D () C:\Office 2000
2014-05-03 16:36 - 2014-05-20 18:02 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-05-03 16:34 - 2014-05-22 16:23 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-03 16:34 - 2014-05-20 17:52 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Microsoft Help
2014-05-03 16:32 - 2014-05-20 17:52 - 00000000 ____D () C:\Users\Barry Chapman\Downloads\DVD_Office_2010_32Bit
2014-05-03 16:26 - 2014-05-03 16:26 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\WinRAR
2014-05-03 16:23 - 2014-05-03 16:23 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Macromedia
2014-05-03 16:21 - 2014-05-03 16:21 - 00001161 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-03 16:21 - 2014-05-03 16:21 - 00001149 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-03 16:21 - 2014-05-03 16:21 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Mozilla
2014-05-03 16:21 - 2014-05-03 16:21 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Mozilla
2014-05-03 16:21 - 2014-05-03 16:21 - 00000000 ____D () C:\ProgramData\Mozilla
2014-05-03 16:19 - 2014-05-03 16:19 - 00282960 _____ (Mozilla) C:\Users\Barry Chapman\Downloads\Firefox Setup Stub 29.0.exe
2014-05-03 16:11 - 2014-05-03 16:30 - 628097024 _____ () C:\Users\Barry Chapman\Downloads\DVD_Office_2010_32Bit.iso
2014-05-03 16:10 - 2014-05-20 17:52 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-05-03 16:10 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-05-03 16:10 - 2014-05-20 17:46 - 00000000 ____D () C:\Program Files (x86)\WinRAR
2014-05-03 16:10 - 2014-05-03 16:10 - 01766784 _____ () C:\Users\Barry Chapman\Downloads\wrar500.exe
2014-05-03 16:10 - 2014-05-03 16:10 - 00001007 _____ () C:\Users\Public\Desktop\WinRAR.lnk
2014-05-03 15:48 - 2009-07-13 21:41 - 00886784 _____ (Microsoft Corporation) C:\Windows\system32\wab32.dll
2014-05-03 15:48 - 2009-07-13 21:33 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\wab32res.dll
2014-05-03 15:41 - 2014-05-03 15:41 - 00000376 _____ () C:\Windows\ODBC.INI
2014-05-03 15:40 - 2014-05-20 17:55 - 00000000 ____D () C:\Windows\Msagent
2014-05-03 15:40 - 2014-05-03 15:40 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Microsoft Web Folders
2014-05-03 15:33 - 2009-08-04 13:56 - 00296960 _____ (Microsoft Corporation) C:\Windows\winhlp32.exe
2014-05-03 15:33 - 2009-08-04 13:55 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftsrch.dll
2014-05-03 15:33 - 2009-08-04 13:55 - 00195072 _____ (Microsoft Corporation) C:\Windows\system32\ftsrch.dll
2014-05-03 15:33 - 2009-08-04 13:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftlx041e.dll
2014-05-03 15:33 - 2009-08-04 13:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\ftlx041e.dll
2014-05-03 15:33 - 2009-08-04 13:55 - 00009216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftlx0411.dll
2014-05-03 15:33 - 2009-08-04 13:55 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\ftlx0411.dll
2014-05-03 15:20 - 2014-05-03 15:20 - 00718172 _____ () C:\Users\Barry Chapman\Downloads\Windows6.1-KB917607-x64.msu
2014-05-03 15:20 - 2014-05-03 15:20 - 00703811 _____ () C:\Users\Barry Chapman\Downloads\Windows6.1-KB917607-x86.msu
2014-05-03 14:40 - 2014-05-20 11:10 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Adobe
2014-05-03 14:29 - 2014-05-20 17:50 - 00000000 ____D () C:\Program Files (x86)\wp51
2014-05-03 14:14 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FAX User Software
2014-05-03 14:14 - 2014-05-03 14:14 - 00000000 ____D () C:\Program Files (x86)\Kyocera
2014-05-03 14:02 - 2014-05-03 14:02 - 00003102 _____ () C:\Windows\System32\Tasks\{274EC4EA-7BEE-46DD-B238-1777098F3282}
2014-05-03 13:53 - 2014-05-03 13:53 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Canon Electronics
2014-05-03 13:38 - 2014-05-03 13:52 - 00000000 ____D () C:\Users\Barry Chapman\Documents\Corel User Files
2014-05-03 13:38 - 2014-05-03 13:38 - 00061678 _____ () C:\Users\Barry Chapman\AppData\Roaming\PFP120JPR.{PB
2014-05-03 13:38 - 2014-05-03 13:38 - 00012358 _____ () C:\Users\Barry Chapman\AppData\Roaming\PFP120JCM.{PB
2014-05-03 13:38 - 2014-05-03 13:38 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Corel
2014-05-03 13:31 - 2013-07-04 13:57 - 00067888 _____ (Canon Electronics Inc.) C:\Windows\SysWOW64\SuStiUtl.dll
2014-05-03 13:31 - 2006-05-16 21:19 - 00021008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CTL3D.DLL
2014-05-03 13:30 - 2014-05-20 17:55 - 00000000 ____D () C:\Windows\PIXTRAN
2014-05-03 13:30 - 2014-05-20 17:52 - 00000000 ____D () C:\Users\Barry Chapman\Desktop\Canon DR-2580C
2014-05-03 13:30 - 2014-05-07 09:25 - 00000000 ____D () C:\Program Files (x86)\Canon Electronics
2014-05-03 13:30 - 2014-05-06 13:22 - 00000125 _____ () C:\Windows\SetScan.ini
2014-05-03 13:30 - 2014-05-06 13:12 - 00017862 _____ () C:\Windows\DPINST.LOG
2014-05-03 13:30 - 2009-05-13 16:05 - 00401484 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Msvcrtd.dll
2014-05-03 13:30 - 2006-05-16 21:40 - 00221456 _____ (EMC Corporation) C:\Windows\SysWOW64\PIXDFLTN.DLL
2014-05-03 13:30 - 2006-05-16 21:40 - 00180224 _____ (Pegasus Imaging Corp.) C:\Windows\SysWOW64\PIXN1120.DLL
2014-05-03 13:30 - 2006-05-16 21:40 - 00176128 _____ (Pegasus Imaging Corp.) C:\Windows\SysWOW64\PIXN1520.DLL
2014-05-03 13:30 - 2006-05-16 21:40 - 00155648 _____ (Pegasus Imaging Corp.) C:\Windows\SysWOW64\PIXN1020.DLL
2014-05-03 13:30 - 2006-05-16 21:40 - 00114688 _____ (Pegasus Imaging Corp.) C:\Windows\SysWOW64\PIXN1320.DLL
2014-05-03 13:30 - 2006-05-16 21:40 - 00074000 _____ (EMC Corporation) C:\Windows\SysWOW64\PIXLOCN.DLL
2014-05-03 13:30 - 2006-05-16 21:40 - 00053520 _____ (EMC Corporation) C:\Windows\SysWOW64\PIXPERMN.DLL
2014-05-03 13:30 - 2006-05-16 21:40 - 00051712 _____ (Pegasus Imaging Corp.) C:\Windows\SysWOW64\PIXN20.DLL
2014-05-03 13:30 - 2005-08-09 17:34 - 00094208 _____ (Canon Electronics Inc.) C:\Windows\SysWOW64\DR25CPL.dll
2014-05-03 13:30 - 2005-06-14 08:29 - 00036864 _____ (Canon Electronics Inc.) C:\Windows\SysWOW64\CeiUSB2.dll
2014-05-03 13:30 - 2005-02-15 13:18 - 00106496 _____ (Canon Electronics) C:\Windows\SysWOW64\DR25SVC.dll
2014-05-03 13:30 - 2002-09-25 16:02 - 00602384 _____ (Pixel Translations Incorporated) C:\Windows\SysWOW64\pixipdll.dll
2014-05-03 13:30 - 2002-05-13 22:55 - 00014000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Drivers\usbscan.sys
2014-05-03 13:30 - 1998-10-29 16:45 - 00306688 _____ (InstallShield Software Corporation) C:\Windows\IsUninst.exe
2014-05-03 13:17 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WordPerfect Office 12
2014-05-03 13:17 - 2014-05-03 13:17 - 00002607 _____ () C:\Users\Barry Chapman\Desktop\WordPerfect.lnk
2014-05-03 13:14 - 2014-05-05 12:18 - 00000000 ____D () C:\Program Files (x86)\WordPerfect Office 12
2014-05-03 12:01 - 2014-05-04 18:11 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\PCDr
2014-05-02 20:32 - 2012-06-02 18:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-05-02 20:32 - 2012-06-02 18:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-05-02 20:32 - 2012-06-02 18:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-05-02 20:32 - 2012-06-02 18:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-05-02 20:32 - 2012-06-02 18:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-05-02 20:32 - 2012-06-02 18:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-05-02 20:32 - 2012-06-02 18:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-05-02 20:32 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-05-02 20:32 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-05-02 19:50 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
2014-05-02 16:23 - 2014-05-21 09:17 - 00002310 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-02 16:23 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-02 16:12 - 2014-05-27 18:14 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-02 16:12 - 2014-05-27 17:55 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-02 16:12 - 2014-05-22 15:36 - 00000000 ____D () C:\Program Files (x86)\Google
2014-05-02 16:12 - 2014-05-07 15:50 - 00003908 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-02 16:12 - 2014-05-07 15:50 - 00003656 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-02 16:12 - 2014-05-02 16:23 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Google
2014-05-02 15:58 - 2014-05-20 13:56 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Deployment
2014-05-02 15:58 - 2014-05-02 15:58 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Apps\2.0
2014-05-02 15:45 - 2014-05-20 17:32 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-05-02 15:45 - 2014-05-20 17:26 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Opera Software
2014-05-02 15:45 - 2014-05-15 14:40 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Opera Software
2014-05-02 15:42 - 2014-05-02 15:42 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Macromedia
2014-05-02 15:26 - 2014-05-02 15:26 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Intel Corporation
2014-05-02 15:25 - 2014-05-27 12:36 - 00003440 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
2014-05-02 15:25 - 2014-05-25 10:37 - 00000000 ___RD () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-02 15:25 - 2014-05-20 17:52 - 00000000 ___RD () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-02 15:25 - 2014-05-20 17:51 - 00000000 ____D () C:\ProgramData\Atheros
2014-05-02 15:25 - 2014-05-20 16:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Adobe
2014-05-02 15:25 - 2014-05-20 16:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\VirtualStore
2014-05-02 15:25 - 2014-05-13 08:51 - 00000000 ____D () C:\Users\Barry Chapman\Documents\Bluetooth Folder
2014-05-02 15:25 - 2014-05-02 15:25 - 00004004 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2014-05-02 15:25 - 2014-05-02 15:25 - 00003214 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest
2014-05-02 15:25 - 2014-05-02 15:25 - 00001415 _____ () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-02 15:25 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Leadertech
2014-05-02 15:25 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Dell
2014-05-02 15:25 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Atheros
2014-05-02 15:25 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\BMExplorer
2014-05-02 15:23 - 2014-05-13 16:30 - 00000000 ____D () C:\ProgramData\softthinks
2014-05-02 15:23 - 2014-05-02 15:23 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\softthinks
2014-05-02 15:23 - 2013-12-05 03:16 - 00000114 ____H () C:\DBAR_Ver.txt
2014-05-02 15:18 - 2014-05-20 18:27 - 00132680 _____ () C:\Users\Barry Chapman\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-02 15:18 - 2014-05-02 15:18 - 00001975 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Help Documentation.lnk
2014-05-02 15:17 - 2014-05-20 18:25 - 00000000 ____D () C:\Users\Barry Chapman
2014-05-02 15:17 - 2014-05-20 17:52 - 00000000 ___RD () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-02 15:17 - 2014-05-20 17:52 - 00000000 ___RD () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-02 15:17 - 2014-05-02 15:17 - 00000020 ___SH () C:\Users\Barry Chapman\ntuser.ini
==================== One Month Modified Files and Folders =======
2014-05-27 18:17 - 2014-05-27 18:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-05-27 18:17 - 2014-05-27 16:22 - 00020399 _____ () C:\Users\Barry Chapman\Desktop\FRST.txt
2014-05-27 18:17 - 2014-05-27 16:22 - 00000000 ____D () C:\FRST
2014-05-27 18:14 - 2014-05-02 16:12 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-27 18:13 - 2014-05-27 18:13 - 00132680 _____ () C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-27 18:13 - 2014-05-27 18:13 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\WinRAR
2014-05-27 18:13 - 2014-05-27 18:13 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Intel Corporation
2014-05-27 18:12 - 2014-05-27 18:12 - 00001460 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-27 18:12 - 2014-05-27 18:12 - 00000000 ___RD () C:\Users\Administrator\Virtual Machines
2014-05-27 18:12 - 2014-05-27 18:12 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-27 18:12 - 2014-05-27 18:12 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-27 18:12 - 2014-05-27 18:12 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Adobe
2014-05-27 18:12 - 2014-05-27 18:12 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-05-27 18:12 - 2014-05-27 18:11 - 00000000 ____D () C:\Users\Administrator
2014-05-27 18:12 - 2009-07-14 00:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-05-27 18:11 - 2014-05-27 18:11 - 00000020 ___SH () C:\Users\Administrator\ntuser.ini
2014-05-27 18:11 - 2014-05-14 11:56 - 00000000 ____D () C:\Users\Barry Chapman\Documents\Outlook Files
2014-05-27 18:07 - 2014-03-21 13:36 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-27 18:07 - 2009-07-14 00:45 - 00021312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-27 18:07 - 2009-07-14 00:45 - 00021312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-27 17:55 - 2014-05-02 16:12 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-27 17:32 - 2014-05-27 16:22 - 00038057 _____ () C:\Users\Barry Chapman\Desktop\Addition.txt
2014-05-27 16:21 - 2014-05-27 16:21 - 02066944 _____ (Farbar) C:\Users\Barry Chapman\Desktop\FRST64.exe
2014-05-27 15:57 - 2014-05-27 10:02 - 00198204 _____ () C:\Users\Barry Chapman\Downloads\OTL.Txt
2014-05-27 15:46 - 2009-07-14 01:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-05-27 15:40 - 2014-05-27 13:59 - 00000008 _____ () C:\LTLASTFN.DAT
2014-05-27 15:23 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-05-27 13:31 - 2009-07-14 01:13 - 00791990 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-27 13:29 - 2014-05-27 13:29 - 00043987 _____ () C:\ComboFix.txt
2014-05-27 13:29 - 2014-05-27 12:50 - 00000000 ____D () C:\Qoobox
2014-05-27 13:29 - 2009-07-13 23:20 - 00000000 __RHD () C:\Users\Default
2014-05-27 13:28 - 2014-03-22 04:31 - 01430462 _____ () C:\Windows\WindowsUpdate.log
2014-05-27 13:27 - 2014-05-25 10:38 - 00000000 ____D () C:\Windows\ERDNT
2014-05-27 13:26 - 2014-03-21 13:56 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery
2014-05-27 13:24 - 2014-05-09 07:39 - 00000000 ____D () C:\ProgramData\VMware
2014-05-27 13:24 - 2009-07-13 22:34 - 00000215 _____ () C:\Windows\system.ini
2014-05-27 13:23 - 2010-11-20 23:47 - 00310102 _____ () C:\Windows\PFRO.log
2014-05-27 13:23 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-27 13:23 - 2009-07-14 00:51 - 00042071 _____ () C:\Windows\setupact.log
2014-05-27 12:51 - 2014-05-27 12:51 - 00001540 _____ () C:\Users\Barry Chapman\Desktop\ComboFix.exe - Shortcut.lnk
2014-05-27 12:47 - 2014-05-27 12:46 - 05203612 ____R () C:\Users\Barry Chapman\Downloads\ComboFix.exe
2014-05-27 12:36 - 2014-05-02 15:25 - 00003440 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
2014-05-27 11:30 - 2014-05-27 11:30 - 00000000 ___RD () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-05-27 11:23 - 2014-05-27 11:23 - 00000000 ____D () C:\_OTL
2014-05-27 10:03 - 2014-05-27 10:03 - 00056788 _____ () C:\Users\Barry Chapman\Downloads\Extras.Txt
2014-05-27 09:54 - 2014-05-27 09:54 - 00602112 _____ (OldTimer Tools) C:\Users\Barry Chapman\Downloads\OTL.exe
2014-05-27 09:22 - 2014-05-16 10:51 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\CrashDumps
2014-05-27 09:18 - 2014-05-27 09:18 - 00000000 ____D () C:\Malwarebytes' Anti-Malware
2014-05-27 09:13 - 2014-05-27 09:25 - 01440846 _____ () C:\Program Files (x86)\mbam-chameleon-1.62.1.1000.zip
2014-05-27 09:01 - 2014-05-27 09:01 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Barry Chapman\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-05-27 08:58 - 2014-05-27 08:58 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Barry Chapman\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-26 10:25 - 2014-05-19 16:42 - 00000000 ____D () C:\AdwCleaner
2014-05-26 10:24 - 2014-05-14 15:56 - 00000000 ____D () C:\Program Files (x86)\MSR
2014-05-26 10:17 - 2014-05-26 10:17 - 01327971 _____ () C:\Users\Barry Chapman\Downloads\AdwCleaner.exe
2014-05-26 10:07 - 2014-03-21 13:52 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-05-25 12:10 - 2014-05-05 10:49 - 00000000 ____D () C:\MWACCT
2014-05-25 11:49 - 2014-05-25 11:49 - 00004447 _____ () C:\Users\Barry Chapman\Desktop\attach.zip
2014-05-25 11:38 - 2014-05-25 11:38 - 00002135 _____ () C:\Users\Barry Chapman\Desktop\aswMBR.txt
2014-05-25 11:38 - 2014-05-25 11:38 - 00000512 _____ () C:\Users\Barry Chapman\Desktop\MBR.dat
2014-05-25 10:52 - 2014-05-25 10:52 - 00004315 _____ () C:\Users\Barry Chapman\Desktop\attach.rar
2014-05-25 10:46 - 2014-05-25 10:46 - 00042419 _____ () C:\Users\Barry Chapman\Desktop\dds.txt
2014-05-25 10:46 - 2014-05-25 10:46 - 00020635 _____ () C:\Users\Barry Chapman\Desktop\attach.txt
2014-05-25 10:43 - 2014-05-25 10:43 - 04745728 _____ (AVAST Software) C:\Users\Barry Chapman\Downloads\aswMBR.exe
2014-05-25 10:38 - 2014-05-25 10:38 - 00688992 ____R (Swearware) C:\Users\Barry Chapman\Downloads\dds (1).scr
2014-05-25 10:37 - 2014-05-25 10:36 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-05-25 10:37 - 2014-05-02 15:25 - 00000000 ___RD () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-25 10:36 - 2014-05-25 10:36 - 00791393 _____ (Lars Hederer ) C:\Users\Barry Chapman\Downloads\erunt-setup (2).exe
2014-05-25 10:36 - 2014-05-25 10:36 - 00000960 _____ () C:\Users\Barry Chapman\Desktop\ERUNT.lnk
2014-05-25 10:36 - 2014-05-25 10:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
2014-05-24 12:00 - 2014-05-24 12:00 - 00688992 _____ (Swearware) C:\Users\Barry Chapman\Downloads\dds.scr
2014-05-24 11:59 - 2014-05-24 11:59 - 00791393 _____ (Lars Hederer ) C:\Users\Barry Chapman\Downloads\erunt-setup (1).exe
2014-05-24 11:57 - 2014-05-24 11:57 - 00791393 _____ (Lars Hederer ) C:\Users\Barry Chapman\Downloads\erunt-setup.exe
2014-05-23 08:25 - 2014-05-23 08:25 - 00000000 ____D () C:\New folder
2014-05-23 07:59 - 2009-07-13 23:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-23 07:48 - 2014-05-23 07:48 - 624028561 _____ () C:\Windows\MEMORY.DMP
2014-05-23 07:48 - 2014-05-23 07:48 - 00280128 _____ () C:\Windows\Minidump\052314-21138-01.dmp
2014-05-23 07:48 - 2014-05-23 07:48 - 00000000 ____D () C:\Windows\Minidump
2014-05-23 07:43 - 2014-05-23 07:43 - 00162208 _____ () C:\Users\Barry Chapman\Downloads\Antivirus_Free_Edition (1).exe
2014-05-23 07:43 - 2014-05-23 07:40 - 10447328 _____ () C:\Users\Barry Chapman\Downloads\Antivirus_Free_Edition_x64.exe
2014-05-23 07:41 - 2014-05-23 07:41 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\QuickScan
2014-05-23 07:39 - 2014-05-23 07:39 - 00162208 _____ () C:\Users\Barry Chapman\Downloads\Antivirus_Free_Edition.exe
2014-05-23 07:03 - 2014-05-21 11:16 - 00000000 ____D () C:\ProgramData\MFAData
2014-05-22 16:23 - 2014-05-03 16:34 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-22 16:19 - 2009-07-13 22:34 - 00000510 _____ () C:\Windows\win.ini
2014-05-22 15:37 - 2014-05-22 15:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2014-05-22 15:36 - 2014-05-02 16:12 - 00000000 ____D () C:\Program Files (x86)\Google
2014-05-22 15:35 - 2014-05-22 15:35 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-05-22 15:35 - 2014-05-22 15:35 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-05-22 15:35 - 2014-05-22 15:35 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-05-22 15:35 - 2014-05-22 15:35 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-05-22 15:35 - 2014-05-22 15:35 - 00000000 ____D () C:\Program Files (x86)\Java
2014-05-22 13:23 - 2014-05-22 13:22 - 00051706 _____ () C:\Windows\SysWOW64\bddel.dat
2014-05-22 10:51 - 2014-05-15 11:21 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-05-22 10:49 - 2014-05-15 11:40 - 00001446 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-05-22 10:49 - 2014-05-15 11:40 - 00001434 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-05-22 10:49 - 2014-05-15 11:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-05-22 10:49 - 2014-05-15 11:21 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-05-22 10:47 - 2014-05-22 10:47 - 00000000 ____D () C:\Program Files (x86)\Spybot
2014-05-22 09:31 - 2014-05-22 08:13 - 00017970 _____ () C:\Users\Barry Chapman\Desktop\Nmc_2014-05-22_08-13-17.log
2014-05-22 08:11 - 2014-05-22 08:08 - 00003374 _____ () C:\Users\Barry Chapman\Desktop\Nmc_2014-05-22_08-08-46.log
2014-05-22 08:06 - 2014-05-22 07:57 - 332119856 _____ (Norman Shark AS) C:\Users\Barry Chapman\Downloads\Norman_Malware_Cleaner (1).exe
2014-05-21 16:21 - 2014-05-05 11:45 - 00037861 _____ () C:\Users\Barry Chapman\AppData\Roaming\Comma Separated Values (Windows).ADR
2014-05-21 11:27 - 2014-05-21 11:27 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\TuneUp Software
2014-05-21 11:16 - 2014-05-21 11:16 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\MFAData
2014-05-21 11:15 - 2014-05-21 11:15 - 04485528 _____ (AVG Technologies) C:\Users\Barry Chapman\Downloads\avg_free_stb_all_2014_4577_cnet.exe
2014-05-21 11:11 - 2014-03-21 13:52 - 00000000 ____D () C:\ProgramData\McAfee
2014-05-21 10:04 - 2014-05-21 09:31 - 00014960 _____ () C:\Users\Barry Chapman\Desktop\Nmc_2014-05-21_09-31-37.log
2014-05-21 09:17 - 2014-05-02 16:23 - 00002310 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-21 09:08 - 2014-05-21 09:01 - 331917560 _____ (Norman Shark AS) C:\Users\Barry Chapman\Downloads\Norman_Malware_Cleaner.exe
2014-05-20 18:49 - 2014-03-21 13:52 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2014-05-20 18:27 - 2014-05-02 15:18 - 00132680 _____ () C:\Users\Barry Chapman\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-20 18:25 - 2014-05-02 15:17 - 00000000 ____D () C:\Users\Barry Chapman
2014-05-20 18:24 - 2014-05-19 08:08 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-05-20 18:24 - 2014-03-21 13:45 - 00000000 ____D () C:\Program Files (x86)\Dell Wireless
2014-05-20 18:19 - 2014-05-27 18:11 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-20 18:19 - 2014-05-27 18:11 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-20 18:19 - 2014-05-06 07:52 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-20 18:19 - 2014-03-22 04:22 - 00000000 ____D () C:\Windows\system32\Drivers\tr-TR
2014-05-20 18:19 - 2014-03-22 04:22 - 00000000 ____D () C:\Windows\system32\Drivers\th-TH
2014-05-20 18:19 - 2014-03-22 04:22 - 00000000 ____D () C:\Windows\system32\Drivers\ro-RO
2014-05-20 18:19 - 2014-03-22 04:22 - 00000000 ____D () C:\Windows\system32\Drivers\he-IL
2014-05-20 18:19 - 2014-03-22 04:22 - 00000000 ____D () C:\Windows\system32\Drivers\ar-SA
2014-05-20 18:19 - 2010-11-21 03:17 - 00000000 ____D () C:\Windows\ShellNew
2014-05-20 18:19 - 2010-11-21 03:17 - 00000000 ____D () C:\Program Files\Windows Journal
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Windows\system32\WinBioPlugIns
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Windows\Offline Web Pages
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Windows\addins
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files\DVD Maker
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 __RSD () C:\Windows\Media
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\TAPI
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\uk-UA
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\th-TH
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\sr-Latn-CS
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\sppui
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\sl-SI
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\sk-SK
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Setup
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\ro-RO
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Recovery
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\ras
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\migwiz
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\manifeststore
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\lv-LV
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\lt-LT
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\InstallShield
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\icsxml
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\hr-HR
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\he-IL
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\et-EE
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\com
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\bg-BG
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\ar-SA
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\AdvancedInstallers
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\uk-UA
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\th-TH
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\sysprep
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\sppui
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\sl-SI
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\sk-SK
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Setup
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\ro-RO
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\ras
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\oobe
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Msdtc
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\migwiz
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\manifeststore
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\lv-LV
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\lt-LT
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\icsxml
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\ias
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\hr-HR
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\he-IL
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\et-EE
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\com
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\bg-BG
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\ar-SA
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\servicing
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\L2Schemas
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\IME
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\Cursors
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\Services
2014-05-20 18:03 - 2014-05-05 16:53 - 00000000 ____D () C:\Windows\SysWOW64\spool
2014-05-20 18:03 - 2014-03-21 13:42 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-05-20 18:03 - 2014-03-21 13:36 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-05-20 18:02 - 2014-05-03 16:36 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-05-20 18:02 - 2014-03-21 13:36 - 00000000 ____D () C:\Windows\system32\Macromed
2014-05-20 18:02 - 2009-07-14 01:32 - 00000000 ____D () C:\Windows\system32\restore
2014-05-20 18:02 - 2009-07-14 01:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-05-20 18:02 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-20 18:02 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system
2014-05-20 17:55 - 2014-05-13 11:18 - 00000000 ____D () C:\Windows\pss
2014-05-20 17:55 - 2014-05-03 15:40 - 00000000 ____D () C:\Windows\Msagent
2014-05-20 17:55 - 2014-05-03 13:30 - 00000000 ____D () C:\Windows\PIXTRAN
2014-05-20 17:53 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\Help
2014-05-20 17:52 - 2014-05-15 03:25 - 00000000 ___RD () C:\Users\Barry Chapman\Virtual Machines
2014-05-20 17:52 - 2014-05-14 15:54 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\wi_upd
2014-05-20 17:52 - 2014-05-14 10:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-05-20 17:52 - 2014-05-13 12:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backblaze
2014-05-20 17:52 - 2014-05-13 11:00 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\VMware
2014-05-20 17:52 - 2014-05-09 07:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
2014-05-20 17:52 - 2014-05-07 09:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CapturePerfect 3.1
2014-05-20 17:52 - 2014-05-06 10:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-20 17:52 - 2014-05-05 17:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon DR-2580C
2014-05-20 17:52 - 2014-05-05 16:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-05-20 17:52 - 2014-05-05 16:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
2014-05-20 17:52 - 2014-05-05 14:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Landtech XML
2014-05-20 17:52 - 2014-05-05 10:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Medlin Accounting
2014-05-20 17:52 - 2014-05-05 10:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quicken 2014
2014-05-20 17:52 - 2014-05-05 10:13 - 00000000 ____D () C:\Quicken 2014
2014-05-20 17:52 - 2014-05-03 16:34 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Microsoft Help
2014-05-20 17:52 - 2014-05-03 16:32 - 00000000 ____D () C:\Users\Barry Chapman\Downloads\DVD_Office_2010_32Bit
2014-05-20 17:52 - 2014-05-03 16:10 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-05-20 17:52 - 2014-05-03 16:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-05-20 17:52 - 2014-05-03 14:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FAX User Software
2014-05-20 17:52 - 2014-05-03 13:30 - 00000000 ____D () C:\Users\Barry Chapman\Desktop\Canon DR-2580C
2014-05-20 17:52 - 2014-05-03 13:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WordPerfect Office 12
2014-05-20 17:52 - 2014-05-02 16:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-20 17:52 - 2014-05-02 15:25 - 00000000 ___RD () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-20 17:52 - 2014-05-02 15:17 - 00000000 ___RD () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-20 17:52 - 2014-05-02 15:17 - 00000000 ___RD () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-20 17:52 - 2014-03-22 04:22 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Virtual PC
2014-05-20 17:52 - 2014-03-21 13:49 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2014-05-20 17:52 - 2014-03-21 13:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HotSpot
2014-05-20 17:52 - 2014-03-21 13:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atheros Smart Net
2014-05-20 17:52 - 2014-03-21 13:46 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BT Program
2014-05-20 17:52 - 2014-03-21 13:43 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2014-05-20 17:52 - 2014-03-21 13:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Audio
2014-05-20 17:52 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\AppCompat
brchapman
2014-05-28, 01:20
2014-05-20 17:51 - 2014-05-05 16:24 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-05-20 17:51 - 2014-05-05 16:15 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-05-20 17:51 - 2014-05-02 15:25 - 00000000 ____D () C:\ProgramData\Atheros
2014-05-20 17:51 - 2014-03-21 13:52 - 00000000 ____D () C:\Program Files\mcafee.com
2014-05-20 17:51 - 2014-03-21 13:52 - 00000000 ____D () C:\Program Files\mcafee
2014-05-20 17:51 - 2014-03-21 13:50 - 00000000 ____D () C:\Program Files\My Dell
2014-05-20 17:51 - 2014-03-21 13:50 - 00000000 ____D () C:\Program Files\Dell Support Center
2014-05-20 17:51 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-05-20 17:50 - 2014-05-03 14:29 - 00000000 ____D () C:\Program Files (x86)\wp51
2014-05-20 17:46 - 2014-05-05 10:24 - 00000000 ____D () C:\Program Files (x86)\Quicken
2014-05-20 17:46 - 2014-05-03 16:10 - 00000000 ____D () C:\Program Files (x86)\WinRAR
2014-05-20 17:45 - 2014-05-05 16:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-05-20 17:45 - 2014-03-21 13:52 - 00000000 ____D () C:\Program Files (x86)\mcafee.com
2014-05-20 17:44 - 2014-05-13 12:16 - 00000000 ____D () C:\Program Files (x86)\Backblaze
2014-05-20 17:44 - 2014-03-21 13:55 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-05-20 17:44 - 2014-03-21 13:50 - 00000000 ____D () C:\Program Files (x86)\Dell Digital Delivery
2014-05-20 17:34 - 2014-05-16 08:33 - 00000000 ____D () C:\Program Files (x86)\Adobe Download Assistant
2014-05-20 17:32 - 2014-05-02 15:45 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-05-20 17:27 - 2014-05-05 12:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WP-64
2014-05-20 17:26 - 2014-05-06 09:05 - 00000000 ____D () C:\Users\Barry Chapman\Desktop\CapturePerfect 3.0
2014-05-20 17:26 - 2014-05-02 15:45 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Opera Software
2014-05-20 16:57 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\registration
2014-05-20 16:25 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Adobe
2014-05-20 16:25 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\VirtualStore
2014-05-20 16:25 - 2014-03-21 13:55 - 00000000 ____D () C:\ProgramData\Adobe
2014-05-20 16:25 - 2014-03-21 13:50 - 00000000 ____D () C:\ProgramData\PCDr
2014-05-20 16:20 - 2014-05-14 08:30 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-05-20 15:49 - 2014-05-20 14:54 - 00025110 _____ () C:\Users\Barry Chapman\Desktop\Nmc_2014-05-20_14-54-17.log
2014-05-20 14:53 - 2014-05-20 14:53 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Norman Malware Cleaner
2014-05-20 13:56 - 2014-05-02 15:58 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Deployment
2014-05-20 13:35 - 2014-05-20 12:44 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-05-20 12:34 - 2014-05-20 12:34 - 00000914 _____ () C:\Users\Barry Chapman\Desktop\JRT.txt
2014-05-20 11:10 - 2014-05-03 14:40 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Adobe
2014-05-20 10:30 - 2014-05-20 10:29 - 04957528 _____ (SurfRight B.V.) C:\Users\Barry Chapman\Downloads\Unconfirmed 912715.crdownload
2014-05-19 10:55 - 2014-05-19 10:55 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-05-19 10:44 - 2014-05-05 16:53 - 00000000 ____D () C:\Users\Public\Documents\Adobe PDF
2014-05-19 10:20 - 2014-05-19 10:20 - 00000000 ____D () C:\Adobe XI Pro
2014-05-19 07:54 - 2014-05-19 07:54 - 00000000 ____D () C:\Users\Barry Chapman\Documents\ProcAlyzer Dumps
2014-05-18 03:05 - 2014-05-06 13:18 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-16 09:39 - 2014-05-16 09:39 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\SUPERAntiSpyware.com
2014-05-16 09:39 - 2014-05-16 09:39 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-05-16 08:33 - 2014-05-16 08:33 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2014-05-16 08:32 - 2014-05-27 18:11 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Macromedia
2014-05-16 08:32 - 2014-05-16 08:32 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-05-16 08:32 - 2014-05-16 08:32 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-05-15 15:02 - 2014-05-15 15:02 - 00560968 _____ (Safer-Networking Ltd. ) C:\Users\Barry Chapman\Downloads\spybot2-license (1).exe
2014-05-15 14:40 - 2014-05-02 15:45 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Opera Software
2014-05-15 14:27 - 2014-05-15 14:27 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-05-15 13:06 - 2014-05-15 13:05 - 00560968 _____ (Safer-Networking Ltd. ) C:\Users\Barry Chapman\Downloads\spybot2-license.exe
2014-05-15 11:40 - 2014-05-15 11:40 - 00000656 _____ () C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2014-05-15 11:40 - 2014-05-15 11:40 - 00000628 _____ () C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2014-05-15 11:40 - 2014-05-15 11:40 - 00000458 _____ () C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job
2014-05-15 10:56 - 2014-05-15 11:20 - 46392680 _____ (Safer-Networking Ltd. ) C:\Users\Barry Chapman\Downloads\spybot-2.3 (1).exe
2014-05-15 03:28 - 2009-07-14 01:08 - 00014614 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-15 03:03 - 2014-05-06 13:18 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-14 16:16 - 2014-05-14 16:16 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\PDF24
2014-05-14 15:56 - 2014-05-14 15:56 - 00004592 _____ () C:\Windows\System32\Tasks\IdleCrawler Runner
2014-05-14 15:54 - 2014-05-14 15:53 - 02271768 _____ () C:\Users\Barry Chapman\Downloads\Adobe.Acrobat.XI.Pro.v11.0.2.Multilingual.Cracked.exe
2014-05-14 15:27 - 2014-05-14 15:26 - 18873344 _____ () C:\Users\Barry Chapman\Downloads\AcrobatUpd714_all_incr.msp
2014-05-14 15:27 - 2014-05-05 16:54 - 00002501 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat 7.0 Standard.lnk
2014-05-14 15:23 - 2014-05-14 15:22 - 14385152 _____ () C:\Users\Barry Chapman\Downloads\AcrobatUpd713_all_incr.msp
2014-05-14 15:22 - 2014-05-14 15:21 - 03972608 _____ () C:\Users\Barry Chapman\Downloads\AcrobatUpd712_all_incr (1).msp
2014-05-14 15:20 - 2014-05-14 15:20 - 06504448 _____ () C:\Users\Barry Chapman\Downloads\AcroUpd711_all_incr.msp
2014-05-14 15:14 - 2009-07-14 00:45 - 00494176 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-14 15:08 - 2014-05-14 14:34 - 00001520 _____ () C:\Users\Public\Documents\AcStd7_1_0.ini
2014-05-14 14:44 - 2014-05-05 16:54 - 00002459 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Distiller 7.0.lnk
2014-05-14 13:26 - 2014-05-05 12:22 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Help
2014-05-14 11:55 - 2014-05-03 16:40 - 00000000 ____D () C:\Office 2000
2014-05-14 10:26 - 2014-05-14 10:20 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-05-14 10:25 - 2014-05-14 10:25 - 00000000 ____D () C:\Windows\PCHEALTH
2014-05-14 10:22 - 2014-05-14 10:22 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-05-14 10:22 - 2014-05-14 10:22 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-05-14 10:20 - 2014-05-14 10:20 - 00000000 ___RD () C:\MSOCache
2014-05-14 08:36 - 2014-03-21 13:36 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-14 08:36 - 2014-03-21 13:36 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-14 08:36 - 2014-03-21 13:36 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-14 08:30 - 2014-05-14 08:30 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Secunia PSI
2014-05-14 08:29 - 2014-05-14 08:28 - 05329480 _____ (Secunia) C:\Users\Barry Chapman\Downloads\PSISetup.exe
2014-05-13 16:30 - 2014-05-02 15:23 - 00000000 ____D () C:\ProgramData\softthinks
2014-05-13 12:17 - 2014-05-12 07:16 - 00000000 ____D () C:\.bzvol
2014-05-13 12:16 - 2014-05-13 12:16 - 05033216 _____ () C:\Users\Barry Chapman\Downloads\install_backblaze.exe
2014-05-13 12:16 - 2014-05-13 12:16 - 00000000 ____D () C:\ProgramData\Backblaze
2014-05-13 12:04 - 2014-05-13 12:02 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\VMware
2014-05-13 11:38 - 2014-05-13 11:38 - 34209792 _____ () C:\Users\Barry Chapman\Desktop\CHAPMA11_20140505-2014-05-13.QDF-backup
2014-05-13 11:13 - 2014-05-13 08:53 - 00007605 _____ () C:\Users\Barry Chapman\AppData\Local\resmon.resmoncfg
2014-05-13 11:07 - 2014-05-12 13:51 - 00000000 ____D () C:\Program Files\My Lockbox
2014-05-13 11:07 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\spool
2014-05-13 10:04 - 2014-05-13 10:04 - 00000000 _____ () C:\Users\Barry Chapman\AppData\Local\{89B78C50-3F1E-4624-B5B6-B21F413891C7}
2014-05-13 09:55 - 2010-11-21 03:16 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-05-13 08:51 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\Documents\Bluetooth Folder
2014-05-12 20:58 - 2014-05-12 20:43 - 00000000 ____D () C:\Users\Barry Chapman\.asdm
2014-05-12 20:43 - 2014-05-12 20:43 - 00000000 ____D () C:\Program Files (x86)\Cisco Systems
2014-05-12 16:26 - 2014-05-12 16:26 - 00010295 _____ () C:\Users\Barry Chapman\Documents\141046 commitment.wpd
2014-05-12 16:21 - 2014-05-12 16:21 - 00002380 _____ () C:\Users\Barry Chapman\Documents\141046 DATA FILE.wpd
2014-05-12 13:50 - 2014-05-12 13:50 - 04090994 _____ () C:\Users\Barry Chapman\Downloads\mylockbox_setup.zip
2014-05-09 11:38 - 2014-05-09 11:38 - 00000000 ____D () C:\Users\Barry Chapman\Documents\CCWin
2014-05-09 09:28 - 2014-05-05 12:22 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Help
2014-05-09 07:39 - 2014-05-09 07:39 - 00002187 _____ () C:\Users\Public\Desktop\VMware Player.lnk
2014-05-09 07:39 - 2014-05-09 07:39 - 00000000 ____D () C:\Program Files (x86)\VMware
2014-05-09 07:39 - 2011-02-10 10:33 - 00807106 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-05-09 07:38 - 2014-05-09 07:38 - 00000000 ____D () C:\Program Files\Common Files\VMware
2014-05-09 07:35 - 2014-05-09 07:33 - 114794792 _____ (VMware, Inc.) C:\Users\Barry Chapman\Downloads\VMware-player-4.0.6-1035888.exe
2014-05-09 02:14 - 2014-05-14 05:44 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 02:11 - 2014-05-14 05:44 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-07 15:50 - 2014-05-02 16:12 - 00003908 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-07 15:50 - 2014-05-02 16:12 - 00003656 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-07 09:29 - 2014-05-07 09:29 - 00000000 ____D () C:\ProgramData\Canon Electronics
2014-05-07 09:25 - 2014-05-03 13:30 - 00000000 ____D () C:\Program Files (x86)\Canon Electronics
2014-05-07 09:25 - 2014-03-21 13:42 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-07 09:22 - 2014-05-07 09:20 - 79468544 _____ () C:\Users\Barry Chapman\Downloads\CP_Upgrade_V3137 (1).exe
2014-05-07 09:22 - 2014-05-06 07:29 - 00000000 ____D () C:\CapturePerfect Upgrade
2014-05-06 15:59 - 2014-05-06 15:56 - 00000000 ____D () C:\Users\Barry Chapman\Documents\My Documents from old
2014-05-06 14:42 - 2014-05-06 14:42 - 00119964 _____ () C:\Users\Barry Chapman\Downloads\GSCCCA Online Statement.htm
2014-05-06 13:22 - 2014-05-03 13:30 - 00000125 _____ () C:\Windows\SetScan.ini
2014-05-06 13:12 - 2014-05-03 13:30 - 00017862 _____ () C:\Windows\DPINST.LOG
2014-05-06 13:09 - 2014-05-06 13:09 - 14393344 _____ () C:\Users\Barry Chapman\Downloads\2580DRIT_V18SP1 (1).exe
2014-05-06 10:10 - 2014-05-06 10:10 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Oracle
2014-05-06 10:09 - 2014-05-06 10:09 - 00000000 ____D () C:\ProgramData\Sun
2014-05-06 10:09 - 2014-05-06 10:09 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-06 10:07 - 2014-05-06 10:07 - 00921512 _____ (Oracle Corporation) C:\Users\Barry Chapman\Downloads\chromeinstall-7u55.exe
2014-05-06 10:04 - 2014-05-06 10:05 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-05-06 10:04 - 2014-05-06 10:04 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-05-06 10:04 - 2014-05-06 10:04 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-05-06 10:04 - 2014-05-06 10:04 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-05-06 10:04 - 2014-05-06 10:04 - 00000000 ____D () C:\Program Files\Java
2014-05-06 10:04 - 2014-05-06 10:03 - 30818216 _____ (Oracle Corporation) C:\Users\Barry Chapman\Downloads\jre-7u55-windows-x64.exe
2014-05-06 09:27 - 2014-05-06 09:27 - 28808192 _____ () C:\Users\Barry Chapman\Downloads\CP_Upgrade_Ver_3097 (1).exe
2014-05-06 09:06 - 2014-05-06 09:06 - 00000000 _____ () C:\Users\Barry Chapman\Sti_Trace.log
2014-05-06 09:06 - 2014-05-05 17:43 - 00005432 _____ () C:\Windows\pixcache.ini
2014-05-06 08:51 - 2014-05-06 08:51 - 00249856 _____ () C:\Users\Barry Chapman\Downloads\RepairReg.exe
2014-05-06 08:51 - 2014-05-06 08:51 - 00000000 ____D () C:\DR Scanner
2014-05-06 08:47 - 2014-05-06 08:45 - 79468544 _____ () C:\Users\Barry Chapman\Downloads\CP_Upgrade_V3137.exe
2014-05-06 08:43 - 2014-05-06 08:43 - 00000000 ____D () C:\DR2580C
2014-05-06 08:42 - 2014-05-06 08:42 - 14393344 _____ () C:\Users\Barry Chapman\Downloads\2580DRIT_V18SP1.exe
2014-05-06 08:35 - 2014-05-06 08:35 - 00000000 ____D () C:\Users\Barry Chapman\Downloads\d1041mux
2014-05-06 08:35 - 2014-05-06 08:34 - 13259652 _____ () C:\Users\Barry Chapman\Downloads\d1041mux.zip
2014-05-06 07:31 - 2014-05-06 07:31 - 00003228 _____ () C:\Windows\System32\Tasks\{E819857F-629F-4F7B-9FE3-F8B1467A5C1B}
2014-05-06 03:03 - 2014-05-06 03:03 - 00288324 _____ () C:\Windows\msxml4-KB973688-enu.LOG
2014-05-06 03:03 - 2014-05-06 03:02 - 00292408 _____ () C:\Windows\msxml4-KB954430-enu.LOG
2014-05-06 03:02 - 2014-05-06 03:02 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-05-06 00:40 - 2014-05-15 03:06 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 00:17 - 2014-05-15 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-05 23:25 - 2014-05-15 03:06 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-05 23:07 - 2014-05-15 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-05 23:00 - 2014-05-15 03:06 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-05 22:10 - 2014-05-15 03:06 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-05 19:26 - 2014-05-05 17:52 - 28808192 _____ () C:\Users\Barry Chapman\Downloads\CP_Upgrade_Ver_3097.exe
2014-05-05 17:48 - 2014-03-21 13:55 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-05 17:43 - 2014-05-05 17:43 - 00003050 _____ () C:\Windows\System32\Tasks\{BEA2EFCD-E2FA-474A-BB2F-ADE6F46BED5D}
2014-05-05 16:56 - 2014-05-05 16:56 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\AdobeUM
2014-05-05 16:54 - 2014-05-05 16:54 - 00002039 _____ () C:\Users\Public\Desktop\Adobe Acrobat 7.0 Standard.lnk
2014-05-05 16:24 - 2014-05-05 16:23 - 13084896 _____ (Microsoft Corporation) C:\Users\Barry Chapman\Downloads\Silverlight_x64 (1).exe
2014-05-05 16:23 - 2014-05-05 16:23 - 13084896 _____ (Microsoft Corporation) C:\Users\Barry Chapman\Downloads\Silverlight_x64.exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_point64_01011.Wdf
2014-05-05 16:12 - 2014-05-05 16:12 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_dc3d_01011.Wdf
2014-05-05 15:53 - 2014-05-05 15:52 - 19495200 _____ () C:\Users\Barry Chapman\Downloads\upd-ps-x64-5.8.0.17508.exe
2014-05-05 15:53 - 2014-05-05 15:50 - 00000000 ____D () C:\HP Universal Print Driver
2014-05-05 15:49 - 2014-05-05 15:49 - 18409760 _____ () C:\Users\Barry Chapman\Downloads\upd-pcl6-x64-5.8.0.17508.exe
2014-05-05 14:53 - 2014-05-05 14:53 - 00001534 _____ () C:\Users\Barry Chapman\Desktop\Landtech XML.lnk
2014-05-05 14:52 - 2014-05-05 14:52 - 00204800 _____ (Landtech Data Corporation) C:\Windows\SysWOW64\ltwpvsw.DLL
2014-05-05 14:52 - 2014-05-05 14:52 - 00065536 _____ (Landtech Data Corp.) C:\Windows\SysWOW64\LTWNode.exe
2014-05-05 14:52 - 2014-05-05 14:52 - 00004726 _____ () C:\Windows\BOOTSTRAP.LOG
2014-05-05 14:52 - 2014-05-05 14:52 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Landtech XML
2014-05-05 14:44 - 2014-05-05 14:44 - 00000519 _____ () C:\Windows\ODBCINST.INI
2014-05-05 14:44 - 2014-05-05 14:44 - 00000000 ____D () C:\ProgramData\Pervasive Software
2014-05-05 14:44 - 2014-05-05 14:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pervasive
2014-05-05 14:44 - 2014-05-05 14:44 - 00000000 ____D () C:\Program Files (x86)\Pervasive Software
2014-05-05 14:18 - 2014-05-05 14:18 - 00000000 ____D () C:\Wages
2014-05-05 14:17 - 2014-05-05 14:15 - 88823072 _____ () C:\Users\Barry Chapman\Downloads\PSQL-Workgroup-10.30.022.000-win.x86.exe
2014-05-05 12:34 - 2014-05-05 12:34 - 32856361 _____ (wpdos.org ) C:\Users\Barry Chapman\Downloads\WP64DOSBox-Setup.exe
2014-05-05 12:18 - 2014-05-03 13:14 - 00000000 ____D () C:\Program Files (x86)\WordPerfect Office 12
2014-05-05 11:40 - 2014-05-05 11:40 - 00321535 _____ () C:\Users\Barry Chapman\Downloads\contacts.csv
2014-05-05 11:26 - 2014-05-05 11:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-05 11:25 - 2014-05-05 11:25 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Barry Chapman\Downloads\mbam-setup-2.0.1.1004 (1).exe
2014-05-05 11:25 - 2014-05-05 11:24 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Barry Chapman\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-05 11:17 - 2014-05-05 11:16 - 01069064 _____ (Medlin Accounting Software ) C:\Users\Barry Chapman\Downloads\_05-01-2014_medlin_PR_4-6.exe
2014-05-05 11:17 - 2014-05-05 10:49 - 00000580 _____ () C:\Users\Public\Desktop\Medlin Accounting.lnk
2014-05-05 10:40 - 2014-05-05 10:40 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\QuickenWindow
2014-05-05 10:36 - 2014-05-05 10:36 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\IsolatedStorage
2014-05-05 10:28 - 2014-05-05 10:28 - 00000000 ____D () C:\Users\Barry Chapman\Documents\Quicken
2014-05-05 10:24 - 2014-05-05 10:24 - 00001808 _____ () C:\Users\Public\Desktop\Quicken Deluxe 2014.lnk
2014-05-05 10:24 - 2014-05-05 10:24 - 00000126 _____ () C:\Windows\QUICKEN.INI
2014-05-05 10:24 - 2014-05-05 10:24 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Intuit
2014-05-05 10:23 - 2014-05-05 10:23 - 00000000 ____D () C:\ProgramData\Intuit
2014-05-05 10:21 - 2014-05-05 10:18 - 112168720 _____ (Intuit Inc. ) C:\Users\Barry Chapman\Downloads\QW14DLX.exe
2014-05-05 08:58 - 2014-05-05 08:58 - 00000000 __SHD () C:\Users\Barry Chapman\AppData\Local\EmieUserList
2014-05-05 08:58 - 2014-05-05 08:58 - 00000000 __SHD () C:\Users\Barry Chapman\AppData\Local\EmieSiteList
2014-05-05 03:06 - 2014-05-27 18:11 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Microsoft Help
2014-05-05 03:06 - 2014-05-05 03:06 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-05-05 03:06 - 2014-05-05 03:06 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-05-04 18:11 - 2014-05-03 12:01 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\PCDr
2014-05-04 03:39 - 2011-02-10 10:25 - 00000000 ____D () C:\dell
2014-05-03 16:46 - 2014-05-03 16:46 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-05-03 16:30 - 2014-05-03 16:11 - 628097024 _____ () C:\Users\Barry Chapman\Downloads\DVD_Office_2010_32Bit.iso
2014-05-03 16:26 - 2014-05-03 16:26 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\WinRAR
2014-05-03 16:23 - 2014-05-03 16:23 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Macromedia
2014-05-03 16:21 - 2014-05-03 16:21 - 00001161 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-03 16:21 - 2014-05-03 16:21 - 00001149 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-03 16:21 - 2014-05-03 16:21 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Mozilla
2014-05-03 16:21 - 2014-05-03 16:21 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Mozilla
2014-05-03 16:21 - 2014-05-03 16:21 - 00000000 ____D () C:\ProgramData\Mozilla
2014-05-03 16:19 - 2014-05-03 16:19 - 00282960 _____ (Mozilla) C:\Users\Barry Chapman\Downloads\Firefox Setup Stub 29.0.exe
2014-05-03 16:10 - 2014-05-03 16:10 - 01766784 _____ () C:\Users\Barry Chapman\Downloads\wrar500.exe
2014-05-03 16:10 - 2014-05-03 16:10 - 00001007 _____ () C:\Users\Public\Desktop\WinRAR.lnk
2014-05-03 15:41 - 2014-05-03 15:41 - 00000376 _____ () C:\Windows\ODBC.INI
2014-05-03 15:40 - 2014-05-03 15:40 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Microsoft Web Folders
2014-05-03 15:20 - 2014-05-03 15:20 - 00718172 _____ () C:\Users\Barry Chapman\Downloads\Windows6.1-KB917607-x64.msu
2014-05-03 15:20 - 2014-05-03 15:20 - 00703811 _____ () C:\Users\Barry Chapman\Downloads\Windows6.1-KB917607-x86.msu
2014-05-03 14:14 - 2014-05-03 14:14 - 00000000 ____D () C:\Program Files (x86)\Kyocera
2014-05-03 14:02 - 2014-05-03 14:02 - 00003102 _____ () C:\Windows\System32\Tasks\{274EC4EA-7BEE-46DD-B238-1777098F3282}
2014-05-03 13:53 - 2014-05-03 13:53 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Canon Electronics
2014-05-03 13:52 - 2014-05-03 13:38 - 00000000 ____D () C:\Users\Barry Chapman\Documents\Corel User Files
2014-05-03 13:38 - 2014-05-03 13:38 - 00061678 _____ () C:\Users\Barry Chapman\AppData\Roaming\PFP120JPR.{PB
2014-05-03 13:38 - 2014-05-03 13:38 - 00012358 _____ () C:\Users\Barry Chapman\AppData\Roaming\PFP120JCM.{PB
2014-05-03 13:38 - 2014-05-03 13:38 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Corel
2014-05-03 13:17 - 2014-05-03 13:17 - 00002607 _____ () C:\Users\Barry Chapman\Desktop\WordPerfect.lnk
2014-05-02 16:23 - 2014-05-02 16:12 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Google
2014-05-02 15:58 - 2014-05-02 15:58 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Apps\2.0
2014-05-02 15:42 - 2014-05-02 15:42 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Macromedia
2014-05-02 15:26 - 2014-05-02 15:26 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Intel Corporation
2014-05-02 15:25 - 2014-05-02 15:25 - 00004004 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2014-05-02 15:25 - 2014-05-02 15:25 - 00003214 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest
2014-05-02 15:25 - 2014-05-02 15:25 - 00001415 _____ () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-02 15:25 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Leadertech
2014-05-02 15:25 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Dell
2014-05-02 15:25 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Atheros
2014-05-02 15:25 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\BMExplorer
2014-05-02 15:23 - 2014-05-02 15:23 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\softthinks
2014-05-02 15:18 - 2014-05-02 15:18 - 00001975 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Help Documentation.lnk
2014-05-02 15:17 - 2014-05-02 15:17 - 00000020 ___SH () C:\Users\Barry Chapman\ntuser.ini
2014-05-02 15:09 - 2011-02-10 10:25 - 00000000 ____D () C:\Windows\panther
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-05-27 15:15
==================== End Of Log ============================
Download MiniToolBox (http://download.bleepingcomputer.com/farbar/MiniToolBox.exe) and save it to your desktop and run it.
Checkmark following checkboxes:
List last 10 Event Viewer log
List installed programs.
List Devices. Select "All" radio button.
Checkmark the following checkboxes:
Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Devices
List Users, Partitions and Memory size.
List Minidump Files
Click Go and post the result (Result.txt) that pops up. A copy of result.txt will be saved in the same directory the tool is run.
brchapman
2014-05-28, 14:20
MiniToolBox by Farbar Version: 23-01-2014
Ran by Barry Chapman (administrator) on 28-05-2014 at 07:18:02
Running from "C:\Users\Barry Chapman\Desktop"
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
========================= Flush DNS: ===================================
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
========================= IE Proxy Settings: ==============================
Proxy is not enabled.
No Proxy Server is set.
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= FF Proxy Settings: ==============================
"network.proxy.type", 1"network.proxy.http", "127.0.0.1""network.proxy.http_port", 8118"network.proxy.ssl", "127.0.0.1""network.cookie.cookieBehavior", 1
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
========================= Hosts content: =================================
127.0.0.1 localhost
========================= IP Configuration: ================================
Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
VMware Virtual Ethernet Adapter for VMnet1 = VMware Network Adapter VMnet1 (Connected)
VMware Virtual Ethernet Adapter for VMnet8 = VMware Network Adapter VMnet8 (Connected)
Dell Wireless 1705 802.11b/g/n (2.4GHZ) = Wireless Network Connection (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
reset
set global icmpredirects=enabled
add address name="VMware Network Adapter VMnet8" address=192.168.154.1 mask=255.255.255.0
add address name="VMware Network Adapter VMnet1" address=192.168.12.1 mask=255.255.255.0
popd
# End of IPv4 configuration
Windows IP Configuration
Host Name . . . . . . . . . . . . : BarrysNew
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : barrychapmanlaw.com
Wireless LAN adapter Wireless Network Connection 2:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 26-2D-27-1C-CB-C9
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Ethernet adapter Bluetooth Network Connection 2:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network) #2
Physical Address. . . . . . . . . : 14-2D-27-1C-CB-CA
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Wireless LAN adapter Wireless Network Connection:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Dell Wireless 1705 802.11b/g/n (2.4GHZ)
Physical Address. . . . . . . . . : 14-2D-27-1C-CB-C9
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . : barrychapmanlaw.com
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : F8-BC-12-5F-0C-9A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::84b2:d953:d007:f6a3%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.10.137(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, May 27, 2014 1:23:36 PM
Lease Expires . . . . . . . . . . : Wednesday, May 28, 2014 8:28:01 AM
Default Gateway . . . . . . . . . : 192.168.10.1
DHCP Server . . . . . . . . . . . : 192.168.9.1
DHCPv6 IAID . . . . . . . . . . . : 251182098
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-BF-02-EC-F8-BC-12-5F-0C-9A
DNS Servers . . . . . . . . . . . : 8.8.8.8
8.8.4.4
205.152.144.23
205.152.132.23
NetBIOS over Tcpip. . . . . . . . : Enabled
Ethernet adapter VMware Network Adapter VMnet1:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : VMware Virtual Ethernet Adapter for VMnet1
Physical Address. . . . . . . . . : 00-50-56-C0-00-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::95ed:1a70:e6df:35ba%19(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.12.1(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 620777558
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-BF-02-EC-F8-BC-12-5F-0C-9A
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Enabled
Ethernet adapter VMware Network Adapter VMnet8:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : VMware Virtual Ethernet Adapter for VMnet8
Physical Address. . . . . . . . . : 00-50-56-C0-00-08
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::81f5:90e6:501c:a31c%21(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.154.1(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 654331990
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-BF-02-EC-F8-BC-12-5F-0C-9A
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter Local Area Connection* 13:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter isatap.{E553EA34-034B-47B6-9D32-AFA98AE6FBD0}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter isatap.{DC1E8705-C45F-4A66-9045-6FEFA9B6398F}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter isatap.barrychapmanlaw.com:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : barrychapmanlaw.com
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #8
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: google-public-dns-a.google.com
Address: 8.8.8.8
Name: google.com
Addresses: 2607:f8b0:4002:c06::8a
74.125.21.139
74.125.21.138
74.125.21.113
74.125.21.102
74.125.21.101
74.125.21.100
Pinging google.com [74.125.137.102] with 32 bytes of data:
Reply from 74.125.137.102: bytes=32 time=479ms TTL=40
Reply from 74.125.137.102: bytes=32 time=24ms TTL=40
Ping statistics for 74.125.137.102:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 24ms, Maximum = 479ms, Average = 251ms
Server: google-public-dns-a.google.com
Address: 8.8.8.8
Name: yahoo.com
Addresses: 98.139.183.24
98.138.253.109
206.190.36.45
Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=266ms TTL=40
Reply from 98.139.183.24: bytes=32 time=51ms TTL=40
Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 51ms, Maximum = 266ms, Average = 158ms
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
18...26 2d 27 1c cb c9 ......Microsoft Virtual WiFi Miniport Adapter
16...14 2d 27 1c cb ca ......Bluetooth Device (Personal Area Network) #2
12...14 2d 27 1c cb c9 ......Dell Wireless 1705 802.11b/g/n (2.4GHZ)
11...f8 bc 12 5f 0c 9a ......Realtek PCIe GBE Family Controller
19...00 50 56 c0 00 01 ......VMware Virtual Ethernet Adapter for VMnet1
21...00 50 56 c0 00 08 ......VMware Virtual Ethernet Adapter for VMnet8
1...........................Software Loopback Interface 1
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
27...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #8
===========================================================================
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.10.1 192.168.10.137 21
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.10.0 255.255.255.0 On-link 192.168.10.137 276
192.168.10.137 255.255.255.255 On-link 192.168.10.137 276
192.168.10.255 255.255.255.255 On-link 192.168.10.137 276
192.168.12.0 255.255.255.0 On-link 192.168.12.1 276
192.168.12.1 255.255.255.255 On-link 192.168.12.1 276
192.168.12.255 255.255.255.255 On-link 192.168.12.1 276
192.168.154.0 255.255.255.0 On-link 192.168.154.1 276
192.168.154.1 255.255.255.255 On-link 192.168.154.1 276
192.168.154.255 255.255.255.255 On-link 192.168.154.1 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.10.137 276
224.0.0.0 240.0.0.0 On-link 192.168.12.1 276
224.0.0.0 240.0.0.0 On-link 192.168.154.1 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.10.137 276
255.255.255.255 255.255.255.255 On-link 192.168.12.1 276
255.255.255.255 255.255.255.255 On-link 192.168.154.1 276
===========================================================================
Persistent Routes:
None
IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
11 276 fe80::/64 On-link
19 276 fe80::/64 On-link
21 276 fe80::/64 On-link
21 276 fe80::81f5:90e6:501c:a31c/128
On-link
11 276 fe80::84b2:d953:d007:f6a3/128
On-link
19 276 fe80::95ed:1a70:e6df:35ba/128
On-link
1 306 ff00::/8 On-link
11 276 ff00::/8 On-link
19 276 ff00::/8 On-link
21 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
========================= Event log errors: ===============================
Application errors:
==================
Error: (05/27/2014 06:13:08 PM) (Source: MsiInstaller) (User: BarrysNew)
Description: Product: Adobe Acrobat 7.0 Standard - English, Français, Deutsch -- Error 1311.Source file not found(cabinet): C:\Program Files (x86)\Adobe\Acrobat 7.0\Setup Files\AcroStan\EFG\Data1.cab. Verify that the file exists and that you can access it.
Error: (05/27/2014 01:24:01 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/27/2014 11:29:57 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/27/2014 09:22:29 AM) (Source: Application Error) (User: )
Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0x2a38
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3
Error: (05/27/2014 09:05:45 AM) (Source: Application Error) (User: )
Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0xaa0
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3
Error: (05/27/2014 08:55:00 AM) (Source: MsiInstaller) (User: BarrysNew)
Description: Product: Adobe Acrobat 7.0 Standard - English, Français, Deutsch -- Error 1311.Source file not found(cabinet): C:\Program Files (x86)\Adobe\Acrobat 7.0\Setup Files\AcroStan\EFG\Data1.cab. Verify that the file exists and that you can access it.
Error: (05/27/2014 08:53:40 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/27/2014 08:00:34 AM) (Source: Application Error) (User: )
Description: Faulting application name: mbam.exe, version: 1.0.0.500, time stamp: 0x533d8de2
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0x78c
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3
Error: (05/27/2014 08:00:05 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/27/2014 07:59:08 AM) (Source: Application Error) (User: )
Description: Faulting application name: mbam.exe, version: 1.0.0.500, time stamp: 0x533d8de2
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0x5a4
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3
System errors:
=============
Error: (05/27/2014 01:04:42 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
Error: (05/27/2014 01:04:07 PM) (Source: Application Popup) (User: )
Description: \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
Error: (05/27/2014 01:01:50 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
Error: (05/27/2014 00:58:16 PM) (Source: Service Control Manager) (User: )
Description: The Spybot-S&D 2 Security Center Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (05/27/2014 00:58:09 PM) (Source: Service Control Manager) (User: )
Description: The Spybot-S&D 2 Updating Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (05/27/2014 00:58:04 PM) (Source: Service Control Manager) (User: )
Description: The Spybot-S&D 2 Scanner Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (05/27/2014 11:29:50 AM) (Source: Service Control Manager) (User: )
Description: The SystemUpdatekb70007 service failed to start due to the following error:
%%1053
Error: (05/27/2014 11:29:50 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the SystemUpdatekb70007 service to connect.
Error: (05/27/2014 11:23:25 AM) (Source: Service Control Manager) (User: )
Description: The Adobe Acrobat Update Service service terminated unexpectedly. It has done this 1 time(s).
Error: (05/27/2014 08:02:32 AM) (Source: DCOM) (User: )
Description: 1084McNaiAnn{C90134D2-4AE9-407A-919A-4A2EF09C6C51}
Microsoft Office Sessions:
=========================
Error: (05/27/2014 06:13:08 PM) (Source: MsiInstaller)(User: BarrysNew)
Description: Product: Adobe Acrobat 7.0 Standard - English, Français, Deutsch -- Error 1311.Source file not found(cabinet): C:\Program Files (x86)\Adobe\Acrobat 7.0\Setup Files\AcroStan\EFG\Data1.cab. Verify that the file exists and that you can access it.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (05/27/2014 01:24:01 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/27/2014 11:29:57 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/27/2014 09:22:29 AM) (Source: Application Error)(User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd2a3801cf79aeb489ed46C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dllf36c9b59-e5a1-11e3-848b-142d271ccbca
Error: (05/27/2014 09:05:45 AM) (Source: Application Error)(User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fdaa001cf79ac5d6a265dC:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll9c92df27-e59f-11e3-848b-142d271ccbca
Error: (05/27/2014 08:55:00 AM) (Source: MsiInstaller)(User: BarrysNew)
Description: Product: Adobe Acrobat 7.0 Standard - English, Français, Deutsch -- Error 1311.Source file not found(cabinet): C:\Program Files (x86)\Adobe\Acrobat 7.0\Setup Files\AcroStan\EFG\Data1.cab. Verify that the file exists and that you can access it.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (05/27/2014 08:53:40 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/27/2014 08:00:34 AM) (Source: Application Error)(User: )
Description: mbam.exe1.0.0.500533d8de2MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd78c01cf79a33aec636dC:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll81a76a98-e596-11e3-b064-afc890ab93b6
Error: (05/27/2014 08:00:05 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/27/2014 07:59:08 AM) (Source: Application Error)(User: )
Description: mbam.exe1.0.0.500533d8de2MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd5a401cf79a3075d351dC:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll4e692b12-e596-11e3-b064-afc890ab93b6
CodeIntegrity Errors:
===================================
Date: 2014-05-28 07:15:41.167
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-05-28 00:30:02.177
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-05-27 17:49:01.421
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-05-27 17:38:48.966
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-05-27 17:24:50.912
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-05-27 17:16:01.608
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-05-27 16:41:57.717
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-05-27 16:36:21.862
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-05-27 16:19:59.738
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-05-27 16:06:14.833
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
=========================== Installed Programs ============================
Accidental Damage Services Agreement (Version: 2.0.0)
Adobe Acrobat 7.0 Standard - English, Français, Deutsch (Version: 7.1.4)
Adobe Acrobat 7.1.2 Standard - English, Français, Deutsch (Version: 7.1.2)
Adobe Acrobat 7.1.4 - CPSID_50030
Adobe Acrobat 7.1.4 Standard - English, Français, Deutsch (Version: 7.1.4)
Adobe Flash Player 13 ActiveX (Version: 13.0.0.214)
Adobe Flash Player 13 Plugin (Version: 13.0.0.214)
Adobe Reader XI (11.0.06) MUI (Version: 11.0.06)
Backblaze
Banctec Service Agreement (Version: 2.0.0)
Canon DR-2580C Driver
Canon DR-2580C Driver (Version: 1.8.10911.16001)
CapturePerfect 3.0 Help & Manual (Version: 3.0.9710.901)
CapturePerfect 3.1 (Version: 3.1.3713.1220)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Complete Care Business Service Agreement (Version: 2.0.0)
Consumer In-Home Service Agreement (Version: 2.0.0)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell Backup and Recovery - Support Software (Version: 1.7.1.0)
Dell Backup and Recovery (Version: 1.7.1.0)
Dell Digital Delivery (Version: 2.8.5000.0)
Dell Edoc Viewer (Version: 1.0.0)
Dell Home Systems Service Agreement (Version: 2.0.0)
Dell WLAN and Bluetooth Client Installation (Version: 10.0)
DR-2580C Job Tool
DSC/AA Factory Installer (Version: 3.4.6299.48)
ERUNT 1.1j
Google Chrome (Version: 35.0.1916.114)
Google Update Helper (Version: 1.3.24.7)
Google+ Auto Backup (Version: 1.0.18.74)
Intel(R) Management Engine Components (Version: 9.5.14.1724)
Intel(R) Processor Graphics (Version: 9.18.10.3272)
Intel(R) Rapid Storage Technology (Version: 12.7.3.1001)
Intel® Trusted Connect Service Client (Version: 1.28.487.1)
iSEEK AnswerWorks English Runtime (Version: 010.000.0101)
Java 7 Update 55 (64-bit) (Version: 7.0.550)
Java 7 Update 55 (Version: 7.0.550)
Kyocera Address Book for Network FAX
McAfee LiveSafe – Internet Security (Version: 12.8.958)
Medlin Accounting
Medlin Payroll
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)
Microsoft Mouse and Keyboard Center (Version: 2.3.188.0)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Standard 2010 (Version: 14.0.7015.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Silverlight (Version: 5.1.30214.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
My Dell (Version: 3.5.6426.22)
Pervasive PSQL v10 SP3 Workgroup (32-bit) (Version: 10.30.024)
Picasa 3 (Version: 3.9)
Premium Service Agreement (Version: 2.0.0)
Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.1.230)
QualxServ Service Agreement (Version: 2.0.0)
Quicken 2014 (Version: 23.1.7.6)
Realtek Card Reader (Version: 6.2.9200.30164)
Realtek High Definition Audio Driver (Version: 6.0.1.7004)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
Shared C Run-time for x64 (Version: 10.0.0)
Spybot - Search & Destroy (Version: 2.3.39)
System Update kb70007 (Version: 1.0.0)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition
Visual Studio 2012 x64 Redistributables (Version: 14.0.0.1)
Visual Studio 2012 x86 Redistributables (Version: 14.0.0.1)
VmciSockets (Version: 9.1.55.1)
VMware Player (Version: 4.0.6.35970)
WinRAR 5.00 (32-bit) (Version: 5.00.0)
WordPerfect Office 12 (Version: 12.0.0.238)
========================= Devices: ================================
Name: Ancillary Function Driver for Winsock
Description: Ancillary Function Driver for Winsock
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AFD
Name: KSecDD
Description: KSecDD
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: KSecDD
Name: TOSHIBA DT01ACA050 SCSI Disk Device
Description: Disk drive
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard disk drives)
Service: disk
Name: WAN Miniport (Network Monitor)
Description: WAN Miniport (Network Monitor)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Name: Microsoft Bluetooth Enumerator
Description: Microsoft Bluetooth Enumerator
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Microsoft
Service: BthEnum
Name: Remote Desktop Services Security Filter Driver
Description: Remote Desktop Services Security Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: tssecsrv
Name: Intel(R) 8 Series/C220 Series USB EHCI #2 - 8C2D
Description: Intel(R) 8 Series/C220 Series USB EHCI #2 - 8C2D
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbehci
Name: Intel(R) 82802 Firmware Hub Device
Description: Intel(R) 82802 Firmware Hub Device
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:
Name: QoS Packet Scheduler
Description: QoS Packet Scheduler
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Psched
Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:
Name: KSecPkg
Description: KSecPkg
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: KSecPkg
Name: WAN Miniport (IP)
Description: WAN Miniport (IP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Name: HID Keyboard Device
Description: HID Keyboard Device
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: kbdhid
Name: VgaSave
Description: VgaSave
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: VgaSave
Name: Beep
Description: Beep
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Beep
Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Name: Link-Layer Topology Discovery Mapper I/O Driver
Description: Link-Layer Topology Discovery Mapper I/O Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: lltdio
Name: CANON DR-2580C USB
Description: CANON DR-2580C USB
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: CANON
Service: usbscan
Name: WAN Miniport (IPv6)
Description: WAN Miniport (IPv6)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:
Name: RDPCDD
Description: RDPCDD
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RDPCDD
Name: Bluetooth Device (Personal Area Network) #2
Description: Bluetooth Device (Personal Area Network)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthPan
Name: Programmable interrupt controller
Description: Programmable interrupt controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Name: Intel(R) 8 Series/C220 Chipset Family SATA AHCI Controller
Description: Intel(R) 8 Series/C220 Chipset Family SATA AHCI Controller
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: iaStorA
Name: Intel(R) USB 3.0 eXtensible Host Controller
Description: Intel(R) USB 3.0 eXtensible Host Controller
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel(R) Corporation
Service: iusb3xhc
Name: WAN Miniport (PPPOE)
Description: WAN Miniport (PPPOE)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasPppoe
Name: Bluetooth Hard Copy Cable Replacement Server
Description: Bluetooth Hard Copy Cable Replacement Server
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_HCRP
Name: VMware Bridge Protocol
Description: VMware Bridge Protocol
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: VMnetBridge
Name: Terminal Server Device Redirector Driver
Description: Terminal Server Device Redirector Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RDPDR
Name: msisadrv
Description: msisadrv
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: msisadrv
Name: McAfee Inc. mfeapfk
Description: McAfee Inc. mfeapfk
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mfeapfk
Name: System timer
Description: System timer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Name: Microsoft Virtual WiFi Miniport Adapter
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Name: WAN Miniport (PPTP)
Description: WAN Miniport (PPTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: PptpMiniport
Name: McAfee Inc. cfwids
Description: McAfee Inc. cfwids
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: cfwids
Name: ACPI Fixed Feature Button
Description: ACPI Fixed Feature Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Name: HID-compliant consumer control device
Description: HID-compliant consumer control device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Microsoft
Service:
Name: Realtek USB 2.0 Card Reader
Description: Realtek USB 2.0 Card Reader
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Realtek
Service: RSUSBSTOR
Name: RDP Encoder Mirror Driver
Description: RDP Encoder Mirror Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RDPENCDD
Name: VMware Network Application Interface
Description: VMware Network Application Interface
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: VMnetuserif
Name: McAfee Inc. mfeavfk
Description: McAfee Inc. mfeavfk
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mfeavfk
Name: High precision event timer
Description: High precision event timer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Name: USB Input Device
Description: USB Input Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: HidUsb
Name: Bluetooth Device (RFCOMM Protocol TDI) #2
Description: Bluetooth Device (RFCOMM Protocol TDI)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RFCOMM
Name: WAN Miniport (SSTP)
Description: WAN Miniport (SSTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasSstp
Name: Common Log (CLFS)
Description: Common Log (CLFS)
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: CLFS
Name: Intel(R) 8 Series/C220 Series PCI Express Root Port #1 - 8C10
Description: Intel(R) 8 Series/C220 Series PCI Express Root Port #1 - 8C10
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci
Name: Intel(R) Management Engine Interface
Description: Intel(R) Management Engine Interface
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: MEIx64
Name: Direct memory access controller
Description: Direct memory access controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Name: NativeWiFi Filter
Description: NativeWiFi Filter
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NativeWifiP
Name: Reflector Display Driver used to gain access to graphics data
Description: Reflector Display Driver used to gain access to graphics data
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RDPREFMP
Name: Intel(R) Core(TM) i3-4130 CPU @ 3.40GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm
Name: VMware vmx86
Description: VMware vmx86
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: vmx86
Name: Generic PnP Monitor
Description: Generic PnP Monitor
Class Guid: {4d36e96e-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard monitor types)
Service: monitor
Name: Dell Wireless 1705 Bluetooth
Description: Dell Wireless 1705 Bluetooth
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Qualcomm Atheros Communications
Service: BTHUSB
Name: CNG
Description: CNG
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: CNG
Name: Intel(R) USB 3.0 Root Hub
Description: Intel(R) USB 3.0 Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel(R) Corporation
Service: iusb3hub
Name: Remote Desktop Device Redirector Bus
Description: Remote Desktop Device Redirector Bus
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: rdpbus
Name: PCI bus
Description: PCI bus
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: pci
Name: RDP Winstation Driver
Description: RDP Winstation Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RDPWD
Name: NDIS System Driver
Description: NDIS System Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NDIS
Name: Dynamic Volume Manager
Description: Dynamic Volume Manager
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: volmgrx
Name: Terminal Server Keyboard Driver
Description: Terminal Server Keyboard Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: TermDD
Name: Offline Files Driver
Description: Offline Files Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: CSC
Name: System CMOS/real time clock
Description: System CMOS/real time clock
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Name: Realtek PCIe GBE Family Controller
Description: Realtek PCIe GBE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167
Name: Bluetooth AVRCP Device
Description: Bluetooth AVRCP Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_RCP
Name: Realtek High Definition Audio
Description: Realtek High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: IntcAzAudAddService
Name: Link-Layer Topology Discovery Responder
Description: Link-Layer Topology Discovery Responder
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: rspndr
Name: NDIS Usermode I/O Protocol
Description: NDIS Usermode I/O Protocol
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Ndisuio
Name: Intel(R) 8 Series/C220 Series PCI Express Root Port #4 - 8C16
Description: Intel(R) 8 Series/C220 Series PCI Express Root Port #4 - 8C16
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci
Name: Intel(R) H81 LPC Controller - 8C5C
Description: Intel(R) H81 LPC Controller - 8C5C
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: msisadrv
Name: Terminal Server Mouse Driver
Description: Terminal Server Mouse Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: TermDD
Name: Storage volumes
Description: Storage volumes
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: volsnap
Name: McAfee Inc. mfefirek
Description: McAfee Inc. mfefirek
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mfefirek
Name: UMBus Enumerator
Description: UMBus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: umbus
Name: System board
Description: System board
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Name: Plug and Play Software Device Enumerator
Description: Plug and Play Software Device Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: swenum
Name: Hook Test Driver
Description: Hook Test Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SDHookDriver
Name: NDProxy
Description: NDProxy
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NDProxy
Name: System Attribute Cache
Description: System Attribute Cache
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: discache
Name: Virtual PC Network Filter Driver
Description: Virtual PC Network Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: vpcnfltr
Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Name: McAfee Inc. mfehidk
Description: McAfee Inc. mfehidk
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mfehidk
Name: Intel(R) Core(TM) i3-4130 CPU @ 3.40GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm
Name: Qualcomm Atheros Bluetooth Bus
Description: Qualcomm Atheros Bluetooth Bus
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_BUS
Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Name: Security Driver
Description: Security Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: secdrv
Name: LDDM Graphics Subsystem
Description: LDDM Graphics Subsystem
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: DXGKrnl
Name: Dell Wireless 1705 802.11b/g/n (2.4GHZ)
Description: Dell Wireless 1705 802.11b/g/n (2.4GHZ)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Atheros Communications Inc.
Service: athr
Name: Virtual WiFi Filter Driver
Description: Virtual WiFi Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: vwififlt
Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Name: UMBus Root Bus Enumerator
Description: UMBus Root Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: umbus
Name: Intel(R) 8 Series/C220 Series PCI Express Root Port #5 - 8C18
Description: Intel(R) 8 Series/C220 Series PCI Express Root Port #5 - 8C18
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci
Name: Microsoft ISATAP Adapter
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Name: Generic USB Hub
Description: Generic USB Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Generic USB Hub)
Service: usbhub
Name: Virtual Bluetooth Support (Include Audio)
Description: Virtual Bluetooth Support (Include Audio)
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: AthBTPort
Name: HID-compliant consumer control device
Description: HID-compliant consumer control device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Microsoft
Service:
Name: USB Composite Device
Description: USB Composite Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbccgp
Name: Microsoft Virtual Drive Enumerator Driver
Description: Microsoft Virtual Drive Enumerator Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: vdrvroot
Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr
Name: NETBT
Description: NETBT
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NetBT
Name: Remote Access IPv6 ARP Driver
Description: Remote Access IPv6 ARP Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Wanarpv6
Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub
brchapman
2014-05-28, 14:21
Name: McAfee Inc. mfencbdc
Description: McAfee Inc. mfencbdc
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mfencbdc
Name: USB Virtualization Connector Driver
Description: USB Virtualization Connector Driver
Class Guid: {aed279d9-7dd0-49ab-8024-4f65418531fb}
Manufacturer: (Standard system devices)
Service: vpcusb
Name: Microsoft ISATAP Adapter #4
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Name: HID-compliant consumer control device
Description: HID-compliant consumer control device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Microsoft
Service:
Name: Numeric data processor
Description: Numeric data processor
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Name: Generic USB Hub
Description: Generic USB Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Generic USB Hub)
Service: usbhub
Name: Kernel Mode Driver Frameworks service
Description: Kernel Mode Driver Frameworks service
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Wdf01000
Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub
Name: Microsoft ISATAP Adapter #5
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Name: Intel(R) HD Graphics 4400
Description: Intel(R) HD Graphics 4400
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: igfx
Name: High Definition Audio Controller
Description: High Definition Audio Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HDAudBus
Name: VMware Virtual Ethernet Adapter for VMnet1
Description: VMware Virtual Ethernet Adapter for VMnet1
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Name: Intel(R) Core(TM) i3-4130 CPU @ 3.40GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm
Name: ACPI Fan
Description: ACPI Fan
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Name: WFP Lightweight Filter
Description: WFP Lightweight Filter
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: WfpLwf
Name: Microsoft ISATAP Adapter #6
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Name: VMware Virtual Ethernet Adapter for VMnet8
Description: VMware Virtual Ethernet Adapter for VMnet8
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Name: ACPI Fan
Description: ACPI Fan
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Name: HID-compliant consumer control device
Description: HID-compliant consumer control device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Microsoft
Service:
Name: Microsoft ISATAP Adapter #7
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Name: NSI proxy service driver.
Description: NSI proxy service driver.
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: nsiproxy
Name: VMware VMCI Host Device
Description: VMware VMCI Host Device
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: vmci
Name: Windows Socket 2.0 Non-IFS Service Provider Support Environment
Description: Windows Socket 2.0 Non-IFS Service Provider Support Environment
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ws2ifsl
Name: ACPI Fan
Description: ACPI Fan
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:
Name: McAfee Inc. mfencrk
Description: McAfee Inc. mfencrk
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mfencrk
Name: Microsoft ISATAP Adapter #8
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Name: Intel(R) 4th Gen Core processor DRAM Controller - 0C00
Description: Intel(R) 4th Gen Core processor DRAM Controller - 0C00
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:
Name: ACPI Fan
Description: ACPI Fan
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Name: Intel(R) 8 Series/C220 Series SMBus Controller - 8C22
Description: Intel(R) 8 Series/C220 Series SMBus Controller - 8C22
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:
Name: Bluetooth Audio Device
Description: Bluetooth Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_A2DP
Name: Microsoft Hardware USB Wireless Mouse
Description: Microsoft Hardware USB Wireless Mouse
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Microsoft
Service: HidUsb
Name: Bitlocker Drive Encryption Filter Driver
Description: Bitlocker Drive Encryption Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: fvevol
Name: Volume Manager
Description: Volume Manager
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: volmgr
Name: User Mode Driver Frameworks Platform Driver
Description: User Mode Driver Frameworks Platform Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: WudfPf
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Name: ACPI Fan
Description: ACPI Fan
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Name: TCP/IP Protocol Driver
Description: TCP/IP Protocol Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Tcpip
Name: McAfee Inc. mfewfpk
Description: McAfee Inc. mfewfpk
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mfewfpk
Name: Virtual PC Host Bus Driver
Description: Virtual PC Host Bus Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vpcbus
Name: Null
Description: Null
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Null
Name: VMware hcmon
Description: VMware hcmon
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: hcmon
Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:
Name: Microsoft System Management BIOS Driver
Description: Microsoft System Management BIOS Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: mssmbios
Name: ACPI x64-based PC
Description: ACPI x64-based PC
Class Guid: {4d36e966-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard computers)
Service: \Driver\ACPI_HAL
Name: ACPI Power Button
Description: ACPI Power Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Name: Intel(R) Core(TM) i3-4130 CPU @ 3.40GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm
Name: Microsoft USB Wireless Mouse (Mouse and Keyboard Center)
Description: Microsoft USB Wireless Mouse (Mouse and Keyboard Center)
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: mouhid
Name: TCP/IP Registry Compatibility
Description: TCP/IP Registry Compatibility
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: tcpipreg
Name: TSSTcorp DVD+-RW SH-216DB SCSI CdRom Device
Description: CD-ROM Drive
Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard CD-ROM drives)
Service: cdrom
Name: Mount Point Manager
Description: Mount Point Manager
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mountmgr
Name: Performance Counters for Windows Driver
Description: Performance Counters for Windows Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: pcw
Name: ACPI Thermal Zone
Description: ACPI Thermal Zone
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Name: USB Input Device
Description: USB Input Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: HidUsb
Name: WAN Miniport (IKEv2)
Description: WAN Miniport (IKEv2)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasAgileVpn
Name: HTTP
Description: HTTP
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: HTTP
Name: File as Volume Driver
Description: File as Volume Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: blbdrive
Name: Intel(R) 8 Series/C220 Series USB EHCI #1 - 8C26
Description: Intel(R) 8 Series/C220 Series USB EHCI #1 - 8C26
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbehci
Name: TDTCP
Description: TDTCP
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: TDTCP
Name: PEAUTH
Description: PEAUTH
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: PEAUTH
Name: ACPI Thermal Zone
Description: ACPI Thermal Zone
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Name: Windows Firewall Authorization Driver
Description: Windows Firewall Authorization Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mpsdrv
Name: Composite Bus Enumerator
Description: Composite Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: CompositeBus
Name: Bluetooth LWFLT Device
Description: Bluetooth LWFLT Device
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_LWFLT
Name: Hardware Policy Driver
Description: Hardware Policy Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: hwpolicy
Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:
Name: WAN Miniport (L2TP)
Description: WAN Miniport (L2TP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: Rasl2tp
Name: NetIO Legacy TDI Support Driver
Description: NetIO Legacy TDI Support Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: tdx
Name: Microsoft ACPI-Compliant System
Description: Microsoft ACPI-Compliant System
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: ACPI
Name: HID-compliant device
Description: HID-compliant device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service:
========================= Memory info: ===================================
Percentage of memory in use: 28%
Total physical RAM: 12204.95 MB
Available physical RAM: 8770.79 MB
Total Pagefile: 24408.08 MB
Available Pagefile: 20630.69 MB
Total Virtual: 4095.88 MB
Available Virtual: 3971.5 MB
========================= Partitions: =====================================
1 Drive c: (OS) (Fixed) (Total:441.06 GB) (Free:373.46 GB) NTFS
========================= Users: ========================================
User accounts for \\BARRYSNEW
Administrator Barry Chapman Guest
========================= Minidump Files ==================================
No minidump file found
**** End of log ****
Why dont you run a new scan with FSRT and lets see if there gone
brchapman
2014-05-28, 14:54
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-05-2014 02
Ran by Barry Chapman (administrator) on BARRYSNEW on 28-05-2014 07:50:46
Running from C:\Users\Barry Chapman\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
() C:\Program Files (x86)\Backblaze\bzserv.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Pervasive Software Inc.) C:\Program Files (x86)\Pervasive Software\PSQL\bin\w3dbsmgr.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files (x86)\Backblaze\bzbui.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7194840 2013-07-26] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-07-29] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286056 2013-07-29] (Intel Corporation)
HKLM\...\Run: [CANON DR2580C SVC] => C:\Windows\system32\DR25SVC.dll [152576 2012-12-17] (Canon Electronics)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101584 2014-04-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [645168 2013-09-11] (McAfee, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoFolderOptions] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-670280924-550259233-2201882432-1000\...\Run: [updateMgr] => C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe [313472 2006-03-30] (Adobe Systems Incorporated)
HKU\S-1-5-21-670280924-550259233-2201882432-1000\...\Run: [Backblaze] => C:\Program Files (x86)\Backblaze\bzbui.exe [492136 2014-05-13] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
ShortcutTarget: Adobe Acrobat Speed Launcher.lnk -> C:\Windows\Installer\{AC76BA86-1033-F400-BA7E-100000000002}\SC_Acrobat.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start Pervasive PSQL Workgroup Engine.lnk
ShortcutTarget: Start Pervasive PSQL Workgroup Engine.lnk -> C:\Windows\Installer\{0A3238D7-AB32-1030-B717-F3E3F18B4A8C}\WGE.14A03FCD_EA43_4130_A5C0_F02D38895A13.exe ()
Startup: C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
ShortcutTarget: ERUNT AutoBackup.lnk -> C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {D81273E4-7658-47B6-8075-3D404C64D87C} URL = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=DCJB
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {D81273E4-7658-47B6-8075-3D404C64D87C} URL = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=DCJB
SearchScopes: HKLM-x32 - {D81273E4-7658-47B6-8075-3D404C64D87C} URL = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=DCJB
SearchScopes: HKCU - DefaultScope {D81273E4-7658-47B6-8075-3D404C64D87C} URL =
SearchScopes: HKCU - {D81273E4-7658-47B6-8075-3D404C64D87C} URL =
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Qualcomm®Atheros®)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4 205.152.144.23 205.152.132.23
FireFox:
========
FF ProfilePath: C:\Users\Barry Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\76t9nm76.default
FF NetworkProxy: "type", 1);user_pref("network.proxy.http", "127.0.0.1");user_pref("network.proxy.http_port", 8118);user_pref("network.proxy.ssl", "127.0.0.1");user_pref("network.cookie.cookieBehavior", 1
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-03-21]
Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR StartupUrls: "hxxp://www.google.com/"
CHR Extension: (Google Docs) - C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-02]
CHR Extension: (Google Drive) - C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-02]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-20]
CHR Extension: (YouTube) - C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-02]
CHR Extension: (Google Search) - C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-02]
CHR Extension: (Google Wallet) - C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-02]
CHR Extension: (Gmail) - C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-02]
==================== Services (Whitelisted) =================
R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [312448 2013-07-02] (Windows (R) Win 7 DDK provider)
R2 bzserv; C:\Program Files (x86)\Backblaze\bzserv.exe [234600 2014-05-13] ()
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [14696 2013-07-29] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-25] (Intel Corporation)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334760 2012-12-21] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.)
R2 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-03-18] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-04-03] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-04-03] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-19] (Realtek Semiconductor)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738200 2014-04-25] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [1915920 2014-04-04] (SoftThinks SAS)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [81536 2013-06-20] (Atheros)
==================== Drivers (Whitelisted) ====================
R3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [77464 2013-07-02] (Qualcomm Atheros)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70592 2014-04-03] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2013-07-24] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [177544 2014-04-03] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311856 2014-04-03] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [522360 2014-04-03] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [784760 2014-04-03] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [441264 2014-03-18] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96592 2014-03-18] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [346760 2014-04-03] (McAfee, Inc.)
R1 SDHookDriver; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys [64160 2014-04-25] ()
R3 usbscan; C:\Windows\SysWOW64\DRIVERS\usbscan.sys [14000 2002-05-13] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-28 07:18 - 2014-05-28 07:18 - 00065311 _____ () C:\Users\Barry Chapman\Desktop\Result.txt
2014-05-28 07:14 - 2014-05-28 07:14 - 00982016 _____ (Farbar) C:\Users\Barry Chapman\Desktop\MiniToolBox.exe
2014-05-27 20:02 - 2014-05-27 20:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-05-27 18:13 - 2014-05-27 18:13 - 00132680 _____ () C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-27 18:13 - 2014-05-27 18:13 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\WinRAR
2014-05-27 18:13 - 2014-05-27 18:13 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Intel Corporation
2014-05-27 18:12 - 2014-05-27 18:12 - 00001460 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-27 18:12 - 2014-05-27 18:12 - 00000000 ___RD () C:\Users\Administrator\Virtual Machines
2014-05-27 18:12 - 2014-05-27 18:12 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-27 18:12 - 2014-05-27 18:12 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-27 18:12 - 2014-05-27 18:12 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Adobe
2014-05-27 18:12 - 2014-05-27 18:12 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-05-27 18:11 - 2014-05-27 18:12 - 00000000 ____D () C:\Users\Administrator
2014-05-27 18:11 - 2014-05-27 18:11 - 00000020 ___SH () C:\Users\Administrator\ntuser.ini
2014-05-27 18:11 - 2014-05-20 18:19 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-27 18:11 - 2014-05-20 18:19 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-27 18:11 - 2014-05-16 08:32 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Macromedia
2014-05-27 18:11 - 2014-05-05 03:06 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Microsoft Help
2014-05-27 16:22 - 2014-05-28 07:50 - 00020363 _____ () C:\Users\Barry Chapman\Desktop\FRST.txt
2014-05-27 16:22 - 2014-05-28 07:50 - 00000000 ____D () C:\FRST
2014-05-27 16:22 - 2014-05-27 17:32 - 00038057 _____ () C:\Users\Barry Chapman\Desktop\Addition.txt
2014-05-27 16:21 - 2014-05-27 16:21 - 02066944 _____ (Farbar) C:\Users\Barry Chapman\Desktop\FRST64.exe
2014-05-27 13:59 - 2014-05-27 15:40 - 00000008 _____ () C:\LTLASTFN.DAT
2014-05-27 13:29 - 2014-05-27 13:29 - 00043987 _____ () C:\ComboFix.txt
2014-05-27 12:58 - 2011-06-26 02:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-27 12:58 - 2010-11-07 13:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-27 12:58 - 2009-04-20 00:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-27 12:58 - 2000-08-30 20:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-27 12:58 - 2000-08-30 20:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-27 12:58 - 2000-08-30 20:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-27 12:58 - 2000-08-30 20:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-27 12:58 - 2000-08-30 20:00 - 00068096 _____ () C:\Windows\zip.exe
2014-05-27 12:51 - 2014-05-27 12:51 - 00001540 _____ () C:\Users\Barry Chapman\Desktop\ComboFix.exe - Shortcut.lnk
2014-05-27 12:50 - 2014-05-27 13:29 - 00000000 ____D () C:\Qoobox
2014-05-27 12:46 - 2014-05-27 12:47 - 05203612 ____R () C:\Users\Barry Chapman\Downloads\ComboFix.exe
2014-05-27 11:30 - 2014-05-27 11:30 - 00000000 ___RD () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-05-27 11:23 - 2014-05-27 11:23 - 00000000 ____D () C:\_OTL
2014-05-27 10:03 - 2014-05-27 10:03 - 00056788 _____ () C:\Users\Barry Chapman\Downloads\Extras.Txt
2014-05-27 10:02 - 2014-05-27 15:57 - 00198204 _____ () C:\Users\Barry Chapman\Downloads\OTL.Txt
2014-05-27 09:54 - 2014-05-27 09:54 - 00602112 _____ (OldTimer Tools) C:\Users\Barry Chapman\Downloads\OTL.exe
2014-05-27 09:25 - 2014-05-27 09:13 - 01440846 _____ () C:\Program Files (x86)\mbam-chameleon-1.62.1.1000.zip
2014-05-27 09:18 - 2014-05-27 09:18 - 00000000 ____D () C:\Malwarebytes' Anti-Malware
2014-05-27 09:01 - 2014-05-27 09:01 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Barry Chapman\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-05-27 08:58 - 2014-05-27 08:58 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Barry Chapman\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-26 10:19 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-26 10:17 - 2014-05-26 10:17 - 01327971 _____ () C:\Users\Barry Chapman\Downloads\AdwCleaner.exe
2014-05-25 11:49 - 2014-05-25 11:49 - 00004447 _____ () C:\Users\Barry Chapman\Desktop\attach.zip
2014-05-25 11:38 - 2014-05-25 11:38 - 00002135 _____ () C:\Users\Barry Chapman\Desktop\aswMBR.txt
2014-05-25 11:38 - 2014-05-25 11:38 - 00000512 _____ () C:\Users\Barry Chapman\Desktop\MBR.dat
2014-05-25 10:52 - 2014-05-25 10:52 - 00004315 _____ () C:\Users\Barry Chapman\Desktop\attach.rar
2014-05-25 10:46 - 2014-05-25 10:46 - 00042419 _____ () C:\Users\Barry Chapman\Desktop\dds.txt
2014-05-25 10:46 - 2014-05-25 10:46 - 00020635 _____ () C:\Users\Barry Chapman\Desktop\attach.txt
2014-05-25 10:43 - 2014-05-25 10:43 - 04745728 _____ (AVAST Software) C:\Users\Barry Chapman\Downloads\aswMBR.exe
2014-05-25 10:38 - 2014-05-27 13:27 - 00000000 ____D () C:\Windows\ERDNT
2014-05-25 10:38 - 2014-05-25 10:38 - 00688992 ____R (Swearware) C:\Users\Barry Chapman\Downloads\dds (1).scr
2014-05-25 10:36 - 2014-05-25 10:37 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-05-25 10:36 - 2014-05-25 10:36 - 00791393 _____ (Lars Hederer ) C:\Users\Barry Chapman\Downloads\erunt-setup (2).exe
2014-05-25 10:36 - 2014-05-25 10:36 - 00000960 _____ () C:\Users\Barry Chapman\Desktop\ERUNT.lnk
2014-05-25 10:36 - 2014-05-25 10:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
2014-05-24 12:00 - 2014-05-24 12:00 - 00688992 _____ (Swearware) C:\Users\Barry Chapman\Downloads\dds.scr
2014-05-24 11:59 - 2014-05-24 11:59 - 00791393 _____ (Lars Hederer ) C:\Users\Barry Chapman\Downloads\erunt-setup (1).exe
2014-05-24 11:57 - 2014-05-24 11:57 - 00791393 _____ (Lars Hederer ) C:\Users\Barry Chapman\Downloads\erunt-setup.exe
2014-05-23 08:25 - 2014-05-23 08:25 - 00000000 ____D () C:\New folder
2014-05-23 07:48 - 2014-05-23 07:48 - 624028561 _____ () C:\Windows\MEMORY.DMP
2014-05-23 07:48 - 2014-05-23 07:48 - 00280128 _____ () C:\Windows\Minidump\052314-21138-01.dmp
2014-05-23 07:48 - 2014-05-23 07:48 - 00000000 ____D () C:\Windows\Minidump
2014-05-23 07:43 - 2014-05-23 07:43 - 00162208 _____ () C:\Users\Barry Chapman\Downloads\Antivirus_Free_Edition (1).exe
2014-05-23 07:41 - 2014-05-23 07:41 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\QuickScan
2014-05-23 07:40 - 2014-05-23 07:43 - 10447328 _____ () C:\Users\Barry Chapman\Downloads\Antivirus_Free_Edition_x64.exe
2014-05-23 07:39 - 2014-05-23 07:39 - 00162208 _____ () C:\Users\Barry Chapman\Downloads\Antivirus_Free_Edition.exe
2014-05-22 15:37 - 2014-05-22 15:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2014-05-22 15:35 - 2014-05-22 15:35 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-05-22 15:35 - 2014-05-22 15:35 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-05-22 15:35 - 2014-05-22 15:35 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-05-22 15:35 - 2014-05-22 15:35 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-05-22 15:35 - 2014-05-22 15:35 - 00000000 ____D () C:\Program Files (x86)\Java
2014-05-22 13:22 - 2014-05-22 13:23 - 00051706 _____ () C:\Windows\SysWOW64\bddel.dat
2014-05-22 10:47 - 2014-05-22 10:47 - 00000000 ____D () C:\Program Files (x86)\Spybot
2014-05-22 08:13 - 2014-05-22 09:31 - 00017970 _____ () C:\Users\Barry Chapman\Desktop\Nmc_2014-05-22_08-13-17.log
2014-05-22 08:08 - 2014-05-22 08:11 - 00003374 _____ () C:\Users\Barry Chapman\Desktop\Nmc_2014-05-22_08-08-46.log
2014-05-22 07:57 - 2014-05-22 08:06 - 332119856 _____ (Norman Shark AS) C:\Users\Barry Chapman\Downloads\Norman_Malware_Cleaner (1).exe
2014-05-21 11:27 - 2014-05-21 11:27 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\TuneUp Software
2014-05-21 11:16 - 2014-05-23 07:03 - 00000000 ____D () C:\ProgramData\MFAData
2014-05-21 11:16 - 2014-05-21 11:16 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\MFAData
2014-05-21 11:15 - 2014-05-21 11:15 - 04485528 _____ (AVG Technologies) C:\Users\Barry Chapman\Downloads\avg_free_stb_all_2014_4577_cnet.exe
2014-05-21 09:31 - 2014-05-21 10:04 - 00014960 _____ () C:\Users\Barry Chapman\Desktop\Nmc_2014-05-21_09-31-37.log
2014-05-21 09:01 - 2014-05-21 09:08 - 331917560 _____ (Norman Shark AS) C:\Users\Barry Chapman\Downloads\Norman_Malware_Cleaner.exe
2014-05-20 14:54 - 2014-05-20 15:49 - 00025110 _____ () C:\Users\Barry Chapman\Desktop\Nmc_2014-05-20_14-54-17.log
2014-05-20 14:53 - 2014-05-20 14:53 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Norman Malware Cleaner
2014-05-20 12:44 - 2014-05-20 13:35 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-05-20 12:34 - 2014-05-20 12:34 - 00000914 _____ () C:\Users\Barry Chapman\Desktop\JRT.txt
2014-05-20 10:29 - 2014-05-20 10:30 - 04957528 _____ (SurfRight B.V.) C:\Users\Barry Chapman\Downloads\Unconfirmed 912715.crdownload
2014-05-19 16:42 - 2014-05-26 10:25 - 00000000 ____D () C:\AdwCleaner
2014-05-19 10:55 - 2014-05-19 10:55 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-05-19 10:20 - 2014-05-19 10:20 - 00000000 ____D () C:\Adobe XI Pro
2014-05-19 08:08 - 2014-05-20 18:24 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-05-19 07:54 - 2014-05-19 07:54 - 00000000 ____D () C:\Users\Barry Chapman\Documents\ProcAlyzer Dumps
2014-05-16 10:51 - 2014-05-27 09:22 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\CrashDumps
2014-05-16 09:39 - 2014-05-16 09:39 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\SUPERAntiSpyware.com
2014-05-16 09:39 - 2014-05-16 09:39 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-05-16 08:33 - 2014-05-20 17:34 - 00000000 ____D () C:\Program Files (x86)\Adobe Download Assistant
2014-05-16 08:33 - 2014-05-16 08:33 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2014-05-16 08:32 - 2014-05-16 08:32 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-05-16 08:32 - 2014-05-16 08:32 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-05-15 15:02 - 2014-05-15 15:02 - 00560968 _____ (Safer-Networking Ltd. ) C:\Users\Barry Chapman\Downloads\spybot2-license (1).exe
2014-05-15 14:27 - 2014-05-15 14:27 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-05-15 13:05 - 2014-05-15 13:06 - 00560968 _____ (Safer-Networking Ltd. ) C:\Users\Barry Chapman\Downloads\spybot2-license.exe
2014-05-15 12:49 - 2009-06-10 17:00 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hosts.20140515-124903.backup
2014-05-15 11:40 - 2014-05-22 10:49 - 00001446 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-05-15 11:40 - 2014-05-22 10:49 - 00001434 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-05-15 11:40 - 2014-05-22 10:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-05-15 11:40 - 2014-05-15 11:40 - 00000656 _____ () C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2014-05-15 11:40 - 2014-05-15 11:40 - 00000628 _____ () C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2014-05-15 11:40 - 2014-05-15 11:40 - 00000458 _____ () C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job
2014-05-15 11:40 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2014-05-15 11:21 - 2014-05-22 10:51 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-05-15 11:21 - 2014-05-22 10:49 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-05-15 11:20 - 2014-05-15 10:56 - 46392680 _____ (Safer-Networking Ltd. ) C:\Users\Barry Chapman\Downloads\spybot-2.3 (1).exe
2014-05-15 03:25 - 2014-05-20 17:52 - 00000000 ___RD () C:\Users\Barry Chapman\Virtual Machines
2014-05-15 03:06 - 2014-05-06 00:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-15 03:06 - 2014-05-06 00:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-15 03:06 - 2014-05-05 23:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-15 03:06 - 2014-05-05 23:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-15 03:06 - 2014-05-05 23:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-15 03:06 - 2014-05-05 22:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-14 16:16 - 2014-05-14 16:16 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\PDF24
2014-05-14 15:56 - 2014-05-26 10:24 - 00000000 ____D () C:\Program Files (x86)\MSR
2014-05-14 15:56 - 2014-05-14 15:56 - 00004592 _____ () C:\Windows\System32\Tasks\IdleCrawler Runner
2014-05-14 15:54 - 2014-05-20 17:52 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\wi_upd
2014-05-14 15:53 - 2014-05-14 15:54 - 02271768 _____ () C:\Users\Barry Chapman\Downloads\Adobe.Acrobat.XI.Pro.v11.0.2.Multilingual.Cracked.exe
2014-05-14 15:26 - 2014-05-14 15:27 - 18873344 _____ () C:\Users\Barry Chapman\Downloads\AcrobatUpd714_all_incr.msp
2014-05-14 15:22 - 2014-05-14 15:23 - 14385152 _____ () C:\Users\Barry Chapman\Downloads\AcrobatUpd713_all_incr.msp
2014-05-14 15:21 - 2014-05-14 15:22 - 03972608 _____ () C:\Users\Barry Chapman\Downloads\AcrobatUpd712_all_incr (1).msp
2014-05-14 15:20 - 2014-05-14 15:20 - 06504448 _____ () C:\Users\Barry Chapman\Downloads\AcroUpd711_all_incr.msp
2014-05-14 14:34 - 2014-05-14 15:08 - 00001520 _____ () C:\Users\Public\Documents\AcStd7_1_0.ini
2014-05-14 11:56 - 2014-05-27 18:11 - 00000000 ____D () C:\Users\Barry Chapman\Documents\Outlook Files
2014-05-14 10:26 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-05-14 10:25 - 2014-05-14 10:25 - 00000000 ____D () C:\Windows\PCHEALTH
2014-05-14 10:22 - 2014-05-14 10:22 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-05-14 10:22 - 2014-05-14 10:22 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-05-14 10:20 - 2014-05-14 10:26 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-05-14 10:20 - 2014-05-14 10:20 - 00000000 ___RD () C:\MSOCache
2014-05-14 08:30 - 2014-05-20 16:20 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-05-14 08:30 - 2014-05-14 08:30 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Secunia PSI
2014-05-14 08:28 - 2014-05-14 08:29 - 05329480 _____ (Secunia) C:\Users\Barry Chapman\Downloads\PSISetup.exe
2014-05-14 05:44 - 2014-05-09 02:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-14 05:44 - 2014-05-09 02:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-14 05:44 - 2014-04-11 22:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 05:44 - 2014-04-11 22:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 05:44 - 2014-04-11 22:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 05:44 - 2014-04-11 22:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 05:44 - 2014-04-11 22:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 05:44 - 2014-04-11 22:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 05:44 - 2014-04-11 22:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-14 05:44 - 2014-04-11 22:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-14 05:44 - 2014-04-11 22:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-14 05:44 - 2014-03-24 22:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 05:44 - 2014-03-24 22:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-14 05:44 - 2014-03-04 05:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 05:44 - 2014-03-04 05:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 05:44 - 2014-03-04 05:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 05:44 - 2014-03-04 05:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 05:44 - 2014-03-04 05:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 05:44 - 2014-03-04 05:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 05:44 - 2014-03-04 05:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 05:44 - 2014-03-04 05:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 05:44 - 2014-03-04 05:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-14 05:44 - 2014-03-04 05:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 05:44 - 2014-03-04 05:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-14 05:44 - 2014-03-04 05:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-14 05:44 - 2014-03-04 05:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-14 05:44 - 2014-03-04 05:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-14 05:44 - 2014-03-04 05:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 05:44 - 2014-03-04 05:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 05:44 - 2014-03-04 05:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-14 05:44 - 2014-03-04 05:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-14 05:44 - 2014-03-04 05:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-14 05:44 - 2014-03-04 05:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-13 12:17 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backblaze
2014-05-13 12:16 - 2014-05-20 17:44 - 00000000 ____D () C:\Program Files (x86)\Backblaze
2014-05-13 12:16 - 2014-05-13 12:16 - 05033216 _____ () C:\Users\Barry Chapman\Downloads\install_backblaze.exe
2014-05-13 12:16 - 2014-05-13 12:16 - 00000000 ____D () C:\ProgramData\Backblaze
2014-05-13 12:02 - 2014-05-13 12:04 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\VMware
2014-05-13 11:38 - 2014-05-13 11:38 - 34209792 _____ () C:\Users\Barry Chapman\Desktop\CHAPMA11_20140505-2014-05-13.QDF-backup
2014-05-13 11:18 - 2014-05-20 17:55 - 00000000 ____D () C:\Windows\pss
2014-05-13 11:00 - 2014-05-20 17:52 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\VMware
2014-05-13 10:04 - 2014-05-13 10:04 - 00000000 _____ () C:\Users\Barry Chapman\AppData\Local\{89B78C50-3F1E-4624-B5B6-B21F413891C7}
2014-05-13 08:53 - 2014-05-13 11:13 - 00007605 _____ () C:\Users\Barry Chapman\AppData\Local\resmon.resmoncfg
2014-05-12 20:43 - 2014-05-12 20:58 - 00000000 ____D () C:\Users\Barry Chapman\.asdm
2014-05-12 20:43 - 2014-05-12 20:43 - 00000000 ____D () C:\Program Files (x86)\Cisco Systems
2014-05-12 16:26 - 2014-05-12 16:26 - 00010295 _____ () C:\Users\Barry Chapman\Documents\141046 commitment.wpd
2014-05-12 16:21 - 2014-05-12 16:21 - 00002380 _____ () C:\Users\Barry Chapman\Documents\141046 DATA FILE.wpd
2014-05-12 13:51 - 2014-05-13 11:07 - 00000000 ____D () C:\Program Files\My Lockbox
2014-05-12 13:50 - 2014-05-12 13:50 - 04090994 _____ () C:\Users\Barry Chapman\Downloads\mylockbox_setup.zip
2014-05-12 07:16 - 2014-05-13 12:17 - 00000000 ____D () C:\.bzvol
2014-05-09 11:38 - 2014-05-09 11:38 - 00000000 ____D () C:\Users\Barry Chapman\Documents\CCWin
2014-05-09 07:41 - 2013-03-01 02:27 - 00063568 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmx86.sys
2014-05-09 07:40 - 2013-03-01 02:27 - 00943184 _____ (VMware, Inc.) C:\Windows\system32\vnetlib64.dll
2014-05-09 07:40 - 2013-03-01 02:27 - 00354896 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
2014-05-09 07:40 - 2013-03-01 02:26 - 00434256 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
2014-05-09 07:40 - 2013-03-01 02:26 - 00030800 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmnetuserif.sys
2014-05-09 07:39 - 2014-05-27 13:24 - 00000000 ____D () C:\ProgramData\VMware
2014-05-09 07:39 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
2014-05-09 07:39 - 2014-05-09 07:39 - 00002187 _____ () C:\Users\Public\Desktop\VMware Player.lnk
2014-05-09 07:39 - 2014-05-09 07:39 - 00000000 ____D () C:\Program Files (x86)\VMware
2014-05-09 07:39 - 2013-03-01 02:26 - 00033360 _____ (VMware, Inc.) C:\Windows\system32\Drivers\VMkbd.sys
2014-05-09 07:39 - 2011-08-29 22:11 - 00039024 _____ (VMware, Inc.) C:\Windows\system32\Drivers\hcmon.sys
2014-05-09 07:38 - 2014-05-09 07:38 - 00000000 ____D () C:\Program Files\Common Files\VMware
2014-05-09 07:33 - 2014-05-09 07:35 - 114794792 _____ (VMware, Inc.) C:\Users\Barry Chapman\Downloads\VMware-player-4.0.6-1035888.exe
2014-05-07 09:42 - 2006-05-16 21:40 - 00753936 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXANNOT.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00463120 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXJP2K.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00209168 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXNOTEN.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00119056 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXJBGN.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00102672 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXTIFFN.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00094480 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXAPS.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00074000 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXNAMEN.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00069904 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXDLGN.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00057616 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXLZWN.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00049424 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXTHK32.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00045328 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXSLN.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00045328 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXRAMN.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00045328 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXPANN.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00045328 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXMPN.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00045328 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXMDLGN.DLL
2014-05-07 09:42 - 2006-05-16 21:23 - 00006416 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXTHK16.DLL
2014-05-07 09:42 - 2006-05-16 21:22 - 00231552 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXDFLT.DLL
2014-05-07 09:42 - 2006-05-16 21:22 - 00023152 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXPERM.DLL
2014-05-07 09:42 - 2006-05-16 21:22 - 00016048 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXLOC.DLL
2014-05-07 09:42 - 2006-05-16 21:19 - 00327680 ____N (The University of New South Wales) C:\Windows\SysWOW64\PIXJP2KI.DLL
2014-05-07 09:42 - 2006-05-16 21:19 - 00051959 ____N () C:\Windows\SysWOW64\PIXNAME.HLP
2014-05-07 09:42 - 2005-02-10 18:17 - 00011968 ____N (Pixel Translations Incorporated) C:\Windows\SysWOW64\PIXMDLLC.CPL
2014-05-07 09:29 - 2014-05-07 09:29 - 00000000 ____D () C:\ProgramData\Canon Electronics
2014-05-07 09:25 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CapturePerfect 3.1
2014-05-07 09:20 - 2014-05-07 09:22 - 79468544 _____ () C:\Users\Barry Chapman\Downloads\CP_Upgrade_V3137 (1).exe
2014-05-06 15:56 - 2014-05-06 15:59 - 00000000 ____D () C:\Users\Barry Chapman\Documents\My Documents from old
2014-05-06 14:42 - 2014-05-06 14:42 - 00119964 _____ () C:\Users\Barry Chapman\Downloads\GSCCCA Online Statement.htm
2014-05-06 13:18 - 2014-05-18 03:05 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-06 13:18 - 2014-05-15 03:03 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-06 13:12 - 2012-12-17 08:56 - 00152576 _____ (Canon Electronics) C:\Windows\system32\DR25SVC.dll
2014-05-06 13:12 - 2009-05-13 16:08 - 00491792 _____ (Captiva Software Corp.) C:\Windows\SysWOW64\qd1.dll
2014-05-06 13:09 - 2014-05-06 13:09 - 14393344 _____ () C:\Users\Barry Chapman\Downloads\2580DRIT_V18SP1 (1).exe
2014-05-06 10:10 - 2014-05-06 10:10 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Oracle
2014-05-06 10:09 - 2014-05-06 10:09 - 00000000 ____D () C:\ProgramData\Sun
2014-05-06 10:09 - 2014-05-06 10:09 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-06 10:07 - 2014-05-06 10:07 - 00921512 _____ (Oracle Corporation) C:\Users\Barry Chapman\Downloads\chromeinstall-7u55.exe
2014-05-06 10:05 - 2014-05-06 10:04 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-05-06 10:04 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-06 10:04 - 2014-05-06 10:04 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-05-06 10:04 - 2014-05-06 10:04 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-05-06 10:04 - 2014-05-06 10:04 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-05-06 10:04 - 2014-05-06 10:04 - 00000000 ____D () C:\Program Files\Java
2014-05-06 10:03 - 2014-05-06 10:04 - 30818216 _____ (Oracle Corporation) C:\Users\Barry Chapman\Downloads\jre-7u55-windows-x64.exe
2014-05-06 09:31 - 2006-05-16 21:40 - 00233744 _____ (EMC Corporation) C:\Windows\SysWOW64\PIXMDLN.DLL
2014-05-06 09:27 - 2014-05-06 09:27 - 28808192 _____ () C:\Users\Barry Chapman\Downloads\CP_Upgrade_Ver_3097 (1).exe
2014-05-06 09:09 - 2009-05-13 16:16 - 00200704 _____ (EMC Corporation) C:\Windows\SysWOW64\twpix32.dll
2014-05-06 09:09 - 2009-05-13 16:05 - 00021008 _____ (Microsoft Corporation) C:\Windows\system\Ctl3d.dll
2014-05-06 09:09 - 2003-12-18 18:09 - 00231552 _____ (Pixel Translations Incorporated) C:\Windows\system\Pixdflt.dll
2014-05-06 09:09 - 2003-12-18 18:09 - 00023152 _____ (Pixel Translations Incorporated) C:\Windows\system\Pixperm.dll
2014-05-06 09:09 - 2003-12-18 18:09 - 00016064 _____ (Pixel Translations Incorporated) C:\Windows\system\Pixloc.dll
2014-05-06 09:09 - 2002-11-06 11:21 - 00063248 _____ () C:\Windows\SysWOW64\picn1120.ssm
2014-05-06 09:09 - 1998-04-13 13:13 - 00098304 _____ (Cornerstone Imaging, Inc.) C:\Windows\SysWOW64\Wiaext32.dll
2014-05-06 09:06 - 2014-05-06 09:06 - 00000000 _____ () C:\Users\Barry Chapman\Sti_Trace.log
2014-05-06 09:05 - 2014-05-20 17:26 - 00000000 ____D () C:\Users\Barry Chapman\Desktop\CapturePerfect 3.0
2014-05-06 08:51 - 2014-05-06 08:51 - 00249856 _____ () C:\Users\Barry Chapman\Downloads\RepairReg.exe
2014-05-06 08:51 - 2014-05-06 08:51 - 00000000 ____D () C:\DR Scanner
2014-05-06 08:45 - 2014-05-06 08:47 - 79468544 _____ () C:\Users\Barry Chapman\Downloads\CP_Upgrade_V3137.exe
2014-05-06 08:43 - 2014-05-06 08:43 - 00000000 ____D () C:\DR2580C
2014-05-06 08:42 - 2014-05-06 08:42 - 14393344 _____ () C:\Users\Barry Chapman\Downloads\2580DRIT_V18SP1.exe
2014-05-06 08:37 - 2008-11-11 19:00 - 00096768 _____ (Canon Electronics Inc.) C:\Windows\system32\DR25CPL.dll
2014-05-06 08:37 - 2007-04-24 07:53 - 00083456 _____ (Canon Electronics Inc.) C:\Windows\system32\CeiUSB64.dll
2014-05-06 08:35 - 2014-05-06 08:35 - 00000000 ____D () C:\Users\Barry Chapman\Downloads\d1041mux
2014-05-06 08:34 - 2014-05-06 08:35 - 13259652 _____ () C:\Users\Barry Chapman\Downloads\d1041mux.zip
2014-05-06 07:52 - 2014-05-20 18:19 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-06 07:31 - 2014-05-06 07:31 - 00003228 _____ () C:\Windows\System32\Tasks\{E819857F-629F-4F7B-9FE3-F8B1467A5C1B}
2014-05-06 07:29 - 2014-05-07 09:22 - 00000000 ____D () C:\CapturePerfect Upgrade
2014-05-06 03:03 - 2014-05-06 03:03 - 00288324 _____ () C:\Windows\msxml4-KB973688-enu.LOG
2014-05-06 03:02 - 2014-05-06 03:03 - 00292408 _____ () C:\Windows\msxml4-KB954430-enu.LOG
2014-05-06 03:02 - 2014-05-06 03:02 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-05-05 17:52 - 2014-05-05 19:26 - 28808192 _____ () C:\Users\Barry Chapman\Downloads\CP_Upgrade_Ver_3097.exe
brchapman
2014-05-28, 14:55
7:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon DR-2580C
2014-05-05 17:43 - 2014-05-06 09:06 - 00005432 _____ () C:\Windows\pixcache.ini
2014-05-05 17:43 - 2014-05-05 17:43 - 00003050 _____ () C:\Windows\System32\Tasks\{BEA2EFCD-E2FA-474A-BB2F-ADE6F46BED5D}
2014-05-05 16:56 - 2014-05-05 16:56 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\AdobeUM
2014-05-05 16:54 - 2014-05-14 15:27 - 00002501 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat 7.0 Standard.lnk
2014-05-05 16:54 - 2014-05-14 14:44 - 00002459 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Distiller 7.0.lnk
2014-05-05 16:54 - 2014-05-05 16:54 - 00002039 _____ () C:\Users\Public\Desktop\Adobe Acrobat 7.0 Standard.lnk
2014-05-05 16:53 - 2014-05-20 18:03 - 00000000 ____D () C:\Windows\SysWOW64\spool
2014-05-05 16:53 - 2014-05-19 10:44 - 00000000 ____D () C:\Users\Public\Documents\Adobe PDF
2014-05-05 16:24 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-05-05 16:24 - 2014-05-20 17:51 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-05-05 16:24 - 2014-05-20 17:45 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-05-05 16:23 - 2014-05-05 16:24 - 13084896 _____ (Microsoft Corporation) C:\Users\Barry Chapman\Downloads\Silverlight_x64 (1).exe
2014-05-05 16:23 - 2014-05-05 16:23 - 13084896 _____ (Microsoft Corporation) C:\Users\Barry Chapman\Downloads\Silverlight_x64.exe
2014-05-05 16:15 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
2014-05-05 16:15 - 2014-05-20 17:51 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-05-05 16:15 - 2014-05-05 16:15 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_point64_01011.Wdf
2014-05-05 16:12 - 2014-05-05 16:12 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_dc3d_01011.Wdf
2014-05-05 15:52 - 2014-05-05 15:53 - 19495200 _____ () C:\Users\Barry Chapman\Downloads\upd-ps-x64-5.8.0.17508.exe
2014-05-05 15:50 - 2014-05-05 15:53 - 00000000 ____D () C:\HP Universal Print Driver
2014-05-05 15:49 - 2014-05-05 15:49 - 18409760 _____ () C:\Users\Barry Chapman\Downloads\upd-pcl6-x64-5.8.0.17508.exe
2014-05-05 14:53 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Landtech XML
2014-05-05 14:53 - 2014-05-05 14:53 - 00001534 _____ () C:\Users\Barry Chapman\Desktop\Landtech XML.lnk
2014-05-05 14:52 - 2014-05-05 14:52 - 00204800 _____ (Landtech Data Corporation) C:\Windows\SysWOW64\ltwpvsw.DLL
2014-05-05 14:52 - 2014-05-05 14:52 - 00065536 _____ (Landtech Data Corp.) C:\Windows\SysWOW64\LTWNode.exe
2014-05-05 14:52 - 2014-05-05 14:52 - 00004726 _____ () C:\Windows\BOOTSTRAP.LOG
2014-05-05 14:52 - 2014-05-05 14:52 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Landtech XML
2014-05-05 14:44 - 2014-05-05 14:44 - 00000519 _____ () C:\Windows\ODBCINST.INI
2014-05-05 14:44 - 2014-05-05 14:44 - 00000000 ____D () C:\ProgramData\Pervasive Software
2014-05-05 14:44 - 2014-05-05 14:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pervasive
2014-05-05 14:44 - 2014-05-05 14:44 - 00000000 ____D () C:\Program Files (x86)\Pervasive Software
2014-05-05 14:18 - 2014-05-05 14:18 - 00000000 ____D () C:\Wages
2014-05-05 14:15 - 2014-05-05 14:17 - 88823072 _____ () C:\Users\Barry Chapman\Downloads\PSQL-Workgroup-10.30.022.000-win.x86.exe
2014-05-05 14:07 - 2001-06-01 14:17 - 00169600 _____ (Wintertree Software Inc.) C:\Windows\SysWOW64\WSpell.ocx
2014-05-05 12:36 - 2014-05-20 17:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WP-64
2014-05-05 12:34 - 2014-05-05 12:34 - 32856361 _____ (wpdos.org ) C:\Users\Barry Chapman\Downloads\WP64DOSBox-Setup.exe
2014-05-05 12:22 - 2014-05-14 13:26 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Help
2014-05-05 12:22 - 2014-05-09 09:28 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Help
2014-05-05 11:45 - 2014-05-21 16:21 - 00037861 _____ () C:\Users\Barry Chapman\AppData\Roaming\Comma Separated Values (Windows).ADR
2014-05-05 11:40 - 2014-05-05 11:40 - 00321535 _____ () C:\Users\Barry Chapman\Downloads\contacts.csv
2014-05-05 11:26 - 2014-05-05 11:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-05 11:25 - 2014-05-05 11:25 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Barry Chapman\Downloads\mbam-setup-2.0.1.1004 (1).exe
2014-05-05 11:24 - 2014-05-05 11:25 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Barry Chapman\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-05 11:16 - 2014-05-05 11:17 - 01069064 _____ (Medlin Accounting Software ) C:\Users\Barry Chapman\Downloads\_05-01-2014_medlin_PR_4-6.exe
2014-05-05 10:49 - 2014-05-25 12:10 - 00000000 ____D () C:\MWACCT
2014-05-05 10:49 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Medlin Accounting
2014-05-05 10:49 - 2014-05-05 11:17 - 00000580 _____ () C:\Users\Public\Desktop\Medlin Accounting.lnk
2014-05-05 10:49 - 1998-05-11 20:01 - 01355776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvbvm50.dll
2014-05-05 10:40 - 2014-05-05 10:40 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\QuickenWindow
2014-05-05 10:36 - 2014-05-05 10:36 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\IsolatedStorage
2014-05-05 10:28 - 2014-05-05 10:28 - 00000000 ____D () C:\Users\Barry Chapman\Documents\Quicken
2014-05-05 10:24 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quicken 2014
2014-05-05 10:24 - 2014-05-20 17:46 - 00000000 ____D () C:\Program Files (x86)\Quicken
2014-05-05 10:24 - 2014-05-05 10:24 - 00001808 _____ () C:\Users\Public\Desktop\Quicken Deluxe 2014.lnk
2014-05-05 10:24 - 2014-05-05 10:24 - 00000126 _____ () C:\Windows\QUICKEN.INI
2014-05-05 10:24 - 2014-05-05 10:24 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Intuit
2014-05-05 10:24 - 2009-05-12 15:14 - 04169728 _____ (Amyuni Technologies http://www.amyuni.com) C:\Windows\SysWOW64\cdintf400.dll
2014-05-05 10:23 - 2014-05-05 10:23 - 00000000 ____D () C:\ProgramData\Intuit
2014-05-05 10:18 - 2014-05-05 10:21 - 112168720 _____ (Intuit Inc. ) C:\Users\Barry Chapman\Downloads\QW14DLX.exe
2014-05-05 10:13 - 2014-05-20 17:52 - 00000000 ____D () C:\Quicken 2014
2014-05-05 08:58 - 2014-05-05 08:58 - 00000000 __SHD () C:\Users\Barry Chapman\AppData\Local\EmieUserList
2014-05-05 08:58 - 2014-05-05 08:58 - 00000000 __SHD () C:\Users\Barry Chapman\AppData\Local\EmieSiteList
2014-05-05 03:10 - 2014-03-06 05:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-05 03:10 - 2014-03-06 04:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-05 03:10 - 2014-03-06 04:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-05 03:10 - 2014-03-06 04:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-05 03:10 - 2014-03-06 04:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-05 03:10 - 2014-03-06 04:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-05 03:10 - 2014-03-06 04:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-05 03:10 - 2014-03-06 04:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-05 03:10 - 2014-03-06 04:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-05 03:10 - 2014-03-06 04:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-05 03:10 - 2014-03-06 04:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-05 03:10 - 2014-03-06 04:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-05 03:10 - 2014-03-06 04:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-05 03:10 - 2014-03-06 04:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-05 03:10 - 2014-03-06 04:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-05 03:10 - 2014-03-06 04:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-05 03:10 - 2014-03-06 04:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-05 03:10 - 2014-03-06 04:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-05 03:10 - 2014-03-06 03:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-05 03:10 - 2014-03-06 03:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-05 03:10 - 2014-03-06 03:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-05 03:10 - 2014-03-06 03:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-05 03:10 - 2014-03-06 03:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-05 03:10 - 2014-03-06 03:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-05 03:10 - 2014-03-06 03:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-05 03:10 - 2014-03-06 03:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-05 03:10 - 2014-03-06 03:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-05 03:10 - 2014-03-06 03:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-05 03:10 - 2014-03-06 03:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-05 03:10 - 2014-03-06 03:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-05 03:10 - 2014-03-06 03:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-05 03:10 - 2014-03-06 03:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-05 03:10 - 2014-03-06 03:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-05 03:10 - 2014-03-06 03:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-05 03:10 - 2014-03-06 02:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-05 03:10 - 2014-03-06 02:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-05 03:10 - 2014-03-06 02:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-05 03:10 - 2014-03-06 02:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-05 03:10 - 2014-03-06 02:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-05 03:10 - 2014-03-06 01:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-05 03:10 - 2014-03-06 01:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-05 03:10 - 2014-03-06 01:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-05 03:10 - 2014-03-06 01:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-05 03:10 - 2014-03-06 01:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-05 03:06 - 2014-05-05 03:06 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-05-05 03:06 - 2014-05-05 03:06 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-05-04 03:06 - 2012-07-25 23:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2014-05-04 03:06 - 2012-07-25 23:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-05-04 03:06 - 2012-07-25 23:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-05-04 03:06 - 2012-07-25 23:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-05-04 03:06 - 2012-07-25 23:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2014-05-04 03:06 - 2012-07-25 22:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-05-04 03:06 - 2012-07-25 22:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-05-04 03:06 - 2012-06-02 10:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-05-03 16:58 - 2014-01-28 22:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-05-03 16:58 - 2014-01-28 22:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-05-03 16:58 - 2014-01-27 22:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-05-03 16:58 - 2013-12-31 19:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-05-03 16:58 - 2013-12-31 19:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-05-03 16:58 - 2013-12-05 22:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-05-03 16:58 - 2013-12-05 22:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-05-03 16:58 - 2013-12-05 22:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-05-03 16:58 - 2013-12-05 22:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-05-03 16:58 - 2013-11-23 14:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-05-03 16:58 - 2013-11-23 13:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-05-03 16:58 - 2011-04-09 02:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-05-03 16:58 - 2011-04-09 01:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-05-03 16:55 - 2014-02-06 21:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-05-03 16:55 - 2013-12-24 19:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-05-03 16:55 - 2013-12-24 18:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-05-03 16:55 - 2013-12-03 22:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-05-03 16:55 - 2013-12-03 22:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-05-03 16:55 - 2013-12-03 22:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-05-03 16:55 - 2013-12-03 22:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-05-03 16:55 - 2013-12-03 22:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-05-03 16:55 - 2013-12-03 22:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-05-03 16:55 - 2013-12-03 22:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-05-03 16:55 - 2013-12-03 22:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-05-03 16:55 - 2013-12-03 22:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-05-03 16:55 - 2013-12-03 22:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-05-03 16:55 - 2013-12-03 22:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-05-03 16:55 - 2013-12-03 22:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-05-03 16:55 - 2013-12-03 22:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-05-03 16:55 - 2013-12-03 22:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-05-03 16:55 - 2013-12-03 21:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-05-03 16:55 - 2013-12-03 21:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-05-03 16:55 - 2013-12-03 21:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-05-03 16:55 - 2013-12-03 21:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-05-03 16:55 - 2013-11-26 21:42 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-05-03 16:55 - 2013-11-26 21:42 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-05-03 16:55 - 2013-11-26 21:42 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-05-03 16:55 - 2013-11-26 21:42 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-05-03 16:55 - 2013-11-26 21:42 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-05-03 16:55 - 2013-11-26 04:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-05-03 16:55 - 2013-11-22 18:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-05-03 16:53 - 2014-03-04 05:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-05-03 16:53 - 2014-03-04 05:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-05-03 16:53 - 2014-03-04 05:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-05-03 16:53 - 2014-03-04 05:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-05-03 16:53 - 2014-03-04 05:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-05-03 16:53 - 2014-03-04 05:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-05-03 16:53 - 2014-03-04 05:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-05-03 16:53 - 2014-03-04 05:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-05-03 16:53 - 2014-03-04 05:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-05-03 16:53 - 2014-03-04 04:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-05-03 16:53 - 2014-03-04 04:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-05-03 16:53 - 2014-02-03 22:37 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-05-03 16:53 - 2014-02-03 22:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-05-03 16:53 - 2014-02-03 22:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-05-03 16:53 - 2014-02-03 22:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-05-03 16:53 - 2014-02-03 22:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-05-03 16:53 - 2014-02-03 22:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-05-03 16:53 - 2014-02-03 22:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-05-03 16:53 - 2014-02-03 22:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-05-03 16:53 - 2014-02-03 22:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-05-03 16:53 - 2014-01-23 22:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-05-03 16:53 - 2013-11-26 07:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-05-03 16:53 - 2013-07-20 06:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-05-03 16:53 - 2013-07-20 06:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-05-03 16:53 - 2011-02-18 06:51 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2014-05-03 16:53 - 2011-02-18 01:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2014-05-03 16:46 - 2014-05-03 16:46 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-05-03 16:40 - 2014-05-14 11:55 - 00000000 ____D () C:\Office 2000
2014-05-03 16:36 - 2014-05-20 18:02 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-05-03 16:34 - 2014-05-22 16:23 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-03 16:34 - 2014-05-20 17:52 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Microsoft Help
2014-05-03 16:32 - 2014-05-20 17:52 - 00000000 ____D () C:\Users\Barry Chapman\Downloads\DVD_Office_2010_32Bit
2014-05-03 16:26 - 2014-05-03 16:26 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\WinRAR
2014-05-03 16:23 - 2014-05-03 16:23 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Macromedia
2014-05-03 16:21 - 2014-05-03 16:21 - 00001161 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-03 16:21 - 2014-05-03 16:21 - 00001149 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-03 16:21 - 2014-05-03 16:21 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Mozilla
2014-05-03 16:21 - 2014-05-03 16:21 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Mozilla
2014-05-03 16:21 - 2014-05-03 16:21 - 00000000 ____D () C:\ProgramData\Mozilla
2014-05-03 16:19 - 2014-05-03 16:19 - 00282960 _____ (Mozilla) C:\Users\Barry Chapman\Downloads\Firefox Setup Stub 29.0.exe
2014-05-03 16:11 - 2014-05-03 16:30 - 628097024 _____ () C:\Users\Barry Chapman\Downloads\DVD_Office_2010_32Bit.iso
2014-05-03 16:10 - 2014-05-20 17:52 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-05-03 16:10 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-05-03 16:10 - 2014-05-20 17:46 - 00000000 ____D () C:\Program Files (x86)\WinRAR
2014-05-03 16:10 - 2014-05-03 16:10 - 01766784 _____ () C:\Users\Barry Chapman\Downloads\wrar500.exe
2014-05-03 16:10 - 2014-05-03 16:10 - 00001007 _____ () C:\Users\Public\Desktop\WinRAR.lnk
2014-05-03 15:48 - 2009-07-13 21:41 - 00886784 _____ (Microsoft Corporation) C:\Windows\system32\wab32.dll
2014-05-03 15:48 - 2009-07-13 21:33 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\wab32res.dll
2014-05-03 15:41 - 2014-05-03 15:41 - 00000376 _____ () C:\Windows\ODBC.INI
2014-05-03 15:40 - 2014-05-20 17:55 - 00000000 ____D () C:\Windows\Msagent
2014-05-03 15:40 - 2014-05-03 15:40 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Microsoft Web Folders
2014-05-03 15:33 - 2009-08-04 13:56 - 00296960 _____ (Microsoft Corporation) C:\Windows\winhlp32.exe
2014-05-03 15:33 - 2009-08-04 13:55 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftsrch.dll
2014-05-03 15:33 - 2009-08-04 13:55 - 00195072 _____ (Microsoft Corporation) C:\Windows\system32\ftsrch.dll
2014-05-03 15:33 - 2009-08-04 13:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftlx041e.dll
2014-05-03 15:33 - 2009-08-04 13:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\ftlx041e.dll
2014-05-03 15:33 - 2009-08-04 13:55 - 00009216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftlx0411.dll
2014-05-03 15:33 - 2009-08-04 13:55 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\ftlx0411.dll
2014-05-03 15:20 - 2014-05-03 15:20 - 00718172 _____ () C:\Users\Barry Chapman\Downloads\Windows6.1-KB917607-x64.msu
2014-05-03 15:20 - 2014-05-03 15:20 - 00703811 _____ () C:\Users\Barry Chapman\Downloads\Windows6.1-KB917607-x86.msu
2014-05-03 14:40 - 2014-05-20 11:10 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Adobe
2014-05-03 14:29 - 2014-05-20 17:50 - 00000000 ____D () C:\Program Files (x86)\wp51
2014-05-03 14:14 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FAX User Software
2014-05-03 14:14 - 2014-05-03 14:14 - 00000000 ____D () C:\Program Files (x86)\Kyocera
2014-05-03 14:02 - 2014-05-03 14:02 - 00003102 _____ () C:\Windows\System32\Tasks\{274EC4EA-7BEE-46DD-B238-1777098F3282}
2014-05-03 13:53 - 2014-05-03 13:53 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Canon Electronics
2014-05-03 13:38 - 2014-05-03 13:52 - 00000000 ____D () C:\Users\Barry Chapman\Documents\Corel User Files
2014-05-03 13:38 - 2014-05-03 13:38 - 00061678 _____ () C:\Users\Barry Chapman\AppData\Roaming\PFP120JPR.{PB
2014-05-03 13:38 - 2014-05-03 13:38 - 00012358 _____ () C:\Users\Barry Chapman\AppData\Roaming\PFP120JCM.{PB
2014-05-03 13:38 - 2014-05-03 13:38 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Corel
2014-05-03 13:31 - 2013-07-04 13:57 - 00067888 _____ (Canon Electronics Inc.) C:\Windows\SysWOW64\SuStiUtl.dll
2014-05-03 13:31 - 2006-05-16 21:19 - 00021008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CTL3D.DLL
2014-05-03 13:30 - 2014-05-20 17:55 - 00000000 ____D () C:\Windows\PIXTRAN
2014-05-03 13:30 - 2014-05-20 17:52 - 00000000 ____D () C:\Users\Barry Chapman\Desktop\Canon DR-2580C
2014-05-03 13:30 - 2014-05-07 09:25 - 00000000 ____D () C:\Program Files (x86)\Canon Electronics
2014-05-03 13:30 - 2014-05-06 13:22 - 00000125 _____ () C:\Windows\SetScan.ini
2014-05-03 13:30 - 2014-05-06 13:12 - 00017862 _____ () C:\Windows\DPINST.LOG
2014-05-03 13:30 - 2009-05-13 16:05 - 00401484 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Msvcrtd.dll
2014-05-03 13:30 - 2006-05-16 21:40 - 00221456 _____ (EMC Corporation) C:\Windows\SysWOW64\PIXDFLTN.DLL
2014-05-03 13:30 - 2006-05-16 21:40 - 00180224 _____ (Pegasus Imaging Corp.) C:\Windows\SysWOW64\PIXN1120.DLL
2014-05-03 13:30 - 2006-05-16 21:40 - 00176128 _____ (Pegasus Imaging Corp.) C:\Windows\SysWOW64\PIXN1520.DLL
2014-05-03 13:30 - 2006-05-16 21:40 - 00155648 _____ (Pegasus Imaging Corp.) C:\Windows\SysWOW64\PIXN1020.DLL
2014-05-03 13:30 - 2006-05-16 21:40 - 00114688 _____ (Pegasus Imaging Corp.) C:\Windows\SysWOW64\PIXN1320.DLL
2014-05-03 13:30 - 2006-05-16 21:40 - 00074000 _____ (EMC Corporation) C:\Windows\SysWOW64\PIXLOCN.DLL
2014-05-03 13:30 - 2006-05-16 21:40 - 00053520 _____ (EMC Corporation) C:\Windows\SysWOW64\PIXPERMN.DLL
2014-05-03 13:30 - 2006-05-16 21:40 - 00051712 _____ (Pegasus Imaging Corp.) C:\Windows\SysWOW64\PIXN20.DLL
2014-05-03 13:30 - 2005-08-09 17:34 - 00094208 _____ (Canon Electronics Inc.) C:\Windows\SysWOW64\DR25CPL.dll
2014-05-03 13:30 - 2005-06-14 08:29 - 00036864 _____ (Canon Electronics Inc.) C:\Windows\SysWOW64\CeiUSB2.dll
2014-05-03 13:30 - 2005-02-15 13:18 - 00106496 _____ (Canon Electronics) C:\Windows\SysWOW64\DR25SVC.dll
2014-05-03 13:30 - 2002-09-25 16:02 - 00602384 _____ (Pixel Translations Incorporated) C:\Windows\SysWOW64\pixipdll.dll
2014-05-03 13:30 - 2002-05-13 22:55 - 00014000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Drivers\usbscan.sys
2014-05-03 13:30 - 1998-10-29 16:45 - 00306688 _____ (InstallShield Software Corporation) C:\Windows\IsUninst.exe
2014-05-03 13:17 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WordPerfect Office 12
2014-05-03 13:17 - 2014-05-03 13:17 - 00002607 _____ () C:\Users\Barry Chapman\Desktop\WordPerfect.lnk
2014-05-03 13:14 - 2014-05-05 12:18 - 00000000 ____D () C:\Program Files (x86)\WordPerfect Office 12
2014-05-03 12:01 - 2014-05-04 18:11 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\PCDr
2014-05-02 20:32 - 2012-06-02 18:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-05-02 20:32 - 2012-06-02 18:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-05-02 20:32 - 2012-06-02 18:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-05-02 20:32 - 2012-06-02 18:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-05-02 20:32 - 2012-06-02 18:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-05-02 20:32 - 2012-06-02 18:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-05-02 20:32 - 2012-06-02 18:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-05-02 20:32 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-05-02 20:32 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-05-02 19:50 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
2014-05-02 16:23 - 2014-05-21 09:17 - 00002310 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-02 16:23 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-02 16:12 - 2014-05-28 06:55 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-02 16:12 - 2014-05-27 18:14 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-02 16:12 - 2014-05-22 15:36 - 00000000 ____D () C:\Program Files (x86)\Google
2014-05-02 16:12 - 2014-05-07 15:50 - 00003908 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-02 16:12 - 2014-05-07 15:50 - 00003656 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-02 16:12 - 2014-05-02 16:23 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Google
2014-05-02 15:58 - 2014-05-20 13:56 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Deployment
2014-05-02 15:58 - 2014-05-02 15:58 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Apps\2.0
2014-05-02 15:45 - 2014-05-20 17:32 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-05-02 15:45 - 2014-05-20 17:26 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Opera Software
2014-05-02 15:45 - 2014-05-15 14:40 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Opera Software
2014-05-02 15:42 - 2014-05-02 15:42 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Macromedia
2014-05-02 15:26 - 2014-05-02 15:26 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Intel Corporation
2014-05-02 15:25 - 2014-05-27 12:36 - 00003440 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
2014-05-02 15:25 - 2014-05-25 10:37 - 00000000 ___RD () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-02 15:25 - 2014-05-20 17:52 - 00000000 ___RD () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-02 15:25 - 2014-05-20 17:51 - 00000000 ____D () C:\ProgramData\Atheros
2014-05-02 15:25 - 2014-05-20 16:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Adobe
2014-05-02 15:25 - 2014-05-20 16:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\VirtualStore
2014-05-02 15:25 - 2014-05-13 08:51 - 00000000 ____D () C:\Users\Barry Chapman\Documents\Bluetooth Folder
2014-05-02 15:25 - 2014-05-02 15:25 - 00004004 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2014-05-02 15:25 - 2014-05-02 15:25 - 00003214 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest
2014-05-02 15:25 - 2014-05-02 15:25 - 00001415 _____ () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-02 15:25 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Leadertech
2014-05-02 15:25 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Dell
2014-05-02 15:25 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Atheros
2014-05-02 15:25 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\BMExplorer
2014-05-02 15:23 - 2014-05-13 16:30 - 00000000 ____D () C:\ProgramData\softthinks
2014-05-02 15:23 - 2014-05-02 15:23 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\softthinks
2014-05-02 15:23 - 2013-12-05 03:16 - 00000114 ____H () C:\DBAR_Ver.txt
2014-05-02 15:18 - 2014-05-20 18:27 - 00132680 _____ () C:\Users\Barry Chapman\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-02 15:18 - 2014-05-02 15:18 - 00001975 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Help Documentation.lnk
2014-05-02 15:17 - 2014-05-20 18:25 - 00000000 ____D () C:\Users\Barry Chapman
2014-05-02 15:17 - 2014-05-20 17:52 - 00000000 ___RD () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-02 15:17 - 2014-05-20 17:52 - 00000000 ___RD () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-02 15:17 - 2014-05-02 15:17 - 00000020 ___SH () C:\Users\Barry Chapman\ntuser.ini
==================== One Month Modified Files and Folders =======
2014-05-28 07:50 - 2014-05-27 16:22 - 00020363 _____ () C:\Users\Barry Chapman\Desktop\FRST.txt
2014-05-28 07:50 - 2014-05-27 16:22 - 00000000 ____D () C:\FRST
2014-05-28 07:18 - 2014-05-28 07:18 - 00065311 _____ () C:\Users\Barry Chapman\Desktop\Result.txt
2014-05-28 07:14 - 2014-05-28 07:14 - 00982016 _____ (Farbar) C:\Users\Barry Chapman\Desktop\MiniToolBox.exe
2014-05-28 07:07 - 2014-03-21 13:36 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-28 06:55 - 2014-05-02 16:12 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-27 20:02 - 2014-05-27 20:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-05-27 18:14 - 2014-05-02 16:12 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-27 18:13 - 2014-05-27 18:13 - 00132680 _____ () C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-27 18:13 - 2014-05-27 18:13 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\WinRAR
2014-05-27 18:13 - 2014-05-27 18:13 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Intel Corporation
2014-05-27 18:12 - 2014-05-27 18:12 - 00001460 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-27 18:12 - 2014-05-27 18:12 - 00000000 ___RD () C:\Users\Administrator\Virtual Machines
2014-05-27 18:12 - 2014-05-27 18:12 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-27 18:12 - 2014-05-27 18:12 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-27 18:12 - 2014-05-27 18:12 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Adobe
2014-05-27 18:12 - 2014-05-27 18:12 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-05-27 18:12 - 2014-05-27 18:11 - 00000000 ____D () C:\Users\Administrator
2014-05-27 18:12 - 2009-07-14 00:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-05-27 18:11 - 2014-05-27 18:11 - 00000020 ___SH () C:\Users\Administrator\ntuser.ini
2014-05-27 18:11 - 2014-05-14 11:56 - 00000000 ____D () C:\Users\Barry Chapman\Documents\Outlook Files
2014-05-27 18:07 - 2009-07-14 00:45 - 00021312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-27 18:07 - 2009-07-14 00:45 - 00021312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-27 17:32 - 2014-05-27 16:22 - 00038057 _____ () C:\Users\Barry Chapman\Desktop\Addition.txt
2014-05-27 16:21 - 2014-05-27 16:21 - 02066944 _____ (Farbar) C:\Users\Barry Chapman\Desktop\FRST64.exe
2014-05-27 15:57 - 2014-05-27 10:02 - 00198204 _____ () C:\Users\Barry Chapman\Downloads\OTL.Txt
2014-05-27 15:46 - 2009-07-14 01:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-05-27 15:40 - 2014-05-27 13:59 - 00000008 _____ () C:\LTLASTFN.DAT
2014-05-27 15:23 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-05-27 13:31 - 2009-07-14 01:13 - 00791990 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-27 13:29 - 2014-05-27 13:29 - 00043987 _____ () C:\ComboFix.txt
2014-05-27 13:29 - 2014-05-27 12:50 - 00000000 ____D () C:\Qoobox
2014-05-27 13:29 - 2009-07-13 23:20 - 00000000 __RHD () C:\Users\Default
2014-05-27 13:28 - 2014-03-22 04:31 - 01442749 _____ () C:\Windows\WindowsUpdate.log
2014-05-27 13:27 - 2014-05-25 10:38 - 00000000 ____D () C:\Windows\ERDNT
2014-05-27 13:26 - 2014-03-21 13:56 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery
2014-05-27 13:24 - 2014-05-09 07:39 - 00000000 ____D () C:\ProgramData\VMware
2014-05-27 13:24 - 2009-07-13 22:34 - 00000215 _____ () C:\Windows\system.ini
2014-05-27 13:23 - 2010-11-20 23:47 - 00310102 _____ () C:\Windows\PFRO.log
2014-05-27 13:23 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-27 13:23 - 2009-07-14 00:51 - 00042071 _____ () C:\Windows\setupact.log
2014-05-27 12:51 - 2014-05-27 12:51 - 00001540 _____ () C:\Users\Barry Chapman\Desktop\ComboFix.exe - Shortcut.lnk
2014-05-27 12:47 - 2014-05-27 12:46 - 05203612 ____R () C:\Users\Barry Chapman\Downloads\ComboFix.exe
2014-05-27 12:36 - 2014-05-02 15:25 - 00003440 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
2014-05-27 11:30 - 2014-05-27 11:30 - 00000000 ___RD () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-05-27 11:23 - 2014-05-27 11:23 - 00000000 ____D () C:\_OTL
2014-05-27 10:03 - 2014-05-27 10:03 - 00056788 _____ () C:\Users\Barry Chapman\Downloads\Extras.Txt
2014-05-27 09:54 - 2014-05-27 09:54 - 00602112 _____ (OldTimer Tools) C:\Users\Barry Chapman\Downloads\OTL.exe
2014-05-27 09:22 - 2014-05-16 10:51 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\CrashDumps
2014-05-27 09:18 - 2014-05-27 09:18 - 00000000 ____D () C:\Malwarebytes' Anti-Malware
2014-05-27 09:13 - 2014-05-27 09:25 - 01440846 _____ () C:\Program Files (x86)\mbam-chameleon-1.62.1.1000.zip
2014-05-27 09:01 - 2014-05-27 09:01 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Barry Chapman\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-05-27 08:58 - 2014-05-27 08:58 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Barry Chapman\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-26 10:25 - 2014-05-19 16:42 - 00000000 ____D () C:\AdwCleaner
2014-05-26 10:24 - 2014-05-14 15:56 - 00000000 ____D () C:\Program Files (x86)\MSR
2014-05-26 10:17 - 2014-05-26 10:17 - 01327971 _____ () C:\Users\Barry Chapman\Downloads\AdwCleaner.exe
2014-05-26 10:07 - 2014-03-21 13:52 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-05-25 12:10 - 2014-05-05 10:49 - 00000000 ____D () C:\MWACCT
2014-05-25 11:49 - 2014-05-25 11:49 - 00004447 _____ () C:\Users\Barry Chapman\Desktop\attach.zip
2014-05-25 11:38 - 2014-05-25 11:38 - 00002135 _____ () C:\Users\Barry Chapman\Desktop\aswMBR.txt
2014-05-25 11:38 - 2014-05-25 11:38 - 00000512 _____ () C:\Users\Barry Chapman\Desktop\MBR.dat
2014-05-25 10:52 - 2014-05-25 10:52 - 00004315 _____ () C:\Users\Barry Chapman\Desktop\attach.rar
2014-05-25 10:46 - 2014-05-25 10:46 - 00042419 _____ () C:\Users\Barry Chapman\Desktop\dds.txt
2014-05-25 10:46 - 2014-05-25 10:46 - 00020635 _____ () C:\Users\Barry Chapman\Desktop\attach.txt
2014-05-25 10:43 - 2014-05-25 10:43 - 04745728 _____ (AVAST Software) C:\Users\Barry Chapman\Downloads\aswMBR.exe
2014-05-25 10:38 - 2014-05-25 10:38 - 00688992 ____R (Swearware) C:\Users\Barry Chapman\Downloads\dds (1).scr
2014-05-25 10:37 - 2014-05-25 10:36 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-05-25 10:37 - 2014-05-02 15:25 - 00000000 ___RD () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-25 10:36 - 2014-05-25 10:36 - 00791393 _____ (Lars Hederer ) C:\Users\Barry Chapman\Downloads\erunt-setup (2).exe
2014-05-25 10:36 - 2014-05-25 10:36 - 00000960 _____ () C:\Users\Barry Chapman\Desktop\ERUNT.lnk
2014-05-25 10:36 - 2014-05-25 10:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
2014-05-24 12:00 - 2014-05-24 12:00 - 00688992 _____ (Swearware) C:\Users\Barry Chapman\Downloads\dds.scr
2014-05-24 11:59 - 2014-05-24 11:59 - 00791393 _____ (Lars Hederer ) C:\Users\Barry Chapman\Downloads\erunt-setup (1).exe
2014-05-24 11:57 - 2014-05-24 11:57 - 00791393 _____ (Lars Hederer ) C:\Users\Barry Chapman\Downloads\erunt-setup.exe
2014-05-23 08:25 - 2014-05-23 08:25 - 00000000 ____D () C:\New folder
2014-05-23 07:59 - 2009-07-13 23:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-23 07:48 - 2014-05-23 07:48 - 624028561 _____ () C:\Windows\MEMORY.DMP
2014-05-23 07:48 - 2014-05-23 07:48 - 00280128 _____ () C:\Windows\Minidump\052314-21138-01.dmp
2014-05-23 07:48 - 2014-05-23 07:48 - 00000000 ____D () C:\Windows\Minidump
2014-05-23 07:43 - 2014-05-23 07:43 - 00162208 _____ () C:\Users\Barry Chapman\Downloads\Antivirus_Free_Edition (1).exe
2014-05-23 07:43 - 2014-05-23 07:40 - 10447328 _____ () C:\Users\Barry Chapman\Downloads\Antivirus_Free_Edition_x64.exe
2014-05-23 07:41 - 2014-05-23 07:41 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\QuickScan
2014-05-23 07:39 - 2014-05-23 07:39 - 00162208 _____ () C:\Users\Barry Chapman\Downloads\Antivirus_Free_Edition.exe
2014-05-23 07:03 - 2014-05-21 11:16 - 00000000 ____D () C:\ProgramData\MFAData
2014-05-22 16:23 - 2014-05-03 16:34 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-22 16:19 - 2009-07-13 22:34 - 00000510 _____ () C:\Windows\win.ini
2014-05-22 15:37 - 2014-05-22 15:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2014-05-22 15:36 - 2014-05-02 16:12 - 00000000 ____D () C:\Program Files (x86)\Google
2014-05-22 15:35 - 2014-05-22 15:35 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-05-22 15:35 - 2014-05-22 15:35 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-05-22 15:35 - 2014-05-22 15:35 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-05-22 15:35 - 2014-05-22 15:35 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-05-22 15:35 - 2014-05-22 15:35 - 00000000 ____D () C:\Program Files (x86)\Java
2014-05-22 13:23 - 2014-05-22 13:22 - 00051706 _____ () C:\Windows\SysWOW64\bddel.dat
2014-05-22 10:51 - 2014-05-15 11:21 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-05-22 10:49 - 2014-05-15 11:40 - 00001446 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-05-22 10:49 - 2014-05-15 11:40 - 00001434 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-05-22 10:49 - 2014-05-15 11:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-05-22 10:49 - 2014-05-15 11:21 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-05-22 10:47 - 2014-05-22 10:47 - 00000000 ____D () C:\Program Files (x86)\Spybot
2014-05-22 09:31 - 2014-05-22 08:13 - 00017970 _____ () C:\Users\Barry Chapman\Desktop\Nmc_2014-05-22_08-13-17.log
2014-05-22 08:11 - 2014-05-22 08:08 - 00003374 _____ () C:\Users\Barry Chapman\Desktop\Nmc_2014-05-22_08-08-46.log
2014-05-22 08:06 - 2014-05-22 07:57 - 332119856 _____ (Norman Shark AS) C:\Users\Barry Chapman\Downloads\Norman_Malware_Cleaner (1).exe
2014-05-21 16:21 - 2014-05-05 11:45 - 00037861 _____ () C:\Users\Barry Chapman\AppData\Roaming\Comma Separated Values (Windows).ADR
2014-05-21 11:27 - 2014-05-21 11:27 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\TuneUp Software
2014-05-21 11:16 - 2014-05-21 11:16 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\MFAData
2014-05-21 11:15 - 2014-05-21 11:15 - 04485528 _____ (AVG Technologies) C:\Users\Barry Chapman\Downloads\avg_free_stb_all_2014_4577_cnet.exe
2014-05-21 11:11 - 2014-03-21 13:52 - 00000000 ____D () C:\ProgramData\McAfee
2014-05-21 10:04 - 2014-05-21 09:31 - 00014960 _____ () C:\Users\Barry Chapman\Desktop\Nmc_2014-05-21_09-31-37.log
2014-05-21 09:17 - 2014-05-02 16:23 - 00002310 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-21 09:08 - 2014-05-21 09:01 - 331917560 _____ (Norman Shark AS) C:\Users\Barry Chapman\Downloads\Norman_Malware_Cleaner.exe
2014-05-20 18:49 - 2014-03-21 13:52 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2014-05-20 18:27 - 2014-05-02 15:18 - 00132680 _____ () C:\Users\Barry Chapman\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-20 18:25 - 2014-05-02 15:17 - 00000000 ____D () C:\Users\Barry Chapman
2014-05-20 18:24 - 2014-05-19 08:08 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-05-20 18:24 - 2014-03-21 13:45 - 00000000 ____D () C:\Program Files (x86)\Dell Wireless
2014-05-20 18:19 - 2014-05-27 18:11 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-20 18:19 - 2014-05-27 18:11 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-20 18:19 - 2014-05-06 07:52 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-20 18:19 - 2014-03-22 04:22 - 00000000 ____D () C:\Windows\system32\Drivers\tr-TR
2014-05-20 18:19 - 2014-03-22 04:22 - 00000000 ____D () C:\Windows\system32\Drivers\th-TH
2014-05-20 18:19 - 2014-03-22 04:22 - 00000000 ____D () C:\Windows\system32\Drivers\ro-RO
2014-05-20 18:19 - 2014-03-22 04:22 - 00000000 ____D () C:\Windows\system32\Drivers\he-IL
2014-05-20 18:19 - 2014-03-22 04:22 - 00000000 ____D () C:\Windows\system32\Drivers\ar-SA
2014-05-20 18:19 - 2010-11-21 03:17 - 00000000 ____D () C:\Windows\ShellNew
2014-05-20 18:19 - 2010-11-21 03:17 - 00000000 ____D () C:\Program Files\Windows Journal
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Windows\system32\WinBioPlugIns
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Windows\Offline Web Pages
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Windows\addins
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files\DVD Maker
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 __RSD () C:\Windows\Media
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\TAPI
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\uk-UA
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\th-TH
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\sr-Latn-CS
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\sppui
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\sl-SI
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\sk-SK
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Setup
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\ro-RO
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Recovery
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\ras
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\migwiz
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\manifeststore
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\lv-LV
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\lt-LT
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\InstallShield
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\icsxml
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\hr-HR
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\he-IL
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\et-EE
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\com
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\bg-BG
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\ar-SA
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\AdvancedInstallers
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\uk-UA
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\th-TH
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\sysprep
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\sppui
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\sl-SI
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\sk-SK
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Setup
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\ro-RO
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\ras
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\oobe
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Msdtc
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\migwiz
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\manifeststore
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\lv-LV
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\lt-LT
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\icsxml
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\ias
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\hr-HR
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\he-IL
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\et-EE
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\com
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\bg-BG
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\ar-SA
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\servicing
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\L2Schemas
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\IME
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\Cursors
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\Services
2014-05-20 18:03 - 2014-05-05 16:53 - 00000000 ____D () C:\Windows\SysWOW64\spool
2014-05-20 18:03 - 2014-03-21 13:42 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-05-20 18:03 - 2014-03-21 13:36 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-05-20 18:02 - 2014-05-03 16:36 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-05-20 18:02 - 2014-03-21 13:36 - 00000000 ____D () C:\Windows\system32\Macromed
2014-05-20 18:02 - 2009-07-14 01:32 - 00000000 ____D () C:\Windows\system32\restore
2014-05-20 18:02 - 2009-07-14 01:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-05-20 18:02 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-20 18:02 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system
2014-05-20 17:55 - 2014-05-13 11:18 - 00000000 ____D () C:\Windows\pss
2014-05-20 17:55 - 2014-05-03 15:40 - 00000000 ____D () C:\Windows\Msagent
2014-05-20 17:55 - 2014-05-03 13:30 - 00000000 ____D () C:\Windows\PIXTRAN
2014-05-20 17:53 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\Help
2014-05-20 17:52 - 2014-05-15 03:25 - 00000000 ___RD () C:\Users\Barry Chapman\Virtual Machines
2014-05-20 17:52 - 2014-05-14 15:54 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\wi_upd
2014-05-20 17:52 - 2014-05-14 10:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-05-20 17:52 - 2014-05-13 12:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backblaze
2014-05-20 17:52 - 2014-05-13 11:00 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\VMware
2014-05-20 17:52 - 2014-05-09 07:39 - 00000000 ____D () C:\ProgramData\Micr
brchapman
2014-05-28, 14:56
2014-05-20 17:52 - 2014-05-09 07:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
2014-05-20 17:52 - 2014-05-07 09:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CapturePerfect 3.1
2014-05-20 17:52 - 2014-05-06 10:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-20 17:52 - 2014-05-05 17:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon DR-2580C
2014-05-20 17:52 - 2014-05-05 16:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-05-20 17:52 - 2014-05-05 16:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
2014-05-20 17:52 - 2014-05-05 14:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Landtech XML
2014-05-20 17:52 - 2014-05-05 10:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Medlin Accounting
2014-05-20 17:52 - 2014-05-05 10:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quicken 2014
2014-05-20 17:52 - 2014-05-05 10:13 - 00000000 ____D () C:\Quicken 2014
2014-05-20 17:52 - 2014-05-03 16:34 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Microsoft Help
2014-05-20 17:52 - 2014-05-03 16:32 - 00000000 ____D () C:\Users\Barry Chapman\Downloads\DVD_Office_2010_32Bit
2014-05-20 17:52 - 2014-05-03 16:10 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-05-20 17:52 - 2014-05-03 16:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-05-20 17:52 - 2014-05-03 14:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FAX User Software
2014-05-20 17:52 - 2014-05-03 13:30 - 00000000 ____D () C:\Users\Barry Chapman\Desktop\Canon DR-2580C
2014-05-20 17:52 - 2014-05-03 13:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WordPerfect Office 12
2014-05-20 17:52 - 2014-05-02 16:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-20 17:52 - 2014-05-02 15:25 - 00000000 ___RD () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-20 17:52 - 2014-05-02 15:17 - 00000000 ___RD () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-20 17:52 - 2014-05-02 15:17 - 00000000 ___RD () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-20 17:52 - 2014-03-22 04:22 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Virtual PC
2014-05-20 17:52 - 2014-03-21 13:49 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2014-05-20 17:52 - 2014-03-21 13:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HotSpot
2014-05-20 17:52 - 2014-03-21 13:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atheros Smart Net
2014-05-20 17:52 - 2014-03-21 13:46 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BT Program
2014-05-20 17:52 - 2014-03-21 13:43 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2014-05-20 17:52 - 2014-03-21 13:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Audio
2014-05-20 17:52 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\AppCompat
2014-05-20 17:51 - 2014-05-05 16:24 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-05-20 17:51 - 2014-05-05 16:15 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-05-20 17:51 - 2014-05-02 15:25 - 00000000 ____D () C:\ProgramData\Atheros
2014-05-20 17:51 - 2014-03-21 13:52 - 00000000 ____D () C:\Program Files\mcafee.com
2014-05-20 17:51 - 2014-03-21 13:52 - 00000000 ____D () C:\Program Files\mcafee
2014-05-20 17:51 - 2014-03-21 13:50 - 00000000 ____D () C:\Program Files\My Dell
2014-05-20 17:51 - 2014-03-21 13:50 - 00000000 ____D () C:\Program Files\Dell Support Center
2014-05-20 17:51 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-05-20 17:50 - 2014-05-03 14:29 - 00000000 ____D () C:\Program Files (x86)\wp51
2014-05-20 17:46 - 2014-05-05 10:24 - 00000000 ____D () C:\Program Files (x86)\Quicken
2014-05-20 17:46 - 2014-05-03 16:10 - 00000000 ____D () C:\Program Files (x86)\WinRAR
2014-05-20 17:45 - 2014-05-05 16:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-05-20 17:45 - 2014-03-21 13:52 - 00000000 ____D () C:\Program Files (x86)\mcafee.com
2014-05-20 17:44 - 2014-05-13 12:16 - 00000000 ____D () C:\Program Files (x86)\Backblaze
2014-05-20 17:44 - 2014-03-21 13:55 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-05-20 17:44 - 2014-03-21 13:50 - 00000000 ____D () C:\Program Files (x86)\Dell Digital Delivery
2014-05-20 17:34 - 2014-05-16 08:33 - 00000000 ____D () C:\Program Files (x86)\Adobe Download Assistant
2014-05-20 17:32 - 2014-05-02 15:45 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-05-20 17:27 - 2014-05-05 12:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WP-64
2014-05-20 17:26 - 2014-05-06 09:05 - 00000000 ____D () C:\Users\Barry Chapman\Desktop\CapturePerfect 3.0
2014-05-20 17:26 - 2014-05-02 15:45 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Opera Software
2014-05-20 16:57 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\registration
2014-05-20 16:25 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Adobe
2014-05-20 16:25 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\VirtualStore
2014-05-20 16:25 - 2014-03-21 13:55 - 00000000 ____D () C:\ProgramData\Adobe
2014-05-20 16:25 - 2014-03-21 13:50 - 00000000 ____D () C:\ProgramData\PCDr
2014-05-20 16:20 - 2014-05-14 08:30 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-05-20 15:49 - 2014-05-20 14:54 - 00025110 _____ () C:\Users\Barry Chapman\Desktop\Nmc_2014-05-20_14-54-17.log
2014-05-20 14:53 - 2014-05-20 14:53 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Norman Malware Cleaner
2014-05-20 13:56 - 2014-05-02 15:58 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Deployment
2014-05-20 13:35 - 2014-05-20 12:44 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-05-20 12:34 - 2014-05-20 12:34 - 00000914 _____ () C:\Users\Barry Chapman\Desktop\JRT.txt
2014-05-20 11:10 - 2014-05-03 14:40 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Adobe
2014-05-20 10:30 - 2014-05-20 10:29 - 04957528 _____ (SurfRight B.V.) C:\Users\Barry Chapman\Downloads\Unconfirmed 912715.crdownload
2014-05-19 10:55 - 2014-05-19 10:55 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-05-19 10:44 - 2014-05-05 16:53 - 00000000 ____D () C:\Users\Public\Documents\Adobe PDF
2014-05-19 10:20 - 2014-05-19 10:20 - 00000000 ____D () C:\Adobe XI Pro
2014-05-19 07:54 - 2014-05-19 07:54 - 00000000 ____D () C:\Users\Barry Chapman\Documents\ProcAlyzer Dumps
2014-05-18 03:05 - 2014-05-06 13:18 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-16 09:39 - 2014-05-16 09:39 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\SUPERAntiSpyware.com
2014-05-16 09:39 - 2014-05-16 09:39 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-05-16 08:33 - 2014-05-16 08:33 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2014-05-16 08:32 - 2014-05-27 18:11 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Macromedia
2014-05-16 08:32 - 2014-05-16 08:32 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-05-16 08:32 - 2014-05-16 08:32 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-05-15 15:02 - 2014-05-15 15:02 - 00560968 _____ (Safer-Networking Ltd. ) C:\Users\Barry Chapman\Downloads\spybot2-license (1).exe
2014-05-15 14:40 - 2014-05-02 15:45 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Opera Software
2014-05-15 14:27 - 2014-05-15 14:27 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-05-15 13:06 - 2014-05-15 13:05 - 00560968 _____ (Safer-Networking Ltd. ) C:\Users\Barry Chapman\Downloads\spybot2-license.exe
2014-05-15 11:40 - 2014-05-15 11:40 - 00000656 _____ () C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2014-05-15 11:40 - 2014-05-15 11:40 - 00000628 _____ () C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2014-05-15 11:40 - 2014-05-15 11:40 - 00000458 _____ () C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job
2014-05-15 10:56 - 2014-05-15 11:20 - 46392680 _____ (Safer-Networking Ltd. ) C:\Users\Barry Chapman\Downloads\spybot-2.3 (1).exe
2014-05-15 03:28 - 2009-07-14 01:08 - 00014614 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-15 03:03 - 2014-05-06 13:18 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-14 16:16 - 2014-05-14 16:16 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\PDF24
2014-05-14 15:56 - 2014-05-14 15:56 - 00004592 _____ () C:\Windows\System32\Tasks\IdleCrawler Runner
2014-05-14 15:54 - 2014-05-14 15:53 - 02271768 _____ () C:\Users\Barry Chapman\Downloads\Adobe.Acrobat.XI.Pro.v11.0.2.Multilingual.Cracked.exe
2014-05-14 15:27 - 2014-05-14 15:26 - 18873344 _____ () C:\Users\Barry Chapman\Downloads\AcrobatUpd714_all_incr.msp
2014-05-14 15:27 - 2014-05-05 16:54 - 00002501 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat 7.0 Standard.lnk
2014-05-14 15:23 - 2014-05-14 15:22 - 14385152 _____ () C:\Users\Barry Chapman\Downloads\AcrobatUpd713_all_incr.msp
2014-05-14 15:22 - 2014-05-14 15:21 - 03972608 _____ () C:\Users\Barry Chapman\Downloads\AcrobatUpd712_all_incr (1).msp
2014-05-14 15:20 - 2014-05-14 15:20 - 06504448 _____ () C:\Users\Barry Chapman\Downloads\AcroUpd711_all_incr.msp
2014-05-14 15:14 - 2009-07-14 00:45 - 00494176 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-14 15:08 - 2014-05-14 14:34 - 00001520 _____ () C:\Users\Public\Documents\AcStd7_1_0.ini
2014-05-14 14:44 - 2014-05-05 16:54 - 00002459 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Distiller 7.0.lnk
2014-05-14 13:26 - 2014-05-05 12:22 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Help
2014-05-14 11:55 - 2014-05-03 16:40 - 00000000 ____D () C:\Office 2000
2014-05-14 10:26 - 2014-05-14 10:20 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-05-14 10:25 - 2014-05-14 10:25 - 00000000 ____D () C:\Windows\PCHEALTH
2014-05-14 10:22 - 2014-05-14 10:22 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-05-14 10:22 - 2014-05-14 10:22 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-05-14 10:20 - 2014-05-14 10:20 - 00000000 ___RD () C:\MSOCache
2014-05-14 08:36 - 2014-03-21 13:36 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-14 08:36 - 2014-03-21 13:36 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-14 08:36 - 2014-03-21 13:36 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-14 08:30 - 2014-05-14 08:30 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Secunia PSI
2014-05-14 08:29 - 2014-05-14 08:28 - 05329480 _____ (Secunia) C:\Users\Barry Chapman\Downloads\PSISetup.exe
2014-05-13 16:30 - 2014-05-02 15:23 - 00000000 ____D () C:\ProgramData\softthinks
2014-05-13 12:17 - 2014-05-12 07:16 - 00000000 ____D () C:\.bzvol
2014-05-13 12:16 - 2014-05-13 12:16 - 05033216 _____ () C:\Users\Barry Chapman\Downloads\install_backblaze.exe
2014-05-13 12:16 - 2014-05-13 12:16 - 00000000 ____D () C:\ProgramData\Backblaze
2014-05-13 12:04 - 2014-05-13 12:02 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\VMware
2014-05-13 11:38 - 2014-05-13 11:38 - 34209792 _____ () C:\Users\Barry Chapman\Desktop\CHAPMA11_20140505-2014-05-13.QDF-backup
2014-05-13 11:13 - 2014-05-13 08:53 - 00007605 _____ () C:\Users\Barry Chapman\AppData\Local\resmon.resmoncfg
2014-05-13 11:07 - 2014-05-12 13:51 - 00000000 ____D () C:\Program Files\My Lockbox
2014-05-13 11:07 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\spool
2014-05-13 10:04 - 2014-05-13 10:04 - 00000000 _____ () C:\Users\Barry Chapman\AppData\Local\{89B78C50-3F1E-4624-B5B6-B21F413891C7}
2014-05-13 09:55 - 2010-11-21 03:16 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-05-13 08:51 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\Documents\Bluetooth Folder
2014-05-12 20:58 - 2014-05-12 20:43 - 00000000 ____D () C:\Users\Barry Chapman\.asdm
2014-05-12 20:43 - 2014-05-12 20:43 - 00000000 ____D () C:\Program Files (x86)\Cisco Systems
2014-05-12 16:26 - 2014-05-12 16:26 - 00010295 _____ () C:\Users\Barry Chapman\Documents\141046 commitment.wpd
2014-05-12 16:21 - 2014-05-12 16:21 - 00002380 _____ () C:\Users\Barry Chapman\Documents\141046 DATA FILE.wpd
2014-05-12 13:50 - 2014-05-12 13:50 - 04090994 _____ () C:\Users\Barry Chapman\Downloads\mylockbox_setup.zip
2014-05-09 11:38 - 2014-05-09 11:38 - 00000000 ____D () C:\Users\Barry Chapman\Documents\CCWin
2014-05-09 09:28 - 2014-05-05 12:22 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Help
2014-05-09 07:39 - 2014-05-09 07:39 - 00002187 _____ () C:\Users\Public\Desktop\VMware Player.lnk
2014-05-09 07:39 - 2014-05-09 07:39 - 00000000 ____D () C:\Program Files (x86)\VMware
2014-05-09 07:39 - 2011-02-10 10:33 - 00807106 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-05-09 07:38 - 2014-05-09 07:38 - 00000000 ____D () C:\Program Files\Common Files\VMware
2014-05-09 07:35 - 2014-05-09 07:33 - 114794792 _____ (VMware, Inc.) C:\Users\Barry Chapman\Downloads\VMware-player-4.0.6-1035888.exe
2014-05-09 02:14 - 2014-05-14 05:44 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 02:11 - 2014-05-14 05:44 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-07 15:50 - 2014-05-02 16:12 - 00003908 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-07 15:50 - 2014-05-02 16:12 - 00003656 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-07 09:29 - 2014-05-07 09:29 - 00000000 ____D () C:\ProgramData\Canon Electronics
2014-05-07 09:25 - 2014-05-03 13:30 - 00000000 ____D () C:\Program Files (x86)\Canon Electronics
2014-05-07 09:25 - 2014-03-21 13:42 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-07 09:22 - 2014-05-07 09:20 - 79468544 _____ () C:\Users\Barry Chapman\Downloads\CP_Upgrade_V3137 (1).exe
2014-05-07 09:22 - 2014-05-06 07:29 - 00000000 ____D () C:\CapturePerfect Upgrade
2014-05-06 15:59 - 2014-05-06 15:56 - 00000000 ____D () C:\Users\Barry Chapman\Documents\My Documents from old
2014-05-06 14:42 - 2014-05-06 14:42 - 00119964 _____ () C:\Users\Barry Chapman\Downloads\GSCCCA Online Statement.htm
2014-05-06 13:22 - 2014-05-03 13:30 - 00000125 _____ () C:\Windows\SetScan.ini
2014-05-06 13:12 - 2014-05-03 13:30 - 00017862 _____ () C:\Windows\DPINST.LOG
2014-05-06 13:09 - 2014-05-06 13:09 - 14393344 _____ () C:\Users\Barry Chapman\Downloads\2580DRIT_V18SP1 (1).exe
2014-05-06 10:10 - 2014-05-06 10:10 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Oracle
2014-05-06 10:09 - 2014-05-06 10:09 - 00000000 ____D () C:\ProgramData\Sun
2014-05-06 10:09 - 2014-05-06 10:09 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-06 10:07 - 2014-05-06 10:07 - 00921512 _____ (Oracle Corporation) C:\Users\Barry Chapman\Downloads\chromeinstall-7u55.exe
2014-05-06 10:04 - 2014-05-06 10:05 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-05-06 10:04 - 2014-05-06 10:04 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-05-06 10:04 - 2014-05-06 10:04 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-05-06 10:04 - 2014-05-06 10:04 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-05-06 10:04 - 2014-05-06 10:04 - 00000000 ____D () C:\Program Files\Java
2014-05-06 10:04 - 2014-05-06 10:03 - 30818216 _____ (Oracle Corporation) C:\Users\Barry Chapman\Downloads\jre-7u55-windows-x64.exe
2014-05-06 09:27 - 2014-05-06 09:27 - 28808192 _____ () C:\Users\Barry Chapman\Downloads\CP_Upgrade_Ver_3097 (1).exe
2014-05-06 09:06 - 2014-05-06 09:06 - 00000000 _____ () C:\Users\Barry Chapman\Sti_Trace.log
2014-05-06 09:06 - 2014-05-05 17:43 - 00005432 _____ () C:\Windows\pixcache.ini
2014-05-06 08:51 - 2014-05-06 08:51 - 00249856 _____ () C:\Users\Barry Chapman\Downloads\RepairReg.exe
2014-05-06 08:51 - 2014-05-06 08:51 - 00000000 ____D () C:\DR Scanner
2014-05-06 08:47 - 2014-05-06 08:45 - 79468544 _____ () C:\Users\Barry Chapman\Downloads\CP_Upgrade_V3137.exe
2014-05-06 08:43 - 2014-05-06 08:43 - 00000000 ____D () C:\DR2580C
2014-05-06 08:42 - 2014-05-06 08:42 - 14393344 _____ () C:\Users\Barry Chapman\Downloads\2580DRIT_V18SP1.exe
2014-05-06 08:35 - 2014-05-06 08:35 - 00000000 ____D () C:\Users\Barry Chapman\Downloads\d1041mux
2014-05-06 08:35 - 2014-05-06 08:34 - 13259652 _____ () C:\Users\Barry Chapman\Downloads\d1041mux.zip
2014-05-06 07:31 - 2014-05-06 07:31 - 00003228 _____ () C:\Windows\System32\Tasks\{E819857F-629F-4F7B-9FE3-F8B1467A5C1B}
2014-05-06 03:03 - 2014-05-06 03:03 - 00288324 _____ () C:\Windows\msxml4-KB973688-enu.LOG
2014-05-06 03:03 - 2014-05-06 03:02 - 00292408 _____ () C:\Windows\msxml4-KB954430-enu.LOG
2014-05-06 03:02 - 2014-05-06 03:02 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-05-06 00:40 - 2014-05-15 03:06 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 00:17 - 2014-05-15 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-05 23:25 - 2014-05-15 03:06 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-05 23:07 - 2014-05-15 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-05 23:00 - 2014-05-15 03:06 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-05 22:10 - 2014-05-15 03:06 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-05 19:26 - 2014-05-05 17:52 - 28808192 _____ () C:\Users\Barry Chapman\Downloads\CP_Upgrade_Ver_3097.exe
2014-05-05 17:48 - 2014-03-21 13:55 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-05 17:43 - 2014-05-05 17:43 - 00003050 _____ () C:\Windows\System32\Tasks\{BEA2EFCD-E2FA-474A-BB2F-ADE6F46BED5D}
2014-05-05 16:56 - 2014-05-05 16:56 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\AdobeUM
2014-05-05 16:54 - 2014-05-05 16:54 - 00002039 _____ () C:\Users\Public\Desktop\Adobe Acrobat 7.0 Standard.lnk
2014-05-05 16:24 - 2014-05-05 16:23 - 13084896 _____ (Microsoft Corporation) C:\Users\Barry Chapman\Downloads\Silverlight_x64 (1).exe
2014-05-05 16:23 - 2014-05-05 16:23 - 13084896 _____ (Microsoft Corporation) C:\Users\Barry Chapman\Downloads\Silverlight_x64.exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_point64_01011.Wdf
2014-05-05 16:12 - 2014-05-05 16:12 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_dc3d_01011.Wdf
2014-05-05 15:53 - 2014-05-05 15:52 - 19495200 _____ () C:\Users\Barry Chapman\Downloads\upd-ps-x64-5.8.0.17508.exe
2014-05-05 15:53 - 2014-05-05 15:50 - 00000000 ____D () C:\HP Universal Print Driver
2014-05-05 15:49 - 2014-05-05 15:49 - 18409760 _____ () C:\Users\Barry Chapman\Downloads\upd-pcl6-x64-5.8.0.17508.exe
2014-05-05 14:53 - 2014-05-05 14:53 - 00001534 _____ () C:\Users\Barry Chapman\Desktop\Landtech XML.lnk
2014-05-05 14:52 - 2014-05-05 14:52 - 00204800 _____ (Landtech Data Corporation) C:\Windows\SysWOW64\ltwpvsw.DLL
2014-05-05 14:52 - 2014-05-05 14:52 - 00065536 _____ (Landtech Data Corp.) C:\Windows\SysWOW64\LTWNode.exe
2014-05-05 14:52 - 2014-05-05 14:52 - 00004726 _____ () C:\Windows\BOOTSTRAP.LOG
2014-05-05 14:52 - 2014-05-05 14:52 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Landtech XML
2014-05-05 14:44 - 2014-05-05 14:44 - 00000519 _____ () C:\Windows\ODBCINST.INI
2014-05-05 14:44 - 2014-05-05 14:44 - 00000000 ____D () C:\ProgramData\Pervasive Software
2014-05-05 14:44 - 2014-05-05 14:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pervasive
2014-05-05 14:44 - 2014-05-05 14:44 - 00000000 ____D () C:\Program Files (x86)\Pervasive Software
2014-05-05 14:18 - 2014-05-05 14:18 - 00000000 ____D () C:\Wages
2014-05-05 14:17 - 2014-05-05 14:15 - 88823072 _____ () C:\Users\Barry Chapman\Downloads\PSQL-Workgroup-10.30.022.000-win.x86.exe
2014-05-05 12:34 - 2014-05-05 12:34 - 32856361 _____ (wpdos.org ) C:\Users\Barry Chapman\Downloads\WP64DOSBox-Setup.exe
2014-05-05 12:18 - 2014-05-03 13:14 - 00000000 ____D () C:\Program Files (x86)\WordPerfect Office 12
2014-05-05 11:40 - 2014-05-05 11:40 - 00321535 _____ () C:\Users\Barry Chapman\Downloads\contacts.csv
2014-05-05 11:26 - 2014-05-05 11:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-05 11:25 - 2014-05-05 11:25 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Barry Chapman\Downloads\mbam-setup-2.0.1.1004 (1).exe
2014-05-05 11:25 - 2014-05-05 11:24 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Barry Chapman\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-05 11:17 - 2014-05-05 11:16 - 01069064 _____ (Medlin Accounting Software ) C:\Users\Barry Chapman\Downloads\_05-01-2014_medlin_PR_4-6.exe
2014-05-05 11:17 - 2014-05-05 10:49 - 00000580 _____ () C:\Users\Public\Desktop\Medlin Accounting.lnk
2014-05-05 10:40 - 2014-05-05 10:40 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\QuickenWindow
2014-05-05 10:36 - 2014-05-05 10:36 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\IsolatedStorage
2014-05-05 10:28 - 2014-05-05 10:28 - 00000000 ____D () C:\Users\Barry Chapman\Documents\Quicken
2014-05-05 10:24 - 2014-05-05 10:24 - 00001808 _____ () C:\Users\Public\Desktop\Quicken Deluxe 2014.lnk
2014-05-05 10:24 - 2014-05-05 10:24 - 00000126 _____ () C:\Windows\QUICKEN.INI
2014-05-05 10:24 - 2014-05-05 10:24 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Intuit
2014-05-05 10:23 - 2014-05-05 10:23 - 00000000 ____D () C:\ProgramData\Intuit
2014-05-05 10:21 - 2014-05-05 10:18 - 112168720 _____ (Intuit Inc. ) C:\Users\Barry Chapman\Downloads\QW14DLX.exe
2014-05-05 08:58 - 2014-05-05 08:58 - 00000000 __SHD () C:\Users\Barry Chapman\AppData\Local\EmieUserList
2014-05-05 08:58 - 2014-05-05 08:58 - 00000000 __SHD () C:\Users\Barry Chapman\AppData\Local\EmieSiteList
2014-05-05 03:06 - 2014-05-27 18:11 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Microsoft Help
2014-05-05 03:06 - 2014-05-05 03:06 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-05-05 03:06 - 2014-05-05 03:06 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-05-04 18:11 - 2014-05-03 12:01 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\PCDr
2014-05-04 03:39 - 2011-02-10 10:25 - 00000000 ____D () C:\dell
2014-05-03 16:46 - 2014-05-03 16:46 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-05-03 16:30 - 2014-05-03 16:11 - 628097024 _____ () C:\Users\Barry Chapman\Downloads\DVD_Office_2010_32Bit.iso
2014-05-03 16:26 - 2014-05-03 16:26 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\WinRAR
2014-05-03 16:23 - 2014-05-03 16:23 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Macromedia
2014-05-03 16:21 - 2014-05-03 16:21 - 00001161 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-03 16:21 - 2014-05-03 16:21 - 00001149 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-03 16:21 - 2014-05-03 16:21 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Mozilla
2014-05-03 16:21 - 2014-05-03 16:21 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Mozilla
2014-05-03 16:21 - 2014-05-03 16:21 - 00000000 ____D () C:\ProgramData\Mozilla
2014-05-03 16:19 - 2014-05-03 16:19 - 00282960 _____ (Mozilla) C:\Users\Barry Chapman\Downloads\Firefox Setup Stub 29.0.exe
2014-05-03 16:10 - 2014-05-03 16:10 - 01766784 _____ () C:\Users\Barry Chapman\Downloads\wrar500.exe
2014-05-03 16:10 - 2014-05-03 16:10 - 00001007 _____ () C:\Users\Public\Desktop\WinRAR.lnk
2014-05-03 15:41 - 2014-05-03 15:41 - 00000376 _____ () C:\Windows\ODBC.INI
2014-05-03 15:40 - 2014-05-03 15:40 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Microsoft Web Folders
2014-05-03 15:20 - 2014-05-03 15:20 - 00718172 _____ () C:\Users\Barry Chapman\Downloads\Windows6.1-KB917607-x64.msu
2014-05-03 15:20 - 2014-05-03 15:20 - 00703811 _____ () C:\Users\Barry Chapman\Downloads\Windows6.1-KB917607-x86.msu
2014-05-03 14:14 - 2014-05-03 14:14 - 00000000 ____D () C:\Program Files (x86)\Kyocera
2014-05-03 14:02 - 2014-05-03 14:02 - 00003102 _____ () C:\Windows\System32\Tasks\{274EC4EA-7BEE-46DD-B238-1777098F3282}
2014-05-03 13:53 - 2014-05-03 13:53 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Canon Electronics
2014-05-03 13:52 - 2014-05-03 13:38 - 00000000 ____D () C:\Users\Barry Chapman\Documents\Corel User Files
2014-05-03 13:38 - 2014-05-03 13:38 - 00061678 _____ () C:\Users\Barry Chapman\AppData\Roaming\PFP120JPR.{PB
2014-05-03 13:38 - 2014-05-03 13:38 - 00012358 _____ () C:\Users\Barry Chapman\AppData\Roaming\PFP120JCM.{PB
2014-05-03 13:38 - 2014-05-03 13:38 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Corel
2014-05-03 13:17 - 2014-05-03 13:17 - 00002607 _____ () C:\Users\Barry Chapman\Desktop\WordPerfect.lnk
2014-05-02 16:23 - 2014-05-02 16:12 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Google
2014-05-02 15:58 - 2014-05-02 15:58 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Apps\2.0
2014-05-02 15:42 - 2014-05-02 15:42 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Macromedia
2014-05-02 15:26 - 2014-05-02 15:26 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Intel Corporation
2014-05-02 15:25 - 2014-05-02 15:25 - 00004004 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2014-05-02 15:25 - 2014-05-02 15:25 - 00003214 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest
2014-05-02 15:25 - 2014-05-02 15:25 - 00001415 _____ () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-02 15:25 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Leadertech
2014-05-02 15:25 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Dell
2014-05-02 15:25 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Atheros
2014-05-02 15:25 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\BMExplorer
2014-05-02 15:23 - 2014-05-02 15:23 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\softthinks
2014-05-02 15:18 - 2014-05-02 15:18 - 00001975 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Help Documentation.lnk
2014-05-02 15:17 - 2014-05-02 15:17 - 00000020 ___SH () C:\Users\Barry Chapman\ntuser.ini
2014-05-02 15:09 - 2011-02-10 10:25 - 00000000 ____D () C:\Windows\panther
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-05-27 15:15
==================== End Of Log ============================
Looks like IE is ok but still have that proxy with FF
Try uninstalling FF with Revo Uninstaller Free
http://www.revouninstaller.com/revo_uninstaller_free_download.html
brchapman
2014-05-28, 17:38
The program didn't show up for Revo to uninstall, so I opened Explorer and searched for Firefox files and deleted them. I ran another FRST scan. Part 1:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-05-2014 02
Ran by Barry Chapman (administrator) on BARRYSNEW on 28-05-2014 10:22:55
Running from C:\Users\Barry Chapman\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
() C:\Program Files (x86)\Backblaze\bzserv.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Pervasive Software Inc.) C:\Program Files (x86)\Pervasive Software\PSQL\bin\w3dbsmgr.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files (x86)\Backblaze\bzbui.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
() C:\Program Files (x86)\Quicken\qw.exe
(Landtech Data Corporation) C:\LTAPPS\LTWXML\LTWMain.exe
(Landtech Data Corp.) C:\Windows\SysWOW64\LTWNode.exe
(Landtech Data Corporation) C:\LTAPPS\LTWXML\LtwOld.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(VS Revo Group) C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
(VS Revo Group) C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7194840 2013-07-26] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-07-29] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286056 2013-07-29] (Intel Corporation)
HKLM\...\Run: [CANON DR2580C SVC] => C:\Windows\system32\DR25SVC.dll [152576 2012-12-17] (Canon Electronics)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101584 2014-04-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [645168 2013-09-11] (McAfee, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoFolderOptions] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-670280924-550259233-2201882432-1000\...\Run: [updateMgr] => C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe [313472 2006-03-30] (Adobe Systems Incorporated)
HKU\S-1-5-21-670280924-550259233-2201882432-1000\...\Run: [Backblaze] => C:\Program Files (x86)\Backblaze\bzbui.exe [492136 2014-05-13] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
ShortcutTarget: Adobe Acrobat Speed Launcher.lnk -> C:\Windows\Installer\{AC76BA86-1033-F400-BA7E-100000000002}\SC_Acrobat.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start Pervasive PSQL Workgroup Engine.lnk
ShortcutTarget: Start Pervasive PSQL Workgroup Engine.lnk -> C:\Windows\Installer\{0A3238D7-AB32-1030-B717-F3E3F18B4A8C}\WGE.14A03FCD_EA43_4130_A5C0_F02D38895A13.exe ()
Startup: C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
ShortcutTarget: ERUNT AutoBackup.lnk -> C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {D81273E4-7658-47B6-8075-3D404C64D87C} URL = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=DCJB
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {D81273E4-7658-47B6-8075-3D404C64D87C} URL = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=DCJB
SearchScopes: HKLM-x32 - {D81273E4-7658-47B6-8075-3D404C64D87C} URL = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=DCJB
SearchScopes: HKCU - DefaultScope {D81273E4-7658-47B6-8075-3D404C64D87C} URL =
SearchScopes: HKCU - {D81273E4-7658-47B6-8075-3D404C64D87C} URL =
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Qualcomm®Atheros®)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4 205.152.144.23 205.152.132.23
FireFox:
========
FF ProfilePath: C:\Users\Barry Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\76t9nm76.default
FF NetworkProxy: "type", 1);user_pref("network.proxy.http", "127.0.0.1");user_pref("network.proxy.http_port", 8118);user_pref("network.proxy.ssl", "127.0.0.1");user_pref("network.cookie.cookieBehavior", 1
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-03-21]
Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR StartupUrls: "hxxp://www.google.com/"
CHR Extension: (Google Docs) - C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-02]
CHR Extension: (Google Drive) - C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-02]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-20]
CHR Extension: (YouTube) - C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-02]
CHR Extension: (Google Search) - C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-02]
CHR Extension: (Google Wallet) - C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-02]
CHR Extension: (Gmail) - C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-02]
==================== Services (Whitelisted) =================
R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [312448 2013-07-02] (Windows (R) Win 7 DDK provider)
R2 bzserv; C:\Program Files (x86)\Backblaze\bzserv.exe [234600 2014-05-13] ()
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [14696 2013-07-29] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-25] (Intel Corporation)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334760 2012-12-21] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.)
R2 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-03-18] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-04-03] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-04-03] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-19] (Realtek Semiconductor)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738200 2014-04-25] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [1915920 2014-04-04] (SoftThinks SAS)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [81536 2013-06-20] (Atheros)
==================== Drivers (Whitelisted) ====================
R3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [77464 2013-07-02] (Qualcomm Atheros)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70592 2014-04-03] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2013-07-24] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [177544 2014-04-03] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311856 2014-04-03] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [522360 2014-04-03] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [784760 2014-04-03] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [441264 2014-03-18] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96592 2014-03-18] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [346760 2014-04-03] (McAfee, Inc.)
R1 SDHookDriver; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys [64160 2014-04-25] ()
R3 usbscan; C:\Windows\SysWOW64\DRIVERS\usbscan.sys [14000 2002-05-13] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-28 10:16 - 2014-05-28 10:16 - 00003280 _____ () C:\Windows\System32\Tasks\{95BE5CC7-569D-4DCD-8121-A5FE0664FAF2}
2014-05-28 10:12 - 2014-05-28 10:12 - 00001319 _____ () C:\Users\Barry Chapman\Desktop\Revo Uninstaller.lnk
2014-05-28 10:12 - 2014-05-28 10:12 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-28 10:11 - 2014-05-28 10:11 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Barry Chapman\Desktop\revosetup.exe
2014-05-28 08:59 - 2014-05-28 08:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-05-28 07:18 - 2014-05-28 07:18 - 00065311 _____ () C:\Users\Barry Chapman\Desktop\Result.txt
2014-05-28 07:14 - 2014-05-28 07:14 - 00982016 _____ (Farbar) C:\Users\Barry Chapman\Desktop\MiniToolBox.exe
2014-05-27 18:13 - 2014-05-27 18:13 - 00132680 _____ () C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-27 18:13 - 2014-05-27 18:13 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\WinRAR
2014-05-27 18:13 - 2014-05-27 18:13 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Intel Corporation
2014-05-27 18:12 - 2014-05-27 18:12 - 00001460 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-27 18:12 - 2014-05-27 18:12 - 00000000 ___RD () C:\Users\Administrator\Virtual Machines
2014-05-27 18:12 - 2014-05-27 18:12 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-27 18:12 - 2014-05-27 18:12 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-27 18:12 - 2014-05-27 18:12 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Adobe
2014-05-27 18:12 - 2014-05-27 18:12 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-05-27 18:11 - 2014-05-27 18:12 - 00000000 ____D () C:\Users\Administrator
2014-05-27 18:11 - 2014-05-27 18:11 - 00000020 ___SH () C:\Users\Administrator\ntuser.ini
2014-05-27 18:11 - 2014-05-20 18:19 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-27 18:11 - 2014-05-20 18:19 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-27 18:11 - 2014-05-16 08:32 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Macromedia
2014-05-27 18:11 - 2014-05-05 03:06 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Microsoft Help
2014-05-27 16:22 - 2014-05-28 10:22 - 00021031 _____ () C:\Users\Barry Chapman\Desktop\FRST.txt
2014-05-27 16:22 - 2014-05-28 10:22 - 00000000 ____D () C:\FRST
2014-05-27 16:22 - 2014-05-27 17:32 - 00038057 _____ () C:\Users\Barry Chapman\Desktop\Addition.txt
2014-05-27 16:21 - 2014-05-27 16:21 - 02066944 _____ (Farbar) C:\Users\Barry Chapman\Desktop\FRST64.exe
2014-05-27 13:59 - 2014-05-27 15:40 - 00000008 _____ () C:\LTLASTFN.DAT
2014-05-27 13:29 - 2014-05-27 13:29 - 00043987 _____ () C:\ComboFix.txt
2014-05-27 12:58 - 2011-06-26 02:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-27 12:58 - 2010-11-07 13:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-27 12:58 - 2009-04-20 00:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-27 12:58 - 2000-08-30 20:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-27 12:58 - 2000-08-30 20:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-27 12:58 - 2000-08-30 20:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-27 12:58 - 2000-08-30 20:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-27 12:58 - 2000-08-30 20:00 - 00068096 _____ () C:\Windows\zip.exe
2014-05-27 12:51 - 2014-05-27 12:51 - 00001540 _____ () C:\Users\Barry Chapman\Desktop\ComboFix.exe - Shortcut.lnk
2014-05-27 12:50 - 2014-05-27 13:29 - 00000000 ____D () C:\Qoobox
2014-05-27 12:46 - 2014-05-27 12:47 - 05203612 ____R () C:\Users\Barry Chapman\Downloads\ComboFix.exe
2014-05-27 11:30 - 2014-05-27 11:30 - 00000000 ___RD () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-05-27 11:23 - 2014-05-27 11:23 - 00000000 ____D () C:\_OTL
2014-05-27 10:03 - 2014-05-27 10:03 - 00056788 _____ () C:\Users\Barry Chapman\Downloads\Extras.Txt
2014-05-27 10:02 - 2014-05-27 15:57 - 00198204 _____ () C:\Users\Barry Chapman\Downloads\OTL.Txt
2014-05-27 09:54 - 2014-05-27 09:54 - 00602112 _____ (OldTimer Tools) C:\Users\Barry Chapman\Downloads\OTL.exe
2014-05-27 09:25 - 2014-05-27 09:13 - 01440846 _____ () C:\Program Files (x86)\mbam-chameleon-1.62.1.1000.zip
2014-05-27 09:18 - 2014-05-27 09:18 - 00000000 ____D () C:\Malwarebytes' Anti-Malware
2014-05-27 09:01 - 2014-05-27 09:01 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Barry Chapman\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-05-27 08:58 - 2014-05-27 08:58 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Barry Chapman\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-26 10:19 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-26 10:17 - 2014-05-26 10:17 - 01327971 _____ () C:\Users\Barry Chapman\Downloads\AdwCleaner.exe
2014-05-25 11:49 - 2014-05-25 11:49 - 00004447 _____ () C:\Users\Barry Chapman\Desktop\attach.zip
2014-05-25 11:38 - 2014-05-25 11:38 - 00002135 _____ () C:\Users\Barry Chapman\Desktop\aswMBR.txt
2014-05-25 11:38 - 2014-05-25 11:38 - 00000512 _____ () C:\Users\Barry Chapman\Desktop\MBR.dat
2014-05-25 10:52 - 2014-05-25 10:52 - 00004315 _____ () C:\Users\Barry Chapman\Desktop\attach.rar
2014-05-25 10:46 - 2014-05-25 10:46 - 00042419 _____ () C:\Users\Barry Chapman\Desktop\dds.txt
2014-05-25 10:46 - 2014-05-25 10:46 - 00020635 _____ () C:\Users\Barry Chapman\Desktop\attach.txt
2014-05-25 10:43 - 2014-05-25 10:43 - 04745728 _____ (AVAST Software) C:\Users\Barry Chapman\Downloads\aswMBR.exe
2014-05-25 10:38 - 2014-05-27 13:27 - 00000000 ____D () C:\Windows\ERDNT
2014-05-25 10:38 - 2014-05-25 10:38 - 00688992 ____R (Swearware) C:\Users\Barry Chapman\Downloads\dds (1).scr
2014-05-25 10:36 - 2014-05-25 10:37 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-05-25 10:36 - 2014-05-25 10:36 - 00791393 _____ (Lars Hederer ) C:\Users\Barry Chapman\Downloads\erunt-setup (2).exe
2014-05-25 10:36 - 2014-05-25 10:36 - 00000960 _____ () C:\Users\Barry Chapman\Desktop\ERUNT.lnk
2014-05-25 10:36 - 2014-05-25 10:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
2014-05-24 12:00 - 2014-05-24 12:00 - 00688992 _____ (Swearware) C:\Users\Barry Chapman\Downloads\dds.scr
2014-05-24 11:59 - 2014-05-24 11:59 - 00791393 _____ (Lars Hederer ) C:\Users\Barry Chapman\Downloads\erunt-setup (1).exe
2014-05-24 11:57 - 2014-05-24 11:57 - 00791393 _____ (Lars Hederer ) C:\Users\Barry Chapman\Downloads\erunt-setup.exe
2014-05-23 08:25 - 2014-05-23 08:25 - 00000000 ____D () C:\New folder
2014-05-23 07:48 - 2014-05-23 07:48 - 624028561 _____ () C:\Windows\MEMORY.DMP
2014-05-23 07:48 - 2014-05-23 07:48 - 00280128 _____ () C:\Windows\Minidump\052314-21138-01.dmp
2014-05-23 07:48 - 2014-05-23 07:48 - 00000000 ____D () C:\Windows\Minidump
2014-05-23 07:43 - 2014-05-23 07:43 - 00162208 _____ () C:\Users\Barry Chapman\Downloads\Antivirus_Free_Edition (1).exe
2014-05-23 07:41 - 2014-05-23 07:41 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\QuickScan
2014-05-23 07:40 - 2014-05-23 07:43 - 10447328 _____ () C:\Users\Barry Chapman\Downloads\Antivirus_Free_Edition_x64.exe
2014-05-23 07:39 - 2014-05-23 07:39 - 00162208 _____ () C:\Users\Barry Chapman\Downloads\Antivirus_Free_Edition.exe
2014-05-22 15:37 - 2014-05-22 15:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2014-05-22 15:35 - 2014-05-22 15:35 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-05-22 15:35 - 2014-05-22 15:35 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-05-22 15:35 - 2014-05-22 15:35 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-05-22 15:35 - 2014-05-22 15:35 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-05-22 15:35 - 2014-05-22 15:35 - 00000000 ____D () C:\Program Files (x86)\Java
2014-05-22 13:22 - 2014-05-22 13:23 - 00051706 _____ () C:\Windows\SysWOW64\bddel.dat
2014-05-22 10:47 - 2014-05-22 10:47 - 00000000 ____D () C:\Program Files (x86)\Spybot
2014-05-22 08:13 - 2014-05-22 09:31 - 00017970 _____ () C:\Users\Barry Chapman\Desktop\Nmc_2014-05-22_08-13-17.log
2014-05-22 08:08 - 2014-05-22 08:11 - 00003374 _____ () C:\Users\Barry Chapman\Desktop\Nmc_2014-05-22_08-08-46.log
2014-05-22 07:57 - 2014-05-22 08:06 - 332119856 _____ (Norman Shark AS) C:\Users\Barry Chapman\Downloads\Norman_Malware_Cleaner (1).exe
2014-05-21 11:27 - 2014-05-21 11:27 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\TuneUp Software
2014-05-21 11:16 - 2014-05-23 07:03 - 00000000 ____D () C:\ProgramData\MFAData
2014-05-21 11:16 - 2014-05-21 11:16 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\MFAData
2014-05-21 11:15 - 2014-05-21 11:15 - 04485528 _____ (AVG Technologies) C:\Users\Barry Chapman\Downloads\avg_free_stb_all_2014_4577_cnet.exe
2014-05-21 09:31 - 2014-05-21 10:04 - 00014960 _____ () C:\Users\Barry Chapman\Desktop\Nmc_2014-05-21_09-31-37.log
2014-05-21 09:01 - 2014-05-21 09:08 - 331917560 _____ (Norman Shark AS) C:\Users\Barry Chapman\Downloads\Norman_Malware_Cleaner.exe
2014-05-20 14:54 - 2014-05-20 15:49 - 00025110 _____ () C:\Users\Barry Chapman\Desktop\Nmc_2014-05-20_14-54-17.log
2014-05-20 14:53 - 2014-05-20 14:53 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Norman Malware Cleaner
2014-05-20 12:44 - 2014-05-20 13:35 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-05-20 12:34 - 2014-05-20 12:34 - 00000914 _____ () C:\Users\Barry Chapman\Desktop\JRT.txt
2014-05-20 10:29 - 2014-05-20 10:30 - 04957528 _____ (SurfRight B.V.) C:\Users\Barry Chapman\Downloads\Unconfirmed 912715.crdownload
2014-05-19 16:42 - 2014-05-26 10:25 - 00000000 ____D () C:\AdwCleaner
2014-05-19 10:55 - 2014-05-19 10:55 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-05-19 10:20 - 2014-05-19 10:20 - 00000000 ____D () C:\Adobe XI Pro
2014-05-19 08:08 - 2014-05-20 18:24 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-05-19 07:54 - 2014-05-19 07:54 - 00000000 ____D () C:\Users\Barry Chapman\Documents\ProcAlyzer Dumps
2014-05-16 10:51 - 2014-05-27 09:22 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\CrashDumps
2014-05-16 09:39 - 2014-05-16 09:39 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\SUPERAntiSpyware.com
2014-05-16 09:39 - 2014-05-16 09:39 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-05-16 08:33 - 2014-05-20 17:34 - 00000000 ____D () C:\Program Files (x86)\Adobe Download Assistant
2014-05-16 08:33 - 2014-05-16 08:33 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2014-05-16 08:32 - 2014-05-16 08:32 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-05-16 08:32 - 2014-05-16 08:32 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-05-15 15:02 - 2014-05-15 15:02 - 00560968 _____ (Safer-Networking Ltd. ) C:\Users\Barry Chapman\Downloads\spybot2-license (1).exe
2014-05-15 14:27 - 2014-05-15 14:27 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-05-15 13:05 - 2014-05-15 13:06 - 00560968 _____ (Safer-Networking Ltd. ) C:\Users\Barry Chapman\Downloads\spybot2-license.exe
2014-05-15 12:49 - 2009-06-10 17:00 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hosts.20140515-124903.backup
2014-05-15 11:40 - 2014-05-22 10:49 - 00001446 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-05-15 11:40 - 2014-05-22 10:49 - 00001434 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-05-15 11:40 - 2014-05-22 10:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-05-15 11:40 - 2014-05-15 11:40 - 00000656 _____ () C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2014-05-15 11:40 - 2014-05-15 11:40 - 00000628 _____ () C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2014-05-15 11:40 - 2014-05-15 11:40 - 00000458 _____ () C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job
2014-05-15 11:40 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2014-05-15 11:21 - 2014-05-22 10:51 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-05-15 11:21 - 2014-05-22 10:49 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-05-15 11:20 - 2014-05-15 10:56 - 46392680 _____ (Safer-Networking Ltd. ) C:\Users\Barry Chapman\Downloads\spybot-2.3 (1).exe
2014-05-15 03:25 - 2014-05-20 17:52 - 00000000 ___RD () C:\Users\Barry Chapman\Virtual Machines
2014-05-15 03:06 - 2014-05-06 00:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-15 03:06 - 2014-05-06 00:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-15 03:06 - 2014-05-05 23:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-15 03:06 - 2014-05-05 23:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-15 03:06 - 2014-05-05 23:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-15 03:06 - 2014-05-05 22:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-14 16:16 - 2014-05-14 16:16 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\PDF24
2014-05-14 15:56 - 2014-05-26 10:24 - 00000000 ____D () C:\Program Files (x86)\MSR
2014-05-14 15:56 - 2014-05-14 15:56 - 00004592 _____ () C:\Windows\System32\Tasks\IdleCrawler Runner
2014-05-14 15:54 - 2014-05-20 17:52 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\wi_upd
2014-05-14 15:53 - 2014-05-14 15:54 - 02271768 _____ () C:\Users\Barry Chapman\Downloads\Adobe.Acrobat.XI.Pro.v11.0.2.Multilingual.Cracked.exe
2014-05-14 15:26 - 2014-05-14 15:27 - 18873344 _____ () C:\Users\Barry Chapman\Downloads\AcrobatUpd714_all_incr.msp
2014-05-14 15:22 - 2014-05-14 15:23 - 14385152 _____ () C:\Users\Barry Chapman\Downloads\AcrobatUpd713_all_incr.msp
2014-05-14 15:21 - 2014-05-14 15:22 - 03972608 _____ () C:\Users\Barry Chapman\Downloads\AcrobatUpd712_all_incr (1).msp
2014-05-14 15:20 - 2014-05-14 15:20 - 06504448 _____ () C:\Users\Barry Chapman\Downloads\AcroUpd711_all_incr.msp
2014-05-14 14:34 - 2014-05-14 15:08 - 00001520 _____ () C:\Users\Public\Documents\AcStd7_1_0.ini
2014-05-14 11:56 - 2014-05-27 18:11 - 00000000 ____D () C:\Users\Barry Chapman\Documents\Outlook Files
2014-05-14 10:26 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-05-14 10:25 - 2014-05-14 10:25 - 00000000 ____D () C:\Windows\PCHEALTH
2014-05-14 10:22 - 2014-05-14 10:22 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-05-14 10:22 - 2014-05-14 10:22 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-05-14 10:20 - 2014-05-14 10:26 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-05-14 10:20 - 2014-05-14 10:20 - 00000000 ___RD () C:\MSOCache
2014-05-14 08:30 - 2014-05-20 16:20 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-05-14 08:30 - 2014-05-14 08:30 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Secunia PSI
2014-05-14 08:28 - 2014-05-14 08:29 - 05329480 _____ (Secunia) C:\Users\Barry Chapman\Downloads\PSISetup.exe
2014-05-14 05:44 - 2014-05-09 02:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-14 05:44 - 2014-05-09 02:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-14 05:44 - 2014-04-11 22:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 05:44 - 2014-04-11 22:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 05:44 - 2014-04-11 22:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 05:44 - 2014-04-11 22:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 05:44 - 2014-04-11 22:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 05:44 - 2014-04-11 22:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 05:44 - 2014-04-11 22:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-14 05:44 - 2014-04-11 22:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-14 05:44 - 2014-04-11 22:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-14 05:44 - 2014-03-24 22:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 05:44 - 2014-03-24 22:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-14 05:44 - 2014-03-04 05:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 05:44 - 2014-03-04 05:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 05:44 - 2014-03-04 05:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 05:44 - 2014-03-04 05:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 05:44 - 2014-03-04 05:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 05:44 - 2014-03-04 05:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 05:44 - 2014-03-04 05:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 05:44 - 2014-03-04 05:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 05:44 - 2014-03-04 05:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-14 05:44 - 2014-03-04 05:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 05:44 - 2014-03-04 05:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-14 05:44 - 2014-03-04 05:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-14 05:44 - 2014-03-04 05:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-14 05:44 - 2014-03-04 05:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-14 05:44 - 2014-03-04 05:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 05:44 - 2014-03-04 05:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 05:44 - 2014-03-04 05:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-14 05:44 - 2014-03-04 05:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-14 05:44 - 2014-03-04 05:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-14 05:44 - 2014-03-04 05:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-13 12:17 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backblaze
2014-05-13 12:16 - 2014-05-20 17:44 - 00000000 ____D () C:\Program Files (x86)\Backblaze
2014-05-13 12:16 - 2014-05-13 12:16 - 05033216 _____ () C:\Users\Barry Chapman\Downloads\install_backblaze.exe
2014-05-13 12:16 - 2014-05-13 12:16 - 00000000 ____D () C:\ProgramData\Backblaze
2014-05-13 12:02 - 2014-05-13 12:04 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\VMware
2014-05-13 11:38 - 2014-05-13 11:38 - 34209792 _____ () C:\Users\Barry Chapman\Desktop\CHAPMA11_20140505-2014-05-13.QDF-backup
2014-05-13 11:18 - 2014-05-20 17:55 - 00000000 ____D () C:\Windows\pss
2014-05-13 11:00 - 2014-05-20 17:52 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\VMware
2014-05-13 10:04 - 2014-05-13 10:04 - 00000000 _____ () C:\Users\Barry Chapman\AppData\Local\{89B78C50-3F1E-4624-B5B6-B21F413891C7}
2014-05-13 08:53 - 2014-05-13 11:13 - 00007605 _____ () C:\Users\Barry Chapman\AppData\Local\resmon.resmoncfg
2014-05-12 20:43 - 2014-05-12 20:58 - 00000000 ____D () C:\Users\Barry Chapman\.asdm
2014-05-12 20:43 - 2014-05-12 20:43 - 00000000 ____D () C:\Program Files (x86)\Cisco Systems
2014-05-12 16:26 - 2014-05-12 16:26 - 00010295 _____ () C:\Users\Barry Chapman\Documents\141046 commitment.wpd
2014-05-12 16:21 - 2014-05-12 16:21 - 00002380 _____ () C:\Users\Barry Chapman\Documents\141046 DATA FILE.wpd
2014-05-12 13:51 - 2014-05-13 11:07 - 00000000 ____D () C:\Program Files\My Lockbox
2014-05-12 13:50 - 2014-05-12 13:50 - 04090994 _____ () C:\Users\Barry Chapman\Downloads\mylockbox_setup.zip
2014-05-12 07:16 - 2014-05-13 12:17 - 00000000 ____D () C:\.bzvol
2014-05-09 11:38 - 2014-05-09 11:38 - 00000000 ____D () C:\Users\Barry Chapman\Documents\CCWin
2014-05-09 07:41 - 2013-03-01 02:27 - 00063568 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmx86.sys
2014-05-09 07:40 - 2013-03-01 02:27 - 00943184 _____ (VMware, Inc.) C:\Windows\system32\vnetlib64.dll
2014-05-09 07:40 - 2013-03-01 02:27 - 00354896 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
2014-05-09 07:40 - 2013-03-01 02:26 - 00434256 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
2014-05-09 07:40 - 2013-03-01 02:26 - 00030800 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmnetuserif.sys
2014-05-09 07:39 - 2014-05-27 13:24 - 00000000 ____D () C:\ProgramData\VMware
2014-05-09 07:39 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
2014-05-09 07:39 - 2014-05-09 07:39 - 00002187 _____ () C:\Users\Public\Desktop\VMware Player.lnk
2014-05-09 07:39 - 2014-05-09 07:39 - 00000000 ____D () C:\Program Files (x86)\VMware
2014-05-09 07:39 - 2013-03-01 02:26 - 00033360 _____ (VMware, Inc.) C:\Windows\system32\Drivers\VMkbd.sys
2014-05-09 07:39 - 2011-08-29 22:11 - 00039024 _____ (VMware, Inc.) C:\Windows\system32\Drivers\hcmon.sys
2014-05-09 07:38 - 2014-05-09 07:38 - 00000000 ____D () C:\Program Files\Common Files\VMware
2014-05-09 07:33 - 2014-05-09 07:35 - 114794792 _____ (VMware, Inc.) C:\Users\Barry Chapman\Downloads\VMware-player-4.0.6-1035888.exe
2014-05-07 09:42 - 2006-05-16 21:40 - 00753936 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXANNOT.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00463120 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXJP2K.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00209168 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXNOTEN.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00119056 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXJBGN.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00102672 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXTIFFN.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00094480 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXAPS.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00074000 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXNAMEN.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00069904 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXDLGN.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00057616 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXLZWN.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00049424 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXTHK32.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00045328 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXSLN.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00045328 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXRAMN.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00045328 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXPANN.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00045328 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXMPN.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00045328 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXMDLGN.DLL
2014-05-07 09:42 - 2006-05-16 21:23 - 00006416 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXTHK16.DLL
2014-05-07 09:42 - 2006-05-16 21:22 - 00231552 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXDFLT.DLL
2014-05-07 09:42 - 2006-05-16 21:22 - 00023152 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXPERM.DLL
2014-05-07 09:42 - 2006-05-16 21:22 - 00016048 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXLOC.DLL
2014-05-07 09:42 - 2006-05-16 21:19 - 00327680 ____N (The University of New South Wales) C:\Windows\SysWOW64\PIXJP2KI.DLL
2014-05-07 09:42 - 2006-05-16 21:19 - 00051959 ____N () C:\Windows\SysWOW64\PIXNAME.HLP
2014-05-07 09:42 - 2005-02-10 18:17 - 00011968 ____N (Pixel Translations Incorporated) C:\Windows\SysWOW64\PIXMDLLC.CPL
2014-05-07 09:29 - 2014-05-07 09:29 - 00000000 ____D () C:\ProgramData\Canon Electronics
2014-05-07 09:25 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CapturePerfect 3.1
2014-05-07 09:20 - 2014-05-07 09:22 - 79468544 _____ () C:\Users\Barry Chapman\Downloads\CP_Upgrade_V3137 (1).exe
2014-05-06 15:56 - 2014-05-06 15:59 - 00000000 ____D () C:\Users\Barry Chapman\Documents\My Documents from old
2014-05-06 14:42 - 2014-05-06 14:42 - 00119964 _____ () C:\Users\Barry Chapman\Downloads\GSCCCA Online Statement.htm
2014-05-06 13:18 - 2014-05-18 03:05 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-06 13:18 - 2014-05-15 03:03 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-06 13:12 - 2012-12-17 08:56 - 00152576 _____ (Canon Electronics) C:\Windows\system32\DR25SVC.dll
2014-05-06 13:12 - 2009-05-13 16:08 - 00491792 _____ (Captiva Software Corp.) C:\Windows\SysWOW64\qd1.dll
2014-05-06 13:09 - 2014-05-06 13:09 - 14393344 _____ () C:\Users\Barry Chapman\Downloads\2580DRIT_V18SP1 (1).exe
2014-05-06 10:10 - 2014-05-06 10:10 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Oracle
2014-05-06 10:09 - 2014-05-06 10:09 - 00000000 ____D () C:\ProgramData\Sun
brchapman
2014-05-28, 17:39
2014-05-06 10:09 - 2014-05-06 10:09 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-06 10:07 - 2014-05-06 10:07 - 00921512 _____ (Oracle Corporation) C:\Users\Barry Chapman\Downloads\chromeinstall-7u55.exe
2014-05-06 10:05 - 2014-05-06 10:04 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-05-06 10:04 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-06 10:04 - 2014-05-06 10:04 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-05-06 10:04 - 2014-05-06 10:04 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-05-06 10:04 - 2014-05-06 10:04 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-05-06 10:04 - 2014-05-06 10:04 - 00000000 ____D () C:\Program Files\Java
2014-05-06 10:03 - 2014-05-06 10:04 - 30818216 _____ (Oracle Corporation) C:\Users\Barry Chapman\Downloads\jre-7u55-windows-x64.exe
2014-05-06 09:31 - 2006-05-16 21:40 - 00233744 _____ (EMC Corporation) C:\Windows\SysWOW64\PIXMDLN.DLL
2014-05-06 09:27 - 2014-05-06 09:27 - 28808192 _____ () C:\Users\Barry Chapman\Downloads\CP_Upgrade_Ver_3097 (1).exe
2014-05-06 09:09 - 2009-05-13 16:16 - 00200704 _____ (EMC Corporation) C:\Windows\SysWOW64\twpix32.dll
2014-05-06 09:09 - 2009-05-13 16:05 - 00021008 _____ (Microsoft Corporation) C:\Windows\system\Ctl3d.dll
2014-05-06 09:09 - 2003-12-18 18:09 - 00231552 _____ (Pixel Translations Incorporated) C:\Windows\system\Pixdflt.dll
2014-05-06 09:09 - 2003-12-18 18:09 - 00023152 _____ (Pixel Translations Incorporated) C:\Windows\system\Pixperm.dll
2014-05-06 09:09 - 2003-12-18 18:09 - 00016064 _____ (Pixel Translations Incorporated) C:\Windows\system\Pixloc.dll
2014-05-06 09:09 - 2002-11-06 11:21 - 00063248 _____ () C:\Windows\SysWOW64\picn1120.ssm
2014-05-06 09:09 - 1998-04-13 13:13 - 00098304 _____ (Cornerstone Imaging, Inc.) C:\Windows\SysWOW64\Wiaext32.dll
2014-05-06 09:06 - 2014-05-06 09:06 - 00000000 _____ () C:\Users\Barry Chapman\Sti_Trace.log
2014-05-06 09:05 - 2014-05-20 17:26 - 00000000 ____D () C:\Users\Barry Chapman\Desktop\CapturePerfect 3.0
2014-05-06 08:51 - 2014-05-06 08:51 - 00249856 _____ () C:\Users\Barry Chapman\Downloads\RepairReg.exe
2014-05-06 08:51 - 2014-05-06 08:51 - 00000000 ____D () C:\DR Scanner
2014-05-06 08:45 - 2014-05-06 08:47 - 79468544 _____ () C:\Users\Barry Chapman\Downloads\CP_Upgrade_V3137.exe
2014-05-06 08:43 - 2014-05-06 08:43 - 00000000 ____D () C:\DR2580C
2014-05-06 08:42 - 2014-05-06 08:42 - 14393344 _____ () C:\Users\Barry Chapman\Downloads\2580DRIT_V18SP1.exe
2014-05-06 08:37 - 2008-11-11 19:00 - 00096768 _____ (Canon Electronics Inc.) C:\Windows\system32\DR25CPL.dll
2014-05-06 08:37 - 2007-04-24 07:53 - 00083456 _____ (Canon Electronics Inc.) C:\Windows\system32\CeiUSB64.dll
2014-05-06 08:35 - 2014-05-06 08:35 - 00000000 ____D () C:\Users\Barry Chapman\Downloads\d1041mux
2014-05-06 08:34 - 2014-05-06 08:35 - 13259652 _____ () C:\Users\Barry Chapman\Downloads\d1041mux.zip
2014-05-06 07:52 - 2014-05-20 18:19 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-06 07:31 - 2014-05-06 07:31 - 00003228 _____ () C:\Windows\System32\Tasks\{E819857F-629F-4F7B-9FE3-F8B1467A5C1B}
2014-05-06 07:29 - 2014-05-07 09:22 - 00000000 ____D () C:\CapturePerfect Upgrade
2014-05-06 03:03 - 2014-05-06 03:03 - 00288324 _____ () C:\Windows\msxml4-KB973688-enu.LOG
2014-05-06 03:02 - 2014-05-06 03:03 - 00292408 _____ () C:\Windows\msxml4-KB954430-enu.LOG
2014-05-06 03:02 - 2014-05-06 03:02 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-05-05 17:52 - 2014-05-05 19:26 - 28808192 _____ () C:\Users\Barry Chapman\Downloads\CP_Upgrade_Ver_3097.exe
2014-05-05 17:44 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon DR-2580C
2014-05-05 17:43 - 2014-05-06 09:06 - 00005432 _____ () C:\Windows\pixcache.ini
2014-05-05 17:43 - 2014-05-05 17:43 - 00003050 _____ () C:\Windows\System32\Tasks\{BEA2EFCD-E2FA-474A-BB2F-ADE6F46BED5D}
2014-05-05 16:56 - 2014-05-05 16:56 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\AdobeUM
2014-05-05 16:54 - 2014-05-14 15:27 - 00002501 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat 7.0 Standard.lnk
2014-05-05 16:54 - 2014-05-14 14:44 - 00002459 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Distiller 7.0.lnk
2014-05-05 16:54 - 2014-05-05 16:54 - 00002039 _____ () C:\Users\Public\Desktop\Adobe Acrobat 7.0 Standard.lnk
2014-05-05 16:53 - 2014-05-20 18:03 - 00000000 ____D () C:\Windows\SysWOW64\spool
2014-05-05 16:53 - 2014-05-19 10:44 - 00000000 ____D () C:\Users\Public\Documents\Adobe PDF
2014-05-05 16:24 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-05-05 16:24 - 2014-05-20 17:51 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-05-05 16:24 - 2014-05-20 17:45 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-05-05 16:23 - 2014-05-05 16:24 - 13084896 _____ (Microsoft Corporation) C:\Users\Barry Chapman\Downloads\Silverlight_x64 (1).exe
2014-05-05 16:23 - 2014-05-05 16:23 - 13084896 _____ (Microsoft Corporation) C:\Users\Barry Chapman\Downloads\Silverlight_x64.exe
2014-05-05 16:15 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
2014-05-05 16:15 - 2014-05-20 17:51 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-05-05 16:15 - 2014-05-05 16:15 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_point64_01011.Wdf
2014-05-05 16:12 - 2014-05-05 16:12 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_dc3d_01011.Wdf
2014-05-05 15:52 - 2014-05-05 15:53 - 19495200 _____ () C:\Users\Barry Chapman\Downloads\upd-ps-x64-5.8.0.17508.exe
2014-05-05 15:50 - 2014-05-05 15:53 - 00000000 ____D () C:\HP Universal Print Driver
2014-05-05 15:49 - 2014-05-05 15:49 - 18409760 _____ () C:\Users\Barry Chapman\Downloads\upd-pcl6-x64-5.8.0.17508.exe
2014-05-05 14:53 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Landtech XML
2014-05-05 14:53 - 2014-05-05 14:53 - 00001534 _____ () C:\Users\Barry Chapman\Desktop\Landtech XML.lnk
2014-05-05 14:52 - 2014-05-05 14:52 - 00204800 _____ (Landtech Data Corporation) C:\Windows\SysWOW64\ltwpvsw.DLL
2014-05-05 14:52 - 2014-05-05 14:52 - 00065536 _____ (Landtech Data Corp.) C:\Windows\SysWOW64\LTWNode.exe
2014-05-05 14:52 - 2014-05-05 14:52 - 00004726 _____ () C:\Windows\BOOTSTRAP.LOG
2014-05-05 14:52 - 2014-05-05 14:52 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Landtech XML
2014-05-05 14:44 - 2014-05-05 14:44 - 00000519 _____ () C:\Windows\ODBCINST.INI
2014-05-05 14:44 - 2014-05-05 14:44 - 00000000 ____D () C:\ProgramData\Pervasive Software
2014-05-05 14:44 - 2014-05-05 14:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pervasive
2014-05-05 14:44 - 2014-05-05 14:44 - 00000000 ____D () C:\Program Files (x86)\Pervasive Software
2014-05-05 14:18 - 2014-05-05 14:18 - 00000000 ____D () C:\Wages
2014-05-05 14:15 - 2014-05-05 14:17 - 88823072 _____ () C:\Users\Barry Chapman\Downloads\PSQL-Workgroup-10.30.022.000-win.x86.exe
2014-05-05 14:07 - 2001-06-01 14:17 - 00169600 _____ (Wintertree Software Inc.) C:\Windows\SysWOW64\WSpell.ocx
2014-05-05 12:36 - 2014-05-20 17:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WP-64
2014-05-05 12:34 - 2014-05-05 12:34 - 32856361 _____ (wpdos.org ) C:\Users\Barry Chapman\Downloads\WP64DOSBox-Setup.exe
2014-05-05 12:22 - 2014-05-14 13:26 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Help
2014-05-05 12:22 - 2014-05-09 09:28 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Help
2014-05-05 11:45 - 2014-05-21 16:21 - 00037861 _____ () C:\Users\Barry Chapman\AppData\Roaming\Comma Separated Values (Windows).ADR
2014-05-05 11:40 - 2014-05-05 11:40 - 00321535 _____ () C:\Users\Barry Chapman\Downloads\contacts.csv
2014-05-05 11:26 - 2014-05-05 11:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-05 11:25 - 2014-05-05 11:25 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Barry Chapman\Downloads\mbam-setup-2.0.1.1004 (1).exe
2014-05-05 11:24 - 2014-05-05 11:25 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Barry Chapman\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-05 11:16 - 2014-05-05 11:17 - 01069064 _____ (Medlin Accounting Software ) C:\Users\Barry Chapman\Downloads\_05-01-2014_medlin_PR_4-6.exe
2014-05-05 10:49 - 2014-05-25 12:10 - 00000000 ____D () C:\MWACCT
2014-05-05 10:49 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Medlin Accounting
2014-05-05 10:49 - 2014-05-05 11:17 - 00000580 _____ () C:\Users\Public\Desktop\Medlin Accounting.lnk
2014-05-05 10:49 - 1998-05-11 20:01 - 01355776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvbvm50.dll
2014-05-05 10:40 - 2014-05-05 10:40 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\QuickenWindow
2014-05-05 10:36 - 2014-05-05 10:36 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\IsolatedStorage
2014-05-05 10:28 - 2014-05-05 10:28 - 00000000 ____D () C:\Users\Barry Chapman\Documents\Quicken
2014-05-05 10:24 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quicken 2014
2014-05-05 10:24 - 2014-05-20 17:46 - 00000000 ____D () C:\Program Files (x86)\Quicken
2014-05-05 10:24 - 2014-05-05 10:24 - 00001808 _____ () C:\Users\Public\Desktop\Quicken Deluxe 2014.lnk
2014-05-05 10:24 - 2014-05-05 10:24 - 00000126 _____ () C:\Windows\QUICKEN.INI
2014-05-05 10:24 - 2014-05-05 10:24 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Intuit
2014-05-05 10:24 - 2009-05-12 15:14 - 04169728 _____ (Amyuni Technologies http://www.amyuni.com) C:\Windows\SysWOW64\cdintf400.dll
2014-05-05 10:23 - 2014-05-05 10:23 - 00000000 ____D () C:\ProgramData\Intuit
2014-05-05 10:18 - 2014-05-05 10:21 - 112168720 _____ (Intuit Inc. ) C:\Users\Barry Chapman\Downloads\QW14DLX.exe
2014-05-05 10:13 - 2014-05-20 17:52 - 00000000 ____D () C:\Quicken 2014
2014-05-05 08:58 - 2014-05-05 08:58 - 00000000 __SHD () C:\Users\Barry Chapman\AppData\Local\EmieUserList
2014-05-05 08:58 - 2014-05-05 08:58 - 00000000 __SHD () C:\Users\Barry Chapman\AppData\Local\EmieSiteList
2014-05-05 03:10 - 2014-03-06 05:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-05 03:10 - 2014-03-06 04:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-05 03:10 - 2014-03-06 04:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-05 03:10 - 2014-03-06 04:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-05 03:10 - 2014-03-06 04:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-05 03:10 - 2014-03-06 04:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-05 03:10 - 2014-03-06 04:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-05 03:10 - 2014-03-06 04:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-05 03:10 - 2014-03-06 04:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-05 03:10 - 2014-03-06 04:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-05 03:10 - 2014-03-06 04:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-05 03:10 - 2014-03-06 04:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-05 03:10 - 2014-03-06 04:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-05 03:10 - 2014-03-06 04:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-05 03:10 - 2014-03-06 04:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-05 03:10 - 2014-03-06 04:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-05 03:10 - 2014-03-06 04:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-05 03:10 - 2014-03-06 04:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-05 03:10 - 2014-03-06 03:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-05 03:10 - 2014-03-06 03:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-05 03:10 - 2014-03-06 03:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-05 03:10 - 2014-03-06 03:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-05 03:10 - 2014-03-06 03:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-05 03:10 - 2014-03-06 03:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-05 03:10 - 2014-03-06 03:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-05 03:10 - 2014-03-06 03:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-05 03:10 - 2014-03-06 03:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-05 03:10 - 2014-03-06 03:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-05 03:10 - 2014-03-06 03:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-05 03:10 - 2014-03-06 03:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-05 03:10 - 2014-03-06 03:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-05 03:10 - 2014-03-06 03:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-05 03:10 - 2014-03-06 03:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-05 03:10 - 2014-03-06 03:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-05 03:10 - 2014-03-06 02:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-05 03:10 - 2014-03-06 02:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-05 03:10 - 2014-03-06 02:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-05 03:10 - 2014-03-06 02:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-05 03:10 - 2014-03-06 02:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-05 03:10 - 2014-03-06 01:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-05 03:10 - 2014-03-06 01:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-05 03:10 - 2014-03-06 01:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-05 03:10 - 2014-03-06 01:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-05 03:10 - 2014-03-06 01:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-05 03:06 - 2014-05-05 03:06 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-05-05 03:06 - 2014-05-05 03:06 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-05-04 03:06 - 2012-07-25 23:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2014-05-04 03:06 - 2012-07-25 23:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-05-04 03:06 - 2012-07-25 23:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-05-04 03:06 - 2012-07-25 23:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-05-04 03:06 - 2012-07-25 23:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2014-05-04 03:06 - 2012-07-25 22:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-05-04 03:06 - 2012-07-25 22:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-05-04 03:06 - 2012-06-02 10:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-05-03 16:58 - 2014-01-28 22:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-05-03 16:58 - 2014-01-28 22:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-05-03 16:58 - 2014-01-27 22:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-05-03 16:58 - 2013-12-31 19:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-05-03 16:58 - 2013-12-31 19:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-05-03 16:58 - 2013-12-05 22:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-05-03 16:58 - 2013-12-05 22:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-05-03 16:58 - 2013-12-05 22:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-05-03 16:58 - 2013-12-05 22:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-05-03 16:58 - 2013-11-23 14:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-05-03 16:58 - 2013-11-23 13:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-05-03 16:58 - 2011-04-09 02:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-05-03 16:58 - 2011-04-09 01:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-05-03 16:55 - 2014-02-06 21:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-05-03 16:55 - 2013-12-24 19:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-05-03 16:55 - 2013-12-24 18:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-05-03 16:55 - 2013-12-03 22:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-05-03 16:55 - 2013-12-03 22:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-05-03 16:55 - 2013-12-03 22:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-05-03 16:55 - 2013-12-03 22:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-05-03 16:55 - 2013-12-03 22:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-05-03 16:55 - 2013-12-03 22:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-05-03 16:55 - 2013-12-03 22:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-05-03 16:55 - 2013-12-03 22:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-05-03 16:55 - 2013-12-03 22:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-05-03 16:55 - 2013-12-03 22:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-05-03 16:55 - 2013-12-03 22:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-05-03 16:55 - 2013-12-03 22:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-05-03 16:55 - 2013-12-03 22:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-05-03 16:55 - 2013-12-03 22:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-05-03 16:55 - 2013-12-03 21:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-05-03 16:55 - 2013-12-03 21:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-05-03 16:55 - 2013-12-03 21:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-05-03 16:55 - 2013-12-03 21:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-05-03 16:55 - 2013-11-26 21:42 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-05-03 16:55 - 2013-11-26 21:42 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-05-03 16:55 - 2013-11-26 21:42 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-05-03 16:55 - 2013-11-26 21:42 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-05-03 16:55 - 2013-11-26 21:42 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-05-03 16:55 - 2013-11-26 04:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-05-03 16:55 - 2013-11-22 18:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-05-03 16:53 - 2014-03-04 05:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-05-03 16:53 - 2014-03-04 05:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-05-03 16:53 - 2014-03-04 05:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-05-03 16:53 - 2014-03-04 05:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-05-03 16:53 - 2014-03-04 05:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-05-03 16:53 - 2014-03-04 05:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-05-03 16:53 - 2014-03-04 05:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-05-03 16:53 - 2014-03-04 05:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-05-03 16:53 - 2014-03-04 05:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-05-03 16:53 - 2014-03-04 04:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-05-03 16:53 - 2014-03-04 04:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-05-03 16:53 - 2014-02-03 22:37 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-05-03 16:53 - 2014-02-03 22:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-05-03 16:53 - 2014-02-03 22:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-05-03 16:53 - 2014-02-03 22:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-05-03 16:53 - 2014-02-03 22:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-05-03 16:53 - 2014-02-03 22:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-05-03 16:53 - 2014-02-03 22:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-05-03 16:53 - 2014-02-03 22:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-05-03 16:53 - 2014-02-03 22:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-05-03 16:53 - 2014-01-23 22:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-05-03 16:53 - 2013-11-26 07:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-05-03 16:53 - 2013-07-20 06:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-05-03 16:53 - 2013-07-20 06:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-05-03 16:53 - 2011-02-18 06:51 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2014-05-03 16:53 - 2011-02-18 01:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2014-05-03 16:46 - 2014-05-03 16:46 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-05-03 16:40 - 2014-05-14 11:55 - 00000000 ____D () C:\Office 2000
2014-05-03 16:36 - 2014-05-20 18:02 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-05-03 16:34 - 2014-05-22 16:23 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-03 16:34 - 2014-05-20 17:52 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Microsoft Help
2014-05-03 16:32 - 2014-05-20 17:52 - 00000000 ____D () C:\Users\Barry Chapman\Downloads\DVD_Office_2010_32Bit
2014-05-03 16:26 - 2014-05-03 16:26 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\WinRAR
2014-05-03 16:23 - 2014-05-03 16:23 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Macromedia
2014-05-03 16:21 - 2014-05-03 16:21 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Mozilla
2014-05-03 16:21 - 2014-05-03 16:21 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Mozilla
2014-05-03 16:21 - 2014-05-03 16:21 - 00000000 ____D () C:\ProgramData\Mozilla
2014-05-03 16:11 - 2014-05-03 16:30 - 628097024 _____ () C:\Users\Barry Chapman\Downloads\DVD_Office_2010_32Bit.iso
2014-05-03 16:10 - 2014-05-20 17:52 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-05-03 16:10 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-05-03 16:10 - 2014-05-20 17:46 - 00000000 ____D () C:\Program Files (x86)\WinRAR
2014-05-03 16:10 - 2014-05-03 16:10 - 01766784 _____ () C:\Users\Barry Chapman\Downloads\wrar500.exe
2014-05-03 16:10 - 2014-05-03 16:10 - 00001007 _____ () C:\Users\Public\Desktop\WinRAR.lnk
2014-05-03 15:48 - 2009-07-13 21:41 - 00886784 _____ (Microsoft Corporation) C:\Windows\system32\wab32.dll
2014-05-03 15:48 - 2009-07-13 21:33 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\wab32res.dll
2014-05-03 15:41 - 2014-05-03 15:41 - 00000376 _____ () C:\Windows\ODBC.INI
2014-05-03 15:40 - 2014-05-20 17:55 - 00000000 ____D () C:\Windows\Msagent
2014-05-03 15:40 - 2014-05-03 15:40 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Microsoft Web Folders
2014-05-03 15:33 - 2009-08-04 13:56 - 00296960 _____ (Microsoft Corporation) C:\Windows\winhlp32.exe
2014-05-03 15:33 - 2009-08-04 13:55 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftsrch.dll
2014-05-03 15:33 - 2009-08-04 13:55 - 00195072 _____ (Microsoft Corporation) C:\Windows\system32\ftsrch.dll
2014-05-03 15:33 - 2009-08-04 13:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftlx041e.dll
2014-05-03 15:33 - 2009-08-04 13:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\ftlx041e.dll
2014-05-03 15:33 - 2009-08-04 13:55 - 00009216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftlx0411.dll
2014-05-03 15:33 - 2009-08-04 13:55 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\ftlx0411.dll
2014-05-03 15:20 - 2014-05-03 15:20 - 00718172 _____ () C:\Users\Barry Chapman\Downloads\Windows6.1-KB917607-x64.msu
2014-05-03 15:20 - 2014-05-03 15:20 - 00703811 _____ () C:\Users\Barry Chapman\Downloads\Windows6.1-KB917607-x86.msu
2014-05-03 14:40 - 2014-05-20 11:10 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Adobe
2014-05-03 14:29 - 2014-05-20 17:50 - 00000000 ____D () C:\Program Files (x86)\wp51
2014-05-03 14:14 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FAX User Software
2014-05-03 14:14 - 2014-05-03 14:14 - 00000000 ____D () C:\Program Files (x86)\Kyocera
2014-05-03 14:02 - 2014-05-03 14:02 - 00003102 _____ () C:\Windows\System32\Tasks\{274EC4EA-7BEE-46DD-B238-1777098F3282}
2014-05-03 13:53 - 2014-05-03 13:53 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Canon Electronics
2014-05-03 13:38 - 2014-05-03 13:52 - 00000000 ____D () C:\Users\Barry Chapman\Documents\Corel User Files
2014-05-03 13:38 - 2014-05-03 13:38 - 00061678 _____ () C:\Users\Barry Chapman\AppData\Roaming\PFP120JPR.{PB
2014-05-03 13:38 - 2014-05-03 13:38 - 00012358 _____ () C:\Users\Barry Chapman\AppData\Roaming\PFP120JCM.{PB
2014-05-03 13:38 - 2014-05-03 13:38 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Corel
2014-05-03 13:31 - 2013-07-04 13:57 - 00067888 _____ (Canon Electronics Inc.) C:\Windows\SysWOW64\SuStiUtl.dll
2014-05-03 13:31 - 2006-05-16 21:19 - 00021008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CTL3D.DLL
2014-05-03 13:30 - 2014-05-20 17:55 - 00000000 ____D () C:\Windows\PIXTRAN
2014-05-03 13:30 - 2014-05-20 17:52 - 00000000 ____D () C:\Users\Barry Chapman\Desktop\Canon DR-2580C
2014-05-03 13:30 - 2014-05-07 09:25 - 00000000 ____D () C:\Program Files (x86)\Canon Electronics
2014-05-03 13:30 - 2014-05-06 13:22 - 00000125 _____ () C:\Windows\SetScan.ini
2014-05-03 13:30 - 2014-05-06 13:12 - 00017862 _____ () C:\Windows\DPINST.LOG
2014-05-03 13:30 - 2009-05-13 16:05 - 00401484 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Msvcrtd.dll
2014-05-03 13:30 - 2006-05-16 21:40 - 00221456 _____ (EMC Corporation) C:\Windows\SysWOW64\PIXDFLTN.DLL
2014-05-03 13:30 - 2006-05-16 21:40 - 00180224 _____ (Pegasus Imaging Corp.) C:\Windows\SysWOW64\PIXN1120.DLL
2014-05-03 13:30 - 2006-05-16 21:40 - 00176128 _____ (Pegasus Imaging Corp.) C:\Windows\SysWOW64\PIXN1520.DLL
2014-05-03 13:30 - 2006-05-16 21:40 - 00155648 _____ (Pegasus Imaging Corp.) C:\Windows\SysWOW64\PIXN1020.DLL
2014-05-03 13:30 - 2006-05-16 21:40 - 00114688 _____ (Pegasus Imaging Corp.) C:\Windows\SysWOW64\PIXN1320.DLL
2014-05-03 13:30 - 2006-05-16 21:40 - 00074000 _____ (EMC Corporation) C:\Windows\SysWOW64\PIXLOCN.DLL
2014-05-03 13:30 - 2006-05-16 21:40 - 00053520 _____ (EMC Corporation) C:\Windows\SysWOW64\PIXPERMN.DLL
2014-05-03 13:30 - 2006-05-16 21:40 - 00051712 _____ (Pegasus Imaging Corp.) C:\Windows\SysWOW64\PIXN20.DLL
2014-05-03 13:30 - 2005-08-09 17:34 - 00094208 _____ (Canon Electronics Inc.) C:\Windows\SysWOW64\DR25CPL.dll
2014-05-03 13:30 - 2005-06-14 08:29 - 00036864 _____ (Canon Electronics Inc.) C:\Windows\SysWOW64\CeiUSB2.dll
2014-05-03 13:30 - 2005-02-15 13:18 - 00106496 _____ (Canon Electronics) C:\Windows\SysWOW64\DR25SVC.dll
2014-05-03 13:30 - 2002-09-25 16:02 - 00602384 _____ (Pixel Translations Incorporated) C:\Windows\SysWOW64\pixipdll.dll
2014-05-03 13:30 - 2002-05-13 22:55 - 00014000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Drivers\usbscan.sys
2014-05-03 13:30 - 1998-10-29 16:45 - 00306688 _____ (InstallShield Software Corporation) C:\Windows\IsUninst.exe
2014-05-03 13:17 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WordPerfect Office 12
2014-05-03 13:17 - 2014-05-03 13:17 - 00002607 _____ () C:\Users\Barry Chapman\Desktop\WordPerfect.lnk
2014-05-03 13:14 - 2014-05-05 12:18 - 00000000 ____D () C:\Program Files (x86)\WordPerfect Office 12
2014-05-03 12:01 - 2014-05-04 18:11 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\PCDr
2014-05-02 20:32 - 2012-06-02 18:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-05-02 20:32 - 2012-06-02 18:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-05-02 20:32 - 2012-06-02 18:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-05-02 20:32 - 2012-06-02 18:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-05-02 20:32 - 2012-06-02 18:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-05-02 20:32 - 2012-06-02 18:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-05-02 20:32 - 2012-06-02 18:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-05-02 20:32 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-05-02 20:32 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-05-02 19:50 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
2014-05-02 16:23 - 2014-05-21 09:17 - 00002310 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-02 16:23 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-02 16:12 - 2014-05-28 09:55 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-02 16:12 - 2014-05-27 18:14 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-02 16:12 - 2014-05-22 15:36 - 00000000 ____D () C:\Program Files (x86)\Google
2014-05-02 16:12 - 2014-05-07 15:50 - 00003908 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-02 16:12 - 2014-05-07 15:50 - 00003656 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-02 16:12 - 2014-05-02 16:23 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Google
2014-05-02 15:58 - 2014-05-20 13:56 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Deployment
2014-05-02 15:58 - 2014-05-02 15:58 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Apps\2.0
2014-05-02 15:45 - 2014-05-20 17:32 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-05-02 15:45 - 2014-05-20 17:26 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Opera Software
2014-05-02 15:45 - 2014-05-15 14:40 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Opera Software
2014-05-02 15:42 - 2014-05-02 15:42 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Macromedia
2014-05-02 15:26 - 2014-05-02 15:26 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Intel Corporation
2014-05-02 15:25 - 2014-05-27 12:36 - 00003440 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
2014-05-02 15:25 - 2014-05-25 10:37 - 00000000 ___RD () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-02 15:25 - 2014-05-20 17:52 - 00000000 ___RD () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-02 15:25 - 2014-05-20 17:51 - 00000000 ____D () C:\ProgramData\Atheros
2014-05-02 15:25 - 2014-05-20 16:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Adobe
2014-05-02 15:25 - 2014-05-20 16:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\VirtualStore
2014-05-02 15:25 - 2014-05-13 08:51 - 00000000 ____D () C:\Users\Barry Chapman\Documents\Bluetooth Folder
2014-05-02 15:25 - 2014-05-02 15:25 - 00004004 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2014-05-02 15:25 - 2014-05-02 15:25 - 00003214 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest
2014-05-02 15:25 - 2014-05-02 15:25 - 00001415 _____ () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-02 15:25 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Leadertech
2014-05-02 15:25 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Dell
2014-05-02 15:25 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Atheros
2014-05-02 15:25 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\BMExplorer
2014-05-02 15:23 - 2014-05-13 16:30 - 00000000 ____D () C:\ProgramData\softthinks
2014-05-02 15:23 - 2014-05-02 15:23 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\softthinks
2014-05-02 15:23 - 2013-12-05 03:16 - 00000114 ____H () C:\DBAR_Ver.txt
2014-05-02 15:18 - 2014-05-20 18:27 - 00132680 _____ () C:\Users\Barry Chapman\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-02 15:18 - 2014-05-02 15:18 - 00001975 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Help Documentation.lnk
2014-05-02 15:17 - 2014-05-20 18:25 - 00000000 ____D () C:\Users\Barry Chapman
2014-05-02 15:17 - 2014-05-20 17:52 - 00000000 ___RD () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-02 15:17 - 2014-05-20 17:52 - 00000000 ___RD () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-02 15:17 - 2014-05-02 15:17 - 00000020 ___SH () C:\Users\Barry Chapman\ntuser.ini
==================== One Month Modified Files and Folders =======
2014-05-28 10:22 - 2014-05-27 16:22 - 00021031 _____ () C:\Users\Barry Chapman\Desktop\FRST.txt
2014-05-28 10:22 - 2014-05-27 16:22 - 00000000 ____D () C:\FRST
2014-05-28 10:16 - 2014-05-28 10:16 - 00003280 _____ () C:\Windows\System32\Tasks\{95BE5CC7-569D-4DCD-8121-A5FE0664FAF2}
2014-05-28 10:12 - 2014-05-28 10:12 - 00001319 _____ () C:\Users\Barry Chapman\Desktop\Revo Uninstaller.lnk
2014-05-28 10:12 - 2014-05-28 10:12 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-28 10:11 - 2014-05-28 10:11 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Barry Chapman\Desktop\revosetup.exe
2014-05-28 10:07 - 2014-03-21 13:36 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-28 09:55 - 2014-05-02 16:12 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-28 08:59 - 2014-05-28 08:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-05-28 08:45 - 2009-07-14 01:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-05-28 07:18 - 2014-05-28 07:18 - 00065311 _____ () C:\Users\Barry Chapman\Desktop\Result.txt
2014-05-28 07:14 - 2014-05-28 07:14 - 00982016 _____ (Farbar) C:\Users\Barry Chapman\Desktop\MiniToolBox.exe
2014-05-28 06:36 - 2014-03-22 04:31 - 01442845 _____ () C:\Windows\WindowsUpdate.log
2014-05-27 18:14 - 2014-05-02 16:12 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-27 18:13 - 2014-05-27 18:13 - 00132680 _____ () C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-27 18:13 - 2014-05-27 18:13 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\WinRAR
2014-05-27 18:13 - 2014-05-27 18:13 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Intel Corporation
2014-05-27 18:12 - 2014-05-27 18:12 - 00001460 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-27 18:12 - 2014-05-27 18:12 - 00000000 ___RD () C:\Users\Administrator\Virtual Machines
2014-05-27 18:12 - 2014-05-27 18:12 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-27 18:12 - 2014-05-27 18:12 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-27 18:12 - 2014-05-27 18:12 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Adobe
2014-05-27 18:12 - 2014-05-27 18:12 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-05-27 18:12 - 2014-05-27 18:11 - 00000000 ____D () C:\Users\Administrator
2014-05-27 18:12 - 2009-07-14 00:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-05-27 18:11 - 2014-05-27 18:11 - 00000020 ___SH () C:\Users\Administrator\ntuser.ini
2014-05-27 18:11 - 2014-05-14 11:56 - 00000000 ____D () C:\Users\Barry Chapman\Documents\Outlook Files
2014-05-27 18:07 - 2009-07-14 00:45 - 00021312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-27 18:07 - 2009-07-14 00:45 - 00021312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-27 17:32 - 2014-05-27 16:22 - 00038057 _____ () C:\Users\Barry Chapman\Desktop\Addition.txt
2014-05-27 16:21 - 2014-05-27 16:21 - 02066944 _____ (Farbar) C:\Users\Barry Chapman\Desktop\FRST64.exe
2014-05-27 15:57 - 2014-05-27 10:02 - 00198204 _____ () C:\Users\Barry Chapman\Downloads\OTL.Txt
2014-05-27 15:40 - 2014-05-27 13:59 - 00000008 _____ () C:\LTLASTFN.DAT
2014-05-27 15:23 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-05-27 13:31 - 2009-07-14 01:13 - 00791990 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-27 13:29 - 2014-05-27 13:29 - 00043987 _____ () C:\ComboFix.txt
2014-05-27 13:29 - 2014-05-27 12:50 - 00000000 ____D () C:\Qoobox
2014-05-27 13:29 - 2009-07-13 23:20 - 00000000 __RHD () C:\Users\Default
2014-05-27 13:27 - 2014-05-25 10:38 - 00000000 ____D () C:\Windows\ERDNT
2014-05-27 13:26 - 2014-03-21 13:56 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery
2014-05-27 13:24 - 2014-05-09 07:39 - 00000000 ____D () C:\ProgramData\VMware
2014-05-27 13:24 - 2009-07-13 22:34 - 00000215 _____ () C:\Windows\system.ini
2014-05-27 13:23 - 2010-11-20 23:47 - 00310102 _____ () C:\Windows\PFRO.log
2014-05-27 13:23 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-27 13:23 - 2009-07-14 00:51 - 00042071 _____ () C:\Windows\setupact.log
2014-05-27 12:51 - 2014-05-27 12:51 - 00001540 _____ () C:\Users\Barry Chapman\Desktop\ComboFix.exe - Shortcut.lnk
2014-05-27 12:47 - 2014-05-27 12:46 - 05203612 ____R () C:\Users\Barry Chapman\Downloads\ComboFix.exe
2014-05-27 12:36 - 2014-05-02 15:25 - 00003440 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
2014-05-27 11:30 - 2014-05-27 11:30 - 00000000 ___RD () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-05-27 11:23 - 2014-05-27 11:23 - 00000000 ____D () C:\_OTL
2014-05-27 10:03 - 2014-05-27 10:03 - 00056788 _____ () C:\Users\Barry Chapman\Downloads\Extras.Txt
2014-05-27 09:54 - 2014-05-27 09:54 - 00602112 _____ (OldTimer Tools) C:\Users\Barry Chapman\Downloads\OTL.exe
2014-05-27 09:22 - 2014-05-16 10:51 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\CrashDumps
2014-05-27 09:18 - 2014-05-27 09:18 - 00000000 ____D () C:\Malwarebytes' Anti-Malware
2014-05-27 09:13 - 2014-05-27 09:25 - 01440846 _____ () C:\Program Files (x86)\mbam-chameleon-1.62.1.1000.zip
2014-05-27 09:01 - 2014-05-27 09:01 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Barry Chapman\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-05-27 08:58 - 2014-05-27 08:58 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Barry Chapman\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-26 10:25 - 2014-05-19 16:42 - 00000000 ____D () C:\AdwCleaner
2014-05-26 10:24 - 2014-05-14 15:56 - 00000000 ____D () C:\Program Files (x86)\MSR
2014-05-26 10:17 - 2014-05-26 10:17 - 01327971 _____ () C:\Users\Barry Chapman\Downloads\AdwCleaner.exe
2014-05-26 10:07 - 2014-03-21 13:52 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-05-25 12:10 - 2014-05-05 10:49 - 00000000 ____D () C:\MWACCT
2014-05-25 11:49 - 2014-05-25 11:49 - 00004447 _____ () C:\Users\Barry Chapman\Desktop\attach.zip
2014-05-25 11:38 - 2014-05-25 11:38 - 00002135 _____ () C:\Users\Barry Chapman\Desktop\aswMBR.txt
2014-05-25 11:38 - 2014-05-25 11:38 - 00000512 _____ () C:\Users\Barry Chapman\Desktop\MBR.dat
2014-05-25 10:52 - 2014-05-25 10:52 - 00004315 _____ () C:\Users\Barry Chapman\Desktop\attach.rar
2014-05-25 10:46 - 2014-05-25 10:46 - 00042419 _____ () C:\Users\Barry Chapman\Desktop\dds.txt
2014-05-25 10:46 - 2014-05-25 10:46 - 00020635 _____ () C:\Users\Barry Chapman\Desktop\attach.txt
2014-05-25 10:43 - 2014-05-25 10:43 - 04745728 _____ (AVAST Software) C:\Users\Barry Chapman\Downloads\aswMBR.exe
2014-05-25 10:38 - 2014-05-25 10:38 - 00688992 ____R (Swearware) C:\Users\Barry Chapman\Downloads\dds (1).scr
2014-05-25 10:37 - 2014-05-25 10:36 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-05-25 10:37 - 2014-05-02 15:25 - 00000000 ___RD () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-25 10:36 - 2014-05-25 10:36 - 00791393 _____ (Lars Hederer ) C:\Users\Barry Chapman\Downloads\erunt-setup (2).exe
2014-05-25 10:36 - 2014-05-25 10:36 - 00000960 _____ () C:\Users\Barry Chapman\Desktop\ERUNT.lnk
2014-05-25 10:36 - 2014-05-25 10:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
2014-05-24 12:00 - 2014-05-24 12:00 - 00688992 _____ (Swearware) C:\Users\Barry Chapman\Downloads\dds.scr
2014-05-24 11:59 - 2014-05-24 11:59 - 00791393 _____ (Lars Hederer ) C:\Users\Barry Chapman\Downloads\erunt-setup (1).exe
2014-05-24 11:57 - 2014-05-24 11:57 - 00791393 _____ (Lars Hederer ) C:\Users\Barry Chapman\Downloads\erunt-setup.exe
2014-05-23 08:25 - 2014-05-23 08:25 - 00000000 ____D () C:\New folder
2014-05-23 07:59 - 2009-07-13 23:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-23 07:48 - 2014-05-23 07:48 - 624028561 _____ () C:\Windows\MEMORY.DMP
2014-05-23 07:48 - 2014-05-23 07:48 - 00280128 _____ () C:\Windows\Minidump\052314-21138-01.dmp
2014-05-23 07:48 - 2014-05-23 07:48 - 00000000 ____D () C:\Windows\Minidump
2014-05-23 07:43 - 2014-05-23 07:43 - 00162208 _____ () C:\Users\Barry Chapman\Downloads\Antivirus_Free_Edition (1).exe
2014-05-23 07:43 - 2014-05-23 07:40 - 10447328 _____ () C:\Users\Barry Chapman\Downloads\Antivirus_Free_Edition_x64.exe
2014-05-23 07:41 - 2014-05-23 07:41 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\QuickScan
2014-05-23 07:39 - 2014-05-23 07:39 - 00162208 _____ () C:\Users\Barry Chapman\Downloads\Antivirus_Free_Edition.exe
2014-05-23 07:03 - 2014-05-21 11:16 - 00000000 ____D () C:\ProgramData\MFAData
2014-05-22 16:23 - 2014-05-03 16:34 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-22 16:19 - 2009-07-13 22:34 - 00000510 _____ () C:\Windows\win.ini
2014-05-22 15:37 - 2014-05-22 15:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2014-05-22 15:36 - 2014-05-02 16:12 - 00000000 ____D () C:\Program Files (x86)\Google
2014-05-22 15:35 - 2014-05-22 15:35 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-05-22 15:35 - 2014-05-22 15:35 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-05-22 15:35 - 2014-05-22 15:35 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-05-22 15:35 - 2014-05-22 15:35 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-05-22 15:35 - 2014-05-22 15:35 - 00000000 ____D () C:\Program Files (x86)\Java
2014-05-22 13:23 - 2014-05-22 13:22 - 00051706 _____ () C:\Windows\SysWOW64\bddel.dat
2014-05-22 10:51 - 2014-05-15 11:21 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-05-22 10:49 - 2014-05-15 11:40 - 00001446 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-05-22 10:49 - 2014-05-15 11:40 - 00001434 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-05-22 10:49 - 2014-05-15 11:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-05-22 10:49 - 2014-05-15 11:21 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-05-22 10:47 - 2014-05-22 10:47 - 00000000 ____D () C:\Program Files (x86)\Spybot
2014-05-22 09:31 - 2014-05-22 08:13 - 00017970 _____ () C:\Users\Barry Chapman\Desktop\Nmc_2014-05-22_08-13-17.log
2014-05-22 08:11 - 2014-05-22 08:08 - 00003374 _____ () C:\Users\Barry Chapman\Desktop\Nmc_2014-05-22_08-08-46.log
2014-05-22 08:06 - 2014-05-22 07:57 - 332119856 _____ (Norman Shark AS) C:\Users\Barry Chapman\Downloads\Norman_Malware_Cleaner (1).exe
2014-05-21 16:21 - 2014-05-05 11:45 - 00037861 _____ () C:\Users\Barry Chapman\AppData\Roaming\Comma Separated Values (Windows).ADR
2014-05-21 11:27 - 2014-05-21 11:27 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\TuneUp Software
2014-05-21 11:16 - 2014-05-21 11:16 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\MFAData
2014-05-21 11:15 - 2014-05-21 11:15 - 04485528 _____ (AVG Technologies) C:\Users\Barry Chapman\Downloads\avg_free_stb_all_2014_4577_cnet.exe
2014-05-21 11:11 - 2014-03-21 13:52 - 00000000 ____D () C:\ProgramData\McAfee
2014-05-21 10:04 - 2014-05-21 09:31 - 00014960 _____ () C:\Users\Barry Chapman\Desktop\Nmc_2014-05-21_09-31-37.log
2014-05-21 09:17 - 2014-05-02 16:23 - 00002310 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-21 09:08 - 2014-05-21 09:01 - 331917560 _____ (Norman Shark AS) C:\Users\Barry Chapman\Downloads\Norman_Malware_Cleaner.exe
2014-05-20 18:49 - 2014-03-21 13:52 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2014-05-20 18:27 - 2014-05-02 15:18 - 00132680 _____ () C:\Users\Barry Chapman\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-20 18:25 - 2014-05-02 15:17 - 00000000 ____D () C:\Users\Barry Chapman
2014-05-20 18:24 - 2014-05-19 08:08 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-05-20 18:24 - 2014-03-21 13:45 - 00000000 ____D () C:\Program Files (x86)\Dell Wireless
2014-05-20 18:19 - 2014-05-27 18:11 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-20 18:19 - 2014-05-27 18:11 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-20 18:19 - 2014-05-06 07:52 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-20 18:19 - 2014-03-22 04:22 - 00000000 ____D () C:\Windows\system32\Drivers\tr-TR
2014-05-20 18:19 - 2014-03-22 04:22 - 00000000 ____D () C:\Windows\syst
brchapman
2014-05-28, 17:40
2014-05-20 18:19 - 2014-03-22 04:22 - 00000000 ____D () C:\Windows\system32\Drivers\th-TH
2014-05-20 18:19 - 2014-03-22 04:22 - 00000000 ____D () C:\Windows\system32\Drivers\ro-RO
2014-05-20 18:19 - 2014-03-22 04:22 - 00000000 ____D () C:\Windows\system32\Drivers\he-IL
2014-05-20 18:19 - 2014-03-22 04:22 - 00000000 ____D () C:\Windows\system32\Drivers\ar-SA
2014-05-20 18:19 - 2010-11-21 03:17 - 00000000 ____D () C:\Windows\ShellNew
2014-05-20 18:19 - 2010-11-21 03:17 - 00000000 ____D () C:\Program Files\Windows Journal
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Windows\system32\WinBioPlugIns
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Windows\Offline Web Pages
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Windows\addins
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files\DVD Maker
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 __RSD () C:\Windows\Media
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\TAPI
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\uk-UA
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\th-TH
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\sr-Latn-CS
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\sppui
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\sl-SI
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\sk-SK
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Setup
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\ro-RO
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Recovery
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\ras
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\migwiz
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\manifeststore
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\lv-LV
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\lt-LT
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\InstallShield
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\icsxml
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\hr-HR
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\he-IL
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\et-EE
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\com
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\bg-BG
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\ar-SA
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\AdvancedInstallers
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\uk-UA
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\th-TH
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\sysprep
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\sppui
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\sl-SI
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\sk-SK
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Setup
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\ro-RO
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\ras
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\oobe
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Msdtc
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\migwiz
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\manifeststore
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\lv-LV
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\lt-LT
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\icsxml
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\ias
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\hr-HR
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\he-IL
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\et-EE
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\com
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\bg-BG
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\ar-SA
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\servicing
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\L2Schemas
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\IME
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\Cursors
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\Services
2014-05-20 18:03 - 2014-05-05 16:53 - 00000000 ____D () C:\Windows\SysWOW64\spool
2014-05-20 18:03 - 2014-03-21 13:42 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-05-20 18:03 - 2014-03-21 13:36 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-05-20 18:02 - 2014-05-03 16:36 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-05-20 18:02 - 2014-03-21 13:36 - 00000000 ____D () C:\Windows\system32\Macromed
2014-05-20 18:02 - 2009-07-14 01:32 - 00000000 ____D () C:\Windows\system32\restore
2014-05-20 18:02 - 2009-07-14 01:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-05-20 18:02 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-20 18:02 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system
2014-05-20 17:55 - 2014-05-13 11:18 - 00000000 ____D () C:\Windows\pss
2014-05-20 17:55 - 2014-05-03 15:40 - 00000000 ____D () C:\Windows\Msagent
2014-05-20 17:55 - 2014-05-03 13:30 - 00000000 ____D () C:\Windows\PIXTRAN
2014-05-20 17:53 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\Help
2014-05-20 17:52 - 2014-05-15 03:25 - 00000000 ___RD () C:\Users\Barry Chapman\Virtual Machines
2014-05-20 17:52 - 2014-05-14 15:54 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\wi_upd
2014-05-20 17:52 - 2014-05-14 10:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-05-20 17:52 - 2014-05-13 12:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backblaze
2014-05-20 17:52 - 2014-05-13 11:00 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\VMware
2014-05-20 17:52 - 2014-05-09 07:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
2014-05-20 17:52 - 2014-05-07 09:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CapturePerfect 3.1
2014-05-20 17:52 - 2014-05-06 10:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-20 17:52 - 2014-05-05 17:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon DR-2580C
2014-05-20 17:52 - 2014-05-05 16:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-05-20 17:52 - 2014-05-05 16:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
2014-05-20 17:52 - 2014-05-05 14:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Landtech XML
2014-05-20 17:52 - 2014-05-05 10:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Medlin Accounting
2014-05-20 17:52 - 2014-05-05 10:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quicken 2014
2014-05-20 17:52 - 2014-05-05 10:13 - 00000000 ____D () C:\Quicken 2014
2014-05-20 17:52 - 2014-05-03 16:34 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Microsoft Help
2014-05-20 17:52 - 2014-05-03 16:32 - 00000000 ____D () C:\Users\Barry Chapman\Downloads\DVD_Office_2010_32Bit
2014-05-20 17:52 - 2014-05-03 16:10 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-05-20 17:52 - 2014-05-03 16:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-05-20 17:52 - 2014-05-03 14:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FAX User Software
2014-05-20 17:52 - 2014-05-03 13:30 - 00000000 ____D () C:\Users\Barry Chapman\Desktop\Canon DR-2580C
2014-05-20 17:52 - 2014-05-03 13:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WordPerfect Office 12
2014-05-20 17:52 - 2014-05-02 16:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-20 17:52 - 2014-05-02 15:25 - 00000000 ___RD () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-20 17:52 - 2014-05-02 15:17 - 00000000 ___RD () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-20 17:52 - 2014-05-02 15:17 - 00000000 ___RD () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-20 17:52 - 2014-03-22 04:22 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Virtual PC
2014-05-20 17:52 - 2014-03-21 13:49 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2014-05-20 17:52 - 2014-03-21 13:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HotSpot
2014-05-20 17:52 - 2014-03-21 13:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atheros Smart Net
2014-05-20 17:52 - 2014-03-21 13:46 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BT Program
2014-05-20 17:52 - 2014-03-21 13:43 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2014-05-20 17:52 - 2014-03-21 13:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Audio
2014-05-20 17:52 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\AppCompat
2014-05-20 17:51 - 2014-05-05 16:24 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-05-20 17:51 - 2014-05-05 16:15 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-05-20 17:51 - 2014-05-02 15:25 - 00000000 ____D () C:\ProgramData\Atheros
2014-05-20 17:51 - 2014-03-21 13:52 - 00000000 ____D () C:\Program Files\mcafee.com
2014-05-20 17:51 - 2014-03-21 13:52 - 00000000 ____D () C:\Program Files\mcafee
2014-05-20 17:51 - 2014-03-21 13:50 - 00000000 ____D () C:\Program Files\My Dell
2014-05-20 17:51 - 2014-03-21 13:50 - 00000000 ____D () C:\Program Files\Dell Support Center
2014-05-20 17:51 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-05-20 17:50 - 2014-05-03 14:29 - 00000000 ____D () C:\Program Files (x86)\wp51
2014-05-20 17:46 - 2014-05-05 10:24 - 00000000 ____D () C:\Program Files (x86)\Quicken
2014-05-20 17:46 - 2014-05-03 16:10 - 00000000 ____D () C:\Program Files (x86)\WinRAR
2014-05-20 17:45 - 2014-05-05 16:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-05-20 17:45 - 2014-03-21 13:52 - 00000000 ____D () C:\Program Files (x86)\mcafee.com
2014-05-20 17:44 - 2014-05-13 12:16 - 00000000 ____D () C:\Program Files (x86)\Backblaze
2014-05-20 17:44 - 2014-03-21 13:55 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-05-20 17:44 - 2014-03-21 13:50 - 00000000 ____D () C:\Program Files (x86)\Dell Digital Delivery
2014-05-20 17:34 - 2014-05-16 08:33 - 00000000 ____D () C:\Program Files (x86)\Adobe Download Assistant
2014-05-20 17:32 - 2014-05-02 15:45 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-05-20 17:27 - 2014-05-05 12:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WP-64
2014-05-20 17:26 - 2014-05-06 09:05 - 00000000 ____D () C:\Users\Barry Chapman\Desktop\CapturePerfect 3.0
2014-05-20 17:26 - 2014-05-02 15:45 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Opera Software
2014-05-20 16:57 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\registration
2014-05-20 16:25 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Adobe
2014-05-20 16:25 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\VirtualStore
2014-05-20 16:25 - 2014-03-21 13:55 - 00000000 ____D () C:\ProgramData\Adobe
2014-05-20 16:25 - 2014-03-21 13:50 - 00000000 ____D () C:\ProgramData\PCDr
2014-05-20 16:20 - 2014-05-14 08:30 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-05-20 15:49 - 2014-05-20 14:54 - 00025110 _____ () C:\Users\Barry Chapman\Desktop\Nmc_2014-05-20_14-54-17.log
2014-05-20 14:53 - 2014-05-20 14:53 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Norman Malware Cleaner
2014-05-20 13:56 - 2014-05-02 15:58 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Deployment
2014-05-20 13:35 - 2014-05-20 12:44 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-05-20 12:34 - 2014-05-20 12:34 - 00000914 _____ () C:\Users\Barry Chapman\Desktop\JRT.txt
2014-05-20 11:10 - 2014-05-03 14:40 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Adobe
2014-05-20 10:30 - 2014-05-20 10:29 - 04957528 _____ (SurfRight B.V.) C:\Users\Barry Chapman\Downloads\Unconfirmed 912715.crdownload
2014-05-19 10:55 - 2014-05-19 10:55 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-05-19 10:44 - 2014-05-05 16:53 - 00000000 ____D () C:\Users\Public\Documents\Adobe PDF
2014-05-19 10:20 - 2014-05-19 10:20 - 00000000 ____D () C:\Adobe XI Pro
2014-05-19 07:54 - 2014-05-19 07:54 - 00000000 ____D () C:\Users\Barry Chapman\Documents\ProcAlyzer Dumps
2014-05-18 03:05 - 2014-05-06 13:18 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-16 09:39 - 2014-05-16 09:39 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\SUPERAntiSpyware.com
2014-05-16 09:39 - 2014-05-16 09:39 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-05-16 08:33 - 2014-05-16 08:33 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2014-05-16 08:32 - 2014-05-27 18:11 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Macromedia
2014-05-16 08:32 - 2014-05-16 08:32 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-05-16 08:32 - 2014-05-16 08:32 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-05-15 15:02 - 2014-05-15 15:02 - 00560968 _____ (Safer-Networking Ltd. ) C:\Users\Barry Chapman\Downloads\spybot2-license (1).exe
2014-05-15 14:40 - 2014-05-02 15:45 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Opera Software
2014-05-15 14:27 - 2014-05-15 14:27 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-05-15 13:06 - 2014-05-15 13:05 - 00560968 _____ (Safer-Networking Ltd. ) C:\Users\Barry Chapman\Downloads\spybot2-license.exe
2014-05-15 11:40 - 2014-05-15 11:40 - 00000656 _____ () C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2014-05-15 11:40 - 2014-05-15 11:40 - 00000628 _____ () C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2014-05-15 11:40 - 2014-05-15 11:40 - 00000458 _____ () C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job
2014-05-15 10:56 - 2014-05-15 11:20 - 46392680 _____ (Safer-Networking Ltd. ) C:\Users\Barry Chapman\Downloads\spybot-2.3 (1).exe
2014-05-15 03:28 - 2009-07-14 01:08 - 00014614 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-15 03:03 - 2014-05-06 13:18 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-14 16:16 - 2014-05-14 16:16 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\PDF24
2014-05-14 15:56 - 2014-05-14 15:56 - 00004592 _____ () C:\Windows\System32\Tasks\IdleCrawler Runner
2014-05-14 15:54 - 2014-05-14 15:53 - 02271768 _____ () C:\Users\Barry Chapman\Downloads\Adobe.Acrobat.XI.Pro.v11.0.2.Multilingual.Cracked.exe
2014-05-14 15:27 - 2014-05-14 15:26 - 18873344 _____ () C:\Users\Barry Chapman\Downloads\AcrobatUpd714_all_incr.msp
2014-05-14 15:27 - 2014-05-05 16:54 - 00002501 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat 7.0 Standard.lnk
2014-05-14 15:23 - 2014-05-14 15:22 - 14385152 _____ () C:\Users\Barry Chapman\Downloads\AcrobatUpd713_all_incr.msp
2014-05-14 15:22 - 2014-05-14 15:21 - 03972608 _____ () C:\Users\Barry Chapman\Downloads\AcrobatUpd712_all_incr (1).msp
2014-05-14 15:20 - 2014-05-14 15:20 - 06504448 _____ () C:\Users\Barry Chapman\Downloads\AcroUpd711_all_incr.msp
2014-05-14 15:14 - 2009-07-14 00:45 - 00494176 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-14 15:08 - 2014-05-14 14:34 - 00001520 _____ () C:\Users\Public\Documents\AcStd7_1_0.ini
2014-05-14 14:44 - 2014-05-05 16:54 - 00002459 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Distiller 7.0.lnk
2014-05-14 13:26 - 2014-05-05 12:22 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Help
2014-05-14 11:55 - 2014-05-03 16:40 - 00000000 ____D () C:\Office 2000
2014-05-14 10:26 - 2014-05-14 10:20 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-05-14 10:25 - 2014-05-14 10:25 - 00000000 ____D () C:\Windows\PCHEALTH
2014-05-14 10:22 - 2014-05-14 10:22 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-05-14 10:22 - 2014-05-14 10:22 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-05-14 10:20 - 2014-05-14 10:20 - 00000000 ___RD () C:\MSOCache
2014-05-14 08:36 - 2014-03-21 13:36 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-14 08:36 - 2014-03-21 13:36 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-14 08:36 - 2014-03-21 13:36 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-14 08:30 - 2014-05-14 08:30 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Secunia PSI
2014-05-14 08:29 - 2014-05-14 08:28 - 05329480 _____ (Secunia) C:\Users\Barry Chapman\Downloads\PSISetup.exe
2014-05-13 16:30 - 2014-05-02 15:23 - 00000000 ____D () C:\ProgramData\softthinks
2014-05-13 12:17 - 2014-05-12 07:16 - 00000000 ____D () C:\.bzvol
2014-05-13 12:16 - 2014-05-13 12:16 - 05033216 _____ () C:\Users\Barry Chapman\Downloads\install_backblaze.exe
2014-05-13 12:16 - 2014-05-13 12:16 - 00000000 ____D () C:\ProgramData\Backblaze
2014-05-13 12:04 - 2014-05-13 12:02 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\VMware
2014-05-13 11:38 - 2014-05-13 11:38 - 34209792 _____ () C:\Users\Barry Chapman\Desktop\CHAPMA11_20140505-2014-05-13.QDF-backup
2014-05-13 11:13 - 2014-05-13 08:53 - 00007605 _____ () C:\Users\Barry Chapman\AppData\Local\resmon.resmoncfg
2014-05-13 11:07 - 2014-05-12 13:51 - 00000000 ____D () C:\Program Files\My Lockbox
2014-05-13 11:07 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\spool
2014-05-13 10:04 - 2014-05-13 10:04 - 00000000 _____ () C:\Users\Barry Chapman\AppData\Local\{89B78C50-3F1E-4624-B5B6-B21F413891C7}
2014-05-13 09:55 - 2010-11-21 03:16 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-05-13 08:51 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\Documents\Bluetooth Folder
2014-05-12 20:58 - 2014-05-12 20:43 - 00000000 ____D () C:\Users\Barry Chapman\.asdm
2014-05-12 20:43 - 2014-05-12 20:43 - 00000000 ____D () C:\Program Files (x86)\Cisco Systems
2014-05-12 16:26 - 2014-05-12 16:26 - 00010295 _____ () C:\Users\Barry Chapman\Documents\141046 commitment.wpd
2014-05-12 16:21 - 2014-05-12 16:21 - 00002380 _____ () C:\Users\Barry Chapman\Documents\141046 DATA FILE.wpd
2014-05-12 13:50 - 2014-05-12 13:50 - 04090994 _____ () C:\Users\Barry Chapman\Downloads\mylockbox_setup.zip
2014-05-09 11:38 - 2014-05-09 11:38 - 00000000 ____D () C:\Users\Barry Chapman\Documents\CCWin
2014-05-09 09:28 - 2014-05-05 12:22 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Help
2014-05-09 07:39 - 2014-05-09 07:39 - 00002187 _____ () C:\Users\Public\Desktop\VMware Player.lnk
2014-05-09 07:39 - 2014-05-09 07:39 - 00000000 ____D () C:\Program Files (x86)\VMware
2014-05-09 07:39 - 2011-02-10 10:33 - 00807106 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-05-09 07:38 - 2014-05-09 07:38 - 00000000 ____D () C:\Program Files\Common Files\VMware
2014-05-09 07:35 - 2014-05-09 07:33 - 114794792 _____ (VMware, Inc.) C:\Users\Barry Chapman\Downloads\VMware-player-4.0.6-1035888.exe
2014-05-09 02:14 - 2014-05-14 05:44 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 02:11 - 2014-05-14 05:44 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-07 15:50 - 2014-05-02 16:12 - 00003908 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-07 15:50 - 2014-05-02 16:12 - 00003656 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-07 09:29 - 2014-05-07 09:29 - 00000000 ____D () C:\ProgramData\Canon Electronics
2014-05-07 09:25 - 2014-05-03 13:30 - 00000000 ____D () C:\Program Files (x86)\Canon Electronics
2014-05-07 09:25 - 2014-03-21 13:42 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-07 09:22 - 2014-05-07 09:20 - 79468544 _____ () C:\Users\Barry Chapman\Downloads\CP_Upgrade_V3137 (1).exe
2014-05-07 09:22 - 2014-05-06 07:29 - 00000000 ____D () C:\CapturePerfect Upgrade
2014-05-06 15:59 - 2014-05-06 15:56 - 00000000 ____D () C:\Users\Barry Chapman\Documents\My Documents from old
2014-05-06 14:42 - 2014-05-06 14:42 - 00119964 _____ () C:\Users\Barry Chapman\Downloads\GSCCCA Online Statement.htm
2014-05-06 13:22 - 2014-05-03 13:30 - 00000125 _____ () C:\Windows\SetScan.ini
2014-05-06 13:12 - 2014-05-03 13:30 - 00017862 _____ () C:\Windows\DPINST.LOG
2014-05-06 13:09 - 2014-05-06 13:09 - 14393344 _____ () C:\Users\Barry Chapman\Downloads\2580DRIT_V18SP1 (1).exe
2014-05-06 10:10 - 2014-05-06 10:10 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Oracle
2014-05-06 10:09 - 2014-05-06 10:09 - 00000000 ____D () C:\ProgramData\Sun
2014-05-06 10:09 - 2014-05-06 10:09 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-06 10:07 - 2014-05-06 10:07 - 00921512 _____ (Oracle Corporation) C:\Users\Barry Chapman\Downloads\chromeinstall-7u55.exe
2014-05-06 10:04 - 2014-05-06 10:05 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-05-06 10:04 - 2014-05-06 10:04 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-05-06 10:04 - 2014-05-06 10:04 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-05-06 10:04 - 2014-05-06 10:04 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-05-06 10:04 - 2014-05-06 10:04 - 00000000 ____D () C:\Program Files\Java
2014-05-06 10:04 - 2014-05-06 10:03 - 30818216 _____ (Oracle Corporation) C:\Users\Barry Chapman\Downloads\jre-7u55-windows-x64.exe
2014-05-06 09:27 - 2014-05-06 09:27 - 28808192 _____ () C:\Users\Barry Chapman\Downloads\CP_Upgrade_Ver_3097 (1).exe
2014-05-06 09:06 - 2014-05-06 09:06 - 00000000 _____ () C:\Users\Barry Chapman\Sti_Trace.log
2014-05-06 09:06 - 2014-05-05 17:43 - 00005432 _____ () C:\Windows\pixcache.ini
2014-05-06 08:51 - 2014-05-06 08:51 - 00249856 _____ () C:\Users\Barry Chapman\Downloads\RepairReg.exe
2014-05-06 08:51 - 2014-05-06 08:51 - 00000000 ____D () C:\DR Scanner
2014-05-06 08:47 - 2014-05-06 08:45 - 79468544 _____ () C:\Users\Barry Chapman\Downloads\CP_Upgrade_V3137.exe
2014-05-06 08:43 - 2014-05-06 08:43 - 00000000 ____D () C:\DR2580C
2014-05-06 08:42 - 2014-05-06 08:42 - 14393344 _____ () C:\Users\Barry Chapman\Downloads\2580DRIT_V18SP1.exe
2014-05-06 08:35 - 2014-05-06 08:35 - 00000000 ____D () C:\Users\Barry Chapman\Downloads\d1041mux
2014-05-06 08:35 - 2014-05-06 08:34 - 13259652 _____ () C:\Users\Barry Chapman\Downloads\d1041mux.zip
2014-05-06 07:31 - 2014-05-06 07:31 - 00003228 _____ () C:\Windows\System32\Tasks\{E819857F-629F-4F7B-9FE3-F8B1467A5C1B}
2014-05-06 03:03 - 2014-05-06 03:03 - 00288324 _____ () C:\Windows\msxml4-KB973688-enu.LOG
2014-05-06 03:03 - 2014-05-06 03:02 - 00292408 _____ () C:\Windows\msxml4-KB954430-enu.LOG
2014-05-06 03:02 - 2014-05-06 03:02 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-05-06 00:40 - 2014-05-15 03:06 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 00:17 - 2014-05-15 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-05 23:25 - 2014-05-15 03:06 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-05 23:07 - 2014-05-15 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-05 23:00 - 2014-05-15 03:06 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-05 22:10 - 2014-05-15 03:06 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-05 19:26 - 2014-05-05 17:52 - 28808192 _____ () C:\Users\Barry Chapman\Downloads\CP_Upgrade_Ver_3097.exe
2014-05-05 17:48 - 2014-03-21 13:55 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-05 17:43 - 2014-05-05 17:43 - 00003050 _____ () C:\Windows\System32\Tasks\{BEA2EFCD-E2FA-474A-BB2F-ADE6F46BED5D}
2014-05-05 16:56 - 2014-05-05 16:56 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\AdobeUM
2014-05-05 16:54 - 2014-05-05 16:54 - 00002039 _____ () C:\Users\Public\Desktop\Adobe Acrobat 7.0 Standard.lnk
2014-05-05 16:24 - 2014-05-05 16:23 - 13084896 _____ (Microsoft Corporation) C:\Users\Barry Chapman\Downloads\Silverlight_x64 (1).exe
2014-05-05 16:23 - 2014-05-05 16:23 - 13084896 _____ (Microsoft Corporation) C:\Users\Barry Chapman\Downloads\Silverlight_x64.exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_point64_01011.Wdf
2014-05-05 16:12 - 2014-05-05 16:12 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_dc3d_01011.Wdf
2014-05-05 15:53 - 2014-05-05 15:52 - 19495200 _____ () C:\Users\Barry Chapman\Downloads\upd-ps-x64-5.8.0.17508.exe
2014-05-05 15:53 - 2014-05-05 15:50 - 00000000 ____D () C:\HP Universal Print Driver
2014-05-05 15:49 - 2014-05-05 15:49 - 18409760 _____ () C:\Users\Barry Chapman\Downloads\upd-pcl6-x64-5.8.0.17508.exe
2014-05-05 14:53 - 2014-05-05 14:53 - 00001534 _____ () C:\Users\Barry Chapman\Desktop\Landtech XML.lnk
2014-05-05 14:52 - 2014-05-05 14:52 - 00204800 _____ (Landtech Data Corporation) C:\Windows\SysWOW64\ltwpvsw.DLL
2014-05-05 14:52 - 2014-05-05 14:52 - 00065536 _____ (Landtech Data Corp.) C:\Windows\SysWOW64\LTWNode.exe
2014-05-05 14:52 - 2014-05-05 14:52 - 00004726 _____ () C:\Windows\BOOTSTRAP.LOG
2014-05-05 14:52 - 2014-05-05 14:52 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Landtech XML
2014-05-05 14:44 - 2014-05-05 14:44 - 00000519 _____ () C:\Windows\ODBCINST.INI
2014-05-05 14:44 - 2014-05-05 14:44 - 00000000 ____D () C:\ProgramData\Pervasive Software
2014-05-05 14:44 - 2014-05-05 14:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pervasive
2014-05-05 14:44 - 2014-05-05 14:44 - 00000000 ____D () C:\Program Files (x86)\Pervasive Software
2014-05-05 14:18 - 2014-05-05 14:18 - 00000000 ____D () C:\Wages
2014-05-05 14:17 - 2014-05-05 14:15 - 88823072 _____ () C:\Users\Barry Chapman\Downloads\PSQL-Workgroup-10.30.022.000-win.x86.exe
2014-05-05 12:34 - 2014-05-05 12:34 - 32856361 _____ (wpdos.org ) C:\Users\Barry Chapman\Downloads\WP64DOSBox-Setup.exe
2014-05-05 12:18 - 2014-05-03 13:14 - 00000000 ____D () C:\Program Files (x86)\WordPerfect Office 12
2014-05-05 11:40 - 2014-05-05 11:40 - 00321535 _____ () C:\Users\Barry Chapman\Downloads\contacts.csv
2014-05-05 11:26 - 2014-05-05 11:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-05 11:25 - 2014-05-05 11:25 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Barry Chapman\Downloads\mbam-setup-2.0.1.1004 (1).exe
2014-05-05 11:25 - 2014-05-05 11:24 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Barry Chapman\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-05 11:17 - 2014-05-05 11:16 - 01069064 _____ (Medlin Accounting Software ) C:\Users\Barry Chapman\Downloads\_05-01-2014_medlin_PR_4-6.exe
2014-05-05 11:17 - 2014-05-05 10:49 - 00000580 _____ () C:\Users\Public\Desktop\Medlin Accounting.lnk
2014-05-05 10:40 - 2014-05-05 10:40 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\QuickenWindow
2014-05-05 10:36 - 2014-05-05 10:36 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\IsolatedStorage
2014-05-05 10:28 - 2014-05-05 10:28 - 00000000 ____D () C:\Users\Barry Chapman\Documents\Quicken
2014-05-05 10:24 - 2014-05-05 10:24 - 00001808 _____ () C:\Users\Public\Desktop\Quicken Deluxe 2014.lnk
2014-05-05 10:24 - 2014-05-05 10:24 - 00000126 _____ () C:\Windows\QUICKEN.INI
2014-05-05 10:24 - 2014-05-05 10:24 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Intuit
2014-05-05 10:23 - 2014-05-05 10:23 - 00000000 ____D () C:\ProgramData\Intuit
2014-05-05 10:21 - 2014-05-05 10:18 - 112168720 _____ (Intuit Inc. ) C:\Users\Barry Chapman\Downloads\QW14DLX.exe
2014-05-05 08:58 - 2014-05-05 08:58 - 00000000 __SHD () C:\Users\Barry Chapman\AppData\Local\EmieUserList
2014-05-05 08:58 - 2014-05-05 08:58 - 00000000 __SHD () C:\Users\Barry Chapman\AppData\Local\EmieSiteList
2014-05-05 03:06 - 2014-05-27 18:11 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Microsoft Help
2014-05-05 03:06 - 2014-05-05 03:06 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-05-05 03:06 - 2014-05-05 03:06 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-05-04 18:11 - 2014-05-03 12:01 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\PCDr
2014-05-04 03:39 - 2011-02-10 10:25 - 00000000 ____D () C:\dell
2014-05-03 16:46 - 2014-05-03 16:46 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-05-03 16:30 - 2014-05-03 16:11 - 628097024 _____ () C:\Users\Barry Chapman\Downloads\DVD_Office_2010_32Bit.iso
2014-05-03 16:26 - 2014-05-03 16:26 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\WinRAR
2014-05-03 16:23 - 2014-05-03 16:23 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Macromedia
2014-05-03 16:21 - 2014-05-03 16:21 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Mozilla
2014-05-03 16:21 - 2014-05-03 16:21 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Mozilla
2014-05-03 16:21 - 2014-05-03 16:21 - 00000000 ____D () C:\ProgramData\Mozilla
2014-05-03 16:10 - 2014-05-03 16:10 - 01766784 _____ () C:\Users\Barry Chapman\Downloads\wrar500.exe
2014-05-03 16:10 - 2014-05-03 16:10 - 00001007 _____ () C:\Users\Public\Desktop\WinRAR.lnk
2014-05-03 15:41 - 2014-05-03 15:41 - 00000376 _____ () C:\Windows\ODBC.INI
2014-05-03 15:40 - 2014-05-03 15:40 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Microsoft Web Folders
2014-05-03 15:20 - 2014-05-03 15:20 - 00718172 _____ () C:\Users\Barry Chapman\Downloads\Windows6.1-KB917607-x64.msu
2014-05-03 15:20 - 2014-05-03 15:20 - 00703811 _____ () C:\Users\Barry Chapman\Downloads\Windows6.1-KB917607-x86.msu
2014-05-03 14:14 - 2014-05-03 14:14 - 00000000 ____D () C:\Program Files (x86)\Kyocera
2014-05-03 14:02 - 2014-05-03 14:02 - 00003102 _____ () C:\Windows\System32\Tasks\{274EC4EA-7BEE-46DD-B238-1777098F3282}
2014-05-03 13:53 - 2014-05-03 13:53 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Canon Electronics
2014-05-03 13:52 - 2014-05-03 13:38 - 00000000 ____D () C:\Users\Barry Chapman\Documents\Corel User Files
2014-05-03 13:38 - 2014-05-03 13:38 - 00061678 _____ () C:\Users\Barry Chapman\AppData\Roaming\PFP120JPR.{PB
2014-05-03 13:38 - 2014-05-03 13:38 - 00012358 _____ () C:\Users\Barry Chapman\AppData\Roaming\PFP120JCM.{PB
2014-05-03 13:38 - 2014-05-03 13:38 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Corel
2014-05-03 13:17 - 2014-05-03 13:17 - 00002607 _____ () C:\Users\Barry Chapman\Desktop\WordPerfect.lnk
2014-05-02 16:23 - 2014-05-02 16:12 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Google
2014-05-02 15:58 - 2014-05-02 15:58 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Apps\2.0
2014-05-02 15:42 - 2014-05-02 15:42 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Macromedia
2014-05-02 15:26 - 2014-05-02 15:26 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Intel Corporation
2014-05-02 15:25 - 2014-05-02 15:25 - 00004004 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2014-05-02 15:25 - 2014-05-02 15:25 - 00003214 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest
2014-05-02 15:25 - 2014-05-02 15:25 - 00001415 _____ () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-02 15:25 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Leadertech
2014-05-02 15:25 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Dell
2014-05-02 15:25 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Atheros
2014-05-02 15:25 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\BMExplorer
2014-05-02 15:23 - 2014-05-02 15:23 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\softthinks
2014-05-02 15:18 - 2014-05-02 15:18 - 00001975 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Help Documentation.lnk
2014-05-02 15:17 - 2014-05-02 15:17 - 00000020 ___SH () C:\Users\Barry Chapman\ntuser.ini
2014-05-02 15:09 - 2011-02-10 10:25 - 00000000 ____D () C:\Windows\panther
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-05-27 15:15
==================== End Of Log ============================
brchapman
2014-05-28, 17:47
Would it help to delete the Mozilla folder under the App Data/Roaming?
Yes, do that
Were going to run another quick fix with FSRT so delete the old fix so we dont get them mixed up
Open notepad. Please copy the contents of the quote box below. To do this highlight the contents of the box and right click on it and select copy.
Open Notepad and paste this in
Start
FF NetworkProxy: "type", 1);user_pref("network.proxy.http", "127.0.0.1");user_pref("network.proxy.http_port", 8118);user_pref("network.proxy.ssl", "127.0.0.1");user_pref("network.cookie.cookieBehavior", 1
End
Paste this into the open notepad. save it to the Desktop as fixlist.txt
NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.
It needs to be saved Next to the "Farbar Recovery Scan Tool" (FRST) program (If asked to overwrite existing one please allow)
brchapman
2014-05-28, 20:06
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-05-2014 02
Ran by Barry Chapman at 2014-05-28 13:05:20 Run:2
Running from C:\Users\Barry Chapman\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
FF NetworkProxy: "type", 1);user_pref("network.proxy.http", "127.0.0.1");user_pref("network.proxy.http_port", 8118);user_pref("network.proxy.ssl", "127.0.0.1");user_pref("network.cookie.cookieBehavior", 1
End
*****************
Firefox Proxy settings were reset.
==== End of Fixlog ====
brchapman
2014-05-28, 20:09
Here's the log scan after the last fix:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-05-2014 02
Ran by Barry Chapman (administrator) on BARRYSNEW on 28-05-2014 13:08:01
Running from C:\Users\Barry Chapman\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
() C:\Program Files (x86)\Backblaze\bzserv.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Pervasive Software Inc.) C:\Program Files (x86)\Pervasive Software\PSQL\bin\w3dbsmgr.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files (x86)\Backblaze\bzbui.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
() C:\Program Files (x86)\Quicken\qw.exe
(Landtech Data Corporation) C:\LTAPPS\LTWXML\LTWMain.exe
(Landtech Data Corp.) C:\Windows\SysWOW64\LTWNode.exe
(Landtech Data Corporation) C:\LTAPPS\LTWXML\LtwOld.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(McAfee, Inc.) C:\Program Files\mcafee\virusscan\McVsShld.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7194840 2013-07-26] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-07-29] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286056 2013-07-29] (Intel Corporation)
HKLM\...\Run: [CANON DR2580C SVC] => C:\Windows\system32\DR25SVC.dll [152576 2012-12-17] (Canon Electronics)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101584 2014-04-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [645168 2013-09-11] (McAfee, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoFolderOptions] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-670280924-550259233-2201882432-1000\...\Run: [updateMgr] => C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe [313472 2006-03-30] (Adobe Systems Incorporated)
HKU\S-1-5-21-670280924-550259233-2201882432-1000\...\Run: [Backblaze] => C:\Program Files (x86)\Backblaze\bzbui.exe [492136 2014-05-13] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
ShortcutTarget: Adobe Acrobat Speed Launcher.lnk -> C:\Windows\Installer\{AC76BA86-1033-F400-BA7E-100000000002}\SC_Acrobat.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start Pervasive PSQL Workgroup Engine.lnk
ShortcutTarget: Start Pervasive PSQL Workgroup Engine.lnk -> C:\Windows\Installer\{0A3238D7-AB32-1030-B717-F3E3F18B4A8C}\WGE.14A03FCD_EA43_4130_A5C0_F02D38895A13.exe ()
Startup: C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
ShortcutTarget: ERUNT AutoBackup.lnk -> C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {D81273E4-7658-47B6-8075-3D404C64D87C} URL = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=DCJB
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {D81273E4-7658-47B6-8075-3D404C64D87C} URL = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=DCJB
SearchScopes: HKLM-x32 - {D81273E4-7658-47B6-8075-3D404C64D87C} URL = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=DCJB
SearchScopes: HKCU - DefaultScope {D81273E4-7658-47B6-8075-3D404C64D87C} URL =
SearchScopes: HKCU - {D81273E4-7658-47B6-8075-3D404C64D87C} URL =
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Qualcomm®Atheros®)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4 205.152.144.23 205.152.132.23
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-03-21]
Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR StartupUrls: "hxxp://www.google.com/"
CHR Extension: (Google Docs) - C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-02]
CHR Extension: (Google Drive) - C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-02]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-20]
CHR Extension: (YouTube) - C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-02]
CHR Extension: (Google Search) - C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-02]
CHR Extension: (Google Wallet) - C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-02]
CHR Extension: (Gmail) - C:\Users\Barry Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-02]
==================== Services (Whitelisted) =================
R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [312448 2013-07-02] (Windows (R) Win 7 DDK provider)
R2 bzserv; C:\Program Files (x86)\Backblaze\bzserv.exe [234600 2014-05-13] ()
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [14696 2013-07-29] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-25] (Intel Corporation)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334760 2012-12-21] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.)
R2 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-03-18] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-04-03] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-04-03] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-19] (Realtek Semiconductor)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738200 2014-04-25] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [1915920 2014-04-04] (SoftThinks SAS)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [81536 2013-06-20] (Atheros)
==================== Drivers (Whitelisted) ====================
R3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [77464 2013-07-02] (Qualcomm Atheros)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70592 2014-04-03] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2013-07-24] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [177544 2014-04-03] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311856 2014-04-03] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [522360 2014-04-03] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [784760 2014-04-03] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [441264 2014-03-18] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96592 2014-03-18] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [346760 2014-04-03] (McAfee, Inc.)
R1 SDHookDriver; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys [64160 2014-04-25] ()
R3 usbscan; C:\Windows\SysWOW64\DRIVERS\usbscan.sys [14000 2002-05-13] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-28 13:05 - 2014-05-28 13:05 - 00000000 _____ () C:\prefs.js
2014-05-28 11:48 - 2014-05-28 11:48 - 00000000 ____H () C:\Users\Barry Chapman\Documents\Default.rdp
2014-05-28 10:16 - 2014-05-28 10:16 - 00003280 _____ () C:\Windows\System32\Tasks\{95BE5CC7-569D-4DCD-8121-A5FE0664FAF2}
2014-05-28 10:12 - 2014-05-28 10:12 - 00001319 _____ () C:\Users\Barry Chapman\Desktop\Revo Uninstaller.lnk
2014-05-28 10:12 - 2014-05-28 10:12 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-28 10:11 - 2014-05-28 10:11 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Barry Chapman\Desktop\revosetup.exe
2014-05-28 08:59 - 2014-05-28 08:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-05-28 07:18 - 2014-05-28 07:18 - 00065311 _____ () C:\Users\Barry Chapman\Desktop\Result.txt
2014-05-28 07:14 - 2014-05-28 07:14 - 00982016 _____ (Farbar) C:\Users\Barry Chapman\Desktop\MiniToolBox.exe
2014-05-27 18:13 - 2014-05-27 18:13 - 00132680 _____ () C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-27 18:13 - 2014-05-27 18:13 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\WinRAR
2014-05-27 18:13 - 2014-05-27 18:13 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Intel Corporation
2014-05-27 18:12 - 2014-05-27 18:12 - 00001460 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-27 18:12 - 2014-05-27 18:12 - 00000000 ___RD () C:\Users\Administrator\Virtual Machines
2014-05-27 18:12 - 2014-05-27 18:12 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-27 18:12 - 2014-05-27 18:12 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-27 18:12 - 2014-05-27 18:12 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Adobe
2014-05-27 18:12 - 2014-05-27 18:12 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-05-27 18:11 - 2014-05-27 18:12 - 00000000 ____D () C:\Users\Administrator
2014-05-27 18:11 - 2014-05-27 18:11 - 00000020 ___SH () C:\Users\Administrator\ntuser.ini
2014-05-27 18:11 - 2014-05-20 18:19 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-27 18:11 - 2014-05-20 18:19 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-27 18:11 - 2014-05-16 08:32 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Macromedia
2014-05-27 18:11 - 2014-05-05 03:06 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Microsoft Help
2014-05-27 16:22 - 2014-05-28 13:08 - 00020383 _____ () C:\Users\Barry Chapman\Desktop\FRST.txt
2014-05-27 16:22 - 2014-05-28 13:08 - 00000000 ____D () C:\FRST
2014-05-27 16:22 - 2014-05-27 17:32 - 00038057 _____ () C:\Users\Barry Chapman\Desktop\Addition.txt
2014-05-27 16:21 - 2014-05-27 16:21 - 02066944 _____ (Farbar) C:\Users\Barry Chapman\Desktop\FRST64.exe
2014-05-27 13:59 - 2014-05-27 15:40 - 00000008 _____ () C:\LTLASTFN.DAT
2014-05-27 13:29 - 2014-05-27 13:29 - 00043987 _____ () C:\ComboFix.txt
2014-05-27 12:58 - 2011-06-26 02:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-27 12:58 - 2010-11-07 13:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-27 12:58 - 2009-04-20 00:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-27 12:58 - 2000-08-30 20:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-27 12:58 - 2000-08-30 20:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-27 12:58 - 2000-08-30 20:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-27 12:58 - 2000-08-30 20:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-27 12:58 - 2000-08-30 20:00 - 00068096 _____ () C:\Windows\zip.exe
2014-05-27 12:51 - 2014-05-27 12:51 - 00001540 _____ () C:\Users\Barry Chapman\Desktop\ComboFix.exe - Shortcut.lnk
2014-05-27 12:50 - 2014-05-27 13:29 - 00000000 ____D () C:\Qoobox
2014-05-27 11:30 - 2014-05-27 11:30 - 00000000 ___RD () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-05-27 11:23 - 2014-05-27 11:23 - 00000000 ____D () C:\_OTL
2014-05-27 10:03 - 2014-05-27 10:03 - 00056788 _____ () C:\Users\Barry Chapman\Downloads\Extras.Txt
2014-05-27 10:02 - 2014-05-27 15:57 - 00198204 _____ () C:\Users\Barry Chapman\Downloads\OTL.Txt
2014-05-27 09:54 - 2014-05-27 09:54 - 00602112 _____ (OldTimer Tools) C:\Users\Barry Chapman\Downloads\OTL.exe
2014-05-27 09:25 - 2014-05-27 09:13 - 01440846 _____ () C:\Program Files (x86)\mbam-chameleon-1.62.1.1000.zip
2014-05-27 09:18 - 2014-05-27 09:18 - 00000000 ____D () C:\Malwarebytes' Anti-Malware
2014-05-27 09:01 - 2014-05-27 09:01 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Barry Chapman\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-05-27 08:58 - 2014-05-27 08:58 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Barry Chapman\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-26 10:19 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-26 10:17 - 2014-05-26 10:17 - 01327971 _____ () C:\Users\Barry Chapman\Downloads\AdwCleaner.exe
2014-05-25 11:49 - 2014-05-25 11:49 - 00004447 _____ () C:\Users\Barry Chapman\Desktop\attach.zip
2014-05-25 11:38 - 2014-05-25 11:38 - 00002135 _____ () C:\Users\Barry Chapman\Desktop\aswMBR.txt
2014-05-25 11:38 - 2014-05-25 11:38 - 00000512 _____ () C:\Users\Barry Chapman\Desktop\MBR.dat
2014-05-25 10:52 - 2014-05-25 10:52 - 00004315 _____ () C:\Users\Barry Chapman\Desktop\attach.rar
2014-05-25 10:46 - 2014-05-25 10:46 - 00042419 _____ () C:\Users\Barry Chapman\Desktop\dds.txt
2014-05-25 10:46 - 2014-05-25 10:46 - 00020635 _____ () C:\Users\Barry Chapman\Desktop\attach.txt
2014-05-25 10:43 - 2014-05-25 10:43 - 04745728 _____ (AVAST Software) C:\Users\Barry Chapman\Downloads\aswMBR.exe
2014-05-25 10:38 - 2014-05-27 13:27 - 00000000 ____D () C:\Windows\ERDNT
2014-05-25 10:38 - 2014-05-25 10:38 - 00688992 ____R (Swearware) C:\Users\Barry Chapman\Downloads\dds (1).scr
2014-05-25 10:36 - 2014-05-25 10:37 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-05-25 10:36 - 2014-05-25 10:36 - 00791393 _____ (Lars Hederer ) C:\Users\Barry Chapman\Downloads\erunt-setup (2).exe
2014-05-25 10:36 - 2014-05-25 10:36 - 00000960 _____ () C:\Users\Barry Chapman\Desktop\ERUNT.lnk
2014-05-25 10:36 - 2014-05-25 10:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
2014-05-24 12:00 - 2014-05-24 12:00 - 00688992 _____ (Swearware) C:\Users\Barry Chapman\Downloads\dds.scr
2014-05-24 11:59 - 2014-05-24 11:59 - 00791393 _____ (Lars Hederer ) C:\Users\Barry Chapman\Downloads\erunt-setup (1).exe
2014-05-24 11:57 - 2014-05-24 11:57 - 00791393 _____ (Lars Hederer ) C:\Users\Barry Chapman\Downloads\erunt-setup.exe
2014-05-23 08:25 - 2014-05-23 08:25 - 00000000 ____D () C:\New folder
2014-05-23 07:48 - 2014-05-23 07:48 - 624028561 _____ () C:\Windows\MEMORY.DMP
2014-05-23 07:48 - 2014-05-23 07:48 - 00280128 _____ () C:\Windows\Minidump\052314-21138-01.dmp
2014-05-23 07:48 - 2014-05-23 07:48 - 00000000 ____D () C:\Windows\Minidump
2014-05-23 07:43 - 2014-05-23 07:43 - 00162208 _____ () C:\Users\Barry Chapman\Downloads\Antivirus_Free_Edition (1).exe
2014-05-23 07:41 - 2014-05-23 07:41 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\QuickScan
2014-05-23 07:40 - 2014-05-23 07:43 - 10447328 _____ () C:\Users\Barry Chapman\Downloads\Antivirus_Free_Edition_x64.exe
2014-05-23 07:39 - 2014-05-23 07:39 - 00162208 _____ () C:\Users\Barry Chapman\Downloads\Antivirus_Free_Edition.exe
2014-05-22 15:37 - 2014-05-22 15:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2014-05-22 15:35 - 2014-05-22 15:35 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-05-22 15:35 - 2014-05-22 15:35 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-05-22 15:35 - 2014-05-22 15:35 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-05-22 15:35 - 2014-05-22 15:35 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-05-22 15:35 - 2014-05-22 15:35 - 00000000 ____D () C:\Program Files (x86)\Java
2014-05-22 13:22 - 2014-05-22 13:23 - 00051706 _____ () C:\Windows\SysWOW64\bddel.dat
2014-05-22 10:47 - 2014-05-22 10:47 - 00000000 ____D () C:\Program Files (x86)\Spybot
2014-05-22 08:13 - 2014-05-22 09:31 - 00017970 _____ () C:\Users\Barry Chapman\Desktop\Nmc_2014-05-22_08-13-17.log
2014-05-22 08:08 - 2014-05-22 08:11 - 00003374 _____ () C:\Users\Barry Chapman\Desktop\Nmc_2014-05-22_08-08-46.log
2014-05-22 07:57 - 2014-05-22 08:06 - 332119856 _____ (Norman Shark AS) C:\Users\Barry Chapman\Downloads\Norman_Malware_Cleaner (1).exe
2014-05-21 11:27 - 2014-05-21 11:27 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\TuneUp Software
2014-05-21 11:16 - 2014-05-23 07:03 - 00000000 ____D () C:\ProgramData\MFAData
2014-05-21 11:16 - 2014-05-21 11:16 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\MFAData
2014-05-21 11:15 - 2014-05-21 11:15 - 04485528 _____ (AVG Technologies) C:\Users\Barry Chapman\Downloads\avg_free_stb_all_2014_4577_cnet.exe
2014-05-21 09:31 - 2014-05-21 10:04 - 00014960 _____ () C:\Users\Barry Chapman\Desktop\Nmc_2014-05-21_09-31-37.log
2014-05-21 09:01 - 2014-05-21 09:08 - 331917560 _____ (Norman Shark AS) C:\Users\Barry Chapman\Downloads\Norman_Malware_Cleaner.exe
2014-05-20 14:54 - 2014-05-20 15:49 - 00025110 _____ () C:\Users\Barry Chapman\Desktop\Nmc_2014-05-20_14-54-17.log
2014-05-20 14:53 - 2014-05-20 14:53 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Norman Malware Cleaner
2014-05-20 12:44 - 2014-05-20 13:35 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-05-20 12:34 - 2014-05-20 12:34 - 00000914 _____ () C:\Users\Barry Chapman\Desktop\JRT.txt
2014-05-20 10:29 - 2014-05-20 10:30 - 04957528 _____ (SurfRight B.V.) C:\Users\Barry Chapman\Downloads\Unconfirmed 912715.crdownload
2014-05-19 16:42 - 2014-05-26 10:25 - 00000000 ____D () C:\AdwCleaner
2014-05-19 10:55 - 2014-05-19 10:55 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-05-19 10:20 - 2014-05-19 10:20 - 00000000 ____D () C:\Adobe XI Pro
2014-05-19 08:08 - 2014-05-20 18:24 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-05-19 07:54 - 2014-05-19 07:54 - 00000000 ____D () C:\Users\Barry Chapman\Documents\ProcAlyzer Dumps
2014-05-16 10:51 - 2014-05-27 09:22 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\CrashDumps
2014-05-16 09:39 - 2014-05-16 09:39 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\SUPERAntiSpyware.com
2014-05-16 09:39 - 2014-05-16 09:39 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-05-16 08:33 - 2014-05-20 17:34 - 00000000 ____D () C:\Program Files (x86)\Adobe Download Assistant
2014-05-16 08:33 - 2014-05-16 08:33 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2014-05-16 08:32 - 2014-05-16 08:32 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-05-16 08:32 - 2014-05-16 08:32 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-05-15 15:02 - 2014-05-15 15:02 - 00560968 _____ (Safer-Networking Ltd. ) C:\Users\Barry Chapman\Downloads\spybot2-license (1).exe
2014-05-15 14:27 - 2014-05-15 14:27 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-05-15 13:05 - 2014-05-15 13:06 - 00560968 _____ (Safer-Networking Ltd. ) C:\Users\Barry Chapman\Downloads\spybot2-license.exe
2014-05-15 12:49 - 2009-06-10 17:00 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hosts.20140515-124903.backup
2014-05-15 11:40 - 2014-05-22 10:49 - 00001446 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-05-15 11:40 - 2014-05-22 10:49 - 00001434 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-05-15 11:40 - 2014-05-22 10:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-05-15 11:40 - 2014-05-15 11:40 - 00000656 _____ () C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2014-05-15 11:40 - 2014-05-15 11:40 - 00000628 _____ () C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2014-05-15 11:40 - 2014-05-15 11:40 - 00000458 _____ () C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job
2014-05-15 11:40 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2014-05-15 11:21 - 2014-05-22 10:51 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-05-15 11:21 - 2014-05-22 10:49 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-05-15 11:20 - 2014-05-15 10:56 - 46392680 _____ (Safer-Networking Ltd. ) C:\Users\Barry Chapman\Downloads\spybot-2.3 (1).exe
2014-05-15 03:25 - 2014-05-20 17:52 - 00000000 ___RD () C:\Users\Barry Chapman\Virtual Machines
2014-05-15 03:06 - 2014-05-06 00:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-15 03:06 - 2014-05-06 00:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-15 03:06 - 2014-05-05 23:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-15 03:06 - 2014-05-05 23:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-15 03:06 - 2014-05-05 23:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-15 03:06 - 2014-05-05 22:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-14 16:16 - 2014-05-14 16:16 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\PDF24
2014-05-14 15:56 - 2014-05-26 10:24 - 00000000 ____D () C:\Program Files (x86)\MSR
2014-05-14 15:56 - 2014-05-14 15:56 - 00004592 _____ () C:\Windows\System32\Tasks\IdleCrawler Runner
2014-05-14 15:54 - 2014-05-20 17:52 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\wi_upd
2014-05-14 15:53 - 2014-05-14 15:54 - 02271768 _____ () C:\Users\Barry Chapman\Downloads\Adobe.Acrobat.XI.Pro.v11.0.2.Multilingual.Cracked.exe
2014-05-14 15:26 - 2014-05-14 15:27 - 18873344 _____ () C:\Users\Barry Chapman\Downloads\AcrobatUpd714_all_incr.msp
2014-05-14 15:22 - 2014-05-14 15:23 - 14385152 _____ () C:\Users\Barry Chapman\Downloads\AcrobatUpd713_all_incr.msp
2014-05-14 15:21 - 2014-05-14 15:22 - 03972608 _____ () C:\Users\Barry Chapman\Downloads\AcrobatUpd712_all_incr (1).msp
2014-05-14 15:20 - 2014-05-14 15:20 - 06504448 _____ () C:\Users\Barry Chapman\Downloads\AcroUpd711_all_incr.msp
2014-05-14 14:34 - 2014-05-14 15:08 - 00001520 _____ () C:\Users\Public\Documents\AcStd7_1_0.ini
2014-05-14 11:56 - 2014-05-27 18:11 - 00000000 ____D () C:\Users\Barry Chapman\Documents\Outlook Files
2014-05-14 10:26 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-05-14 10:25 - 2014-05-14 10:25 - 00000000 ____D () C:\Windows\PCHEALTH
2014-05-14 10:22 - 2014-05-14 10:22 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-05-14 10:22 - 2014-05-14 10:22 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-05-14 10:20 - 2014-05-14 10:26 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-05-14 10:20 - 2014-05-14 10:20 - 00000000 ___RD () C:\MSOCache
2014-05-14 08:30 - 2014-05-20 16:20 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-05-14 08:30 - 2014-05-14 08:30 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Secunia PSI
2014-05-14 08:28 - 2014-05-14 08:29 - 05329480 _____ (Secunia) C:\Users\Barry Chapman\Downloads\PSISetup.exe
2014-05-14 05:44 - 2014-05-09 02:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-14 05:44 - 2014-05-09 02:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-14 05:44 - 2014-04-11 22:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 05:44 - 2014-04-11 22:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 05:44 - 2014-04-11 22:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 05:44 - 2014-04-11 22:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 05:44 - 2014-04-11 22:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 05:44 - 2014-04-11 22:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 05:44 - 2014-04-11 22:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-14 05:44 - 2014-04-11 22:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-14 05:44 - 2014-04-11 22:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-14 05:44 - 2014-03-24 22:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 05:44 - 2014-03-24 22:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-14 05:44 - 2014-03-04 05:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 05:44 - 2014-03-04 05:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 05:44 - 2014-03-04 05:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 05:44 - 2014-03-04 05:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 05:44 - 2014-03-04 05:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 05:44 - 2014-03-04 05:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 05:44 - 2014-03-04 05:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 05:44 - 2014-03-04 05:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 05:44 - 2014-03-04 05:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-14 05:44 - 2014-03-04 05:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 05:44 - 2014-03-04 05:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-14 05:44 - 2014-03-04 05:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-14 05:44 - 2014-03-04 05:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-14 05:44 - 2014-03-04 05:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-14 05:44 - 2014-03-04 05:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 05:44 - 2014-03-04 05:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 05:44 - 2014-03-04 05:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-14 05:44 - 2014-03-04 05:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-14 05:44 - 2014-03-04 05:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-14 05:44 - 2014-03-04 05:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-14 05:44 - 2014-03-04 05:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-13 12:17 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backblaze
2014-05-13 12:16 - 2014-05-20 17:44 - 00000000 ____D () C:\Program Files (x86)\Backblaze
2014-05-13 12:16 - 2014-05-13 12:16 - 05033216 _____ () C:\Users\Barry Chapman\Downloads\install_backblaze.exe
2014-05-13 12:16 - 2014-05-13 12:16 - 00000000 ____D () C:\ProgramData\Backblaze
2014-05-13 12:02 - 2014-05-13 12:04 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\VMware
2014-05-13 11:38 - 2014-05-13 11:38 - 34209792 _____ () C:\Users\Barry Chapman\Desktop\CHAPMA11_20140505-2014-05-13.QDF-backup
2014-05-13 11:18 - 2014-05-20 17:55 - 00000000 ____D () C:\Windows\pss
2014-05-13 11:00 - 2014-05-20 17:52 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\VMware
2014-05-13 10:04 - 2014-05-13 10:04 - 00000000 _____ () C:\Users\Barry Chapman\AppData\Local\{89B78C50-3F1E-4624-B5B6-B21F413891C7}
2014-05-13 08:53 - 2014-05-13 11:13 - 00007605 _____ () C:\Users\Barry Chapman\AppData\Local\resmon.resmoncfg
2014-05-12 20:43 - 2014-05-12 20:58 - 00000000 ____D () C:\Users\Barry Chapman\.asdm
2014-05-12 20:43 - 2014-05-12 20:43 - 00000000 ____D () C:\Program Files (x86)\Cisco Systems
2014-05-12 16:26 - 2014-05-12 16:26 - 00010295 _____ () C:\Users\Barry Chapman\Documents\141046 commitment.wpd
2014-05-12 16:21 - 2014-05-12 16:21 - 00002380 _____ () C:\Users\Barry Chapman\Documents\141046 DATA FILE.wpd
2014-05-12 13:51 - 2014-05-13 11:07 - 00000000 ____D () C:\Program Files\My Lockbox
2014-05-12 13:50 - 2014-05-12 13:50 - 04090994 _____ () C:\Users\Barry Chapman\Downloads\mylockbox_setup.zip
2014-05-12 07:16 - 2014-05-13 12:17 - 00000000 ____D () C:\.bzvol
2014-05-09 11:38 - 2014-05-09 11:38 - 00000000 ____D () C:\Users\Barry Chapman\Documents\CCWin
2014-05-09 07:41 - 2013-03-01 02:27 - 00063568 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmx86.sys
2014-05-09 07:40 - 2013-03-01 02:27 - 00943184 _____ (VMware, Inc.) C:\Windows\system32\vnetlib64.dll
2014-05-09 07:40 - 2013-03-01 02:27 - 00354896 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
2014-05-09 07:40 - 2013-03-01 02:26 - 00434256 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
2014-05-09 07:40 - 2013-03-01 02:26 - 00030800 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmnetuserif.sys
2014-05-09 07:39 - 2014-05-27 13:24 - 00000000 ____D () C:\ProgramData\VMware
2014-05-09 07:39 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
2014-05-09 07:39 - 2014-05-09 07:39 - 00002187 _____ () C:\Users\Public\Desktop\VMware Player.lnk
2014-05-09 07:39 - 2014-05-09 07:39 - 00000000 ____D () C:\Program Files (x86)\VMware
2014-05-09 07:39 - 2013-03-01 02:26 - 00033360 _____ (VMware, Inc.) C:\Windows\system32\Drivers\VMkbd.sys
2014-05-09 07:39 - 2011-08-29 22:11 - 00039024 _____ (VMware, Inc.) C:\Windows\system32\Drivers\hcmon.sys
2014-05-09 07:38 - 2014-05-09 07:38 - 00000000 ____D () C:\Program Files\Common Files\VMware
2014-05-09 07:33 - 2014-05-09 07:35 - 114794792 _____ (VMware, Inc.) C:\Users\Barry Chapman\Downloads\VMware-player-4.0.6-1035888.exe
2014-05-07 09:42 - 2006-05-16 21:40 - 00753936 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXANNOT.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00463120 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXJP2K.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00209168 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXNOTEN.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00119056 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXJBGN.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00102672 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXTIFFN.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00094480 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXAPS.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00074000 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXNAMEN.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00069904 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXDLGN.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00057616 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXLZWN.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00049424 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXTHK32.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00045328 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXSLN.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00045328 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXRAMN.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00045328 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXPANN.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00045328 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXMPN.DLL
2014-05-07 09:42 - 2006-05-16 21:40 - 00045328 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXMDLGN.DLL
2014-05-07 09:42 - 2006-05-16 21:23 - 00006416 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXTHK16.DLL
2014-05-07 09:42 - 2006-05-16 21:22 - 00231552 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXDFLT.DLL
2014-05-07 09:42 - 2006-05-16 21:22 - 00023152 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXPERM.DLL
2014-05-07 09:42 - 2006-05-16 21:22 - 00016048 ____N (EMC Corporation) C:\Windows\SysWOW64\PIXLOC.DLL
2014-05-07 09:42 - 2006-05-16 21:19 - 00327680 ____N (The University of New South Wales) C:\Windows\SysWOW64\PIXJP2KI.DLL
2014-05-07 09:42 - 2006-05-16 21:19 - 00051959 ____N () C:\Windows\SysWOW64\PIXNAME.HLP
2014-05-07 09:42 - 2005-02-10 18:17 - 00011968 ____N (Pixel Translations Incorporated) C:\Windows\SysWOW64\PIXMDLLC.CPL
2014-05-07 09:29 - 2014-05-07 09:29 - 00000000 ____D () C:\ProgramData\Canon Electronics
2014-05-07 09:25 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CapturePerfect 3.1
2014-05-07 09:20 - 2014-05-07 09:22 - 79468544 _____ () C:\Users\Barry Chapman\Downloads\CP_Upgrade_V3137 (1).exe
2014-05-06 15:56 - 2014-05-06 15:59 - 00000000 ____D () C:\Users\Barry Chapman\Documents\My Documents from old
2014-05-06 14:42 - 2014-05-06 14:42 - 00119964 _____ () C:\Users\Barry Chapman\Downloads\GSCCCA Online Statement.htm
2014-05-06 13:18 - 2014-05-18 03:05 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-06 13:18 - 2014-05-15 03:03 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-06 13:12 - 2012-12-17 08:56 - 00152576 _____ (Canon Electronics) C:\Windows\system32\DR25SVC.dll
2014-05-06 13:12 - 2009-05-13 16:08 - 00491792 _____ (Captiva Software Corp.) C:\Windows\SysWOW64\qd1.dll
2014-05-06 13:09 - 2014-05-06 13:09 - 14393344 _____ () C:\Users\Barry Chapman\Downloads\2580DRIT_V18SP1 (1).exe
2014-05-06 10:10 - 2014-05-06 10:10 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Oracle
2014-05-06 10:09 - 2014-05-06 10:09 - 00000000 ____D () C:\ProgramData\Sun
2014-05-06 10:09 - 2014-05-06 10:09 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-06 10:07 - 2014-05-06 10:07 - 00921512 _____ (Oracle Corporation) C:\Users\Barry Chapman\Downloads\chromeinstall-7u55.exe
2014-05-06 10:05 - 2014-05-06 10:04 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-05-06 10:04 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-06 10:04 - 2014-05-06 10:04 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-05-06 10:04 - 2014-05-06 10:04 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-05-06 10:04 - 2014-05-06 10:04 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-05-06 10:04 - 2014-05-06 10:04 - 00000000 ____D () C:\Program Files\Java
2014-05-06 10:03 - 2014-05-06 10:04 - 30818216 _____ (Oracle Corporation) C:\Users\Barry Chapman\Downloads\jre-7u55-windows-x64.exe
2014-05-06 09:31 - 2006-05-16 21:40 - 00233744 _____ (EMC Corporation) C:\Windows\SysWOW64\PIXMDLN.DLL
2014-05-06 09:27 - 2014-05-06 09:27 - 28808192 _____ () C:\Users\Barry Chapman\Downloads\CP_Upgrade_Ver_3097 (1).exe
2014-05-06 09:09 - 2009-05-13 16:16 - 00200704 _____ (EMC Corporation) C:\Windows\SysWOW64\twpix32.dll
2014-05-06 09:09 - 2009-05-13 16:05 - 00021008 _____ (Microsoft Corporation) C:\Windows\system\Ctl3d.dll
2014-05-06 09:09 - 2003-12-18 18:09 - 00231552 _____ (Pixel Translations Incorporated) C:\Windows\system\Pixdflt.dll
2014-05-06 09:09 - 2003-12-18 18:09 - 00023152 _____ (Pixel Translations Incorporated) C:\Windows\system\Pixperm.dll
2014-05-06 09:09 - 2003-12-18 18:09 - 00016064 _____ (Pixel Translations Incorporated) C:\Windows\system\Pixloc.dll
2014-05-06 09:09 - 2002-11-06 11:21 - 00063248 _____ () C:\Windows\SysWOW64\picn1120.ssm
2014-05-06 09:09 - 1998-04-13 13:13 - 00098304 _____ (Cornerstone Imaging, Inc.) C:\Windows\SysWOW64\Wiaext32.dll
2014-05-06 09:06 - 2014-05-06 09:06 - 00000000 _____ () C:\Users\Barry Chapman\Sti_Trace.log
2014-05-06 09:05 - 2014-05-20 17:26 - 00000000 ____D () C:\Users\Barry Chapman\Desktop\CapturePerfect 3.0
2014-05-06 08:51 - 2014-05-06 08:51 - 00249856 _____ () C:\Users\Barry Chapman\Downloads\RepairReg.exe
2014-05-06 08:51 - 2014-05-06 08:51 - 00000000 ____D () C:\DR Scanner
2014-05-06 08:45 - 2014-05-06 08:47 - 79468544 _____ () C:\Users\Barry Chapman\Downloads\CP_Upgrade_V3137.exe
2014-05-06 08:43 - 2014-05-06 08:43 - 00000000 ____D () C:\DR2580C
2014-05-06 08:42 - 2014-05-06 08:42 - 14393344 _____ () C:\Users\Barry Chapman\Downloads\2580DRIT_V18SP1.exe
2014-05-06 08:37 - 2008-11-11 19:00 - 00096768 _____ (Canon Electronics Inc.) C:\Windows\system32\DR25CPL.dll
2014-05-06 08:37 - 2007-04-24 07:53 - 00083456 _____ (Canon Electronics Inc.) C:\Windows\system32\CeiUSB64.dll
2014-05-06 08:35 - 2014-05-06 08:35 - 00000000 ____D () C:\Users\Barry Chapman\Downloads\d1041mux
2014-05-06 08:34 - 2014-05-06 08:35 - 13259652 _____ () C:\Users\Barry Chapman\Downloads\d1041mux.zip
2014-05-06 07:52 - 2014-05-20 18:19 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-06 07:31 - 2014-05-06 07:31 - 00003228 _____ () C:\Windows\System32\Tasks\{E819857F-629F-4F7B-9FE3-F8B1467A5C1B}
2014-05-06 07:29 - 2014-05-07 09:22 - 00000000 ____D () C:\CapturePerfect Upgrade
2014-05-06 03:03 - 2014-05-06 03:03 - 00288324 _____ () C:\Windows\msxml4-KB973688-enu.LOG
2014-05-06 03:02 - 2014-05-06 03:03 - 00292408 _____ () C:\Windows\msxml4-KB954430-enu.LOG
2014-05-06 03:02 - 2014-05-06 03:02 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-05-05 17:52 - 2014-05-05 19:26 - 28808192 _____ () C:\Users\Barry Chapman\Downloads\CP_Upgrade_Ver_3097.exe
2014-05-05 17:44 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon DR-2580C
2014-05-05 17:43 - 2014-05-06 09:06 - 00005432 _____ () C:\Windows\pixcache.ini
2014-05-05 17:43 - 2014-05-05 17:43 - 00003050 _____ () C:\Windows\System32\Tasks\{BEA2EFCD-E2FA-474A-BB2F-ADE6F46BED5D}
2014-05-05 16:56 - 2014-05-05 16:56 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\AdobeUM
2014-05-05 16:54 - 2014-05-14 15:27 - 00002501 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat 7.0 Standard.lnk
2014-05-05 16:54 - 2014-05-14 14:44 - 00002459 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Distiller 7.0.lnk
2014-05-05 16:54 - 2014-05-05 16:54 - 00002039 _____ () C:\Users\Public\Desktop\Adobe Acrobat 7.0 Standard.lnk
2014-05-05 16:53 - 2014-05-20 18:03 - 00000000 ____D () C:\Windows\SysWOW64\spool
2014-05-05 16:53 - 2014-05-19 10:44 - 00000000 ____D () C:\Users\Public\Documents\Adobe PDF
2014-05-05 16:24 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-05-05 16:24 - 2014-05-20 17:51 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-05-05 16:24 - 2014-05-20 17:45 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-05-05 16:23 - 2014-05-05 16:24 - 13084896 _____ (Microsoft Corporation) C:\Users\Barry Chapman\Downloads\Silverlight_x64 (1).exe
2014-05-05 16:23 - 2014-05-05 16:23 - 13084896 _____ (Microsoft Corporation) C:\Users\Barry Chapman\Downloads\Silverlight_x64.exe
2014-05-05 16:15 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
2014-05-05 16:15 - 2014-05-20 17:51 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-05-05 16:15 - 2014-05-05 16:15 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
brchapman
2014-05-28, 20:10
:15 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_point64_01011.Wdf
2014-05-05 16:12 - 2014-05-05 16:12 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_dc3d_01011.Wdf
2014-05-05 15:52 - 2014-05-05 15:53 - 19495200 _____ () C:\Users\Barry Chapman\Downloads\upd-ps-x64-5.8.0.17508.exe
2014-05-05 15:50 - 2014-05-05 15:53 - 00000000 ____D () C:\HP Universal Print Driver
2014-05-05 15:49 - 2014-05-05 15:49 - 18409760 _____ () C:\Users\Barry Chapman\Downloads\upd-pcl6-x64-5.8.0.17508.exe
2014-05-05 14:53 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Landtech XML
2014-05-05 14:53 - 2014-05-05 14:53 - 00001534 _____ () C:\Users\Barry Chapman\Desktop\Landtech XML.lnk
2014-05-05 14:52 - 2014-05-05 14:52 - 00204800 _____ (Landtech Data Corporation) C:\Windows\SysWOW64\ltwpvsw.DLL
2014-05-05 14:52 - 2014-05-05 14:52 - 00065536 _____ (Landtech Data Corp.) C:\Windows\SysWOW64\LTWNode.exe
2014-05-05 14:52 - 2014-05-05 14:52 - 00004726 _____ () C:\Windows\BOOTSTRAP.LOG
2014-05-05 14:52 - 2014-05-05 14:52 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Landtech XML
2014-05-05 14:44 - 2014-05-05 14:44 - 00000519 _____ () C:\Windows\ODBCINST.INI
2014-05-05 14:44 - 2014-05-05 14:44 - 00000000 ____D () C:\ProgramData\Pervasive Software
2014-05-05 14:44 - 2014-05-05 14:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pervasive
2014-05-05 14:44 - 2014-05-05 14:44 - 00000000 ____D () C:\Program Files (x86)\Pervasive Software
2014-05-05 14:18 - 2014-05-05 14:18 - 00000000 ____D () C:\Wages
2014-05-05 14:15 - 2014-05-05 14:17 - 88823072 _____ () C:\Users\Barry Chapman\Downloads\PSQL-Workgroup-10.30.022.000-win.x86.exe
2014-05-05 14:07 - 2001-06-01 14:17 - 00169600 _____ (Wintertree Software Inc.) C:\Windows\SysWOW64\WSpell.ocx
2014-05-05 12:36 - 2014-05-20 17:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WP-64
2014-05-05 12:34 - 2014-05-05 12:34 - 32856361 _____ (wpdos.org ) C:\Users\Barry Chapman\Downloads\WP64DOSBox-Setup.exe
2014-05-05 12:22 - 2014-05-14 13:26 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Help
2014-05-05 12:22 - 2014-05-09 09:28 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Help
2014-05-05 11:45 - 2014-05-21 16:21 - 00037861 _____ () C:\Users\Barry Chapman\AppData\Roaming\Comma Separated Values (Windows).ADR
2014-05-05 11:40 - 2014-05-05 11:40 - 00321535 _____ () C:\Users\Barry Chapman\Downloads\contacts.csv
2014-05-05 11:26 - 2014-05-05 11:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-05 11:25 - 2014-05-05 11:25 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Barry Chapman\Downloads\mbam-setup-2.0.1.1004 (1).exe
2014-05-05 11:24 - 2014-05-05 11:25 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Barry Chapman\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-05 11:16 - 2014-05-05 11:17 - 01069064 _____ (Medlin Accounting Software ) C:\Users\Barry Chapman\Downloads\_05-01-2014_medlin_PR_4-6.exe
2014-05-05 10:49 - 2014-05-25 12:10 - 00000000 ____D () C:\MWACCT
2014-05-05 10:49 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Medlin Accounting
2014-05-05 10:49 - 2014-05-05 11:17 - 00000580 _____ () C:\Users\Public\Desktop\Medlin Accounting.lnk
2014-05-05 10:49 - 1998-05-11 20:01 - 01355776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvbvm50.dll
2014-05-05 10:40 - 2014-05-05 10:40 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\QuickenWindow
2014-05-05 10:36 - 2014-05-05 10:36 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\IsolatedStorage
2014-05-05 10:28 - 2014-05-05 10:28 - 00000000 ____D () C:\Users\Barry Chapman\Documents\Quicken
2014-05-05 10:24 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quicken 2014
2014-05-05 10:24 - 2014-05-20 17:46 - 00000000 ____D () C:\Program Files (x86)\Quicken
2014-05-05 10:24 - 2014-05-05 10:24 - 00001808 _____ () C:\Users\Public\Desktop\Quicken Deluxe 2014.lnk
2014-05-05 10:24 - 2014-05-05 10:24 - 00000126 _____ () C:\Windows\QUICKEN.INI
2014-05-05 10:24 - 2014-05-05 10:24 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Intuit
2014-05-05 10:24 - 2009-05-12 15:14 - 04169728 _____ (Amyuni Technologies http://www.amyuni.com) C:\Windows\SysWOW64\cdintf400.dll
2014-05-05 10:23 - 2014-05-05 10:23 - 00000000 ____D () C:\ProgramData\Intuit
2014-05-05 10:18 - 2014-05-05 10:21 - 112168720 _____ (Intuit Inc. ) C:\Users\Barry Chapman\Downloads\QW14DLX.exe
2014-05-05 10:13 - 2014-05-20 17:52 - 00000000 ____D () C:\Quicken 2014
2014-05-05 08:58 - 2014-05-05 08:58 - 00000000 __SHD () C:\Users\Barry Chapman\AppData\Local\EmieUserList
2014-05-05 08:58 - 2014-05-05 08:58 - 00000000 __SHD () C:\Users\Barry Chapman\AppData\Local\EmieSiteList
2014-05-05 03:10 - 2014-03-06 05:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-05 03:10 - 2014-03-06 04:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-05 03:10 - 2014-03-06 04:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-05 03:10 - 2014-03-06 04:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-05 03:10 - 2014-03-06 04:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-05 03:10 - 2014-03-06 04:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-05 03:10 - 2014-03-06 04:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-05 03:10 - 2014-03-06 04:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-05 03:10 - 2014-03-06 04:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-05 03:10 - 2014-03-06 04:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-05 03:10 - 2014-03-06 04:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-05 03:10 - 2014-03-06 04:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-05 03:10 - 2014-03-06 04:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-05 03:10 - 2014-03-06 04:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-05 03:10 - 2014-03-06 04:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-05 03:10 - 2014-03-06 04:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-05 03:10 - 2014-03-06 04:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-05 03:10 - 2014-03-06 04:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-05 03:10 - 2014-03-06 03:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-05 03:10 - 2014-03-06 03:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-05 03:10 - 2014-03-06 03:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-05 03:10 - 2014-03-06 03:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-05 03:10 - 2014-03-06 03:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-05 03:10 - 2014-03-06 03:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-05 03:10 - 2014-03-06 03:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-05 03:10 - 2014-03-06 03:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-05 03:10 - 2014-03-06 03:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-05 03:10 - 2014-03-06 03:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-05 03:10 - 2014-03-06 03:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-05 03:10 - 2014-03-06 03:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-05 03:10 - 2014-03-06 03:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-05 03:10 - 2014-03-06 03:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-05 03:10 - 2014-03-06 03:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-05 03:10 - 2014-03-06 03:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-05 03:10 - 2014-03-06 02:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-05 03:10 - 2014-03-06 02:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-05 03:10 - 2014-03-06 02:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-05 03:10 - 2014-03-06 02:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-05 03:10 - 2014-03-06 02:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-05 03:10 - 2014-03-06 01:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-05 03:10 - 2014-03-06 01:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-05 03:10 - 2014-03-06 01:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-05 03:10 - 2014-03-06 01:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-05 03:10 - 2014-03-06 01:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-05 03:06 - 2014-05-05 03:06 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-05-05 03:06 - 2014-05-05 03:06 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-05-04 03:06 - 2012-07-25 23:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2014-05-04 03:06 - 2012-07-25 23:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-05-04 03:06 - 2012-07-25 23:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-05-04 03:06 - 2012-07-25 23:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-05-04 03:06 - 2012-07-25 23:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2014-05-04 03:06 - 2012-07-25 22:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-05-04 03:06 - 2012-07-25 22:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-05-04 03:06 - 2012-06-02 10:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-05-03 16:58 - 2014-01-28 22:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-05-03 16:58 - 2014-01-28 22:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-05-03 16:58 - 2014-01-27 22:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-05-03 16:58 - 2013-12-31 19:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-05-03 16:58 - 2013-12-31 19:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-05-03 16:58 - 2013-12-05 22:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-05-03 16:58 - 2013-12-05 22:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-05-03 16:58 - 2013-12-05 22:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-05-03 16:58 - 2013-12-05 22:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-05-03 16:58 - 2013-11-23 14:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-05-03 16:58 - 2013-11-23 13:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-05-03 16:58 - 2011-04-09 02:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-05-03 16:58 - 2011-04-09 01:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-05-03 16:55 - 2014-02-06 21:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-05-03 16:55 - 2013-12-24 19:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-05-03 16:55 - 2013-12-24 18:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-05-03 16:55 - 2013-12-03 22:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-05-03 16:55 - 2013-12-03 22:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-05-03 16:55 - 2013-12-03 22:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-05-03 16:55 - 2013-12-03 22:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-05-03 16:55 - 2013-12-03 22:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-05-03 16:55 - 2013-12-03 22:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-05-03 16:55 - 2013-12-03 22:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-05-03 16:55 - 2013-12-03 22:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-05-03 16:55 - 2013-12-03 22:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-05-03 16:55 - 2013-12-03 22:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-05-03 16:55 - 2013-12-03 22:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-05-03 16:55 - 2013-12-03 22:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-05-03 16:55 - 2013-12-03 22:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-05-03 16:55 - 2013-12-03 22:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-05-03 16:55 - 2013-12-03 21:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-05-03 16:55 - 2013-12-03 21:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-05-03 16:55 - 2013-12-03 21:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-05-03 16:55 - 2013-12-03 21:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-05-03 16:55 - 2013-11-26 21:42 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-05-03 16:55 - 2013-11-26 21:42 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-05-03 16:55 - 2013-11-26 21:42 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-05-03 16:55 - 2013-11-26 21:42 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-05-03 16:55 - 2013-11-26 21:42 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-05-03 16:55 - 2013-11-26 04:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-05-03 16:55 - 2013-11-22 18:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-05-03 16:53 - 2014-03-04 05:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-05-03 16:53 - 2014-03-04 05:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-05-03 16:53 - 2014-03-04 05:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-05-03 16:53 - 2014-03-04 05:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-05-03 16:53 - 2014-03-04 05:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-05-03 16:53 - 2014-03-04 05:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-05-03 16:53 - 2014-03-04 05:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-05-03 16:53 - 2014-03-04 05:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-05-03 16:53 - 2014-03-04 05:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-05-03 16:53 - 2014-03-04 04:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-05-03 16:53 - 2014-03-04 04:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-05-03 16:53 - 2014-02-03 22:37 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-05-03 16:53 - 2014-02-03 22:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-05-03 16:53 - 2014-02-03 22:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-05-03 16:53 - 2014-02-03 22:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-05-03 16:53 - 2014-02-03 22:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-05-03 16:53 - 2014-02-03 22:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-05-03 16:53 - 2014-02-03 22:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-05-03 16:53 - 2014-02-03 22:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-05-03 16:53 - 2014-02-03 22:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-05-03 16:53 - 2014-01-23 22:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-05-03 16:53 - 2013-11-26 07:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-05-03 16:53 - 2013-07-20 06:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-05-03 16:53 - 2013-07-20 06:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-05-03 16:53 - 2011-02-18 06:51 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2014-05-03 16:53 - 2011-02-18 01:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2014-05-03 16:46 - 2014-05-03 16:46 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-05-03 16:40 - 2014-05-14 11:55 - 00000000 ____D () C:\Office 2000
2014-05-03 16:36 - 2014-05-20 18:02 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-05-03 16:34 - 2014-05-22 16:23 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-03 16:34 - 2014-05-20 17:52 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Microsoft Help
2014-05-03 16:32 - 2014-05-20 17:52 - 00000000 ____D () C:\Users\Barry Chapman\Downloads\DVD_Office_2010_32Bit
2014-05-03 16:26 - 2014-05-03 16:26 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\WinRAR
2014-05-03 16:23 - 2014-05-03 16:23 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Macromedia
2014-05-03 16:21 - 2014-05-03 16:21 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Mozilla
2014-05-03 16:21 - 2014-05-03 16:21 - 00000000 ____D () C:\ProgramData\Mozilla
2014-05-03 16:11 - 2014-05-03 16:30 - 628097024 _____ () C:\Users\Barry Chapman\Downloads\DVD_Office_2010_32Bit.iso
2014-05-03 16:10 - 2014-05-20 17:52 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-05-03 16:10 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-05-03 16:10 - 2014-05-20 17:46 - 00000000 ____D () C:\Program Files (x86)\WinRAR
2014-05-03 16:10 - 2014-05-03 16:10 - 01766784 _____ () C:\Users\Barry Chapman\Downloads\wrar500.exe
2014-05-03 16:10 - 2014-05-03 16:10 - 00001007 _____ () C:\Users\Public\Desktop\WinRAR.lnk
2014-05-03 15:48 - 2009-07-13 21:41 - 00886784 _____ (Microsoft Corporation) C:\Windows\system32\wab32.dll
2014-05-03 15:48 - 2009-07-13 21:33 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\wab32res.dll
2014-05-03 15:41 - 2014-05-03 15:41 - 00000376 _____ () C:\Windows\ODBC.INI
2014-05-03 15:40 - 2014-05-20 17:55 - 00000000 ____D () C:\Windows\Msagent
2014-05-03 15:40 - 2014-05-03 15:40 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Microsoft Web Folders
2014-05-03 15:33 - 2009-08-04 13:56 - 00296960 _____ (Microsoft Corporation) C:\Windows\winhlp32.exe
2014-05-03 15:33 - 2009-08-04 13:55 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftsrch.dll
2014-05-03 15:33 - 2009-08-04 13:55 - 00195072 _____ (Microsoft Corporation) C:\Windows\system32\ftsrch.dll
2014-05-03 15:33 - 2009-08-04 13:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftlx041e.dll
2014-05-03 15:33 - 2009-08-04 13:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\ftlx041e.dll
2014-05-03 15:33 - 2009-08-04 13:55 - 00009216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftlx0411.dll
2014-05-03 15:33 - 2009-08-04 13:55 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\ftlx0411.dll
2014-05-03 15:20 - 2014-05-03 15:20 - 00718172 _____ () C:\Users\Barry Chapman\Downloads\Windows6.1-KB917607-x64.msu
2014-05-03 15:20 - 2014-05-03 15:20 - 00703811 _____ () C:\Users\Barry Chapman\Downloads\Windows6.1-KB917607-x86.msu
2014-05-03 14:40 - 2014-05-20 11:10 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Adobe
2014-05-03 14:29 - 2014-05-20 17:50 - 00000000 ____D () C:\Program Files (x86)\wp51
2014-05-03 14:14 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FAX User Software
2014-05-03 14:14 - 2014-05-03 14:14 - 00000000 ____D () C:\Program Files (x86)\Kyocera
2014-05-03 14:02 - 2014-05-03 14:02 - 00003102 _____ () C:\Windows\System32\Tasks\{274EC4EA-7BEE-46DD-B238-1777098F3282}
2014-05-03 13:53 - 2014-05-03 13:53 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Canon Electronics
2014-05-03 13:38 - 2014-05-03 13:52 - 00000000 ____D () C:\Users\Barry Chapman\Documents\Corel User Files
2014-05-03 13:38 - 2014-05-03 13:38 - 00061678 _____ () C:\Users\Barry Chapman\AppData\Roaming\PFP120JPR.{PB
2014-05-03 13:38 - 2014-05-03 13:38 - 00012358 _____ () C:\Users\Barry Chapman\AppData\Roaming\PFP120JCM.{PB
2014-05-03 13:38 - 2014-05-03 13:38 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Corel
2014-05-03 13:31 - 2013-07-04 13:57 - 00067888 _____ (Canon Electronics Inc.) C:\Windows\SysWOW64\SuStiUtl.dll
2014-05-03 13:31 - 2006-05-16 21:19 - 00021008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CTL3D.DLL
2014-05-03 13:30 - 2014-05-20 17:55 - 00000000 ____D () C:\Windows\PIXTRAN
2014-05-03 13:30 - 2014-05-20 17:52 - 00000000 ____D () C:\Users\Barry Chapman\Desktop\Canon DR-2580C
2014-05-03 13:30 - 2014-05-07 09:25 - 00000000 ____D () C:\Program Files (x86)\Canon Electronics
2014-05-03 13:30 - 2014-05-06 13:22 - 00000125 _____ () C:\Windows\SetScan.ini
2014-05-03 13:30 - 2014-05-06 13:12 - 00017862 _____ () C:\Windows\DPINST.LOG
2014-05-03 13:30 - 2009-05-13 16:05 - 00401484 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Msvcrtd.dll
2014-05-03 13:30 - 2006-05-16 21:40 - 00221456 _____ (EMC Corporation) C:\Windows\SysWOW64\PIXDFLTN.DLL
2014-05-03 13:30 - 2006-05-16 21:40 - 00180224 _____ (Pegasus Imaging Corp.) C:\Windows\SysWOW64\PIXN1120.DLL
2014-05-03 13:30 - 2006-05-16 21:40 - 00176128 _____ (Pegasus Imaging Corp.) C:\Windows\SysWOW64\PIXN1520.DLL
2014-05-03 13:30 - 2006-05-16 21:40 - 00155648 _____ (Pegasus Imaging Corp.) C:\Windows\SysWOW64\PIXN1020.DLL
2014-05-03 13:30 - 2006-05-16 21:40 - 00114688 _____ (Pegasus Imaging Corp.) C:\Windows\SysWOW64\PIXN1320.DLL
2014-05-03 13:30 - 2006-05-16 21:40 - 00074000 _____ (EMC Corporation) C:\Windows\SysWOW64\PIXLOCN.DLL
2014-05-03 13:30 - 2006-05-16 21:40 - 00053520 _____ (EMC Corporation) C:\Windows\SysWOW64\PIXPERMN.DLL
2014-05-03 13:30 - 2006-05-16 21:40 - 00051712 _____ (Pegasus Imaging Corp.) C:\Windows\SysWOW64\PIXN20.DLL
2014-05-03 13:30 - 2005-08-09 17:34 - 00094208 _____ (Canon Electronics Inc.) C:\Windows\SysWOW64\DR25CPL.dll
2014-05-03 13:30 - 2005-06-14 08:29 - 00036864 _____ (Canon Electronics Inc.) C:\Windows\SysWOW64\CeiUSB2.dll
2014-05-03 13:30 - 2005-02-15 13:18 - 00106496 _____ (Canon Electronics) C:\Windows\SysWOW64\DR25SVC.dll
2014-05-03 13:30 - 2002-09-25 16:02 - 00602384 _____ (Pixel Translations Incorporated) C:\Windows\SysWOW64\pixipdll.dll
2014-05-03 13:30 - 2002-05-13 22:55 - 00014000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Drivers\usbscan.sys
2014-05-03 13:30 - 1998-10-29 16:45 - 00306688 _____ (InstallShield Software Corporation) C:\Windows\IsUninst.exe
2014-05-03 13:17 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WordPerfect Office 12
2014-05-03 13:17 - 2014-05-03 13:17 - 00002607 _____ () C:\Users\Barry Chapman\Desktop\WordPerfect.lnk
2014-05-03 13:14 - 2014-05-05 12:18 - 00000000 ____D () C:\Program Files (x86)\WordPerfect Office 12
2014-05-03 12:01 - 2014-05-04 18:11 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\PCDr
2014-05-02 20:32 - 2012-06-02 18:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-05-02 20:32 - 2012-06-02 18:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-05-02 20:32 - 2012-06-02 18:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-05-02 20:32 - 2012-06-02 18:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-05-02 20:32 - 2012-06-02 18:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-05-02 20:32 - 2012-06-02 18:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-05-02 20:32 - 2012-06-02 18:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-05-02 20:32 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-05-02 20:32 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-05-02 19:50 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
2014-05-02 16:23 - 2014-05-21 09:17 - 00002310 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-02 16:23 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-02 16:12 - 2014-05-28 12:55 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-02 16:12 - 2014-05-27 18:14 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-02 16:12 - 2014-05-22 15:36 - 00000000 ____D () C:\Program Files (x86)\Google
2014-05-02 16:12 - 2014-05-07 15:50 - 00003908 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-02 16:12 - 2014-05-07 15:50 - 00003656 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-02 16:12 - 2014-05-02 16:23 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Google
2014-05-02 15:58 - 2014-05-20 13:56 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Deployment
2014-05-02 15:58 - 2014-05-02 15:58 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Apps\2.0
2014-05-02 15:45 - 2014-05-20 17:32 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-05-02 15:45 - 2014-05-20 17:26 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Opera Software
2014-05-02 15:45 - 2014-05-15 14:40 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Opera Software
2014-05-02 15:42 - 2014-05-02 15:42 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Macromedia
2014-05-02 15:26 - 2014-05-02 15:26 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Intel Corporation
2014-05-02 15:25 - 2014-05-28 12:23 - 00003440 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
2014-05-02 15:25 - 2014-05-25 10:37 - 00000000 ___RD () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-02 15:25 - 2014-05-20 17:52 - 00000000 ___RD () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-02 15:25 - 2014-05-20 17:51 - 00000000 ____D () C:\ProgramData\Atheros
2014-05-02 15:25 - 2014-05-20 16:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Adobe
2014-05-02 15:25 - 2014-05-20 16:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\VirtualStore
2014-05-02 15:25 - 2014-05-13 08:51 - 00000000 ____D () C:\Users\Barry Chapman\Documents\Bluetooth Folder
2014-05-02 15:25 - 2014-05-02 15:25 - 00004004 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2014-05-02 15:25 - 2014-05-02 15:25 - 00003214 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest
2014-05-02 15:25 - 2014-05-02 15:25 - 00001415 _____ () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-02 15:25 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Leadertech
2014-05-02 15:25 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Dell
2014-05-02 15:25 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Atheros
2014-05-02 15:25 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\BMExplorer
2014-05-02 15:23 - 2014-05-13 16:30 - 00000000 ____D () C:\ProgramData\softthinks
2014-05-02 15:23 - 2014-05-02 15:23 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\softthinks
2014-05-02 15:23 - 2013-12-05 03:16 - 00000114 ____H () C:\DBAR_Ver.txt
2014-05-02 15:18 - 2014-05-20 18:27 - 00132680 _____ () C:\Users\Barry Chapman\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-02 15:18 - 2014-05-02 15:18 - 00001975 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Help Documentation.lnk
2014-05-02 15:17 - 2014-05-20 18:25 - 00000000 ____D () C:\Users\Barry Chapman
2014-05-02 15:17 - 2014-05-20 17:52 - 00000000 ___RD () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-02 15:17 - 2014-05-20 17:52 - 00000000 ___RD () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-02 15:17 - 2014-05-02 15:17 - 00000020 ___SH () C:\Users\Barry Chapman\ntuser.ini
==================== One Month Modified Files and Folders =======
2014-05-28 13:08 - 2014-05-27 16:22 - 00020383 _____ () C:\Users\Barry Chapman\Desktop\FRST.txt
2014-05-28 13:08 - 2014-05-27 16:22 - 00000000 ____D () C:\FRST
2014-05-28 13:07 - 2014-03-21 13:36 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-28 13:05 - 2014-05-28 13:05 - 00000000 _____ () C:\prefs.js
2014-05-28 12:55 - 2014-05-02 16:12 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-28 12:51 - 2009-07-14 01:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-05-28 12:23 - 2014-05-02 15:25 - 00003440 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
2014-05-28 11:48 - 2014-05-28 11:48 - 00000000 ____H () C:\Users\Barry Chapman\Documents\Default.rdp
2014-05-28 10:16 - 2014-05-28 10:16 - 00003280 _____ () C:\Windows\System32\Tasks\{95BE5CC7-569D-4DCD-8121-A5FE0664FAF2}
2014-05-28 10:12 - 2014-05-28 10:12 - 00001319 _____ () C:\Users\Barry Chapman\Desktop\Revo Uninstaller.lnk
2014-05-28 10:12 - 2014-05-28 10:12 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-28 10:11 - 2014-05-28 10:11 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Barry Chapman\Desktop\revosetup.exe
2014-05-28 08:59 - 2014-05-28 08:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-05-28 08:57 - 2014-03-22 04:31 - 01442845 _____ () C:\Windows\WindowsUpdate.log
2014-05-28 07:18 - 2014-05-28 07:18 - 00065311 _____ () C:\Users\Barry Chapman\Desktop\Result.txt
2014-05-28 07:14 - 2014-05-28 07:14 - 00982016 _____ (Farbar) C:\Users\Barry Chapman\Desktop\MiniToolBox.exe
2014-05-27 18:14 - 2014-05-02 16:12 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-27 18:13 - 2014-05-27 18:13 - 00132680 _____ () C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-27 18:13 - 2014-05-27 18:13 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\WinRAR
2014-05-27 18:13 - 2014-05-27 18:13 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Intel Corporation
2014-05-27 18:12 - 2014-05-27 18:12 - 00001460 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-27 18:12 - 2014-05-27 18:12 - 00000000 ___RD () C:\Users\Administrator\Virtual Machines
2014-05-27 18:12 - 2014-05-27 18:12 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-27 18:12 - 2014-05-27 18:12 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-27 18:12 - 2014-05-27 18:12 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Adobe
2014-05-27 18:12 - 2014-05-27 18:12 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-05-27 18:12 - 2014-05-27 18:11 - 00000000 ____D () C:\Users\Administrator
2014-05-27 18:12 - 2009-07-14 00:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-05-27 18:11 - 2014-05-27 18:11 - 00000020 ___SH () C:\Users\Administrator\ntuser.ini
2014-05-27 18:11 - 2014-05-14 11:56 - 00000000 ____D () C:\Users\Barry Chapman\Documents\Outlook Files
2014-05-27 18:07 - 2009-07-14 00:45 - 00021312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-27 18:07 - 2009-07-14 00:45 - 00021312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-27 17:32 - 2014-05-27 16:22 - 00038057 _____ () C:\Users\Barry Chapman\Desktop\Addition.txt
2014-05-27 16:21 - 2014-05-27 16:21 - 02066944 _____ (Farbar) C:\Users\Barry Chapman\Desktop\FRST64.exe
2014-05-27 15:57 - 2014-05-27 10:02 - 00198204 _____ () C:\Users\Barry Chapman\Downloads\OTL.Txt
2014-05-27 15:40 - 2014-05-27 13:59 - 00000008 _____ () C:\LTLASTFN.DAT
2014-05-27 15:23 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-05-27 13:31 - 2009-07-14 01:13 - 00791990 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-27 13:29 - 2014-05-27 13:29 - 00043987 _____ () C:\ComboFix.txt
2014-05-27 13:29 - 2014-05-27 12:50 - 00000000 ____D () C:\Qoobox
2014-05-27 13:29 - 2009-07-13 23:20 - 00000000 __RHD () C:\Users\Default
2014-05-27 13:27 - 2014-05-25 10:38 - 00000000 ____D () C:\Windows\ERDNT
2014-05-27 13:26 - 2014-03-21 13:56 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery
2014-05-27 13:24 - 2014-05-09 07:39 - 00000000 ____D () C:\ProgramData\VMware
2014-05-27 13:24 - 2009-07-13 22:34 - 00000215 _____ () C:\Windows\system.ini
2014-05-27 13:23 - 2010-11-20 23:47 - 00310102 _____ () C:\Windows\PFRO.log
2014-05-27 13:23 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-27 13:23 - 2009-07-14 00:51 - 00042071 _____ () C:\Windows\setupact.log
2014-05-27 12:51 - 2014-05-27 12:51 - 00001540 _____ () C:\Users\Barry Chapman\Desktop\ComboFix.exe - Shortcut.lnk
2014-05-27 11:30 - 2014-05-27 11:30 - 00000000 ___RD () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-05-27 11:23 - 2014-05-27 11:23 - 00000000 ____D () C:\_OTL
2014-05-27 10:03 - 2014-05-27 10:03 - 00056788 _____ () C:\Users\Barry Chapman\Downloads\Extras.Txt
2014-05-27 09:54 - 2014-05-27 09:54 - 00602112 _____ (OldTimer Tools) C:\Users\Barry Chapman\Downloads\OTL.exe
2014-05-27 09:22 - 2014-05-16 10:51 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\CrashDumps
2014-05-27 09:18 - 2014-05-27 09:18 - 00000000 ____D () C:\Malwarebytes' Anti-Malware
2014-05-27 09:13 - 2014-05-27 09:25 - 01440846 _____ () C:\Program Files (x86)\mbam-chameleon-1.62.1.1000.zip
2014-05-27 09:01 - 2014-05-27 09:01 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Barry Chapman\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-05-27 08:58 - 2014-05-27 08:58 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Barry Chapman\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-26 10:25 - 2014-05-19 16:42 - 00000000 ____D () C:\AdwCleaner
2014-05-26 10:24 - 2014-05-14 15:56 - 00000000 ____D () C:\Program Files (x86)\MSR
2014-05-26 10:17 - 2014-05-26 10:17 - 01327971 _____ () C:\Users\Barry Chapman\Downloads\AdwCleaner.exe
2014-05-26 10:07 - 2014-03-21 13:52 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-05-25 12:10 - 2014-05-05 10:49 - 00000000 ____D () C:\MWACCT
2014-05-25 11:49 - 2014-05-25 11:49 - 00004447 _____ () C:\Users\Barry Chapman\Desktop\attach.zip
2014-05-25 11:38 - 2014-05-25 11:38 - 00002135 _____ () C:\Users\Barry Chapman\Desktop\aswMBR.txt
2014-05-25 11:38 - 2014-05-25 11:38 - 00000512 _____ () C:\Users\Barry Chapman\Desktop\MBR.dat
2014-05-25 10:52 - 2014-05-25 10:52 - 00004315 _____ () C:\Users\Barry Chapman\Desktop\attach.rar
2014-05-25 10:46 - 2014-05-25 10:46 - 00042419 _____ () C:\Users\Barry Chapman\Desktop\dds.txt
2014-05-25 10:46 - 2014-05-25 10:46 - 00020635 _____ () C:\Users\Barry Chapman\Desktop\attach.txt
2014-05-25 10:43 - 2014-05-25 10:43 - 04745728 _____ (AVAST Software) C:\Users\Barry Chapman\Downloads\aswMBR.exe
2014-05-25 10:38 - 2014-05-25 10:38 - 00688992 ____R (Swearware) C:\Users\Barry Chapman\Downloads\dds (1).scr
2014-05-25 10:37 - 2014-05-25 10:36 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-05-25 10:37 - 2014-05-02 15:25 - 00000000 ___RD () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-25 10:36 - 2014-05-25 10:36 - 00791393 _____ (Lars Hederer ) C:\Users\Barry Chapman\Downloads\erunt-setup (2).exe
2014-05-25 10:36 - 2014-05-25 10:36 - 00000960 _____ () C:\Users\Barry Chapman\Desktop\ERUNT.lnk
2014-05-25 10:36 - 2014-05-25 10:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
2014-05-24 12:00 - 2014-05-24 12:00 - 00688992 _____ (Swearware) C:\Users\Barry Chapman\Downloads\dds.scr
2014-05-24 11:59 - 2014-05-24 11:59 - 00791393 _____ (Lars Hederer ) C:\Users\Barry Chapman\Downloads\erunt-setup (1).exe
2014-05-24 11:57 - 2014-05-24 11:57 - 00791393 _____ (Lars Hederer ) C:\Users\Barry Chapman\Downloads\erunt-setup.exe
2014-05-23 08:25 - 2014-05-23 08:25 - 00000000 ____D () C:\New folder
2014-05-23 07:59 - 2009-07-13 23:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-23 07:48 - 2014-05-23 07:48 - 624028561 _____ () C:\Windows\MEMORY.DMP
2014-05-23 07:48 - 2014-05-23 07:48 - 00280128 _____ () C:\Windows\Minidump\052314-21138-01.dmp
2014-05-23 07:48 - 2014-05-23 07:48 - 00000000 ____D () C:\Windows\Minidump
2014-05-23 07:43 - 2014-05-23 07:43 - 00162208 _____ () C:\Users\Barry Chapman\Downloads\Antivirus_Free_Edition (1).exe
2014-05-23 07:43 - 2014-05-23 07:40 - 10447328 _____ () C:\Users\Barry Chapman\Downloads\Antivirus_Free_Edition_x64.exe
2014-05-23 07:41 - 2014-05-23 07:41 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\QuickScan
2014-05-23 07:39 - 2014-05-23 07:39 - 00162208 _____ () C:\Users\Barry Chapman\Downloads\Antivirus_Free_Edition.exe
2014-05-23 07:03 - 2014-05-21 11:16 - 00000000 ____D () C:\ProgramData\MFAData
2014-05-22 16:23 - 2014-05-03 16:34 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-22 16:19 - 2009-07-13 22:34 - 00000510 _____ () C:\Windows\win.ini
2014-05-22 15:37 - 2014-05-22 15:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2014-05-22 15:36 - 2014-05-02 16:12 - 00000000 ____D () C:\Program Files (x86)\Google
2014-05-22 15:35 - 2014-05-22 15:35 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-05-22 15:35 - 2014-05-22 15:35 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-05-22 15:35 - 2014-05-22 15:35 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-05-22 15:35 - 2014-05-22 15:35 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-05-22 15:35 - 2014-05-22 15:35 - 00000000 ____D () C:\Program Files (x86)\Java
2014-05-22 13:23 - 2014-05-22 13:22 - 00051706 _____ () C:\Windows\SysWOW64\bddel.dat
2014-05-22 10:51 - 2014-05-15 11:21 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-05-22 10:49 - 2014-05-15 11:40 - 00001446 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-05-22 10:49 - 2014-05-15 11:40 - 00001434 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-05-22 10:49 - 2014-05-15 11:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-05-22 10:49 - 2014-05-15 11:21 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-05-22 10:47 - 2014-05-22 10:47 - 00000000 ____D () C:\Program Files (x86)\Spybot
2014-05-22 09:31 - 2014-05-22 08:13 - 00017970 _____ () C:\Users\Barry Chapman\Desktop\Nmc_2014-05-22_08-13-17.log
2014-05-22 08:11 - 2014-05-22 08:08 - 00003374 _____ () C:\Users\Barry Chapman\Desktop\Nmc_2014-05-22_08-08-46.log
2014-05-22 08:06 - 2014-05-22 07:57 - 332119856 _____ (Norman Shark AS) C:\Users\Barry Chapman\Downloads\Norman_Malware_Cleaner (1).exe
2014-05-21 16:21 - 2014-05-05 11:45 - 00037861 _____ () C:\Users\Barry Chapman\AppData\Roaming\Comma Separated Values (Windows).ADR
2014-05-21 11:27 - 2014-05-21 11:27 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\TuneUp Software
2014-05-21 11:16 - 2014-05-21 11:16 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\MFAData
2014-05-21 11:15 - 2014-05-21 11:15 - 04485528 _____ (AVG Technologies) C:\Users\Barry Chapman\Downloads\avg_free_stb_all_2014_4577_cnet.exe
2014-05-21 11:11 - 2014-03-21 13:52 - 00000000 ____D () C:\ProgramData\McAfee
2014-05-21 10:04 - 2014-05-21 09:31 - 00014960 _____ () C:\Users\Barry Chapman\Desktop\Nmc_2014-05-21_09-31-37.log
2014-05-21 09:17 - 2014-05-02 16:23 - 00002310 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-21 09:08 - 2014-05-21 09:01 - 331917560 _____ (Norman Shark AS) C:\Users\Barry Chapman\Downloads\Norman_Malware_Cleaner.exe
2014-05-20 18:49 - 2014-03-21 13:52 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2014-05-20 18:27 - 2014-05-02 15:18 - 00132680 _____ () C:\Users\Barry Chapman\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-20 18:25 - 2014-05-02 15:17 - 00000000 ____D () C:\Users\Barry Chapman
2014-05-20 18:24 - 2014-05-19 08:08 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-05-20 18:24 - 2014-03-21 13:45 - 00000000 ____D () C:\Program Files (x86)\Dell Wireless
2014-05-20 18:19 - 2014-05-27 18:11 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-20 18:19 - 2014-05-27 18:11 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-20 18:19 - 2014-05-06 07:52 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-20 18:19 - 2014-03-22 04:22 - 00000000 ____D () C:\Windows\system32\Drivers\tr-TR
2014-05-20 18:19 - 2014-03-22 04:22 - 00000000 ____D () C:\Windows\system32\Drivers\th-TH
2014-05-20 18:19 - 2014-03-22 04:22 - 00000000 ____D () C:\Windows\system32\Drivers\ro-RO
2014-05-20 18:19 - 2014-03-22 04:22 - 00000000 ____D () C:\Windows\system32\Drivers\he-IL
2014-05-20 18:19 - 2014-03-22 04:22 - 00000000 ____D () C:\Windows\system32\Drivers\ar-SA
2014-05-20 18:19 - 2010-11-21 03:17 - 00000000 ____D () C:\Windows\ShellNew
brchapman
2014-05-28, 20:11
2014-05-20 18:19 - 2010-11-21 03:17 - 00000000 ____D () C:\Windows\ShellNew
2014-05-20 18:19 - 2010-11-21 03:17 - 00000000 ____D () C:\Program Files\Windows Journal
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Windows\system32\WinBioPlugIns
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Windows\Offline Web Pages
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Windows\addins
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files\DVD Maker
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-05-20 18:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 __RSD () C:\Windows\Media
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\TAPI
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\uk-UA
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\th-TH
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\sr-Latn-CS
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\sppui
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\sl-SI
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\sk-SK
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Setup
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\ro-RO
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Recovery
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\ras
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\migwiz
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\manifeststore
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\lv-LV
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\lt-LT
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\InstallShield
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\icsxml
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\hr-HR
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\he-IL
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\et-EE
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\com
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\bg-BG
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\ar-SA
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\AdvancedInstallers
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\uk-UA
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\th-TH
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\sysprep
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\sppui
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\sl-SI
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\sk-SK
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Setup
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\ro-RO
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\ras
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\oobe
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Msdtc
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\migwiz
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\manifeststore
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\lv-LV
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\lt-LT
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\icsxml
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\ias
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\hr-HR
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\he-IL
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\et-EE
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\com
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\bg-BG
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\ar-SA
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\servicing
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\L2Schemas
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\IME
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\Cursors
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-05-20 18:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\Services
2014-05-20 18:03 - 2014-05-05 16:53 - 00000000 ____D () C:\Windows\SysWOW64\spool
2014-05-20 18:03 - 2014-03-21 13:42 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-05-20 18:03 - 2014-03-21 13:36 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-05-20 18:02 - 2014-05-03 16:36 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-05-20 18:02 - 2014-03-21 13:36 - 00000000 ____D () C:\Windows\system32\Macromed
2014-05-20 18:02 - 2009-07-14 01:32 - 00000000 ____D () C:\Windows\system32\restore
2014-05-20 18:02 - 2009-07-14 01:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-05-20 18:02 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-20 18:02 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system
2014-05-20 17:55 - 2014-05-13 11:18 - 00000000 ____D () C:\Windows\pss
2014-05-20 17:55 - 2014-05-03 15:40 - 00000000 ____D () C:\Windows\Msagent
2014-05-20 17:55 - 2014-05-03 13:30 - 00000000 ____D () C:\Windows\PIXTRAN
2014-05-20 17:53 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\Help
2014-05-20 17:52 - 2014-05-15 03:25 - 00000000 ___RD () C:\Users\Barry Chapman\Virtual Machines
2014-05-20 17:52 - 2014-05-14 15:54 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\wi_upd
2014-05-20 17:52 - 2014-05-14 10:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-05-20 17:52 - 2014-05-13 12:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backblaze
2014-05-20 17:52 - 2014-05-13 11:00 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\VMware
2014-05-20 17:52 - 2014-05-09 07:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
2014-05-20 17:52 - 2014-05-07 09:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CapturePerfect 3.1
2014-05-20 17:52 - 2014-05-06 10:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-20 17:52 - 2014-05-05 17:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon DR-2580C
2014-05-20 17:52 - 2014-05-05 16:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-05-20 17:52 - 2014-05-05 16:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
2014-05-20 17:52 - 2014-05-05 14:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Landtech XML
2014-05-20 17:52 - 2014-05-05 10:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Medlin Accounting
2014-05-20 17:52 - 2014-05-05 10:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quicken 2014
2014-05-20 17:52 - 2014-05-05 10:13 - 00000000 ____D () C:\Quicken 2014
2014-05-20 17:52 - 2014-05-03 16:34 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Microsoft Help
2014-05-20 17:52 - 2014-05-03 16:32 - 00000000 ____D () C:\Users\Barry Chapman\Downloads\DVD_Office_2010_32Bit
2014-05-20 17:52 - 2014-05-03 16:10 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-05-20 17:52 - 2014-05-03 16:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-05-20 17:52 - 2014-05-03 14:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FAX User Software
2014-05-20 17:52 - 2014-05-03 13:30 - 00000000 ____D () C:\Users\Barry Chapman\Desktop\Canon DR-2580C
2014-05-20 17:52 - 2014-05-03 13:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WordPerfect Office 12
2014-05-20 17:52 - 2014-05-02 16:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-20 17:52 - 2014-05-02 15:25 - 00000000 ___RD () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-20 17:52 - 2014-05-02 15:17 - 00000000 ___RD () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-20 17:52 - 2014-05-02 15:17 - 00000000 ___RD () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-20 17:52 - 2014-03-22 04:22 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Virtual PC
2014-05-20 17:52 - 2014-03-21 13:49 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2014-05-20 17:52 - 2014-03-21 13:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HotSpot
2014-05-20 17:52 - 2014-03-21 13:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atheros Smart Net
2014-05-20 17:52 - 2014-03-21 13:46 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BT Program
2014-05-20 17:52 - 2014-03-21 13:43 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2014-05-20 17:52 - 2014-03-21 13:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Audio
2014-05-20 17:52 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\AppCompat
2014-05-20 17:51 - 2014-05-05 16:24 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-05-20 17:51 - 2014-05-05 16:15 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-05-20 17:51 - 2014-05-02 15:25 - 00000000 ____D () C:\ProgramData\Atheros
2014-05-20 17:51 - 2014-03-21 13:52 - 00000000 ____D () C:\Program Files\mcafee.com
2014-05-20 17:51 - 2014-03-21 13:52 - 00000000 ____D () C:\Program Files\mcafee
2014-05-20 17:51 - 2014-03-21 13:50 - 00000000 ____D () C:\Program Files\My Dell
2014-05-20 17:51 - 2014-03-21 13:50 - 00000000 ____D () C:\Program Files\Dell Support Center
2014-05-20 17:51 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-05-20 17:50 - 2014-05-03 14:29 - 00000000 ____D () C:\Program Files (x86)\wp51
2014-05-20 17:46 - 2014-05-05 10:24 - 00000000 ____D () C:\Program Files (x86)\Quicken
2014-05-20 17:46 - 2014-05-03 16:10 - 00000000 ____D () C:\Program Files (x86)\WinRAR
2014-05-20 17:45 - 2014-05-05 16:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-05-20 17:45 - 2014-03-21 13:52 - 00000000 ____D () C:\Program Files (x86)\mcafee.com
2014-05-20 17:44 - 2014-05-13 12:16 - 00000000 ____D () C:\Program Files (x86)\Backblaze
2014-05-20 17:44 - 2014-03-21 13:55 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-05-20 17:44 - 2014-03-21 13:50 - 00000000 ____D () C:\Program Files (x86)\Dell Digital Delivery
2014-05-20 17:34 - 2014-05-16 08:33 - 00000000 ____D () C:\Program Files (x86)\Adobe Download Assistant
2014-05-20 17:32 - 2014-05-02 15:45 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-05-20 17:27 - 2014-05-05 12:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WP-64
2014-05-20 17:26 - 2014-05-06 09:05 - 00000000 ____D () C:\Users\Barry Chapman\Desktop\CapturePerfect 3.0
2014-05-20 17:26 - 2014-05-02 15:45 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Opera Software
2014-05-20 16:57 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\registration
2014-05-20 16:25 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Adobe
2014-05-20 16:25 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\VirtualStore
2014-05-20 16:25 - 2014-03-21 13:55 - 00000000 ____D () C:\ProgramData\Adobe
2014-05-20 16:25 - 2014-03-21 13:50 - 00000000 ____D () C:\ProgramData\PCDr
2014-05-20 16:20 - 2014-05-14 08:30 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-05-20 15:49 - 2014-05-20 14:54 - 00025110 _____ () C:\Users\Barry Chapman\Desktop\Nmc_2014-05-20_14-54-17.log
2014-05-20 14:53 - 2014-05-20 14:53 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Norman Malware Cleaner
2014-05-20 13:56 - 2014-05-02 15:58 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Deployment
2014-05-20 13:35 - 2014-05-20 12:44 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-05-20 12:34 - 2014-05-20 12:34 - 00000914 _____ () C:\Users\Barry Chapman\Desktop\JRT.txt
2014-05-20 11:10 - 2014-05-03 14:40 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Adobe
2014-05-20 10:30 - 2014-05-20 10:29 - 04957528 _____ (SurfRight B.V.) C:\Users\Barry Chapman\Downloads\Unconfirmed 912715.crdownload
2014-05-19 10:55 - 2014-05-19 10:55 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-05-19 10:44 - 2014-05-05 16:53 - 00000000 ____D () C:\Users\Public\Documents\Adobe PDF
2014-05-19 10:20 - 2014-05-19 10:20 - 00000000 ____D () C:\Adobe XI Pro
2014-05-19 07:54 - 2014-05-19 07:54 - 00000000 ____D () C:\Users\Barry Chapman\Documents\ProcAlyzer Dumps
2014-05-18 03:05 - 2014-05-06 13:18 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-16 09:39 - 2014-05-16 09:39 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\SUPERAntiSpyware.com
2014-05-16 09:39 - 2014-05-16 09:39 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-05-16 08:33 - 2014-05-16 08:33 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2014-05-16 08:32 - 2014-05-27 18:11 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Macromedia
2014-05-16 08:32 - 2014-05-16 08:32 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-05-16 08:32 - 2014-05-16 08:32 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-05-15 15:02 - 2014-05-15 15:02 - 00560968 _____ (Safer-Networking Ltd. ) C:\Users\Barry Chapman\Downloads\spybot2-license (1).exe
2014-05-15 14:40 - 2014-05-02 15:45 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Opera Software
2014-05-15 14:27 - 2014-05-15 14:27 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-05-15 13:06 - 2014-05-15 13:05 - 00560968 _____ (Safer-Networking Ltd. ) C:\Users\Barry Chapman\Downloads\spybot2-license.exe
2014-05-15 11:40 - 2014-05-15 11:40 - 00000656 _____ () C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2014-05-15 11:40 - 2014-05-15 11:40 - 00000628 _____ () C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2014-05-15 11:40 - 2014-05-15 11:40 - 00000458 _____ () C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job
2014-05-15 10:56 - 2014-05-15 11:20 - 46392680 _____ (Safer-Networking Ltd. ) C:\Users\Barry Chapman\Downloads\spybot-2.3 (1).exe
2014-05-15 03:28 - 2009-07-14 01:08 - 00014614 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-15 03:03 - 2014-05-06 13:18 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-14 16:16 - 2014-05-14 16:16 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\PDF24
2014-05-14 15:56 - 2014-05-14 15:56 - 00004592 _____ () C:\Windows\System32\Tasks\IdleCrawler Runner
2014-05-14 15:54 - 2014-05-14 15:53 - 02271768 _____ () C:\Users\Barry Chapman\Downloads\Adobe.Acrobat.XI.Pro.v11.0.2.Multilingual.Cracked.exe
2014-05-14 15:27 - 2014-05-14 15:26 - 18873344 _____ () C:\Users\Barry Chapman\Downloads\AcrobatUpd714_all_incr.msp
2014-05-14 15:27 - 2014-05-05 16:54 - 00002501 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat 7.0 Standard.lnk
2014-05-14 15:23 - 2014-05-14 15:22 - 14385152 _____ () C:\Users\Barry Chapman\Downloads\AcrobatUpd713_all_incr.msp
2014-05-14 15:22 - 2014-05-14 15:21 - 03972608 _____ () C:\Users\Barry Chapman\Downloads\AcrobatUpd712_all_incr (1).msp
2014-05-14 15:20 - 2014-05-14 15:20 - 06504448 _____ () C:\Users\Barry Chapman\Downloads\AcroUpd711_all_incr.msp
2014-05-14 15:14 - 2009-07-14 00:45 - 00494176 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-14 15:08 - 2014-05-14 14:34 - 00001520 _____ () C:\Users\Public\Documents\AcStd7_1_0.ini
2014-05-14 14:44 - 2014-05-05 16:54 - 00002459 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Distiller 7.0.lnk
2014-05-14 13:26 - 2014-05-05 12:22 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Help
2014-05-14 11:55 - 2014-05-03 16:40 - 00000000 ____D () C:\Office 2000
2014-05-14 10:26 - 2014-05-14 10:20 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-05-14 10:25 - 2014-05-14 10:25 - 00000000 ____D () C:\Windows\PCHEALTH
2014-05-14 10:22 - 2014-05-14 10:22 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-05-14 10:22 - 2014-05-14 10:22 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-05-14 10:20 - 2014-05-14 10:20 - 00000000 ___RD () C:\MSOCache
2014-05-14 08:36 - 2014-03-21 13:36 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-14 08:36 - 2014-03-21 13:36 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-14 08:36 - 2014-03-21 13:36 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-14 08:30 - 2014-05-14 08:30 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Secunia PSI
2014-05-14 08:29 - 2014-05-14 08:28 - 05329480 _____ (Secunia) C:\Users\Barry Chapman\Downloads\PSISetup.exe
2014-05-13 16:30 - 2014-05-02 15:23 - 00000000 ____D () C:\ProgramData\softthinks
2014-05-13 12:17 - 2014-05-12 07:16 - 00000000 ____D () C:\.bzvol
2014-05-13 12:16 - 2014-05-13 12:16 - 05033216 _____ () C:\Users\Barry Chapman\Downloads\install_backblaze.exe
2014-05-13 12:16 - 2014-05-13 12:16 - 00000000 ____D () C:\ProgramData\Backblaze
2014-05-13 12:04 - 2014-05-13 12:02 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\VMware
2014-05-13 11:38 - 2014-05-13 11:38 - 34209792 _____ () C:\Users\Barry Chapman\Desktop\CHAPMA11_20140505-2014-05-13.QDF-backup
2014-05-13 11:13 - 2014-05-13 08:53 - 00007605 _____ () C:\Users\Barry Chapman\AppData\Local\resmon.resmoncfg
2014-05-13 11:07 - 2014-05-12 13:51 - 00000000 ____D () C:\Program Files\My Lockbox
2014-05-13 11:07 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\spool
2014-05-13 10:04 - 2014-05-13 10:04 - 00000000 _____ () C:\Users\Barry Chapman\AppData\Local\{89B78C50-3F1E-4624-B5B6-B21F413891C7}
2014-05-13 09:55 - 2010-11-21 03:16 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-05-13 08:51 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\Documents\Bluetooth Folder
2014-05-12 20:58 - 2014-05-12 20:43 - 00000000 ____D () C:\Users\Barry Chapman\.asdm
2014-05-12 20:43 - 2014-05-12 20:43 - 00000000 ____D () C:\Program Files (x86)\Cisco Systems
2014-05-12 16:26 - 2014-05-12 16:26 - 00010295 _____ () C:\Users\Barry Chapman\Documents\141046 commitment.wpd
2014-05-12 16:21 - 2014-05-12 16:21 - 00002380 _____ () C:\Users\Barry Chapman\Documents\141046 DATA FILE.wpd
2014-05-12 13:50 - 2014-05-12 13:50 - 04090994 _____ () C:\Users\Barry Chapman\Downloads\mylockbox_setup.zip
2014-05-09 11:38 - 2014-05-09 11:38 - 00000000 ____D () C:\Users\Barry Chapman\Documents\CCWin
2014-05-09 09:28 - 2014-05-05 12:22 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Help
2014-05-09 07:39 - 2014-05-09 07:39 - 00002187 _____ () C:\Users\Public\Desktop\VMware Player.lnk
2014-05-09 07:39 - 2014-05-09 07:39 - 00000000 ____D () C:\Program Files (x86)\VMware
2014-05-09 07:39 - 2011-02-10 10:33 - 00807106 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-05-09 07:38 - 2014-05-09 07:38 - 00000000 ____D () C:\Program Files\Common Files\VMware
2014-05-09 07:35 - 2014-05-09 07:33 - 114794792 _____ (VMware, Inc.) C:\Users\Barry Chapman\Downloads\VMware-player-4.0.6-1035888.exe
2014-05-09 02:14 - 2014-05-14 05:44 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 02:11 - 2014-05-14 05:44 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-07 15:50 - 2014-05-02 16:12 - 00003908 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-07 15:50 - 2014-05-02 16:12 - 00003656 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-07 09:29 - 2014-05-07 09:29 - 00000000 ____D () C:\ProgramData\Canon Electronics
2014-05-07 09:25 - 2014-05-03 13:30 - 00000000 ____D () C:\Program Files (x86)\Canon Electronics
2014-05-07 09:25 - 2014-03-21 13:42 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-07 09:22 - 2014-05-07 09:20 - 79468544 _____ () C:\Users\Barry Chapman\Downloads\CP_Upgrade_V3137 (1).exe
2014-05-07 09:22 - 2014-05-06 07:29 - 00000000 ____D () C:\CapturePerfect Upgrade
2014-05-06 15:59 - 2014-05-06 15:56 - 00000000 ____D () C:\Users\Barry Chapman\Documents\My Documents from old
2014-05-06 14:42 - 2014-05-06 14:42 - 00119964 _____ () C:\Users\Barry Chapman\Downloads\GSCCCA Online Statement.htm
2014-05-06 13:22 - 2014-05-03 13:30 - 00000125 _____ () C:\Windows\SetScan.ini
2014-05-06 13:12 - 2014-05-03 13:30 - 00017862 _____ () C:\Windows\DPINST.LOG
2014-05-06 13:09 - 2014-05-06 13:09 - 14393344 _____ () C:\Users\Barry Chapman\Downloads\2580DRIT_V18SP1 (1).exe
2014-05-06 10:10 - 2014-05-06 10:10 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Oracle
2014-05-06 10:09 - 2014-05-06 10:09 - 00000000 ____D () C:\ProgramData\Sun
2014-05-06 10:09 - 2014-05-06 10:09 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-06 10:07 - 2014-05-06 10:07 - 00921512 _____ (Oracle Corporation) C:\Users\Barry Chapman\Downloads\chromeinstall-7u55.exe
2014-05-06 10:04 - 2014-05-06 10:05 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-05-06 10:04 - 2014-05-06 10:04 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-05-06 10:04 - 2014-05-06 10:04 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-05-06 10:04 - 2014-05-06 10:04 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-05-06 10:04 - 2014-05-06 10:04 - 00000000 ____D () C:\Program Files\Java
2014-05-06 10:04 - 2014-05-06 10:03 - 30818216 _____ (Oracle Corporation) C:\Users\Barry Chapman\Downloads\jre-7u55-windows-x64.exe
2014-05-06 09:27 - 2014-05-06 09:27 - 28808192 _____ () C:\Users\Barry Chapman\Downloads\CP_Upgrade_Ver_3097 (1).exe
2014-05-06 09:06 - 2014-05-06 09:06 - 00000000 _____ () C:\Users\Barry Chapman\Sti_Trace.log
2014-05-06 09:06 - 2014-05-05 17:43 - 00005432 _____ () C:\Windows\pixcache.ini
2014-05-06 08:51 - 2014-05-06 08:51 - 00249856 _____ () C:\Users\Barry Chapman\Downloads\RepairReg.exe
2014-05-06 08:51 - 2014-05-06 08:51 - 00000000 ____D () C:\DR Scanner
2014-05-06 08:47 - 2014-05-06 08:45 - 79468544 _____ () C:\Users\Barry Chapman\Downloads\CP_Upgrade_V3137.exe
2014-05-06 08:43 - 2014-05-06 08:43 - 00000000 ____D () C:\DR2580C
2014-05-06 08:42 - 2014-05-06 08:42 - 14393344 _____ () C:\Users\Barry Chapman\Downloads\2580DRIT_V18SP1.exe
2014-05-06 08:35 - 2014-05-06 08:35 - 00000000 ____D () C:\Users\Barry Chapman\Downloads\d1041mux
2014-05-06 08:35 - 2014-05-06 08:34 - 13259652 _____ () C:\Users\Barry Chapman\Downloads\d1041mux.zip
2014-05-06 07:31 - 2014-05-06 07:31 - 00003228 _____ () C:\Windows\System32\Tasks\{E819857F-629F-4F7B-9FE3-F8B1467A5C1B}
2014-05-06 03:03 - 2014-05-06 03:03 - 00288324 _____ () C:\Windows\msxml4-KB973688-enu.LOG
2014-05-06 03:03 - 2014-05-06 03:02 - 00292408 _____ () C:\Windows\msxml4-KB954430-enu.LOG
2014-05-06 03:02 - 2014-05-06 03:02 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-05-06 00:40 - 2014-05-15 03:06 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 00:17 - 2014-05-15 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-05 23:25 - 2014-05-15 03:06 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-05 23:07 - 2014-05-15 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-05 23:00 - 2014-05-15 03:06 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-05 22:10 - 2014-05-15 03:06 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-05 19:26 - 2014-05-05 17:52 - 28808192 _____ () C:\Users\Barry Chapman\Downloads\CP_Upgrade_Ver_3097.exe
2014-05-05 17:48 - 2014-03-21 13:55 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-05 17:43 - 2014-05-05 17:43 - 00003050 _____ () C:\Windows\System32\Tasks\{BEA2EFCD-E2FA-474A-BB2F-ADE6F46BED5D}
2014-05-05 16:56 - 2014-05-05 16:56 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\AdobeUM
2014-05-05 16:54 - 2014-05-05 16:54 - 00002039 _____ () C:\Users\Public\Desktop\Adobe Acrobat 7.0 Standard.lnk
2014-05-05 16:24 - 2014-05-05 16:23 - 13084896 _____ (Microsoft Corporation) C:\Users\Barry Chapman\Downloads\Silverlight_x64 (1).exe
2014-05-05 16:23 - 2014-05-05 16:23 - 13084896 _____ (Microsoft Corporation) C:\Users\Barry Chapman\Downloads\Silverlight_x64.exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-05-05 16:15 - 2014-05-05 16:15 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_point64_01011.Wdf
2014-05-05 16:12 - 2014-05-05 16:12 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_dc3d_01011.Wdf
2014-05-05 15:53 - 2014-05-05 15:52 - 19495200 _____ () C:\Users\Barry Chapman\Downloads\upd-ps-x64-5.8.0.17508.exe
2014-05-05 15:53 - 2014-05-05 15:50 - 00000000 ____D () C:\HP Universal Print Driver
2014-05-05 15:49 - 2014-05-05 15:49 - 18409760 _____ () C:\Users\Barry Chapman\Downloads\upd-pcl6-x64-5.8.0.17508.exe
2014-05-05 14:53 - 2014-05-05 14:53 - 00001534 _____ () C:\Users\Barry Chapman\Desktop\Landtech XML.lnk
2014-05-05 14:52 - 2014-05-05 14:52 - 00204800 _____ (Landtech Data Corporation) C:\Windows\SysWOW64\ltwpvsw.DLL
2014-05-05 14:52 - 2014-05-05 14:52 - 00065536 _____ (Landtech Data Corp.) C:\Windows\SysWOW64\LTWNode.exe
2014-05-05 14:52 - 2014-05-05 14:52 - 00004726 _____ () C:\Windows\BOOTSTRAP.LOG
2014-05-05 14:52 - 2014-05-05 14:52 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Landtech XML
2014-05-05 14:44 - 2014-05-05 14:44 - 00000519 _____ () C:\Windows\ODBCINST.INI
2014-05-05 14:44 - 2014-05-05 14:44 - 00000000 ____D () C:\ProgramData\Pervasive Software
2014-05-05 14:44 - 2014-05-05 14:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pervasive
2014-05-05 14:44 - 2014-05-05 14:44 - 00000000 ____D () C:\Program Files (x86)\Pervasive Software
2014-05-05 14:18 - 2014-05-05 14:18 - 00000000 ____D () C:\Wages
2014-05-05 14:17 - 2014-05-05 14:15 - 88823072 _____ () C:\Users\Barry Chapman\Downloads\PSQL-Workgroup-10.30.022.000-win.x86.exe
2014-05-05 12:34 - 2014-05-05 12:34 - 32856361 _____ (wpdos.org ) C:\Users\Barry Chapman\Downloads\WP64DOSBox-Setup.exe
2014-05-05 12:18 - 2014-05-03 13:14 - 00000000 ____D () C:\Program Files (x86)\WordPerfect Office 12
2014-05-05 11:40 - 2014-05-05 11:40 - 00321535 _____ () C:\Users\Barry Chapman\Downloads\contacts.csv
2014-05-05 11:26 - 2014-05-05 11:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-05 11:25 - 2014-05-05 11:25 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Barry Chapman\Downloads\mbam-setup-2.0.1.1004 (1).exe
2014-05-05 11:25 - 2014-05-05 11:24 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Barry Chapman\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-05 11:17 - 2014-05-05 11:16 - 01069064 _____ (Medlin Accounting Software ) C:\Users\Barry Chapman\Downloads\_05-01-2014_medlin_PR_4-6.exe
2014-05-05 11:17 - 2014-05-05 10:49 - 00000580 _____ () C:\Users\Public\Desktop\Medlin Accounting.lnk
2014-05-05 10:40 - 2014-05-05 10:40 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\QuickenWindow
2014-05-05 10:36 - 2014-05-05 10:36 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\IsolatedStorage
2014-05-05 10:28 - 2014-05-05 10:28 - 00000000 ____D () C:\Users\Barry Chapman\Documents\Quicken
2014-05-05 10:24 - 2014-05-05 10:24 - 00001808 _____ () C:\Users\Public\Desktop\Quicken Deluxe 2014.lnk
2014-05-05 10:24 - 2014-05-05 10:24 - 00000126 _____ () C:\Windows\QUICKEN.INI
2014-05-05 10:24 - 2014-05-05 10:24 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Intuit
2014-05-05 10:23 - 2014-05-05 10:23 - 00000000 ____D () C:\ProgramData\Intuit
2014-05-05 10:21 - 2014-05-05 10:18 - 112168720 _____ (Intuit Inc. ) C:\Users\Barry Chapman\Downloads\QW14DLX.exe
2014-05-05 08:58 - 2014-05-05 08:58 - 00000000 __SHD () C:\Users\Barry Chapman\AppData\Local\EmieUserList
2014-05-05 08:58 - 2014-05-05 08:58 - 00000000 __SHD () C:\Users\Barry Chapman\AppData\Local\EmieSiteList
2014-05-05 03:06 - 2014-05-27 18:11 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Microsoft Help
2014-05-05 03:06 - 2014-05-05 03:06 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-05-05 03:06 - 2014-05-05 03:06 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-05-04 18:11 - 2014-05-03 12:01 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\PCDr
2014-05-04 03:39 - 2011-02-10 10:25 - 00000000 ____D () C:\dell
2014-05-03 16:46 - 2014-05-03 16:46 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-05-03 16:30 - 2014-05-03 16:11 - 628097024 _____ () C:\Users\Barry Chapman\Downloads\DVD_Office_2010_32Bit.iso
2014-05-03 16:26 - 2014-05-03 16:26 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\WinRAR
2014-05-03 16:23 - 2014-05-03 16:23 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Macromedia
2014-05-03 16:21 - 2014-05-03 16:21 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Mozilla
2014-05-03 16:21 - 2014-05-03 16:21 - 00000000 ____D () C:\ProgramData\Mozilla
2014-05-03 16:10 - 2014-05-03 16:10 - 01766784 _____ () C:\Users\Barry Chapman\Downloads\wrar500.exe
2014-05-03 16:10 - 2014-05-03 16:10 - 00001007 _____ () C:\Users\Public\Desktop\WinRAR.lnk
2014-05-03 15:41 - 2014-05-03 15:41 - 00000376 _____ () C:\Windows\ODBC.INI
2014-05-03 15:40 - 2014-05-03 15:40 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Microsoft Web Folders
2014-05-03 15:20 - 2014-05-03 15:20 - 00718172 _____ () C:\Users\Barry Chapman\Downloads\Windows6.1-KB917607-x64.msu
2014-05-03 15:20 - 2014-05-03 15:20 - 00703811 _____ () C:\Users\Barry Chapman\Downloads\Windows6.1-KB917607-x86.msu
2014-05-03 14:14 - 2014-05-03 14:14 - 00000000 ____D () C:\Program Files (x86)\Kyocera
2014-05-03 14:02 - 2014-05-03 14:02 - 00003102 _____ () C:\Windows\System32\Tasks\{274EC4EA-7BEE-46DD-B238-1777098F3282}
2014-05-03 13:53 - 2014-05-03 13:53 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Canon Electronics
2014-05-03 13:52 - 2014-05-03 13:38 - 00000000 ____D () C:\Users\Barry Chapman\Documents\Corel User Files
2014-05-03 13:38 - 2014-05-03 13:38 - 00061678 _____ () C:\Users\Barry Chapman\AppData\Roaming\PFP120JPR.{PB
2014-05-03 13:38 - 2014-05-03 13:38 - 00012358 _____ () C:\Users\Barry Chapman\AppData\Roaming\PFP120JCM.{PB
2014-05-03 13:38 - 2014-05-03 13:38 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Corel
2014-05-03 13:17 - 2014-05-03 13:17 - 00002607 _____ () C:\Users\Barry Chapman\Desktop\WordPerfect.lnk
2014-05-02 16:23 - 2014-05-02 16:12 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Google
2014-05-02 15:58 - 2014-05-02 15:58 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\Apps\2.0
2014-05-02 15:42 - 2014-05-02 15:42 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Macromedia
2014-05-02 15:26 - 2014-05-02 15:26 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Intel Corporation
2014-05-02 15:25 - 2014-05-02 15:25 - 00004004 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2014-05-02 15:25 - 2014-05-02 15:25 - 00003214 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest
2014-05-02 15:25 - 2014-05-02 15:25 - 00001415 _____ () C:\Users\Barry Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-02 15:25 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Leadertech
2014-05-02 15:25 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Dell
2014-05-02 15:25 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Roaming\Atheros
2014-05-02 15:25 - 2014-05-02 15:25 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\BMExplorer
2014-05-02 15:23 - 2014-05-02 15:23 - 00000000 ____D () C:\Users\Barry Chapman\AppData\Local\softthinks
2014-05-02 15:18 - 2014-05-02 15:18 - 00001975 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Help Documentation.lnk
2014-05-02 15:17 - 2014-05-02 15:17 - 00000020 ___SH () C:\Users\Barry Chapman\ntuser.ini
2014-05-02 15:09 - 2011-02-10 10:25 - 00000000 ____D () C:\Windows\panther
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-05-27 15:15
==================== End Of Log ============================
Looks like its gone :) How is your system behaving now ?
brchapman
2014-05-28, 20:37
Everything seems to be working great! Haven't tried to re-load Malwarebytes, but I'll give it try later.
If Malwarebytes wont work, just uninstall it with this program, it will search your system for security programs and should find Malwarebytes and then just let it uninstall it
Run AppRemover
Vista , Win 7 users, right click on the icon and select "run as administrator"
Please download AppRemover (http://www.appremover.com/) and save it to your desktop.
Double click on AppRemover.exe to run it.
Uncheck "Enable anonymous usage statistics. No personal data will be recorded."
Click on the Next button.
Click on "Remove Security Application" or "Clean Up a Failed Uninstall" depending on what you want to do.
Click on the Next button.
A scan begins, please wait. Once done, click on the Next button.
Now you should have a list of your installed security programs, choose the one you want to uninstall and click on the Next button.
Follow the last step and reboot if asked to do so.
Then go here to get the latest version
http://www.malwarebytes.org/mbam-download.php
Let me know how it went
brchapman
2014-05-28, 23:34
Ok, Appremover couldn't find the malwarebytes files to remove them. Malwarebytes site has a utility called mbam-clean.exe that I was able to download and remove the files that I couldn't find. That did the trick! Its working great. I really appreciated all of the help!
You know, been at this for many years and when Plan A doesn't work we go to Plan B and mbam-clean.exe was next on my agenda but you beat me to it :oreo:
Glad all is well, my pleasure helping you. I will keep this thread open for few days in case you need to post back
Ken :)
brchapman
2014-05-29, 23:18
Just curious, why wasn't spybot able to remove all of that and fix the problem. Too complex??? Don't get me wrong, I think Spybot is one of the best programs out there and no other program was able to detect it either.
Hi,
Hope your doing well. To try and explain , there is no one silver bullet that will clean a system 100% from malware, most times other tools and scanners are needed, it depends on what your system is infected with. Most times what one program removes may be different to what another one does. A good example is running a free online virus scanner, one may pickup a few bad entries and another may deem your system as clean. Another example is lets say your system was infected with the TDSS Rootkit, most of the tools we used to clean your system wont remove it, a special program designed for this particular rootkit is the only one that will remove it.
Thanks for using Spybot, it is a good program and glad your happy with it.
Ken :)
Double click on AdwCleaner.exe to run the tool again.
Click on the Uninstall button.
Click Yes when asked are you sure you want to uninstall.
Both AdwCleaner.exe, its folder and all logs will be removed.
Open OTL and click on Clean Up and it will remove programs we used to clean your system along with there backups, any programs that where not removed you can just drag to the trash.
Malwarebytes is the free version and yours to keep and will not be removed
How did I get infected in the first place ?
Read these links and find out how to prevent getting infected again.
Tutorial for System Restore (http://www.bleepingcomputer.com/tutorials/tutorial56.html) <-- Do this first to prevent yourself from being reinfected.
WhattheTech (http://forums.whatthetech.com/index.php?showtopic=57817)
Grinler BleepingComputer (http://www.bleepingcomputer.com/forums/topic2520.html)
GeeksTo Go (http://www.geekstogo.com/forum/index.php?autocom=custom&page=How_did_I)
Dslreports (http://www.dslreports.com/faq/10002)
Safe Surfn
Ken