Reply to thread

Message: <blockquote data-quote="ihatethis" data-source="post: 118062" data-attributes="member: 7780">OTL logfile created on: 4/25/2013 10:32:19 PM - Run 1OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Chris\Downloads64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstationInternet Explorer (Version = 9.0.8112.16421)Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.80 Gb Total Physical Memory | 1.92 Gb Available Physical Memory | 50.40% Memory free7.61 Gb Paging File | 5.45 Gb Available in Paging File | 71.62% Paging File freePaging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)Drive C: | 446.13 Gb Total Space | 397.66 Gb Free Space | 89.14% Space Free | Partition Type: NTFS Computer Name: CHRIS-PC | User Name: Chris | Logged in as Administrator.Boot Mode: Normal | Scan Mode: Current user | Include 64bit ScansCompany Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Chris\Downloads\OTL.exe (OldTimer Tools)PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)PRC - C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe (LeapFrog Enterprises, Inc.)PRC - C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe (LeapFrog Enterprises, Inc.)PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe (SoftThinks SAS)PRC - C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe ()PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe ()PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe (SoftThinks - Dell)PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)PRC - C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe ()PRC - C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe ()PRC - C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)  ========== Modules (No Company Name) ========== MOD - C:\Users\Chris\AppData\Local\Google\Chrome\Application\26.0.1410.64\ppgooglenaclpluginchrome.dll ()MOD - C:\Users\Chris\AppData\Local\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll ()MOD - C:\Users\Chris\AppData\Local\Google\Chrome\Application\26.0.1410.64\pdf.dll ()MOD - C:\Users\Chris\AppData\Local\Google\Chrome\Application\26.0.1410.64\libglesv2.dll ()MOD - C:\Users\Chris\AppData\Local\Google\Chrome\Application\26.0.1410.64\libegl.dll ()MOD - C:\Users\Chris\AppData\Local\Google\Chrome\Application\26.0.1410.64\ffmpegsumo.dll ()MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\e1854a100d5ad4dff34d1427b5a9604c\System.WorkflowServices.ni.dll ()MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\e818fbdb44667fdf48e69d032ed038a9\System.Web.ni.dll ()MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\276a4a9226efbd4e3bfe1cff92acdb51\System.Windows.Forms.ni.dll ()MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\76a90419ce76ba450473d241821dcf3d\System.ServiceModel.Web.ni.dll ()MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\d16cfafdd80b12e110946ea875e118a1\System.Xml.Linq.ni.dll ()MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\5efc2df0b6cdb09d0c740a59be0dcd5b\System.Core.ni.dll ()MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\09a468fb987e5a5f345346b0910c89ca\IAStorCommon.ni.dll ()MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\226dff32c2cfce890288ebe71841c0f1\IAStorUtil.ni.dll ()MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\87effb0f186b515416c12a57bdab3cd3\System.ServiceModel.ni.dll ()MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\fde22ad3592f537464b769ae693152aa\System.Runtime.Serialization.ni.dll ()MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\5069816177c0505eb4ffdf8598771110\System.IdentityModel.ni.dll ()MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\948357f38c25edf82e53149599660d98\SMDiagnostics.ni.dll ()MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll ()MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\e95c75bede9a6ba6654d3a5e56da7e86\System.Runtime.Remoting.ni.dll ()MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\91c62efba9d18a59a8aef37729cb5c6d\PresentationFramework.ni.dll ()MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\8f045547dc39be38a6c3348b524b5d96\System.Drawing.ni.dll ()MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\e397d6058a96fc5b768e330256867567\PresentationCore.ni.dll ()MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\49100533f4f9d3bf97a57c5424b51c2b\WindowsBase.ni.dll ()MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\39cb017c2a46136cf3ca8a877d4fa741\System.Xml.ni.dll ()MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\35a8c4dd1bd18d6100a4974aa272761c\System.Configuration.ni.dll ()MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System\f3bcf05501f25211734e003e40c1fc4d\System.ni.dll ()MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll ()MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()MOD - C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe ()MOD - C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtGui4.dll ()MOD - C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtCore4.dll ()MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe ()MOD - C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe ()MOD - C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe ()MOD - C:\Program Files (x86)\Dell\Stage Remote\DataService.dll ()MOD - C:\Program Files (x86)\Dell\Stage Remote\en-US\UI\ManagerUI.dll ()MOD - C:\Program Files (x86)\Dell\Stage Remote\sqlite3.dll ()MOD - C:\Program Files (x86)\Dell\Stage Remote\QtGui4.dll ()MOD - C:\Program Files (x86)\Dell\Stage Remote\QtXml4.dll ()MOD - C:\Program Files (x86)\Dell\Stage Remote\QtNetwork4.dll ()MOD - C:\Program Files (x86)\Dell\Stage Remote\QtCore4.dll ()MOD - C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qmng4.dll ()MOD - C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qgif4.dll ()MOD - C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qjpeg4.dll ()MOD - C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qico4.dll ()  ========== Services (SafeList) ========== SRV:64bit: - (NisSrv) -- c:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)SRV:64bit: - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)SRV - (LeapFrog Connect Device Service) -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe (LeapFrog Enterprises, Inc.)SRV - (DellDigitalDelivery) -- C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe (Dell Products, LP.)SRV - (SftService) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe (SoftThinks SAS)SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)SRV - (NOBU) -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe (Dell, Inc.)SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)  ========== Driver Services (SafeList) ========== DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)DRV:64bit: - (dc3d) -- C:\Windows\SysNative\drivers\dc3d.sys (Microsoft Corporation)DRV:64bit: - (FlyUsb) -- C:\Windows\SysNative\drivers\FlyUsb.sys (LeapFrog)DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)DRV:64bit: - (Netaapl) -- C:\Windows\SysNative\drivers\netaapl64.sys (Apple Inc.)DRV:64bit: - (Fs_Rec) -- C:\windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)DRV:64bit: - (CtClsFlt) -- C:\Windows\SysNative\drivers\CtClsFlt.sys (Creative Technology Ltd.)DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)  ========== Standard Registry (SafeList) ==========  ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRCIE:64bit: - HKLM\..\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBoxIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htmIE - HKLM\..\SearchScopes,DefaultScope = {9A9B790B-B423-4AC7-AFDA-5982F78305A0}IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRCIE - HKLM\..\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/IE - HKCU\..\SearchScopes,DefaultScope = {9A9B790B-B423-4AC7-AFDA-5982F78305A0}IE - HKCU\..\SearchScopes\{9A9B790B-B423-4AC7-AFDA-5982F78305A0}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3287822&CUI=UN40651667892415411&UM=2IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local  ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_6_602_168.dll File not foundFF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not foundFF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll ()FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not foundFF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.15.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not foundFF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Chris\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Chris\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)   ========== Chrome  ========== CHR - default_search_provider: Google (Enabled)CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google<img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite117" alt=":eek:" title="Eek!    :eek:" loading="lazy" data-shortname=":eek:" />riginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},CHR - homepage: CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Chris\AppData\Local\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dllCHR - plugin: Shockwave Flash (Enabled) = C:\Users\Chris\AppData\Local\Google\Chrome\Application\26.0.1410.64\gcswf32.dllCHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewerCHR - plugin: Native Client (Enabled) = C:\Users\Chris\AppData\Local\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dllCHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Chris\AppData\Local\Google\Chrome\Application\26.0.1410.64\pdf.dllCHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dllCHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLLCHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dllCHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dllCHR - plugin: Google Update (Enabled) = C:\Users\Chris\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dllCHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dllCHR - Extension: YouTube = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\CHR - Extension: Google Search = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\CHR - Extension: Gmail = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ O1 HOSTS File: ([2012/12/02 22:54:46 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hostsO1 - Hosts: 127.0.0.1       localhostO2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)O4:64bit: - HKLM..\Run: [DellStage] C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe ()O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)O4:64bit: - HKLM..\Run: [Stage Remote] C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe ()O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe File not foundO4 - HKLM..\Run: [AccuWeatherWidget] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe ()O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe (Dell, Inc.)O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)O4 - HKLM..\Run: [Monitor] C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe (LeapFrog Enterprises, Inc.)O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions presentO6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)O13 - gopher Prefix: missingO17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{159A6695-A27C-45DB-BD38-1F1B4A82202C}: DhcpNameServer = 198.224.188.236 198.224.189.236O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{62BFE676-297F-41EE-A82D-85543B0EAA53}: DhcpNameServer = 192.168.1.1O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{854C1888-56A1-4FDD-B564-EFF327E08F06}: DhcpNameServer = 172.1.1.171O18:64bit: - Protocol\Handler\cdo - No CLSID value foundO18:64bit: - Protocol\Handler\livecall - No CLSID value foundO18:64bit: - Protocol\Handler\msdaipp - No CLSID value foundO18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value foundO18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value foundO18:64bit: - Protocol\Handler\ms-help - No CLSID value foundO18:64bit: - Protocol\Handler\msnim - No CLSID value foundO18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value foundO18:64bit: - Protocol\Handler\wlpg - No CLSID value foundO18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)O20:64bit: - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.O32 - HKLM CDRom: AutoRun - 1O34 - HKLM BootExecute: (autocheck autochk *)O35:64bit: - HKLM\..comfile [open] -- "%1" %*O35:64bit: - HKLM\..exefile [open] -- "%1" %*O35 - HKLM\..comfile [open] -- "%1" %*O35 - HKLM\..exefile [open] -- "%1" %*O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*O37 - HKLM\...com [@ = ComFile] -- "%1" %*O37 - HKLM\...exe [@ = exefile] -- "%1" %*O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013/04/25 21:20:07 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\Programs[2013/04/25 21:15:17 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\ElevatedDiagnostics[2013/04/25 18:06:56 | 000,000,000 | ---D | C] -- C:\components[2013/04/25 17:54:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit[2013/04/25 17:54:24 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\Conduit[2013/04/25 17:53:24 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\CRE[2013/04/20 17:37:08 | 000,000,000 | ---D | C] -- C:\Users\Chris\Documents\Tomato Signs 2013[2013/04/11 03:02:03 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll[2013/04/11 03:02:03 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll[2013/04/11 03:02:01 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll[2013/04/11 03:02:01 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll[2013/04/11 03:02:01 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe[2013/04/11 03:02:00 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll[2013/04/11 03:02:00 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll[2013/04/11 03:02:00 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe[2013/04/11 03:01:59 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll[2013/04/11 03:01:59 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl[2013/04/11 03:01:59 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl[2013/04/11 03:01:59 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll[2013/04/11 03:01:57 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll[2013/04/11 03:01:56 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll[2013/04/11 03:01:56 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll[2013/04/10 16:53:58 | 003,717,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mstscax.dll[2013/04/10 16:53:58 | 003,217,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mstscax.dll[2013/04/10 16:53:57 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\aaclient.dll[2013/04/10 16:53:56 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aaclient.dll[2013/04/10 16:53:56 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tsgqec.dll[2013/04/10 16:53:56 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tsgqec.dll[2013/04/10 16:53:08 | 005,550,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe[2013/04/10 16:53:07 | 003,913,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntoskrnl.exe[2013/04/10 16:53:06 | 003,968,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntkrnlpa.exe[2013/04/10 16:53:06 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\smss.exe[2013/04/10 16:53:06 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\csrsrv.dll[2013/04/10 16:53:04 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\apisetschema.dll ========== Files - Modified Within 30 Days ========== [2013/04/25 21:39:05 | 000,000,908 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2912090835-1634431508-2850167325-1000UA.job[2013/04/25 21:20:38 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk[2013/04/25 21:09:10 | 000,020,928 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0[2013/04/25 21:09:10 | 000,020,928 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0[2013/04/25 21:06:04 | 000,779,788 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI[2013/04/25 21:06:04 | 000,660,770 | ---- | M] () -- C:\windows\SysNative\perfh009.dat[2013/04/25 21:06:04 | 000,121,408 | ---- | M] () -- C:\windows\SysNative\perfc009.dat[2013/04/25 21:01:37 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat[2013/04/25 21:01:32 | 3062,902,784 | -HS- | M] () -- C:\hiberfil.sys[2013/04/25 21:00:41 | 000,000,856 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2912090835-1634431508-2850167325-1000Core.job[2013/04/25 17:54:52 | 000,000,009 | ---- | M] () -- C:\END[2013/04/25 17:01:34 | 000,000,422 | ---- | M] () -- C:\windows\tasks\SystemToolsDailyTest.job[2013/04/25 14:34:57 | 003,093,180 | ---- | M] () -- C:\Users\Chris\Documents\feed mill.JPG[2013/04/24 07:29:17 | 002,313,809 | ---- | M] () -- C:\Users\Chris\Documents\4 wks.JPG[2013/04/20 17:52:05 | 002,010,017 | ---- | M] () -- C:\Users\Chris\Documents\heirloom tom 2013.zip[2013/04/20 17:45:46 | 003,108,039 | ---- | M] () -- C:\Users\Chris\Documents\Tomato Signs 2013.zip[2013/04/12 12:42:13 | 000,539,648 | ---- | M] () -- C:\Users\Chris\Documents\Rutgers and Yellow Pear 2013.pub[2013/04/12 12:39:17 | 000,501,760 | ---- | M] () -- C:\Users\Chris\Documents\Orange Oxheart and Orange Wellington 2013.pub[2013/04/12 12:35:24 | 000,498,688 | ---- | M] () -- C:\Users\Chris\Documents\Mr.Stripey and Old German 2013.pub[2013/04/12 12:31:25 | 000,412,160 | ---- | M] () -- C:\Users\Chris\Documents\Green Zebra and Mortgage Lifter.pub[2013/04/12 12:25:42 | 000,393,728 | ---- | M] () -- C:\Users\Chris\Documents\Elberta Peach and German Johnson 2013.pub[2013/04/12 12:22:50 | 000,228,352 | ---- | M] () -- C:\Users\Chris\Documents\Brandywine and Cherokee Purple 2013.pub[2013/04/12 12:18:33 | 000,220,160 | ---- | M] () -- C:\Users\Chris\Documents\Box Car Willie and Brandy Boy 2013.pub[2013/04/12 12:14:49 | 000,518,144 | ---- | M] () -- C:\Users\Chris\Documents\Black Cherry and Black Krim 2013.pub[2013/04/12 12:10:39 | 000,286,720 | ---- | M] () -- C:\Users\Chris\Documents\Whopper and Yaqui 2013.pub[2013/04/12 12:10:39 | 000,286,720 | ---- | M] () -- C:\Users\Chris\Documents\Whopper and Yaqui 2013 - Copy.pub[2013/04/12 12:07:26 | 000,297,472 | ---- | M] () -- C:\Users\Chris\Documents\Tomatoberry and Viva Italia 2013.pub[2013/04/12 12:07:26 | 000,297,472 | ---- | M] () -- C:\Users\Chris\Documents\Tomatoberry and Viva Italia 2013 - Copy.pub[2013/04/12 12:04:03 | 000,326,144 | ---- | M] () -- C:\Users\Chris\Documents\Sweet Olive and Sweet Seedless 2013.pub[2013/04/12 11:59:01 | 000,266,240 | ---- | M] () -- C:\Users\Chris\Documents\Super Tasty and Sweet 100 2013.pub[2013/04/12 11:53:47 | 000,148,992 | ---- | M] () -- C:\Users\Chris\Documents\Sungold and Super Marzano 2013.pub[2013/04/12 11:49:58 | 000,344,576 | ---- | M] () -- C:\Users\Chris\Documents\Steak Sandwich and Sugary 2013.pub[2013/04/12 11:46:16 | 000,167,936 | ---- | M] () -- C:\Users\Chris\Documents\Roma Plum and San Marzano 2013.pub[2013/04/12 10:53:51 | 000,207,360 | ---- | M] () -- C:\Users\Chris\Documents\Mountain Magic and Mountain Spring 2013.pub[2013/04/12 10:53:32 | 000,158,208 | ---- | M] () -- C:\Users\Chris\Documents\Pink Girl and Poseidon 2013.pub[2013/04/12 10:27:17 | 000,227,840 | ---- | M] () -- C:\Users\Chris\Documents\Napa Grape and Patio 2013.pub[2013/04/11 20:40:30 | 000,002,372 | ---- | M] () -- C:\Users\Chris\Desktop\Google Chrome.lnk[2013/04/11 03:22:14 | 000,416,904 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT[2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys[2013/04/03 14:49:23 | 000,230,400 | ---- | M] () -- C:\Users\Chris\Documents\Jetstar and Jubilee 2013.pub[2013/04/03 12:56:15 | 000,000,000 | -H-- | M] () -- C:\windows\SysNative\drivers\Msft_Kernel_dc3d_01011.Wdf[2013/04/02 21:34:53 | 000,247,296 | ---- | M] () -- C:\Users\Chris\Documents\Nasturtium and Parsley 2013.pub[2013/04/02 21:17:13 | 000,312,832 | ---- | M] () -- C:\Users\Chris\Documents\Horehound and Hyssop 2013.pub[2013/04/02 21:08:59 | 000,202,752 | ---- | M] () -- C:\Users\Chris\Documents\Fennel and Germander 2013.pub[2013/04/02 20:56:30 | 000,181,760 | ---- | M] () -- C:\Users\Chris\Documents\Epazote and Eucalyptus 2013.pub[2013/04/02 20:34:21 | 000,260,608 | ---- | M] () -- C:\Users\Chris\Documents\Curry-Dill 2013.pub[2013/04/02 20:26:22 | 000,211,456 | ---- | M] () -- C:\Users\Chris\Documents\Chives-Cilantro 2013.pub[2013/04/02 20:12:35 | 000,223,744 | ---- | M] () -- C:\Users\Chris\Documents\Celery Leaf-Chervil 2013.pub[2013/04/02 14:31:31 | 000,238,592 | ---- | M] () -- C:\Users\Chris\Documents\Catnip and Chamomile 2013.pub[2013/04/02 14:19:32 | 000,217,600 | ---- | M] () -- C:\Users\Chris\Documents\Borage and Cat Grass 2013.pub[2013/04/02 14:05:36 | 000,163,840 | ---- | M] () -- C:\Users\Chris\Documents\Oregano Golden-Variegated 2013.pub[2013/04/02 13:49:28 | 000,129,536 | ---- | M] () -- C:\Users\Chris\Documents\Sage Purple-Tricolor 2013.pub[2013/04/02 13:01:44 | 000,131,072 | ---- | M] () -- C:\Users\Chris\Documents\Sage Berggarten-Pineapple 2013.pub[2013/04/02 12:46:01 | 000,146,944 | ---- | M] () -- C:\Users\Chris\Documents\Mint Mojito-Spearmint 2013.pub[2013/04/02 12:33:22 | 000,147,456 | ---- | M] () -- C:\Users\Chris\Documents\Mint Basil-Julep 2013.pub[2013/04/02 12:16:13 | 000,423,936 | ---- | M] () -- C:\Users\Chris\Documents\Thyme Doone Nutmeg-Wedgewood 2013.pub[2013/04/02 12:11:34 | 000,425,472 | ---- | M] () -- C:\Users\Chris\Documents\Thyme Doone Valley-Lime 2013.pub[2013/04/02 11:59:38 | 000,252,928 | ---- | M] () -- C:\Users\Chris\Documents\Rosemary Santa Barbara-Tuscan Blue 2013.pub[2013/04/02 10:15:48 | 000,254,464 | ---- | M] () -- C:\Users\Chris\Documents\Rosemary Barbeque-Salem 2013.pub[2013/04/02 09:53:03 | 000,816,640 | ---- | M] () -- C:\Users\Chris\Documents\Lavender French-Provence 2013.pub[2013/04/02 09:27:16 | 000,217,088 | ---- | M] () -- C:\Users\Chris\Documents\Basil Minette-Thai Siam Queen 2013.pub[2013/04/02 09:14:00 | 000,217,600 | ---- | M] () -- C:\Users\Chris\Documents\Basil African Blue-Lemon 2013.pub ========== Files Created - No Company Name ========== [2013/04/25 21:20:38 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk[2013/04/25 17:52:45 | 000,000,009 | ---- | C] () -- C:\END[2013/04/25 14:35:23 | 003,093,180 | ---- | C] () -- C:\Users\Chris\Documents\feed mill.JPG[2013/04/24 07:29:53 | 002,313,809 | ---- | C] () -- C:\Users\Chris\Documents\4 wks.JPG[2013/04/20 17:49:06 | 002,010,017 | ---- | C] () -- C:\Users\Chris\Documents\heirloom tom 2013.zip[2013/04/20 17:45:46 | 003,108,039 | ---- | C] () -- C:\Users\Chris\Documents\Tomato Signs 2013.zip[2013/04/20 17:43:34 | 000,297,472 | ---- | C] () -- C:\Users\Chris\Documents\Tomatoberry and Viva Italia 2013 - Copy.pub[2013/04/20 17:43:34 | 000,286,720 | ---- | C] () -- C:\Users\Chris\Documents\Whopper and Yaqui 2013 - Copy.pub[2013/04/20 17:38:26 | 000,355,328 | ---- | C] () -- C:\Users\Chris\Documents\Amish paste-Beefy boy 2013.pub[2013/04/12 12:42:13 | 000,539,648 | ---- | C] () -- C:\Users\Chris\Documents\Rutgers and Yellow Pear 2013.pub[2013/04/12 12:39:06 | 000,501,760 | ---- | C] () -- C:\Users\Chris\Documents\Orange Oxheart and Orange Wellington 2013.pub[2013/04/12 12:35:23 | 000,498,688 | ---- | C] () -- C:\Users\Chris\Documents\Mr.Stripey and Old German 2013.pub[2013/04/12 12:31:25 | 000,412,160 | ---- | C] () -- C:\Users\Chris\Documents\Green Zebra and Mortgage Lifter.pub[2013/04/12 12:25:42 | 000,393,728 | ---- | C] () -- C:\Users\Chris\Documents\Elberta Peach and German Johnson 2013.pub[2013/04/12 12:22:49 | 000,228,352 | ---- | C] () -- C:\Users\Chris\Documents\Brandywine and Cherokee Purple 2013.pub[2013/04/12 12:18:32 | 000,220,160 | ---- | C] () -- C:\Users\Chris\Documents\Box Car Willie and Brandy Boy 2013.pub[2013/04/12 12:14:49 | 000,518,144 | ---- | C] () -- C:\Users\Chris\Documents\Black Cherry and Black Krim 2013.pub[2013/04/12 12:10:39 | 000,286,720 | ---- | C] () -- C:\Users\Chris\Documents\Whopper and Yaqui 2013.pub[2013/04/12 12:07:25 | 000,297,472 | ---- | C] () -- C:\Users\Chris\Documents\Tomatoberry and Viva Italia 2013.pub[2013/04/12 12:04:02 | 000,326,144 | ---- | C] () -- C:\Users\Chris\Documents\Sweet Olive and Sweet Seedless 2013.pub[2013/04/12 11:59:01 | 000,266,240 | ---- | C] () -- C:\Users\Chris\Documents\Super Tasty and Sweet 100 2013.pub[2013/04/12 11:53:47 | 000,148,992 | ---- | C] () -- C:\Users\Chris\Documents\Sungold and Super Marzano 2013.pub[2013/04/12 11:49:58 | 000,344,576 | ---- | C] () -- C:\Users\Chris\Documents\Steak Sandwich and Sugary 2013.pub[2013/04/12 11:46:15 | 000,167,936 | ---- | C] () -- C:\Users\Chris\Documents\Roma Plum and San Marzano 2013.pub[2013/04/12 10:53:32 | 000,158,208 | ---- | C] () -- C:\Users\Chris\Documents\Pink Girl and Poseidon 2013.pub[2013/04/12 10:27:17 | 000,227,840 | ---- | C] () -- C:\Users\Chris\Documents\Napa Grape and Patio 2013.pub[2013/04/12 09:28:54 | 000,207,360 | ---- | C] () -- C:\Users\Chris\Documents\Mountain Magic and Mountain Spring 2013.pub[2013/04/03 14:49:23 | 000,230,400 | ---- | C] () -- C:\Users\Chris\Documents\Jetstar and Jubilee 2013.pub[2013/04/03 12:56:15 | 000,000,000 | -H-- | C] () -- C:\windows\SysNative\drivers\Msft_Kernel_dc3d_01011.Wdf[2013/04/02 21:34:53 | 000,247,296 | ---- | C] () -- C:\Users\Chris\Documents\Nasturtium and Parsley 2013.pub[2013/04/02 21:17:13 | 000,312,832 | ---- | C] () -- C:\Users\Chris\Documents\Horehound and Hyssop 2013.pub[2013/04/02 21:02:33 | 000,202,752 | ---- | C] () -- C:\Users\Chris\Documents\Fennel and Germander 2013.pub[2013/04/02 20:56:30 | 000,181,760 | ---- | C] () -- C:\Users\Chris\Documents\Epazote and Eucalyptus 2013.pub[2013/04/02 20:34:20 | 000,260,608 | ---- | C] () -- C:\Users\Chris\Documents\Curry-Dill 2013.pub[2013/04/02 20:26:21 | 000,211,456 | ---- | C] () -- C:\Users\Chris\Documents\Chives-Cilantro 2013.pub[2013/04/02 20:12:35 | 000,223,744 | ---- | C] () -- C:\Users\Chris\Documents\Celery Leaf-Chervil 2013.pub[2013/04/02 14:31:30 | 000,238,592 | ---- | C] () -- C:\Users\Chris\Documents\Catnip and Chamomile 2013.pub[2013/04/02 14:19:32 | 000,217,600 | ---- | C] () -- C:\Users\Chris\Documents\Borage and Cat Grass 2013.pub[2013/04/02 14:05:36 | 000,163,840 | ---- | C] () -- C:\Users\Chris\Documents\Oregano Golden-Variegated 2013.pub[2013/04/02 13:49:28 | 000,129,536 | ---- | C] () -- C:\Users\Chris\Documents\Sage Purple-Tricolor 2013.pub[2013/04/02 13:01:44 | 000,131,072 | ---- | C] () -- C:\Users\Chris\Documents\Sage Berggarten-Pineapple 2013.pub[2013/04/02 12:46:01 | 000,146,944 | ---- | C] () -- C:\Users\Chris\Documents\Mint Mojito-Spearmint 2013.pub[2013/04/02 12:33:22 | 000,147,456 | ---- | C] () -- C:\Users\Chris\Documents\Mint Basil-Julep 2013.pub[2013/04/02 12:16:13 | 000,423,936 | ---- | C] () -- C:\Users\Chris\Documents\Thyme Doone Nutmeg-Wedgewood 2013.pub[2013/04/02 12:11:34 | 000,425,472 | ---- | C] () -- C:\Users\Chris\Documents\Thyme Doone Valley-Lime 2013.pub[2013/04/02 11:59:38 | 000,252,928 | ---- | C] () -- C:\Users\Chris\Documents\Rosemary Santa Barbara-Tuscan Blue 2013.pub[2013/04/02 10:15:48 | 000,254,464 | ---- | C] () -- C:\Users\Chris\Documents\Rosemary Barbeque-Salem 2013.pub[2013/04/02 09:53:02 | 000,816,640 | ---- | C] () -- C:\Users\Chris\Documents\Lavender French-Provence 2013.pub[2013/04/02 09:27:16 | 000,217,088 | ---- | C] () -- C:\Users\Chris\Documents\Basil Minette-Thai Siam Queen 2013.pub[2013/04/02 09:14:00 | 000,217,600 | ---- | C] () -- C:\Users\Chris\Documents\Basil African Blue-Lemon 2013.pub[2013/03/18 08:53:25 | 000,000,376 | ---- | C] () -- C:\windows\ODBC.INI[2012/12/02 22:49:44 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe[2012/12/02 22:49:44 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe[2012/12/02 22:49:44 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe[2012/12/02 22:49:44 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe[2012/12/02 22:49:44 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe[2012/07/05 20:39:41 | 000,867,020 | ---- | C] () -- C:\windows\SysWow64\igkrng575.bin[2012/07/05 20:39:41 | 000,105,428 | ---- | C] () -- C:\windows\SysWow64\igfcg575m.bin[2012/07/05 20:39:40 | 000,128,204 | ---- | C] () -- C:\windows\SysWow64\igcompkrng575.bin[2012/07/05 18:12:58 | 000,017,776 | ---- | C] () -- C:\windows\EvtMessage.dll[2012/06/08 06:59:19 | 000,000,096 | ---- | C] () -- C:\windows\LaunApp.ini[2012/06/08 06:59:17 | 000,000,325 | ---- | C] () -- C:\windows\Prelaunch.ini[2012/06/08 06:59:17 | 000,000,271 | ---- | C] () -- C:\windows\WisPriority.ini[2012/06/08 06:59:17 | 000,000,035 | ---- | C] () -- C:\windows\DELL_LANGCODE.ini[2012/06/08 06:59:17 | 000,000,033 | ---- | C] () -- C:\windows\DELL_OSTYPE.ini[2012/06/08 06:59:17 | 000,000,032 | ---- | C] () -- C:\windows\WisHWDest.ini[2012/06/08 06:59:17 | 000,000,028 | ---- | C] () -- C:\windows\WisLangCode.ini[2012/06/08 06:59:17 | 000,000,023 | ---- | C] () -- C:\windows\WisSysInfo.ini[2012/06/08 04:48:16 | 000,774,004 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI ========== ZeroAccess Check ========== [2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 01:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 00:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2012/08/20 20:07:47 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Fingertapps[2012/08/21 20:05:41 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Namco[2012/09/09 12:58:35 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Rovio[2012/08/21 22:02:31 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\SoftGrid Client[2012/08/21 19:57:07 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\TP[2012/08/21 20:09:08 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\WildTangent ========== Purity Check ==========  < End of report >OTL Extras logfile created on: 4/25/2013 10:32:19 PM - Run 1OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Chris\Downloads64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstationInternet Explorer (Version = 9.0.8112.16421)Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.80 Gb Total Physical Memory | 1.92 Gb Available Physical Memory | 50.40% Memory free7.61 Gb Paging File | 5.45 Gb Available in Paging File | 71.62% Paging File freePaging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)Drive C: | 446.13 Gb Total Space | 397.66 Gb Free Space | 89.14% Space Free | Partition Type: NTFS Computer Name: CHRIS-PC | User Name: Chris | Logged in as Administrator.Boot Mode: Normal | Scan Mode: Current user | Include 64bit ScansCompany Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ==========  ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>].html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation).url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>].cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation).html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]batfile [open] -- "%1" %*cmdfile [open] -- "%1" %*comfile [open] -- "%1" %*exefile [open] -- "%1" %*helpfile [open] -- Reg Error: Key error.htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)piffile [open] -- "%1" %*regfile [merge] -- Reg Error: Key error.scrfile [config] -- "%1"scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %lscrfile [open] -- "%1" /Stxtfile [edit] -- Reg Error: Key error.Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)Folder [explore] -- Reg Error: Value error.Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]batfile [open] -- "%1" %*cmdfile [open] -- "%1" %*comfile [open] -- "%1" %*cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)exefile [open] -- "%1" %*helpfile [open] -- Reg Error: Key error.htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)piffile [open] -- "%1" %*regfile [merge] -- Reg Error: Key error.scrfile [config] -- "%1"scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %lscrfile [open] -- "%1" /Stxtfile [edit] -- Reg Error: Key error.Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)Folder [explore] -- Reg Error: Value error.Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]"cval" = 1"FirewallDisableNotify" = 0"AntiVirusDisableNotify" = 0"UpdatesDisableNotify" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]"AntiVirusOverride" = 0"AntiSpywareOverride" = 0"FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]"DisableSR" = 0 ========== Firewall Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]"EnableFirewall" = 1"DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]"EnableFirewall" = 1"DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]"EnableFirewall" = 1"DisableNotifications" = 0 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]  ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]"{0220D0CF-0316-485B-89A6-A09FED655775}" = lport=10243 | protocol=6 | dir=in | app=system | "{0930CB6D-EF27-443B-9E08-6B6E71657D84}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{10297126-E3BA-4A28-8D1A-A9CFFBFA07CC}" = rport=10243 | protocol=6 | dir=out | app=system | "{105A9C53-805F-4498-B120-2DE9654FE01E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{14D5215D-4821-40CD-820D-E8B81E52CAE2}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{15614251-623B-465A-ACEA-D7F908B180E0}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{1B07AD7A-8065-42B6-9BC9-B0847A8DBB2D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{2BA76660-AE16-4440-863C-B76E282B19B5}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{34E021C7-0C95-472E-8736-288CD6E87BD7}" = lport=2869 | protocol=6 | dir=in | app=system | "{55644D78-21C6-4EFF-90B5-C9961BE76792}" = rport=138 | protocol=17 | dir=out | app=system | "{5884ED65-B9A9-4A67-8A16-584FB3F3C4BE}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{78DA7A20-8953-4814-A2E2-D3086474F405}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{94C4A61E-CAA3-45E5-A549-CAFAB066B38C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{A3E720B2-AF08-4E4B-93DD-9A68448C930F}" = rport=139 | protocol=6 | dir=out | app=system | "{B616597B-7CC6-41A5-9036-6863DB554356}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{C1522727-2D19-4EF6-ACEF-C00EAC5BDC0B}" = rport=137 | protocol=17 | dir=out | app=system | "{C2ECAE36-5162-4355-9753-2ED9A9991D1F}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{C3A929DA-1500-4BD0-B670-2611FA01A843}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{D2A4BC68-2A0E-48B0-A8D5-4B7849625CD7}" = lport=138 | protocol=17 | dir=in | app=system | "{D3FFFAD8-5776-4054-8544-2E357B631811}" = lport=445 | protocol=6 | dir=in | app=system | "{DC86354C-8626-4A27-B1C1-FD94D4D6E661}" = lport=139 | protocol=6 | dir=in | app=system | "{DDD44FA6-2385-4F78-932B-18AF5CA76369}" = lport=137 | protocol=17 | dir=in | app=system | "{EC9774D5-30EC-4140-B38B-469B542677D4}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{F0892DC4-ECF3-4D06-B4E4-48DBB5AEF524}" = rport=445 | protocol=6 | dir=out | app=system | "{F784695D-7F1A-4724-BB91-025B42C76904}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |  ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]"{040F087C-BE99-448C-A7B8-E7380A9A0834}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{074F64C6-8BFD-4714-8325-BCEEAB771A76}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{092283DF-003A-430F-9B79-9AC31707C3A1}" = dir=in | app=c:\program files\dell stage\dell stage\accuweather\accuweather.exe | "{137DA3FB-38CA-44E0-A4FF-64011191759F}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{1608771E-B0A3-495B-8530-E8C826DBF743}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{16CBF7FB-ECE7-4257-84F3-34F240FA75BF}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | "{1B3A970A-5795-4EFA-B100-F56C74C7C25A}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{23ABDA7B-7299-47E6-892E-833F9519ACE4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{25226192-0914-4376-919F-A3A4604C9F20}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{270133A0-7AA2-46E6-91FF-825F12494040}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\controller.exe | "{28CF071C-C33F-4691-854F-5B032CBCCDC3}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremoteservice.exe | "{2E043D85-0176-4F2E-BD4E-C62AE3043545}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | "{2FB7A0C0-6F64-466E-81B5-9D03E4F93B01}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{31BF4010-ADD5-492E-AB67-8365F3567BD4}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{355C7975-0973-4799-BC27-FB7F4600F13D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{3AE26650-4965-4AC5-B72C-97D7B69B42E8}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | "{45B484D7-A548-432A-AA4A-16E71BB77CFE}" = protocol=6 | dir=out | app=system | "{49FFC1FE-E600-439D-81D7-1696D136B1A0}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\dmr.exe | "{4D96B02A-D89C-4BEB-8362-3C34CEEA2014}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | "{504657A5-D0FE-421E-A546-B164F253C84E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{53E910EC-4179-49A6-9B27-E9352D6226E4}" = dir=in | app=c:\program files\dell stage\musicstage\musicstageengine.exe | "{55C1B083-B3AF-4B3A-B0AA-49713A07F0FE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{5FF8430D-25A8-4941-8D04-FA89060F5D38}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{62FB3939-7EEE-4599-883F-6FDBFC617496}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{66B5A027-E014-4F3A-87F9-39B6E6771C4D}" = dir=in | app=c:\program files\dell stage\dell stage\stage_primary.exe | "{7F48E368-11A3-4282-A0DD-C424DA0A80F6}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremote.exe | "{832536EF-E819-4679-8091-103C46F04DA2}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{84F20DEA-8905-4C1E-B50F-2421C4F7E590}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{856DEB29-9DC9-4CB1-AD58-4A84094DBE42}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\dmr.exe | "{98ABFAEF-2934-44E0-9C6C-CFFA1090A429}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{9E7A5A2C-4D47-42BF-A5E5-0860F18548C1}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{A5A3E34F-7FE1-4BA4-B18B-E9EE6ED1B432}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\installerhelp.exe | "{B31E4B5A-E97D-4C02-8270-37CA875607D5}" = dir=in | app=c:\program files (x86)\dell\videostage\videostage.exe | "{B8A31674-F70E-49F2-9289-7EAC1FBB8211}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{B8ACC9B8-52F5-49DB-A699-83C891E1581D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{BE063D25-9DD2-4BF5-9CA6-D24DF95E3696}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{C524FC6B-1C1C-4F73-B986-AB583AE70B8D}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremote.exe | "{CFFA84A0-CF9D-40C9-A2D2-743C9D40D72A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{EDE372A0-5B8D-45DA-B3D0-F8B3073183C3}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremoteservice.exe | "{EDFBEFFC-3300-4795-97DE-39F3FD7AFDC7}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{EF829C61-E974-41D8-A535-36CC0CDCEAA2}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\installerhelp.exe | "{F5DEE879-9A2D-428E-BDD6-0B7561F8E4B6}" = dir=in | app=c:\program files (x86)\leapfrog\leapfrog connect\leapfrogconnect.exe | "{F6BB97CB-3BE4-4E16-AC86-92BA68EFD0CE}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\controller.exe | "{F7B59EEA-D3F0-4098-8C19-1E072009C62E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{FA37376A-4319-4E72-B1A3-FBAD82DD55BF}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{FF50A09F-FB86-4FDC-94F4-A794D0122B3F}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{FF9A3783-EA37-4A73-A26D-DB62B9468833}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "TCP Query User{C636BF30-E434-4596-8B7B-D872AC57219E}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe | "UDP Query User{E2EDBDB8-6BE0-4374-9DA5-A77E85BB2F8A}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |  ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources"{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}" = Apple Mobile Device Support"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour"{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}" = iTunes"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector"{D954C6C2-544B-4091-A47F-11E77162883E}" = Microsoft Security Client"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile"781745E87AFF80C0C1388CFF79D19ECAB2E9BB47" = Windows Driver Package - LeapFrog (FlyUsb) USB  (11/05/2008 1.1.1.0)"8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D" = Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net  (09/10/2009 02.03.05.012)"CCleaner" = CCleaner"Dell Support Center" = Dell Support Center"DW WLAN Card" = DW WLAN Card"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended"Microsoft Security Client" = Microsoft Security Essentials [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer"{0ECFCB07-9BFE-4970-ACA1-D568D982760B}" = Complete Care Business Service Agreement"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update"{200FEC62-3C34-4D60-9CE8-EC372E0</blockquote>

Verification

Top