I seemed to have picked up something called Default Tab.
I ran Malware Bytes and Super Anti Spyware but they were no help.
I ran a report OTL scan and I see the culprit but not sure the best way to proceed. Please advise.
I thank you in advance for your help!
-Eric
OTL logfile created on: 5/7/2013 9:24:39 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Eric and Amy\Desktop\Malware Removal
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
5.45 Gb Total Physical Memory | 3.22 Gb Available Physical Memory | 59.09% Memory free
6.51 Gb Paging File | 3.84 Gb Available in Paging File | 59.04% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 906.70 Gb Total Space | 789.48 Gb Free Space | 87.07% Space Free | Partition Type: NTFS
Computer Name: MAIN | User Name: Eric and Amy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/04/24 13:00:06 | 028,499,304 | ---- | M] (Dropbox, Inc.) -- C:\Users\Eric and Amy\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013/04/06 17:12:56 | 000,213,384 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe
PRC - [2013/04/05 12:59:08 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
PRC - [2013/04/05 12:58:26 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
PRC - [2013/04/05 12:58:14 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013/04/04 13:48:03 | 002,349,640 | ---- | M] (MediaFire LLC) -- C:\Users\Eric and Amy\AppData\Local\MediaFire Express\mf_systray.exe
PRC - [2013/03/04 04:08:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Eric and Amy\Desktop\Malware Removal\OTL.exe
PRC - [2013/01/28 13:08:14 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
PRC - [2013/01/07 14:56:16 | 002,909,640 | ---- | M] (TechSmith Corporation) -- C:\Program Files (x86)\TechSmith\Jing\Jing.exe
PRC - [2012/12/23 22:33:29 | 000,144,520 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\ccsvchst.exe
PRC - [2012/08/13 10:57:02 | 010,376,704 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2012/08/13 10:57:02 | 010,368,512 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2012/08/01 03:08:36 | 000,081,536 | ---- | M] (Atheros) -- C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
PRC - [2012/07/05 20:50:26 | 000,553,616 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe
PRC - [2012/07/04 12:57:44 | 000,990,320 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
PRC - [2011/11/25 18:32:36 | 000,687,400 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
========== Modules (No Company Name) ==========
MOD - [2013/04/04 12:02:37 | 001,019,406 | ---- | M] () -- C:\Users\Eric and Amy\AppData\Local\MediaFire Express\libstdc++-6.dll
MOD - [2013/04/04 12:02:37 | 000,117,248 | ---- | M] () -- C:\Users\Eric and Amy\AppData\Local\MediaFire Express\libgcc_s_dw2-1.dll
MOD - [2013/03/31 15:05:40 | 000,189,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\a91dc79bf846144ee47efc08e17bb3e2\UIAutomationTypes.ni.dll
MOD - [2013/03/31 15:05:39 | 000,256,512 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsForm0b574481#\038a9b4304bb3eba306fb9443e6923e4\WindowsFormsIntegration.ni.dll
MOD - [2013/03/16 15:31:13 | 007,561,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\e1ec8b9a6d4f9af9d6065c4187fb1b5f\System.Xml.ni.dll
MOD - [2013/03/16 15:31:10 | 001,880,576 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\f641b786d36d1cc5a5531a746c96ce1b\System.Xaml.ni.dll
MOD - [2013/03/16 15:31:08 | 012,700,160 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\9c95779cc3d65cda80695cabc367476b\System.Windows.Forms.ni.dll
MOD - [2013/03/16 15:30:46 | 001,631,744 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\38638a559066bf7f2325a53ed53629bc\System.Drawing.ni.dll
MOD - [2013/03/16 15:30:40 | 000,958,464 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\05cc6faa6704d01e78700561b22937e3\System.Configuration.ni.dll
MOD - [2013/03/16 15:30:40 | 000,467,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatioaec034ca#\6824c9f11ea82b4148780cd92c9d6745\PresentationFramework.Aero2.ni.dll
MOD - [2013/03/16 15:30:39 | 018,542,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\8347ac8367f91309fa888d79a54c7450\PresentationFramework.ni.dll
MOD - [2013/03/16 15:30:29 | 010,926,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\1c7f4533b2b24c10a628793a8b93e1a7\PresentationCore.ni.dll
MOD - [2013/03/16 15:30:23 | 003,910,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\15cc4fff434f274c1f6ab56a385dcb54\WindowsBase.ni.dll
MOD - [2013/03/16 15:30:20 | 006,998,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\0247de206c1c48ac4f8b55df16468405\System.Core.ni.dll
MOD - [2013/03/16 15:30:16 | 009,937,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\a7811936e59aaee26b1d9d467174d6d4\System.ni.dll
MOD - [2013/03/16 15:30:11 | 016,544,768 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\374a0cc6603f58864831897ef723bd4a\mscorlib.ni.dll
MOD - [2013/03/13 15:48:52 | 024,978,944 | ---- | M] () -- C:\Users\Eric and Amy\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2013/01/28 13:08:56 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2013/01/28 13:08:28 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012/11/13 18:32:50 | 003,558,400 | ---- | M] () -- C:\Users\Eric and Amy\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2012/08/10 16:51:32 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
MOD - [2012/05/30 09:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\wincfi39.dll
MOD - [2012/05/25 04:25:00 | 000,921,600 | ---- | M] () -- C:\Program Files (x86)\Yahoo!\Messenger\yui.dll
========== Services (SafeList) ==========
SRV:64bit: - [2013/03/15 00:08:30 | 001,871,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe -- (OfficeSvc)
SRV:64bit: - [2013/03/01 21:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/03/01 21:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/02/02 03:21:45 | 000,467,456 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/01/28 20:57:14 | 000,014,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013/01/09 18:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013/01/09 18:22:35 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2012/11/05 23:17:41 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2012/09/20 04:10:47 | 002,367,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2012/09/20 01:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2012/09/20 01:30:41 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2012/08/22 23:02:36 | 000,658,576 | ---- | M] (Acer Incorporated) [On_Demand | Running] -- C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2012/07/25 22:30:05 | 002,675,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2012/07/25 22:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2012/07/25 22:07:42 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2012/07/25 22:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2012/07/25 22:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2012/07/25 22:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2012/07/25 22:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2012/07/25 22:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012/07/25 22:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2012/07/25 22:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2012/07/25 22:05:28 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2012/07/25 22:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2012/07/25 22:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:64bit: - [2012/07/25 19:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2012/07/25 19:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2012/07/25 19:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2012/07/25 19:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2012/07/25 19:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2012/07/25 19:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2012/07/11 13:54:58 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
SRV:64bit: - [2012/07/05 01:03:48 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2012/07/04 09:17:26 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2013/05/02 03:36:55 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/04/10 01:58:17 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/02/28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/02/08 13:25:06 | 004,230,016 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2012/12/23 22:33:29 | 000,144,520 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\ccSvcHst.exe -- (N360)
SRV - [2012/08/10 21:28:14 | 000,211,584 | ---- | M] (Qualcomm Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2012/08/01 03:08:36 | 000,081,536 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe -- (ZAtheros Wlan Agent)
SRV - [2012/07/25 22:30:05 | 002,675,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012/07/25 22:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2012/07/13 04:02:16 | 002,451,456 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2011/11/25 18:32:36 | 000,687,400 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010/10/12 12:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013/04/15 00:26:19 | 000,177,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\Drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013/03/02 05:57:48 | 000,337,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013/03/02 05:57:46 | 000,283,880 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013/03/02 05:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/03/02 05:45:20 | 000,148,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/03/02 05:45:19 | 000,194,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013/03/02 05:39:38 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013/02/02 06:19:44 | 000,446,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013/02/02 02:25:23 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/01/30 22:18:18 | 000,432,800 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\N360x64\1403010.016\symnets.sys -- (SymNetS)
DRV:64bit: - [2013/01/30 22:18:06 | 001,139,800 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\N360x64\1403010.016\symefa64.sys -- (SymEFA)
DRV:64bit: - [2013/01/28 20:57:05 | 000,035,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013/01/28 20:45:19 | 000,796,248 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\Drivers\N360x64\1403010.016\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2013/01/28 20:45:19 | 000,036,952 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\N360x64\1403010.016\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2013/01/28 18:08:22 | 000,230,904 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013/01/21 21:15:33 | 000,493,656 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\N360x64\1403010.016\symds64.sys -- (SymDS)
DRV:64bit: - [2013/01/09 20:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/11/26 22:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2012/11/19 23:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2012/11/15 21:45:14 | 000,023,448 | R--- | M] (Symantec Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\Drivers\N360x64\1403010.016\symelam.sys -- (SymELAM)
DRV:64bit: - [2012/11/15 21:22:01 | 000,224,416 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\N360x64\1403010.016\ironx64.sys -- (SymIRON)
DRV:64bit: - [2012/11/15 21:18:04 | 000,168,096 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\N360x64\1403010.016\ccsetx64.sys -- (ccSet_N360)
DRV:64bit: - [2012/11/05 22:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2012/10/12 03:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/10/11 02:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2012/10/11 02:13:49 | 000,058,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)
DRV:64bit: - [2012/09/20 02:55:33 | 000,212,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2012/09/20 02:55:30 | 000,120,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2012/09/20 02:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2012/09/20 02:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/08/10 21:09:46 | 000,567,808 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2012/08/10 21:09:44 | 000,135,832 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2012/08/10 21:09:42 | 000,178,840 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2012/08/10 21:09:42 | 000,088,728 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2012/08/10 21:09:42 | 000,076,952 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2012/08/10 21:09:40 | 000,344,216 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2012/08/10 21:09:40 | 000,114,840 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2012/08/10 21:09:40 | 000,033,944 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2012/07/26 00:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/07/26 00:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
DRV:64bit: - [2012/07/26 00:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2012/07/26 00:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2012/07/26 00:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2012/07/26 00:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2012/07/26 00:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2012/07/26 00:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2012/07/26 00:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2012/07/26 00:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2012/07/26 00:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2012/07/26 00:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2012/07/26 00:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2012/07/26 00:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2012/07/26 00:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:64bit: - [2012/07/26 00:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/07/26 00:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/07/25 23:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2012/07/25 23:54:34 | 000,096,496 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2012/07/25 23:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
DRV:64bit: - [2012/07/25 22:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012/07/25 21:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2012/07/25 21:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2012/07/25 21:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2012/07/25 21:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2012/07/25 21:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2012/07/25 21:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2012/07/25 21:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2012/07/25 21:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2012/07/25 21:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2012/07/25 21:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2012/07/25 21:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2012/07/25 21:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2012/07/25 21:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2012/07/25 21:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/07/25 21:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2012/07/25 21:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2012/07/25 21:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/07/25 21:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2012/07/25 21:25:02 | 000,202,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2012/07/25 21:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2012/07/25 21:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2012/07/25 21:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2012/07/24 11:44:02 | 003,618,304 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\athw8x.sys -- (athr)
DRV:64bit: - [2012/07/04 22:18:06 | 000,252,048 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2012/07/04 10:23:40 | 010,267,648 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/07/04 08:19:28 | 000,368,128 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/07/02 21:49:06 | 000,098,472 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\AtihdW86.sys -- (AtiHDAudioService)
DRV:64bit: - [2012/06/21 00:12:20 | 000,683,664 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2012/06/18 16:25:22 | 000,057,000 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2012/06/11 20:33:38 | 000,016,552 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\AtiPcie64.sys -- (AtiPcie)
DRV:64bit: - [2012/06/11 08:25:16 | 000,026,280 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2012/06/11 08:25:14 | 000,079,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2012/05/25 19:56:14 | 000,168,608 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\NARAx64\0401000.00E\ccSetx64.sys -- (ccSet_NARA)
DRV:64bit: - [2012/05/23 07:15:04 | 000,199,008 | ---- | M] (AppEx Networks Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\appexDrv.sys -- (APXACC)
DRV:64bit: - [2012/04/16 07:32:18 | 000,038,504 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\RtkIOAC60.sys -- (RtkIOAC60)
DRV:64bit: - [2011/07/22 11:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 16:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV - [2013/04/20 05:42:13 | 002,087,664 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\VirusDefs\20130507.019\ex64.sys -- (NAVEX15)
DRV - [2013/04/20 05:42:13 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2013/04/20 05:42:13 | 000,126,192 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\VirusDefs\20130507.019\eng64.sys -- (NAVENG)
DRV - [2013/04/14 01:00:00 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2013/04/12 18:53:05 | 001,390,680 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\BASHDefs\20130502.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2013/04/12 15:59:32 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\IPSDefs\20130505.002\IDSviA64.sys -- (IDSVia64)
DRV - [2013/03/01 17:11:08 | 000,385,728 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\CBFS\cbfs4.sys -- (cbfs4-0)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {CAD96713-E351-4A53-AD84-B617166699FC}
IE:64bit: - HKLM\..\SearchScopes\{CAD96713-E351-4A53-AD84-B617166699FC}: "URL" = http://www.bing.com/...E10TR&pc=MAGWJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {CAD96713-E351-4A53-AD84-B617166699FC}
IE - HKLM\..\SearchScopes\{CAD96713-E351-4A53-AD84-B617166699FC}: "URL" = http://www.bing.com/...E10TR&pc=MAGWJS
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://acer13.msn.com/
IE - HKCU\..\SearchScopes,DefaultScope = {CAD96713-E351-4A53-AD84-B617166699FC}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 80.65.106.93:3128
========== FireFox ==========
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: seotoolbar%40seobook.com:1.2.3
FF - prefs.js..extensions.enabledAddons: seo4firefox%40seobook.com:3.6.8
FF - prefs.js..extensions.enabledAddons: rankchecker%40seobook.com:1.8.24
FF - prefs.js..extensions.enabledAddons: %7BBBDA0591-3099-440a-AA10-41764D9DB4DB%7D:11.3.0.9%20-%205
FF - prefs.js..extensions.enabledAddons: %7B2D3F3651-74B9-4795-BDEC-6DA2F431CB62%7D:2013.3.3.19
FF - prefs.js..extensions.enabledAddons: addon%40defaulttab.com:1.4.4
FF - prefs.js..extensions.enabledAddons: helper%40savefrom.net:1.78
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\IPSFFPlgn\ [2013/04/15 00:26:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\coFFPlgn\ [2013/05/06 17:03:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/05/02 03:33:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2013/05/02 03:33:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Eric and Amy\AppData\Roaming\Mozilla\Extensions
[2013/05/07 21:06:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Eric and Amy\AppData\Roaming\Mozilla\Firefox\Profiles\nn7pihyk.default\extensions
[2013/05/07 19:11:51 | 000,097,355 | ---- | M] () (No name found) -- C:\Users\Eric and Amy\AppData\Roaming\Mozilla\Firefox\Profiles\nn7pihyk.default\extensions\[email protected]
[2013/05/02 03:44:01 | 000,158,969 | ---- | M] () (No name found) -- C:\Users\Eric and Amy\AppData\Roaming\Mozilla\Firefox\Profiles\nn7pihyk.default\extensions\[email protected]
[2013/05/02 03:44:01 | 000,086,279 | ---- | M] () (No name found) -- C:\Users\Eric and Amy\AppData\Roaming\Mozilla\Firefox\Profiles\nn7pihyk.default\extensions\[email protected]
[2013/05/02 03:44:01 | 000,223,039 | ---- | M] () (No name found) -- C:\Users\Eric and Amy\AppData\Roaming\Mozilla\Firefox\Profiles\nn7pihyk.default\extensions\[email protected]
[2013/05/02 21:35:32 | 000,009,607 | ---- | M] () -- C:\Users\Eric and Amy\AppData\Roaming\Mozilla\Firefox\Profiles\nn7pihyk.default\searchplugins\my-web-search.xml
[2013/05/02 03:46:05 | 000,002,531 | ---- | M] () -- C:\Users\Eric and Amy\AppData\Roaming\Mozilla\Firefox\Profiles\nn7pihyk.default\searchplugins\safesearch.xml
[2013/05/06 21:02:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/05/06 21:02:20 | 000,000,000 | ---D | M] (DownloadTerms) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2013/04/10 01:58:33 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013/04/10 01:57:54 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013/04/10 01:57:54 | 000,002,086 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
========== Chrome ==========
CHR - Extension: No name found = C:\Users\Eric and Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\afpbkpjjkfakdcakapanjoeijlphieei\1.1.1_0\
CHR - Extension: No name found = C:\Users\Eric and Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\amigcgbheognjmfkaieeeadojiibgbdp\2.0.0_0\
CHR - Extension: No name found = C:\Users\Eric and Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: No name found = C:\Users\Eric and Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aoobidjkgghhbkedlioncpgldnjgiabg\1.0.4_0\
CHR - Extension: No name found = C:\Users\Eric and Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\Eric and Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bagknoiagpifjfbempgignagkejmkljm\0.4.0.17_0\
CHR - Extension: No name found = C:\Users\Eric and Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnglfciifmgnafcgkkngkeopldlialb\5.3.2_0\
CHR - Extension: No name found = C:\Users\Eric and Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjhodfififgcgedifpkenofdhlaafokk\1.2.2_0\
CHR - Extension: No name found = C:\Users\Eric and Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\Eric and Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfkohgkpafhkpdcnfadadcibfboapggi\1.5.6.18_0\
CHR - Extension: No name found = C:\Users\Eric and Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\Eric and Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\diahigjngdnkdgajdbpjdeomopbpkjjc\2.91_0\
CHR - Extension: No name found = C:\Users\Eric and Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\dilghhbbfkaalklbdhelffajioeagjnh\2.1_0\
CHR - Extension: No name found = C:\Users\Eric and Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\dofplnfijbongplmhcpoobljlfjeaank\0.1.10_0\
CHR - Extension: No name found = C:\Users\Eric and Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\eakacpaijcpapndcfffdgphdiccmpknp\2.40_0\
CHR - Extension: No name found = C:\Users\Eric and Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\eeabeiioncmgphlgcgnmhjahjjmimkmp\3.0.3_0\
CHR - Extension: No name found = C:\Users\Eric and Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\egddnddllmoaeodgnfpcgcjgindlpgdk\1.1_0\
CHR - Extension: No name found = C:\Users\Eric and Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehbgolklgacemnfnmkkpgekngaaggjjl\1.0_0\
CHR - Extension: No name found = C:\Users\Eric and Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\eodhmnkhmnkmimhckfpkgmbmcgjkaddo\1.1_0\
CHR - Extension: No name found = C:\Users\Eric and Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmmgljeemhhajnponhffhpjioiclpmbh\1.5.9.0_0\
CHR - Extension: No name found = C:\Users\Eric and Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg\1.2.1_0\
CHR - Extension: No name found = C:\Users\Eric and Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdebajliaokjigkhnddejphjblbdhifm\1.0.9_0\
CHR - Extension: No name found = C:\Users\Eric and Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmopldieigneglekfgeelhhfanndijig\1.1.1_0\
CHR - Extension: No name found = C:\Users\Eric and Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpihgpalalphgkljkibchoagalommnco\1.2_0\
CHR - Extension: No name found = C:\Users\Eric and Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gplegfbjlmmehdoakndmohflojccocli\2.0.2.3_0\
CHR - Extension: No name found = C:\Users\Eric and Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcplneddoadgichngfbobgpllfphdfla\0.2.1.3_0\
CHR - Extension: No name found = C:\Users\Eric and Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.0.24_0\
CHR - Extension: No name found = C:\Users\Eric and Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hihakjfhbmlmjdnnhegiciffjplmdhin\1.4.1_0\
CHR - Extension: No name found = C:\Users\Eric and Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokofmgcicpnjchllaccgedmmmbbnbmf\0.7.9.2_0\
CHR - Extension: No name found = C:\Users\Eric and Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmaknaampgiegkcjlimdiidlhopknpk\1.2_0\
CHR - Extension: No name found = C:\Users\Eric and Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmbdchmgaaihfdlphhcdlecjehdngbk\1.0.6_0\
CHR - Extension: No name found = C:\Users\Eric and Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihedkldgihenfokcghdjimooiefgmjig\1.1_0\
CHR - Extension: No name found = C:\Users\Eric and Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.19_0\
CHR - Extension: No name found = C:\Users\Eric and Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfjjpjjnmkhalkjiaomecjddeapodgob\4.1_0\
CHR - Extension: No name found = C:\Users\Eric and Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkffimodjajkloehmbfgeiclolgbebec\1.2.1_0\
CHR - Extension: No name found = C:\Users\Eric and Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmnjphcfolgfnbkmmjpbfjkpcdcgkbjc\1.8_0\
CHR - Extension: No name found = C:\Users\Eric and Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhgbgmbdabgjdephnmkpmcdkmnpiahlb\0.2.3_0\
CHR - Extension: No name found = C:\Users\Eric and Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljdhogamnobeecdllbfmaafppceialak\1.0.3_0\
CHR - Extension: No name found = C:\Users\Eric and Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\loljledaigphbcpfhfmgopdkppkifgno\3.0.5_0\
CHR - Extension: No name found = C:\Users\Eric and Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjdamkgjngoghfpofliffdddecekmllk\1.1.2_0\
CHR - Extension: No name found = C:\Users\Eric and Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.3.3.19_0\
CHR - Extension: No name found = C:\Users\Eric and Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkhilblbmkdnapffblmecglknalglfji\3.3.3_0\
CHR - Extension: No name found = C:\Users\Eric and Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm\7.0.9_0\
CHR - Extension: No name found = C:\Users\Eric and Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nagcmeojeioefppochmgfjhnbnnhpdhh\1.0.2.5_0\
CHR - Extension: No name found = C:\Users\Eric and Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncdfeghkpohnalmpblddmnppfooljekh\1.6.2_0\
CHR - Extension: No name found = C:\Users\Eric and Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmidkjogcjnnlfimjcedenagjfacpobb\1.6.1_0\
CHR - Extension: No name found = C:\Users\Eric and Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nphfkpgklibhnhgegdblhnhicgfginnj\2.2.4_0\
CHR - Extension: No name found = C:\Users\Eric and Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\oangcciaeihlfmhppegpdceadpfaoclj\0.9.5_0\
CHR - Extension: No name found = C:\Users\Eric and Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocaebkdojpikfmhmnekiflipcicedobi\1.4_0\
CHR - Extension: No name found = C:\Users\Eric and Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofoaoaloeipdofknnaapbmdddddioklg\0.14.5_0\
CHR - Extension: No name found = C:\Users\Eric and Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogdhdklfopppmofejggnekgjealephgg\1.2_0\
CHR - Extension: No name found = C:\Users\Eric and Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\oknpjjbmpnndlpmnhmekjpocelpnlfdi\3.0.12_0\
CHR - Extension: No name found = C:\Users\Eric and Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbimlcgjjgagjdmiljdfenhdpgmeinhf\1.1_0\
CHR - Extension: No name found = C:\Users\Eric and Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfbeimpckikjpnjhcbpikdjnelnblhnn\0.2.1_0\
CHR - Extension: No name found = C:\Users\Eric and Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2012/07/26 00:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (DownloadTerms) - {2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3} - C:\Users\Eric and Amy\AppData\Local\DownloadTerms\temp.dat File not found
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (DefaultTab Browser Helper) - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\Eric and Amy\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll File not found
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [BtPreLoad] C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe ()
O4:64bit: - HKLM..\Run: [EKIJ5000StatusMonitor] C:\Windows\SysNative\spool\drivers\x64\3\EKIJ5000MUI.exe (Eastman Kodak Company)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
O4 - HKCU..\Run: [com.apple.dav.bookmarks.daemon] C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe (Apple Inc.)
O4 - HKCU..\Run: [GoogleChromeAutoLaunch_3AF99A5389DBC2232ACA16D8A967DF3D] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKCU..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKCU..\Run: [Jing] C:\Program Files (x86)\TechSmith\Jing\Jing.exe (TechSmith Corporation)
O4 - HKCU..\Run: [MediaFire Tray] C:\Users\Eric and Amy\AppData\Local\MediaFire Express\mf_systray.exe (MediaFire LLC)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\RunOnce: [Uninstall C:\Users\Eric and Amy\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Eric and Amy\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64" File not found
O4 - Startup: C:\Users\Eric and Amy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Eric and Amy\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Eric and Amy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {45B69029-F3AB-4204-92DE-D5140C3E8E74} https://a2fp2.alpine...llerControl.cab (F5 Networks Auto Update)
O16 - DPF: {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} https://a2fp2.alpine...al/urxshost.cab (F5 Networks SuperHost Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0A2158EE-3D52-4748-AA76-1D02D1CD36AE}: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FE63831A-FD2A-487A-8AB5-50B9756740E8}: DhcpNameServer = 209.18.47.61 209.18.47.62
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: EldosMountNotificator-cbfs4-0 - {94031C9F-F7E4-4338-86DF-E2434CE8034E} - C:\Program Files (x86)\Common Files\CBFS\cbfsMntNtf4.dll (EldoS Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: EldosMountNotificator-cbfs4-0 - {94031C9F-F7E4-4338-86DF-E2434CE8034E} - C:\Program Files (x86)\Common Files\CBFS\WOW64\cbfsMntNtf4.dll (EldoS Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22:64bit: - SharedTaskScheduler: {94031C9F-F7E4-4338-86DF-E2434CE8034E} - Virtual Storage Mount Notification - C:\Program Files (x86)\Common Files\CBFS\cbfsMntNtf4.dll (EldoS Corporation)
O22 - SharedTaskScheduler: {94031C9F-F7E4-4338-86DF-E2434CE8034E} - Virtual Storage Mount Notification - C:\Program Files (x86)\Common Files\CBFS\WOW64\cbfsMntNtf4.dll (EldoS Corporation)
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013/05/07 21:15:29 | 000,000,000 | ---D | C] -- C:\Users\Eric and Amy\AppData\Roaming\Nero
[2013/05/07 20:25:52 | 000,000,000 | ---D | C] -- C:\Users\Eric and Amy\Desktop\RK_Quarantine
[2013/05/06 21:15:04 | 000,000,000 | ---D | C] -- C:\Users\Eric and Amy\AppData\Roaming\Rankerizer
[2013/05/06 21:14:10 | 000,000,000 | ---D | C] -- C:\Users\Eric and Amy\Documents\Product License Keys
[2013/05/06 21:07:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rankerizer
[2013/05/06 21:07:08 | 000,000,000 | ---D | C] -- C:\Users\Eric and Amy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rankerizer
[2013/05/06 21:07:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Rankerizer
[2013/05/06 21:02:12 | 000,000,000 | ---D | C] -- C:\Users\Eric and Amy\AppData\Local\DownloadTerms
[2013/05/06 00:46:50 | 000,000,000 | ---D | C] -- C:\Users\Eric and Amy\WSOs
[2013/05/05 21:57:20 | 000,000,000 | ---D | C] -- C:\Users\Eric and Amy\Documents\OL 13 KW Research
[2013/05/05 21:43:46 | 000,000,000 | ---D | C] -- C:\Users\Eric and Amy\Documents\OL 13 Clients
[2013/05/03 00:00:59 | 000,000,000 | ---D | C] -- C:\Users\Eric and Amy\AppData\Local\Microsoft Help
[2013/05/02 23:59:00 | 000,000,000 | ---D | C] -- C:\Users\Eric and Amy\Documents\Custom Office Templates
[2013/05/02 03:37:02 | 000,000,000 | ---D | C] -- C:\Users\Eric and Amy\AppData\Local\Macromedia
[2013/05/02 03:33:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013/05/02 03:33:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013/05/02 03:33:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/05/02 02:14:21 | 000,000,000 | R--D | C] -- C:\Users\Eric and Amy\SkyDrive
[2013/05/02 02:14:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SkyDrive
[2013/05/02 02:14:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft SkyDrive
[2013/05/02 02:13:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2013/05/02 02:05:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
[2013/05/02 02:04:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office 15
[2013/04/29 18:11:13 | 000,000,000 | ---D | C] -- C:\Users\Eric and Amy\AppData\Roaming\SUPERAntiSpyware.com
[2013/04/29 18:11:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2013/04/29 18:11:07 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2013/04/29 18:11:07 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2013/04/29 17:32:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/04/29 17:32:57 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013/04/29 17:32:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/04/29 17:30:51 | 000,000,000 | ---D | C] -- C:\Users\Eric and Amy\AppData\Roaming\Malwarebytes
[2013/04/29 17:30:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/04/28 19:19:58 | 000,000,000 | ---D | C] -- C:\Users\Eric and Amy\Documents\81-paid-traffic-sources
[2013/04/27 03:52:35 | 000,000,000 | ---D | C] -- C:\Users\Eric and Amy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaFire Express
[2013/04/27 03:52:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MediaFire Express
[2013/04/27 03:52:32 | 000,000,000 | ---D | C] -- C:\Users\Eric and Amy\AppData\Local\MediaFire Express
[2013/04/27 01:12:50 | 000,000,000 | ---D | C] -- C:\ProgramData\NCH Software
[2013/04/27 01:12:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NCH Software
[2013/04/27 01:12:28 | 000,000,000 | ---D | C] -- C:\Users\Eric and Amy\AppData\Roaming\NCH Software
[2013/04/22 22:00:14 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2013/04/22 21:59:57 | 000,000,000 | ---D | C] -- C:\Users\Eric and Amy\AppData\Local\Cyberlink
[2013/04/22 20:15:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Online Backup
[2013/04/22 20:02:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013/04/22 00:04:50 | 000,000,000 | ---D | C] -- C:\Users\Eric and Amy\AppData\Roaming\Mozilla
[2013/04/22 00:04:50 | 000,000,000 | ---D | C] -- C:\Users\Eric and Amy\AppData\Local\Mozilla
[2013/04/21 18:55:54 | 000,000,000 | ---D | C] -- C:\Users\Eric and Amy\AppData\Local\join.me
[2013/04/21 17:26:54 | 000,000,000 | ---D | C] -- C:\Users\Eric and Amy\AppData\Roaming\Skype
[2013/04/15 22:32:37 | 001,139,800 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\1403010.016\symefa64.sys
[2013/04/15 22:32:37 | 000,796,248 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\1403010.016\srtsp64.sys
[2013/04/15 22:32:37 | 000,493,656 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\1403010.016\symds64.sys
[2013/04/15 22:32:37 | 000,432,800 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\1403010.016\symnets.sys
[2013/04/15 22:32:37 | 000,224,416 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\1403010.016\ironx64.sys
[2013/04/15 22:32:37 | 000,168,096 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\1403010.016\ccsetx64.sys
[2013/04/15 22:32:37 | 000,036,952 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\1403010.016\srtspx64.sys
[2013/04/15 22:32:37 | 000,023,448 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\1403010.016\symelam.sys
[2013/04/15 22:32:21 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\N360x64\1403010.016
[2013/04/15 00:26:20 | 000,177,312 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2013/04/15 00:26:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2013/04/15 00:26:19 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2013/04/15 00:24:28 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\N360x64
[2013/04/15 00:24:25 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
[2013/04/15 00:24:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton 360
[2013/04/15 00:10:09 | 000,000,000 | ---D | C] -- C:\ProgramData\PCSettings
[2013/04/14 16:23:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FVD Player
[2013/04/14 16:23:00 | 000,000,000 | ---D | C] -- C:\Users\Eric and Amy\AppData\Local\Programs
[2013/04/14 16:23:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FVD Player
[2013/04/13 19:06:20 | 000,000,000 | ---D | C] -- C:\Users\Eric and Amy\Tips and Tricks
[2013/04/12 21:52:09 | 001,161,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppobjs.dll
[2013/04/12 21:52:06 | 001,627,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013/04/12 21:52:05 | 010,116,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\twinui.dll
[2013/04/12 21:52:05 | 008,857,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\twinui.dll
[2013/04/12 21:52:03 | 005,978,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2013/04/12 21:52:03 | 001,101,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
[2013/04/12 21:52:03 | 001,048,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfasfsrcsnk.dll
[2013/04/12 21:52:03 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfasfsrcsnk.dll
[2013/04/12 21:52:03 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\BCP47Langs.dll
[2013/04/12 21:52:03 | 000,328,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ubpm.dll
[2013/04/12 21:52:03 | 000,327,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys
[2013/04/12 21:52:02 | 001,149,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winmde.dll
[2013/04/12 21:52:02 | 000,951,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Globalization.dll
[2013/04/12 21:52:02 | 000,760,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2013/04/12 21:52:02 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Security.Authentication.OnlineId.dll
[2013/04/12 21:52:02 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\BCP47Langs.dll
[2013/04/12 21:52:02 | 000,246,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ubpm.dll
[2013/04/12 21:52:01 | 005,091,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2013/04/12 21:52:01 | 002,302,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2013/04/12 21:52:01 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcfgx.dll
[2013/04/12 21:52:01 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll
[2013/04/12 21:52:00 | 000,893,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winmde.dll
[2013/04/12 21:52:00 | 000,621,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2013/04/12 21:52:00 | 000,601,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Globalization.dll
[2013/04/12 21:52:00 | 000,550,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvstore.dll
[2013/04/12 21:52:00 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Security.Authentication.OnlineId.dll
[2013/04/12 21:52:00 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcfgx.dll
[2013/04/12 21:52:00 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SettingSync.dll
[2013/04/12 21:52:00 | 000,411,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2013/04/12 21:52:00 | 000,332,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2013/04/12 21:52:00 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usbmon.dll
[2013/04/12 21:52:00 | 000,171,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TimeBrokerServer.dll
[2013/04/12 21:51:59 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\actxprxy.dll
[2013/04/12 21:51:59 | 002,033,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2013/04/12 21:51:59 | 001,619,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2013/04/12 21:51:59 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drvstore.dll
[2013/04/12 21:51:59 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SettingSync.dll
[2013/04/12 21:51:59 | 000,337,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBXHCI.SYS
[2013/04/12 21:51:59 | 000,283,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\spaceport.sys
[2013/04/12 21:51:59 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUSettingsProvider.dll
[2013/04/12 21:51:59 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsquirt.exe
[2013/04/12 21:51:59 | 000,194,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sdbus.sys
[2013/04/12 21:51:59 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\powercfg.cpl
[2013/04/12 21:51:59 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\discan.dll
[2013/04/12 21:51:59 | 000,148,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tpm.sys
[2013/04/12 21:51:59 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\powercfg.cpl
[2013/04/12 21:51:59 | 000,125,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dumpsd.sys
[2013/04/12 21:51:59 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NdisImPlatform.dll
[2013/04/12 21:51:59 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe
[2013/04/12 21:51:59 | 000,077,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storahci.sys
[2013/04/12 21:51:59 | 000,069,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pdc.sys
[2013/04/12 21:51:59 | 000,058,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2013/04/12 21:51:59 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2013/04/12 21:51:58 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\storewuauth.dll
[2013/04/12 21:51:58 | 000,141,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2013/04/12 21:51:58 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SettingSyncInfo.dll
[2013/04/12 21:51:58 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2013/04/12 21:51:58 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SettingSyncInfo.dll
[2013/04/12 21:51:58 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2013/04/12 21:51:58 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2013/04/12 21:51:58 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhostex.exe
[2013/04/12 21:51:58 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSDPrintProxy.DLL
[2013/04/12 21:51:58 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DevDispItemProvider.dll
[2013/04/12 21:51:57 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2013/04/12 21:51:57 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DevDispItemProvider.dll
[2013/04/12 21:51:57 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2013/04/12 03:08:04 | 000,000,000 | ---D | C] -- C:\Users\Eric and Amy\AppData\Roaming\AutomagicIM
[2013/04/12 03:08:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutomagicIM
[2013/04/12 03:07:07 | 000,000,000 | ---D | C] -- C:\Users\Eric and Amy\AppData\Local\Downloaded Installations
[2013/04/10 06:23:11 | 000,000,000 | ---D | C] -- C:\5ae71f04c82ad6e5ed61eb
[2013/04/10 06:01:56 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/04/10 06:01:51 | 000,915,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uxtheme.dll
[2013/04/10 06:01:51 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/04/10 06:01:51 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/04/10 06:01:51 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/04/10 06:01:50 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/04/10 06:01:50 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/04/10 06:01:50 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/04/10 06:01:50 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/04/10 06:01:50 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/04/10 06:01:41 | 006,991,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013/04/10 06:01:37 | 001,011,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\reseteng.dll
[2013/04/10 06:01:37 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ReAgent.dll
[2013/04/09 21:15:36 | 000,000,000 | ---D | C] -- C:\Users\Eric and Amy\Personal Development
[2013/04/08 23:13:59 | 000,000,000 | R--D | C] -- C:\Users\Eric and Amy\Dropbox
[2013/04/08 23:04:46 | 000,000,000 | ---D | C] -- C:\Users\Eric and Amy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2013/04/08 23:03:40 | 000,000,000 | ---D | C] -- C:\Users\Eric and Amy\AppData\Roaming\Dropbox
[2013/04/07 22:19:14 | 000,000,000 | ---D | C] -- C:\Users\Eric and Amy\AppData\Local\Rapidshare_AG
[2013/04/07 21:39:56 | 000,009,064 | ---- | C] (EldoS Corporation) -- C:\Windows\SysNative\elevtmsg.dll
[2013/04/07 21:39:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\CBFS
[2013/04/07 21:39:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RAPIDSHARE AG
[2013/04/07 21:39:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RapidShare
[2013/04/07 21:39:48 | 000,000,000 | ---D | C] -- C:\Users\Eric and Amy\AppData\Roaming\RapidDrive
========== Files - Modified Within 30 Days ==========
[2013/05/07 21:17:00 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/05/07 20:39:29 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/05/07 18:26:02 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/05/07 18:23:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/05/06 21:07:09 | 000,001,042 | ---- | M] () -- C:\Users\Eric and Amy\Desktop\Rankerizer.lnk
[2013/05/06 21:02:08 | 000,000,000 | ---- | M] () -- C:\end
[2013/05/06 21:02:02 | 000,000,258 | R-S- | M] () -- C:\Users\Eric and Amy\ntuser.pol
[2013/05/06 19:11:17 | 000,848,230 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/05/06 19:11:17 | 000,718,176 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/05/06 19:11:17 | 000,132,542 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/05/06 17:03:08 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013/05/06 17:03:07 | 383,778,815 | -HS- | M] () -- C:\hiberfil.sys
[2013/05/05 17:58:42 | 000,001,145 | ---- | M] () -- C:\Users\Public\Desktop\VideoPad Video Editor.lnk
[2013/05/03 06:14:08 | 000,448,792 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/05/03 01:41:39 | 000,001,117 | ---- | M] () -- C:\Users\Public\Desktop\Prism Video File Converter.lnk
[2013/05/02 03:33:38 | 000,001,158 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/05/02 02:13:19 | 002,208,041 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\1403010.016\Cat.DB
[2013/05/02 01:10:53 | 000,007,601 | ---- | M] () -- C:\Users\Eric and Amy\AppData\Local\Resmon.ResmonCfg
[2013/05/02 00:40:44 | 000,002,611 | ---- | M] () -- C:\Users\Public\Desktop\RapidDrive.lnk
[2013/04/29 18:11:10 | 000,001,815 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2013/04/29 18:10:06 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/04/29 18:02:55 | 000,000,055 | ---- | M] () -- C:\Users\Eric and Amy\AppData\Roaming\mbam.context.scan
[2013/04/27 01:18:03 | 000,001,121 | ---- | M] () -- C:\Users\Public\Desktop\Debut Video Capture Software.lnk
[2013/04/26 00:44:05 | 000,154,618 | ---- | M] () -- C:\Users\Eric and Amy\Documents\marketing_dna_index.pdf
[2013/04/25 22:53:05 | 000,001,025 | ---- | M] () -- C:\Users\Eric and Amy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013/04/25 22:52:44 | 000,001,007 | ---- | M] () -- C:\Users\Eric and Amy\Desktop\Dropbox.lnk
[2013/04/22 20:15:02 | 000,002,130 | ---- | M] () -- C:\Users\Public\Desktop\Norton Online Backup.lnk
[2013/04/21 18:55:55 | 000,001,070 | ---- | M] () -- C:\Users\Eric and Amy\Desktop\join.me.lnk
[2013/04/19 21:35:21 | 000,579,571 | ---- | M] () -- C:\Users\Eric and Amy\MLM Docs.png
[2013/04/16 06:11:59 | 000,002,326 | ---- | M] () -- C:\Users\Public\Desktop\Norton 360.lnk
[2013/04/15 00:26:19 | 000,177,312 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2013/04/15 00:26:19 | 000,007,466 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2013/04/15 00:26:19 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2013/04/15 00:24:54 | 000,001,267 | ---- | M] () -- C:\Users\Eric and Amy\Desktop\Norton Installation Files.lnk
[2013/04/14 16:23:03 | 000,001,974 | ---- | M] () -- C:\Users\Eric and Amy\Application Data\Microsoft\Internet Explorer\Quick Launch\FVD Player.lnk
[2013/04/14 16:23:03 | 000,001,950 | ---- | M] () -- C:\Users\Public\Desktop\FVD Player.lnk
[2013/04/13 16:24:45 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2013/04/12 03:08:04 | 000,002,573 | ---- | M] () -- C:\Users\Public\Desktop\Facebook Fahrenheit v2.0.lnk
[2013/04/10 16:17:36 | 000,002,190 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
========== Files Created - No Company Name ==========
[2013/05/06 21:07:09 | 000,001,042 | ---- | C] () -- C:\Users\Eric and Amy\Desktop\Rankerizer.lnk
[2013/05/06 21:02:02 | 000,000,258 | R-S- | C] () -- C:\Users\Eric and Amy\ntuser.pol
[2013/05/06 21:01:41 | 000,000,000 | ---- | C] () -- C:\end
[2013/05/05 17:58:41 | 000,001,157 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoPad Video Editor.lnk
[2013/05/05 17:58:41 | 000,001,145 | ---- | C] () -- C:\Users\Public\Desktop\VideoPad Video Editor.lnk
[2013/05/03 01:41:39 | 000,001,129 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prism Video File Converter.lnk
[2013/05/03 01:41:39 | 000,001,117 | ---- | C] () -- C:\Users\Public\Desktop\Prism Video File Converter.lnk
[2013/05/02 03:36:55 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/05/02 03:33:37 | 000,001,158 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/05/02 03:33:34 | 000,001,170 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013/05/02 02:14:20 | 000,002,251 | ---- | C] () -- C:\Users\Eric and Amy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
[2013/04/29 18:11:09 | 000,001,815 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2013/04/29 18:02:55 | 000,000,055 | ---- | C] () -- C:\Users\Eric and Amy\AppData\Roaming\mbam.context.scan
[2013/04/29 17:32:59 | 000,001,120 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/04/27 04:14:38 | 000,007,601 | ---- | C] () -- C:\Users\Eric and Amy\AppData\Local\Resmon.ResmonCfg
[2013/04/27 01:12:35 | 000,001,133 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Debut Video Capture Software.lnk
[2013/04/27 01:12:35 | 000,001,121 | ---- | C] () -- C:\Users\Public\Desktop\Debut Video Capture Software.lnk
[2013/04/26 00:44:05 | 000,154,618 | ---- | C] () -- C:\Users\Eric and Amy\Documents\marketing_dna_index.pdf
[2013/04/21 18:55:55 | 000,001,070 | ---- | C] () -- C:\Users\Eric and Amy\Desktop\join.me.lnk
[2013/04/21 18:55:55 | 000,001,070 | ---- | C] () -- C:\Users\Eric and Amy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\join.me.lnk
[2013/04/19 21:35:21 | 000,579,571 | ---- | C] () -- C:\Users\Eric and Amy\MLM Docs.png
[2013/04/16 06:12:03 | 002,208,041 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1403010.016\Cat.DB
[2013/04/15 22:32:37 | 000,009,670 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1403010.016\symelam64.cat
[2013/04/15 22:32:37 | 000,007,611 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1403010.016\ccsetx64.cat
[2013/04/15 22:32:37 | 000,007,601 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1403010.016\symnet64.cat
[2013/04/15 22:32:37 | 000,007,593 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1403010.016\iron.cat
[2013/04/15 22:32:37 | 000,007,589 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1403010.016\srtspx64.cat
[2013/04/15 22:32:37 | 000,007,587 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1403010.016\symefa64.cat
[2013/04/15 22:32:37 | 000,007,585 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1403010.016\srtsp64.cat
[2013/04/15 22:32:37 | 000,007,581 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1403010.016\symds64.cat
[2013/04/15 22:32:37 | 000,003,434 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1403010.016\symefa.inf
[2013/04/15 22:32:37 | 000,002,852 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1403010.016\symds.inf
[2013/04/15 22:32:37 | 000,001,440 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1403010.016\symnet.inf
[2013/04/15 22:32:37 | 000,001,438 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1403010.016\srtsp64.inf
[2013/04/15 22:32:37 | 000,001,420 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1403010.016\srtspx64.inf
[2013/04/15 22:32:37 | 000,000,996 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1403010.016\symelam.inf
[2013/04/15 22:32:37 | 000,000,853 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1403010.016\ccsetx64.inf
[2013/04/15 22:32:37 | 000,000,767 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1403010.016\iron.inf
[2013/04/15 22:32:21 | 000,014,818 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1403010.016\symvtcer.dat
[2013/04/15 22:32:21 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1403010.016\isolate.ini
[2013/04/15 00:26:20 | 000,007,466 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2013/04/15 00:26:20 | 000,000,855 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2013/04/15 00:26:17 | 000,002,326 | ---- | C] () -- C:\Users\Public\Desktop\Norton 360.lnk
[2013/04/14 16:23:03 | 000,001,974 | ---- | C] () -- C:\Users\Eric and Amy\Application Data\Microsoft\Internet Explorer\Quick Launch\FVD Player.lnk
[2013/04/14 16:23:02 | 000,001,950 | ---- | C] () -- C:\Users\Public\Desktop\FVD Player.lnk
[2013/04/12 22:20:19 | 000,448,792 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/04/12 21:51:57 | 000,387,867 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml
[2013/04/12 03:08:04 | 000,002,573 | ---- | C] () -- C:\Users\Public\Desktop\Facebook Fahrenheit v2.0.lnk
[2013/04/08 23:13:59 | 000,001,007 | ---- | C] () -- C:\Users\Eric and Amy\Desktop\Dropbox.lnk
[2013/04/08 23:05:30 | 000,001,025 | ---- | C] () -- C:\Users\Eric and Amy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013/04/07 21:39:48 | 000,002,611 | ---- | C] () -- C:\Users\Public\Desktop\RapidDrive.lnk
[2013/03/16 06:58:27 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2013/02/26 21:30:29 | 000,061,304 | ---- | C] () -- C:\Users\Eric and Amy\g2mdlhlpx.exe
[2012/08/27 00:39:54 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012/08/10 05:03:39 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/08/10 05:03:39 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012/08/10 05:03:38 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2012/07/26 03:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2012/07/26 03:13:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2012/07/26 02:21:26 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2012/07/25 20:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2012/07/25 15:37:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2012/07/25 15:28:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2012/06/02 09:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
========== ZeroAccess Check ==========
[2013/05/06 21:30:27 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/03/01 21:45:01 | 019,748,864 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/03/02 03:23:07 | 017,560,576 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/07/25 22:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/25 22:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/07/25 22:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
< End of report >
OTL Extras logfile created on: 5/7/2013 9:24:39 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Eric and Amy\Desktop\Malware Removal
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
5.45 Gb Total Physical Memory | 3.22 Gb Available Physical Memory | 59.09% Memory free
6.51 Gb Paging File | 3.84 Gb Available in Paging File | 59.04% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 906.70 Gb Total Space | 789.48 Gb Free Space | 87.07% Space Free | Partition Type: NTFS
Computer Name: MAIN | User Name: Eric and Amy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{F0B37B35-F9ED-4ADF-B0C3-3E30717DBE5D}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\outlook.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01C5BA0A-773A-40A7-B8CF-2C71B0C9A7AB}" = protocol=17 | dir=in | app=c:\program files (x86)\spotify\data\spotifywebhelper.exe |
"{01D86472-5A5D-4EA0-A12F-9325D8F69D59}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{0297D93A-775C-4F62-8A6D-E7A674490F70}" = dir=out | name=@{45242croysapps.archeryshooting_3.9.1.15_neutral__6bm9tbz9trsva?ms-resource://45242croysapps.archeryshooting/resources/gamename} |
"{03E0A8BB-47D2-459B-B1CF-D0A96FADD92E}" = dir=out | name=google reader free |
"{0432D3E0-04DE-46E3-9539-20BC718A0705}" = dir=out | name=cut the rope |
"{047421FF-9B58-4E81-80DC-5ADAD9F8ADA2}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{04D2B32A-4388-4CB0-89B9-D315C4D5F71C}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{05460411-AE3F-4C85-B036-613F7702DE7B}" = dir=out | name=skitch touch |
"{08B291A9-7464-4B42-829D-C00E92FBD998}" = dir=out | name=newsxpresso metro |
"{0AA113AB-D2AC-40A8-A052-EE56E1290CB7}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{0B1D7AFE-2536-4B79-BDDC-1D812CDAE512}" = dir=in | name=kindle |
"{0B75AF48-A206-4B7F-A3F4-A515CFE56B3D}" = dir=out | name=windows_ie_ac_001 |
"{0C34767F-338A-4FA1-966F-CE283E28A4BF}" = dir=out | name=cut the rope |
"{0C6713BC-76EF-4006-8268-CAE3C0AA37A9}" = dir=out | name=@{microsoft.bingmaps_1.5.1.240_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{0C96EC1C-1D11-4131-88A9-0AF9154711B5}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{0D328F63-E668-4187-AB32-E650CD874A43}" = dir=out | name=7digital music store |
"{0DFD8462-E679-4B6B-956C-6891F10993D5}" = dir=out | name=skype |
"{0E045545-B237-4E7E-A34D-68A8704FE22E}" = dir=out | name=@{microsoft.zunemusic_1.1.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{10D575A8-77A2-4CDE-9409-78938F82A197}" = dir=out | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{1101A5E0-E1E5-4D19-BD1F-051A1C486392}" = dir=out | name=netflix |
"{12B30A23-148E-4698-94F2-B1AAABA0437B}" = dir=in | name=fruit ninja |
"{143442A4-3DB0-4DF5-89BF-039C240DF622}" = dir=in | name=skype |
"{15FA31ED-6AAF-450A-8644-ACA2E7C548BC}" = dir=in | name=evernote |
"{16A8520F-458A-4E1F-8BE2-86E7F345A20D}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{179CEF94-EAFD-4AD8-B451-FF73070B1407}" = dir=in | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{18BDA903-161F-4198-9553-FA1E7C1DC47B}" = dir=out | name=abc player |
"{19A711A9-909B-4D6A-8EC0-275336FBB14E}" = dir=out | name=netflix |
"{1A6ECF30-0B13-4E32-895C-D93654EF8AB9}" = dir=in | name=skype |
"{1AC99508-E6BD-4AC8-96C0-F53034E52DDC}" = protocol=17 | dir=in | app=c:\users\eric and amy\appdata\roaming\dropbox\bin\dropbox.exe |
"{1ADB47C0-5747-449B-BCCF-615F8097AB36}" = dir=out | name=fruit ninja |
"{1B00212F-5399-4CDF-B00E-5A0BE448BD32}" = dir=in | name=cloudmagic |
"{1B7C827E-55A5-44BF-BD76-67AC231BA9B8}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{1CA433AA-FD2B-4516-B753-5B6500231645}" = dir=out | name=7digital music store |
"{1ED8C749-5F92-40EC-9AFE-F79EC26412CC}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{214221DC-7EFF-4005-B75B-1879D3F773F4}" = dir=out | name=gotomeeting |
"{228E0C97-FFB7-48B2-8314-7DF796AAA4BA}" = dir=out | name=sports illustrated |
"{25AA2C48-69A2-481A-B4BE-4E3B3471A75B}" = dir=in | name=ebay |
"{2665FC52-DBEB-404D-AD5B-414DCD0F85E8}" = dir=in | name=ebay |
"{26A7265D-4BFD-4A19-A94D-1E6802FAA8A6}" = dir=in | name=skype |
"{275A645D-7A02-4164-BD3E-FBB77308C3E5}" = dir=out | name=stumbleupon |
"{27A0CF0B-2DFD-41CC-8806-A20D70FFB8F0}" = dir=out | name=skitch |
"{293E75AF-86DD-47D3-94C7-3C8904A2AA00}" = dir=out | name=cloudmagic |
"{2AD5D220-5646-4260-84F7-39ECC5A6A531}" = dir=in | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{2D56A946-7D38-45B5-9AE3-08A9C6F56036}" = dir=out | name=stumbleupon |
"{2D88E835-752B-4042-9F89-D4F45AF3553B}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{2EF5DC4E-15F7-426E-B274-5A530F84071F}" = protocol=6 | dir=in | app=c:\program files (x86)\spotify\data\spotifywebhelper.exe |
"{30CF0341-EBC2-48F0-8B97-990E100E54A2}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{3299C591-9C00-4F85-AAF0-4BB202E6F392}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{3610AABF-D7F6-4AEC-AFD9-CDFCD27243F8}" = dir=out | name=kindle |
"{36EFA3BF-C820-40A8-8224-C231381AB88D}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{37830430-5978-458F-8E5D-2B194CDC1D05}" = dir=out | name=evernote |
"{39628F52-A512-47C6-A83C-9CA76ED188C3}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{3975D23D-EB58-49C0-AD0A-36E6A5C24FFF}" = dir=out | name=monsters love candy |
"{39BF0C1E-CB06-4E05-870E-933EADA898DA}" = dir=out | name=ebay |
"{3AEBB27B-D9D1-4E22-8312-D0EA8051BBE1}" = dir=out | name=@{microsoft.bing_1.5.1.259_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{3D23E531-BA75-418C-B13E-4ECF61B308A4}" = dir=in | name=kindle |
"{3E484DFD-B585-437D-816E-172DC97580DC}" = dir=out | name=7digital music store |
"{3E5097E3-A7AF-4F47-8E4F-DA571B0492FD}" = dir=out | name=khan academy |
"{3EB6BB35-A3F1-4305-B59E-43AF3D13BC6E}" = dir=out | name=icookbook se |
"{3FF7610E-E126-4356-9EB6-40A1B7C26CBE}" = dir=out | name=amazon for windows |
"{44840896-BF5C-468D-8E1F-C5FA31332031}" = dir=out | name=ebay |
"{4521EF87-6997-4388-9E6F-997248CE4685}" = dir=out | name=netflix |
"{45CF2E9C-4A48-4C8D-84AB-2523441C2306}" = dir=out | name=evernote |
"{461C487C-8383-4E5C-B3E9-51EE65021C56}" = dir=in | name=evernote |
"{47882204-67AA-4A7E-A762-38A7462A9317}" = dir=out | name=quick google reader (free) |
"{47C865B9-63D7-454E-94B4-118F461C501B}" = dir=out | name=hulu plus |
"{48041C9D-07CC-46D5-80F9-6AA8B2DBDADA}" = dir=out | name=evernote |
"{481168E5-24DA-421F-9E44-1A9B56535826}" = dir=out | name=icookbook se |
"{494BA05B-D6CA-459D-9950-60AE430C2227}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{49B3BD70-030F-4A42-A4AB-8D5E6DE1EB7A}" = dir=out | name=@{microsoft.bingweather_1.7.0.26_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{4AEF8359-956E-41AD-8F41-DBE165EDD274}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{4B07F663-FAF4-427F-8912-61190BF76CE1}" = dir=out | name=hulu plus |
"{4B1801F0-54DD-4560-81C7-785BCC75FC81}" = dir=out | name=amazon |
"{4B69FFED-FC32-431C-A4EE-B5267F6A8CEB}" = dir=out | name=flow free |
"{4E6D8928-CA6F-4C26-902A-27D55D6275BF}" = dir=out | name=@{microsoft.bingweather_1.7.0.26_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{4EEBF6DD-2AC6-4DFB-8C66-2DC77669F051}" = dir=out | name=tom and jerry |
"{506FD37E-A194-4A16-9A2D-7FF5498C21E6}" = protocol=6 | dir=in | app=c:\users\eric and amy\appdata\roaming\dropbox\bin\dropbox.exe |
"{51D9CE14-887F-4CFC-AA53-911413EF3743}" = dir=out | name=newsxpresso metro |
"{550DB486-C08B-4A45-BDA4-DEF50AC7BFE8}" = dir=out | name=the espn app |
"{566F0747-F669-458D-BFC3-9CAE029087BC}" = dir=out | name=@{microsoft.bingnews_1.7.0.38_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{56F9A879-D9B7-40CD-9554-5D58178E0D96}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{575B66F0-32D4-4943-9135-AE65A54899BE}" = dir=out | name=@{microsoft.bingsports_1.8.0.51_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{5810F654-4AB3-44D4-ABE2-9717E7C913B1}" = dir=in | name=evernote |
"{5943DF96-18A2-4F5B-9E72-6C47B849B25F}" = dir=out | name=@{microsoft.reader_6.2.9200.20623_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{5983C875-42F0-4E81-A3FF-69E6471FCA8C}" = dir=out | name=gateway explorer |
"{59B56D5A-AF3C-4F06-9E5F-FF5EDF89A518}" = dir=out | name=netflix |
"{5A9AF8D1-5561-469E-81A2-E0F9A3D32E4A}" = dir=out | name=encyclopaedia britannica |
"{5AC4A78D-923B-4414-8311-B466A209D735}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{5B0C26ED-BFF6-4C3B-B6AD-763C2D9393BC}" = dir=out | name=@{microsoft.reader_6.2.9200.20523_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{5BF21169-AC9A-40DF-9FB8-1E5ADD42BDC2}" = dir=out | name=@{microsoft.zunemusic_1.1.144.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{5F6E1B5A-D6D9-4A9F-8E70-57CE8BE93501}" = dir=out | name=icookbook se |
"{61572B2D-E1FF-4C9D-A95F-C3C2789C4ACC}" = dir=out | name=@{artifexmundi.abyssthewraithsofeden_1.0.0.6_x86__xmkq9zz36w32m?ms-resource://artifexmundi.abyssthewraithsofeden/resources/packagedisplayname} |
"{622315C5-0539-45DC-A567-75DD4D1D1B6A}" = dir=out | name=allrecipes |
"{63358F94-0D7F-4FDF-AE52-4386B203E414}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{648B1ACE-E97F-48AA-8BB3-4406CE64EB3A}" = dir=out | name=backgrounds wallpapers hd |
"{66FDAC0F-4EE2-4D63-ABAC-44A9F51E1E44}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{6925870F-A4C1-49C8-B9CA-3CE6D6F41D51}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{696AFA36-B14B-4A6B-977C-6079A23EEE54}" = dir=in | name=@{microsoft.reader_6.2.9200.20523_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{6CE6AA5B-64A0-48CC-84B3-E0BF92EC156A}" = dir=out | name=paint 4 kids |
"{6CF6AD73-DDF2-46B1-A422-9E635D4AC9D3}" = dir=out | name=stumbleupon |
"{6DE5DB48-F84C-4291-B0D6-0937A45FE7B3}" = dir=out | name=encyclopaedia britannica |
"{6E2A8430-0B54-4E61-9DB9-6FD6FBFDDD9B}" = dir=in | name=amazon for windows |
"{6E94FFEB-918F-446D-AFE1-912B2870643A}" = dir=out | name=merriam-webster dictionary |
"{720E0B4E-173E-4F52-B402-6EB2EE7D51CB}" = dir=out | name=answers.com |
"{74851837-24EB-4496-82B4-30B081FB5770}" = dir=out | name=skitch |
"{7512A317-5E5D-4AFC-8B08-27EA03E01C9F}" = dir=out | name=@{microsoft.xboxlivegames_1.1.134.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{758C58F1-5A2A-41EA-AF05-9D3FB2D7894D}" = dir=out | name=icookbook se |
"{75F03A73-3DA4-470A-9CD7-204549EEAA3D}" = dir=out | name=chacha |
"{78F89651-3178-4869-AB17-EBF05F026EC9}" = dir=out | name=dictionary. |
"{793D54CE-714A-4709-A7A4-2A0EBEDDF7FD}" = dir=out | name=newsxpresso |
"{79B3FC2F-8F44-4A28-BD0E-FFFC3B40E47C}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe |
"{7C12FB18-9DDD-44AF-98B6-6553E11DC544}" = dir=out | name=tunein radio |
"{7D307543-C499-47AC-BCE3-7E909A2191C3}" = dir=out | name=bubble star |
"{7E47FDF6-73BA-4186-8B5D-F9095FEF0E16}" = dir=out | name=newsxpresso |
"{7E6426CE-3D3B-452C-8834-6B3A5033E147}" = dir=out | name=skype |
"{803BE05A-7FD1-4F67-8601-7C4E101765EC}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{82AF7FAE-2446-474D-A741-E57488635CA1}" = dir=out | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{84D56D0B-3891-4F6D-91CE-1F18D6EF8B67}" = dir=out | name=gateway explorer |
"{857643C8-FFC1-47EB-819D-E256C9B4602A}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{85A6ADFC-A661-43C2-88F7-FBD634508BD1}" = dir=out | name=yahoo! mail |
"{862C0BA2-32B0-4A56-B635-FA5DE6F0C5F4}" = dir=out | name=@{61908richardwalters.calculator_2.5.0.0_neutral__486nvj664v5b0?ms-resource://61908richardwalters.calculator/resources/apptitle} |
"{8721F8FC-5D88-4B49-B3B6-EB8F77C5410A}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{87CE030A-CEF5-4466-9638-8BC0F7B13008}" = dir=out | name=khan academy |
"{87FA4CB2-C975-456A-A172-39591A4E438F}" = dir=out | name=dropbox |
"{8A2182B0-EB77-46C4-B40D-D4921B280046}" = dir=out | name=skitch |
"{8C4D3612-E3F8-47BC-AF1A-BF05A7E408DF}" = dir=out | name=evernote touch |
"{8E783AAE-8DA4-4C9E-882C-204809CDCFF7}" = dir=out | name=@{microsoft.skypeapp_1.5.0.109_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{8ED1AAF7-F430-45CB-BB76-2FF8AA5FFDD9}" = dir=out | name=@{microsoft.bing_1.5.1.259_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{8F7E7EC5-A44C-4961-AD29-07D1312CF813}" = dir=out | name=speed rovers |
"{8F926EF7-4E2D-4C02-BD76-E6F3CAF90FDB}" = dir=out | name=youtube mp3 & videos downloader |
"{8FE5E256-5D6B-4EC1-A11B-D55920FC225A}" = dir=in | name=ebay |
"{90A52ECB-244F-4969-BD98-C8BAA6E25015}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{91F2FD3D-DA6F-477D-91E2-335C4AF03ED9}" = dir=out | name=chacha |
"{945E6D69-0FFF-41B4-92A5-DA39166D88D3}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{95F9430E-D36A-43C4-AAA4-D9B710CE22EF}" = dir=in | name=amazon for windows |
"{9B4399AD-ABD7-4DC0-A1D4-228A8EBCB9BB}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{9D006650-A0EB-4170-9586-9A25263F52DD}" = dir=out | name=cut the rope |
"{9D7E2B91-D7AD-4799-B390-0204F612C5A9}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{9DE51238-A14F-45B3-AB9D-72E62ACDE5ED}" = dir=out | name=youtube player |
"{9E0B3D40-44C5-42FF-B85C-EEB4C7CB56E5}" = dir=out | name=iheartradio |
"{A0CAD431-F1A8-4E7C-8654-AD6510417463}" = dir=in | name=@{microsoft.reader_6.2.9200.20623_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{A1123DD5-39DA-4CEE-854B-3F05A26F2C42}" = dir=out | name=hulu plus |
"{A27F7C06-89A3-43EC-A5E2-B72CD6D60F13}" = dir=in | name=the espn app |
"{A2A9EA30-0B74-4BD1-93CF-EE8E066E6D3E}" = dir=in | name=@{microsoft.skypeapp_1.5.0.109_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{A40D6319-E81B-40CB-96A8-404007B9D4D9}" = dir=out | name=@{microsoft.bingsports_1.7.0.26_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{A47C0EC3-78C3-4077-859D-B756304009CF}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{A71E927D-D470-4E2F-ADE3-FF9CDE180F19}" = dir=out | name=chacha |
"{A82F0B6D-7DC2-4D4B-A17D-7F17D31B5BA1}" = dir=out | name=@{microsoft.xboxlivegames_1.1.134.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{A82F1CDB-1633-4CCC-9274-F439991334B0}" = dir=out | name=fresh paint |
"{A8D9E835-C403-48C1-94CA-2D39E3EA0936}" = dir=in | name=gotomeeting |
"{AAB90C19-B7A3-4BF0-A732-C32017FDE118}" = dir=in | name=kindle |
"{AB355DC8-C960-4B3C-82F6-047E71D74DA1}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{ABAA399D-A043-4223-B3F1-F5632241EF03}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{ABAAA55B-E08A-4522-8E04-7AEEBA40ADC9}" = dir=out | name=cut the rope |
"{ABDA4188-66D1-4BAD-9C73-0A39BCC4CC18}" = dir=out | name=@{microsoft.bingfinance_1.7.0.38_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{ACB4CB4A-2730-4D08-85C6-29CF1112B41F}" = dir=out | name=tunein radio |
"{AFA7AD41-0DF4-4411-8EC8-D34A37C6EBF6}" = dir=out | name=@{microsoft.bingtravel_1.7.0.26_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{B1B7953C-A796-4855-80F7-670BA49C4E01}" = dir=out | name=kindle |
"{B1D005D7-E5CD-4FFE-BAFF-7F2C39272835}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{B22A5DBE-A6C0-4E5C-9CA9-ECFE43897BF7}" = dir=in | app=c:\program files (x86)\nero\nero 12\nero backitup\backitup.exe |
"{B2CA4BE3-E85C-4ADE-B3F9-E854ADCC5C02}" = dir=out | name=chacha |
"{B3DBCCA8-42B2-459E-B9EF-DF27E20E1698}" = dir=out | name=kindle |
"{B3F34021-2D71-46A7-98BA-6F32A8CD25D9}" = dir=out | name=@{microsoft.bingfinance_1.7.0.29_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{B4309712-A151-4E49-AB72-19A40AC80864}" = dir=out | name=tunein radio |
"{B789FB39-2931-4530-AB4A-FBFAAF9289E9}" = dir=in | name=allrecipes |
"{B8684B07-41E1-4508-8899-D57D5A16554F}" = dir=out | name=@{microsoft.zunevideo_1.1.134.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{B9E9D17D-36A0-4705-81E1-09160552262B}" = dir=out | name=google search |
"{BA0FF78E-3BE1-4D54-BB49-78DD4C649946}" = dir=in | name=newsxpresso |
"{BA8C7B87-6D92-4EEA-92A9-DF0BADD71D4D}" = dir=out | name=gateway explorer |
"{BCF3B4BF-579F-4209-9453-FC8C14B40E4E}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{BD4058C4-239F-42D4-ABD2-463A7B395DD4}" = dir=out | name=ebay |
"{BFF4CC43-505D-4DB4-9344-670CF7C7FCB5}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{C0E173A6-ACE8-4637-A4D8-8110953848ED}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{C2CCD30E-EC0F-420E-BC9D-B7CF7015D494}" = dir=out | name=stumbleupon |
"{C3605D78-A6B5-41BE-9B18-358022EA745D}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{C42B3454-95E9-48D3-9469-519AA43B0647}" = dir=out | name=encyclopaedia britannica |
"{C6A38722-0828-42B3-A6D7-4CC2A5DFE0F3}" = dir=out | name=windows 8 cheat keys |
"{C70C48C8-14BE-423A-B573-469B18FC2FCD}" = dir=out | name=piano8 |
"{C89D2CAF-A2C8-4917-B56D-0A73398AC861}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{CA1000F9-DFAE-4279-AB2A-120CDD87386B}" = protocol=6 | dir=in | app=c:\program files (x86)\spotify\spotify.exe |
"{CA293983-ED44-480E-AACF-68ECAADE4E63}" = dir=out | name=nook |
"{CA9720F6-E6E2-4C46-8E8B-2466CD63C741}" = dir=in | name=evernote touch |
"{CACD774C-4F6C-4303-BE5E-8ACDAC671180}" = dir=out | name=amazon for windows |
"{CC49DB49-2E50-4110-813E-E3EDE8DAED29}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{CE065AC4-2F45-4D83-BCDE-75197AFA1E0D}" = dir=out | name=encyclopaedia britannica |
"{CF4B936C-C3CF-443C-A379-9BFBFE07B247}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{CFE7512D-160D-4CEF-8844-D87B0593238E}" = dir=out | name=drudge reader |
"{D02EDC9C-BFB5-4917-BBDB-298633F50B8A}" = dir=out | name=hulu plus |
"{D054DD42-2EDA-4AC0-B70D-2EDF40427424}" = dir=out | name=@{microsoft.bingnews_1.7.0.31_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{D0643DD2-114E-49AC-A1BA-643A5DEC5CA3}" = dir=in | name=ebay |
"{D11E6993-9588-444F-85B8-3EC653D762D3}" = dir=out | name=@{microsoft.bingtravel_1.7.0.26_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{D26AC148-62AE-4857-828E-F1E6F3F97AA3}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{D41DE3BF-CF73-4F98-B1A7-E847E8126BF6}" = dir=out | name=@{microsoft.zunevideo_1.1.134.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{D432B355-5D3A-4028-9705-3770D5A93573}" = dir=out | name=merriam-webster dictionary |
"{D599C212-8E62-47EB-A7E7-9DDDF05C621C}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{D6C7E5E4-4A4D-40EC-A304-09C74003247B}" = dir=out | name=gateway explorer |
"{D70325F6-2BDA-411E-88BD-134A1B8F7380}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{D7BC56DF-C566-4968-9218-60C88746E712}" = dir=out | name=amazon for windows |
"{D87D3C9D-4672-4549-A5F7-9036CFD5F86A}" = dir=out | name=kindle |
"{D934CD9A-B408-41DC-A152-24F72E031890}" = dir=in | name=amazon for windows |
"{D9DB4E23-41B9-42E0-950B-BB9D7FA9480D}" = dir=out | name=tunein radio |
"{D9E1C314-D306-4367-B9EC-1B52DDEF0AEC}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{DB73FD43-9BD4-4702-BFDA-5EA3611479B5}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{DC36C20B-6B13-4270-944D-2BDA45B121F0}" = dir=out | name=ebay |
"{DC747015-E092-410D-8666-9827E745EA1E}" = dir=out | name=7digital music store |
"{DCAEDF11-6709-414F-9C69-0AE2177B3757}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{DDF6A030-7A82-44C4-92F9-90528D4BCF9F}" = dir=out | name=merriam-webster dictionary |
"{E67E17D1-3003-4CF2-8C0C-39E8978F5D2C}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{E9E0C5BD-A2EC-4FF0-97D8-FC58C6B5F478}" = dir=out | name=shark dash |
"{EE35C8DB-8FEA-4043-8650-D09B77EF8C29}" = dir=in | name=gateway explorer |
"{F1AECFB1-56A2-40F4-8183-BD0D27EEB8FA}" = dir=out | name=merriam-webster dictionary |
"{F239C238-5594-4955-B518-06206B3FDA14}" = protocol=17 | dir=in | app=c:\program files (x86)\spotify\spotify.exe |
"{F25F216E-64F2-4CB0-BA0A-4B2D1F228088}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{F3C32BA3-2A0D-4D57-9167-5222CB457240}" = dir=out | name=paper dash |
"{F73534EA-6AF2-41C2-986F-831938E5D8F1}" = dir=out | name=drag race online |
"{F774E223-9D69-4DBB-97A7-55DAD2A51A23}" = dir=out | name=skype |
"{F88195B2-9F3B-4D72-B4A1-8CF1CA7ED1FC}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{F88A740E-70F7-4A4A-9569-C3B81CCA2A67}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{FA0B3E76-700E-4D22-A25A-1C675AC26450}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{FABF24F4-CD6D-4185-9F3B-0E7D35DE3B6F}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{FAF9BBAD-1C06-44E1-BDA0-F6BE18AC0994}" = dir=out | name=@{microsoft.bingmaps_1.5.1.240_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{FECF2C07-BC3E-4A93-B0B9-2FFDCA132CBF}" = dir=in | app=c:\users\eric and amy\appdata\local\microsoft\skydrive\skydrive.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0225AD21-F3E2-4916-BFF3-65D3F9052582}" = iTunes
"{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}" = Gateway Recovery Management
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{24B4865D-4A99-7E7C-1D8D-F27DE55B0E21}" = AMD Fuel
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{704C0303-D20C-45AF-BD2B-556EAF31BE09}" = iCloud
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90150000-008F-0000-1000-0000000FF1CE}" = Office 15 Click-to-Run Licensing Component
"{91F52DE4-B789-42B0-9311-A349F10E5479}" = Gateway Power Management
"{A84A4FB1-D703-48DB-89E0-68B6499D2801}" = Qualcomm Atheros Bluetooth Suite (64)
"{B369C290-10D3-9C35-2E68-1ECAA2160925}" = AMD Catalyst Install Manager
"{C0663058-B9B6-3C2F-D6F1-E9BE1319743D}" = ccc-utility64
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{E9EED4AE-682B-4501-9574-D09A21717599}_is1" = AMD Quick Stream
"O365HomePremRetail - en-us" = Microsoft Office 365 Home Premium - en-us
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{026E80EA-ED6F-6A42-1B2F-5721D7213A12}" = CCC Help Danish
"{06E87DF6-B64F-04EC-5565-61451FFB4EFE}" = CCC Help Czech
"{0708FF30-78C0-47B0-81F0-C84604DC769C}" = Nero Express Help (CHM)
"{0A81C386-CC77-958C-01D8-C945AD1B588C}" = CCC Help Russian
"{0B311221-05A5-4766-8D03-7A6446794156}" = Nero RescueAgent Help (CHM)
"{0D954642-B3A1-B179-F7B4-6F326F0EB9D8}" = CCC Help Portuguese
"{0E4630AF-0AB7-440E-A978-1A78FC4F43B9}" = Nero Launcher
"{127A8537-72D6-2A5B-85CF-F038D8F5F644}" = CCC Help Chinese Traditional
"{169811F7-A1FB-D3FD-4D1F-3A9A30B5B3E5}" = CCC Help Thai
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2207AC25-522D-88BA-B963-4071F22C46E7}" = CCC Help Polish
"{22800204-9E53-45C7-B6F3-5BB0F1C1A147}" = Jing
"{22E239B5-3F85-6D5F-9290-665B1ADA976A}" = Catalyst Control Center InstallProxy
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Qualcomm Atheros WiFi Driver Installation
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{383C1D71-86F4-3C88-AD18-A4DF647A7E15}" = CCC Help Italian
"{3AAB08A3-F129-4BD5-B409-AE674F93759D}" = Prerequisite installer
"{3D9CB654-99AD-4301-89C6-0D12A790767C}" = Identity Card
"{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{4A14F2CC-D1EA-BB8D-0FBE-1991CBE5D843}" = Catalyst Control Center Localization All
"{4A5DE81F-EF03-B011-7485-2129C39B1B90}" = CCC Help English
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-gateway" = WildTangent Games App
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{848A7C68-0ADC-4193-8A89-2CEA78E56A0C}" = Nero Express
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8CF26D1D-EE00-4E3A-81A9-0606178E9E6D}" = Facebook Fahrenheit v2.0
"{90150000-008C-0000-0000-0000000FF1CE}" = Office 15 Click-to-Run Extensibility Component
"{90150000-008C-0409-0000-0000000FF1CE}" = Office 15 Click-to-Run Localization Component
"{90A1A974-AB38-EFD4-4BDF-0AB95C508F53}" = CCC Help Hungarian
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B058884-6B85-365C-BEF7-FE25C5249531}" = CCC Help Swedish
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9BF0D9FE-9893-4647-81B9-17B7BEA4E6FD}" = Nero 12 Essentials OEM.a01
"{9CEFC42E-E2C4-40CD-9BBE-AC91014FB4E1}" = Website Indexer
"{9F1F2AEA-C72A-4DD6-991E-C5506A5625E4}" = OpenOffice.org 3.4.1
"{A2D43081-CF7B-4637-A9F3-E2651AA5C4A8}" = Nero RescueAgent
"{A694AF57-9891-4D62-824C-7E55A1361A14}" = eBay Worldwide
"{A6DC88AD-501A-44BC-884D-57435F972E2C}" = Hotkey Utility
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABC88553-8770-4B97-B43E-5A90647A5B63}" = Nero ControlCenter
"{B2B0EC73-AD4A-4716-A3DE-CEA8440B309B}" = Nero BackItUp 12 Essentials OEM.a01
"{B609635C-0311-7CF0-DA80-7559FB48E1E8}" = CCC Help German
"{BB2DA702-6368-FD89-ADB8-DC1F6CFCB275}" = CCC Help Spanish
"{BEAA89E6-DB58-2BF8-CD4A-331E2FC9B7AD}" = CCC Help Japanese
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components
"{C1FA126A-E26C-5560-9CE4-976F091DD2BC}" = CCC Help Turkish
"{C29372CD-3493-D9FB-BF03-522373EC51B3}" = Catalyst Control Center Profiles Mobile
"{C3DD7989-9AD1-409D-B19C-84397F353257}" = Catalyst Control Center - Branding
"{C994C746-C6D0-4EBA-B09E-DF7B18381B69}" = Nero ControlCenter Help (CHM)
"{D9D53617-75A2-2BE8-4D61-0146B29381C0}" = CCC Help Korean
"{DB41DE08-53B4-3C71-DA6B-39684F577669}" = CCC Help French
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"{DF829F1B-ACBB-B9AD-B3DA-3E2A0E493269}" = CCC Help Chinese Standard
"{DFF66C94-A489-1FC7-61CE-7E2A1367057F}" = CCC Help Finnish
"{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso 6.5
"{E63F9199-0440-8AAE-C054-0327651CD6DB}" = CCC Help Norwegian
"{E70B2F2C-94D1-4287-B5B0-CBBE618E2652}" = Nero BackItUp
"{E7DF457D-B43A-221E-FF36-32E728E156E9}" = CCC Help Greek
"{EE26E302-876A-48D9-9058-3129E5B99999}" = Live Updater
"{EEF27A42-5E8D-CCFC-E4D1-297F9F7C2BAF}" = AMD VISION Engine Control Center
"{EF0D1292-8FC1-41BE-9740-DBC134F66415}" = Nero BackItUp Help (CHM)
"{F04065B6-52FB-A0F4-F508-BADDB831F59E}" = CCC Help Dutch
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FC9F3FED-57A4-4C8C-A69D-AE6A0E8CD870}" = RapidDrive
"AC3Filter_is1" = AC3Filter 1.63b
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Debut" = Debut Video Capture Software
"FVD Player_is1" = FVD Player 1.0.2
"Google Chrome" = Google Chrome
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso 6.5
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"MediaFire Express 0.15.4.4888" = MediaFire Express
"Mozilla Firefox 20.0.1 (x86 en-US)" = Mozilla Firefox 20.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"N360" = Norton 360
"NARA" = Norton Online Backup ARA
"Prism" = Prism Video File Converter
"Spotify" = Spotify
"VideoPad" = VideoPad Video Editor
"WildTangent wildgames Master Uninstall" = WildTangent Games
"WTA-0d7aba3e-dff6-48bc-8ccc-b8525910fa39" = Penguins!
"WTA-0ecc8d10-64b0-483d-8262-83e62d61877f" = Delicious: Emily's True Love Premium Edition
"WTA-398bfdd2-b095-4069-b102-3d83e248bdb4" = Peggle Nights
"WTA-45f2d188-6516-46de-8323-0b510a1251fc" = Bejeweled 3
"WTA-5afa0b45-62c6-418f-8956-e477986f2c0b" = Polar Golfer
"WTA-68518413-0a2d-4268-9116-dd95bbe75cf1" = Tales of Lagoona
"WTA-70634119-e046-4fa8-85e2-b39250f17ef2" = Polar Bowler
"WTA-7fa4178d-b9e7-4b83-b208-55e82dd7e8c0" = Aloha TriPeaks
"WTA-842390ae-6100-47e5-981f-d862e711eb79" = Plants vs. Zombies - Game of the Year
"WTA-8fb535a7-3698-4806-adaf-0e1e4d7b01df" = Agatha Christie - Death on the Nile
"WTA-ba6fb7c1-2a2e-42ea-9de7-ef46b6539b06" = Cradle Of Egypt Collector's Edition
"WTA-d2576fcb-1316-406f-abfc-5e0a25ca83bb" = Jewel Match 3
"WTA-e60a320d-da42-4928-b99c-4ee19fd13406" = Mystery P.I. - Curious Case of Counterfeit Cove
"WTA-e6a3ea35-50f4-404d-8b2d-90049d148fcb" = Zuma's Revenge
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"GoToMeeting" = GoToMeeting 5.5.0.1132
"JoinMe" = join.me
"SkyDriveSetup.exe" = Microsoft SkyDrive
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 5/7/2013 10:30:15 PM | Computer Name = Main | Source = ATIeRecord | ID = 16388
Description = ATI EEU Client event error
Error - 5/7/2013 10:30:30 PM | Computer Name = Main | Source = ATIeRecord | ID = 16388
Description = ATI EEU Client event error
Error - 5/7/2013 10:30:45 PM | Computer Name = Main | Source = ATIeRecord | ID = 16388
Description = ATI EEU Client event error
Error - 5/7/2013 10:31:00 PM | Computer Name = Main | Source = ATIeRecord | ID = 16388
Description = ATI EEU Client event error
Error - 5/7/2013 10:31:15 PM | Computer Name = Main | Source = ATIeRecord | ID = 16388
Description = ATI EEU Client event error
Error - 5/7/2013 10:31:31 PM | Computer Name = Main | Source = ATIeRecord | ID = 16388
Description = ATI EEU Client event error
Error - 5/7/2013 10:31:46 PM | Computer Name = Main | Source = ATIeRecord | ID = 16388
Description = ATI EEU Client event error
Error - 5/7/2013 10:32:00 PM | Computer Name = Main | Source = ATIeRecord | ID = 16388
Description = ATI EEU Client event error
Error - 5/7/2013 10:32:16 PM | Computer Name = Main | Source = ATIeRecord | ID = 16388
Description = ATI EEU Client event error
Error - 5/7/2013 10:32:31 PM | Computer Name = Main | Source = ATIeRecord | ID = 16388
Description = ATI EEU Client event error
[ System Events ]
Error - 5/1/2013 9:21:13 AM | Computer Name = Main | Source = Schannel | ID = 36888
Description = A fatal alert was generated and sent to the remote endpoint. This
may result in termination of the connection. The TLS protocol defined fatal error
code is 51. The Windows SChannel error state is 900.
Error - 5/1/2013 9:25:02 AM | Computer Name = Main | Source = Schannel | ID = 36888
Description = A fatal alert was generated and sent to the remote endpoint. This
may result in termination of the connection. The TLS protocol defined fatal error
code is 51. The Windows SChannel error state is 900.
Error - 5/2/2013 11:16:01 AM | Computer Name = Main | Source = Schannel | ID = 36888
Description = A fatal alert was generated and sent to the remote endpoint. This
may result in termination of the connection. The TLS protocol defined fatal error
code is 51. The Windows SChannel error state is 900.
Error - 5/2/2013 12:38:21 PM | Computer Name = Main | Source = Schannel | ID = 36888
Description = A fatal alert was generated and sent to the remote endpoint. This
may result in termination of the connection. The TLS protocol defined fatal error
code is 51. The Windows SChannel error state is 900.
Error - 5/3/2013 1:00:04 PM | Computer Name = Main | Source = Schannel | ID = 36888
Description = A fatal alert was generated and sent to the remote endpoint. This
may result in termination of the connection. The TLS protocol defined fatal error
code is 51. The Windows SChannel error state is 900.
Error - 5/3/2013 8:35:00 PM | Computer Name = Main | Source = Schannel | ID = 36888
Description = A fatal alert was generated and sent to the remote endpoint. This
may result in termination of the connection. The TLS protocol defined fatal error
code is 51. The Windows SChannel error state is 900.
Error - 5/3/2013 8:35:57 PM | Computer Name = Main | Source = DCOM | ID = 10010
Description =
Error - 5/3/2013 8:35:57 PM | Computer Name = Main | Source = DCOM | ID = 10010
Description =
Error - 5/3/2013 8:35:57 PM | Computer Name = Main | Source = DCOM | ID = 10010
Description =
Error - 5/3/2013 8:35:57 PM | Computer Name = Main | Source = DCOM | ID = 10010
Description =
< End of report >
Sign In
Create Account
