Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Possible Malware:W32/Xor-encoded.A and Hardware issues preventing anti


  • Please log in to reply

#1
flive

flive

    New Member

  • Member
  • Pip
  • 1 posts
I've been having hardware problems with my laptop at the least, and possibly malware issues as well in relation to them. I'm running Windows 7, 64 bit.

A while ago, my computer blue screened, and on the next boot, the hard drive wasn't recognized (I don't know the exact wording of the message) - eventually I got it to boot again, albeit it was a lot slower. I had used seatools to check the hard drive - one or more of the sectors failed, presumably after that first crash.

It hit me more recently that I do access information that would be devastating if stolen (bank stuff), so I've been trying to put myself at ease regarding malware, though it hasn't been working well. Possibly because of the hard drive issue, several antimalware programs that I have cycled between have frozen the computer while checking NLSLexicons files in windows/system32 and windows/syswow64 folders. Windows Defender runs a quick scan successfully with no detections, Windows Security Essentials runs if the NLSLexicons files are excluded from the scan (also with no detections). Bitdefender has come up with no detections. A few of the antimalware that hang at these files include avira, malwarebytes, avg and adaware. (They run normally until hanging at those files, and safe mode does not seem to help them. All of the above scans were quick if availible)

However, Panda Cloud Cleaner came up with an infection, C:\ProgramData\MICROSOFT\MICROSOFT ANTIMALWARE\LOCALCOPY\{2A37BC35-E9A2-92F5-B059-E04F8E21D916}-COMBOFIX.EXE; I had run combofix as well, which in retrospect may have not been the best of ideas. I downloaded it from bleepingcomputer.com, where it is the supposedly safe location. Panda found the file to be Malware:W32/Xor-encoded.A, and upon uploading it to virustotal, all but 3 found it clean, each of the 3, including Panda, calling it a different type; Trojan/JmGenGeneric.boe and NirCmd.

Other than the slowing and hanging, everything else seems to be working fine, albeit more slowly than it did before all of this. It may be that the file was left behind by combofix, but why would it be in that folder if that was the case?




Apologies for the wall of text, here's the OTL log (quick scan, no settings changed):




OTL logfile created on: 8/20/2013 11:24:31 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Patrick\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.87 Gb Total Physical Memory | 5.28 Gb Available Physical Memory | 67.03% Memory free
15.74 Gb Paging File | 12.84 Gb Available in Paging File | 81.53% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 917.66 Gb Total Space | 836.67 Gb Free Space | 91.17% Space Free | Partition Type: NTFS

Computer Name: PATRICK-PC | User Name: Patrick | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/08/20 23:20:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Patrick\Desktop\OTL.exe
PRC - [2013/08/14 13:55:20 | 000,276,376 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/05/28 00:00:13 | 001,855,880 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
PRC - [2013/05/11 06:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/03/25 15:45:52 | 000,694,584 | ---- | M] (Motorola Mobility LLC) -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
PRC - [2013/03/25 15:45:52 | 000,121,144 | ---- | M] (Motorola Mobility LLC) -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
PRC - [2012/11/19 14:12:34 | 000,176,520 | ---- | M] (Impulse Point, LLC) -- C:\Program Files (x86)\SafeConnect\scManager.sys
PRC - [2012/11/19 14:12:32 | 000,298,888 | ---- | M] (Impulse Point, LLC) -- C:\Program Files (x86)\SafeConnect\SCClient.exe
PRC - [2012/08/23 22:25:56 | 000,683,696 | ---- | M] (Juniper Networks) -- C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
PRC - [2012/02/27 05:01:58 | 000,291,608 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2012/02/16 13:49:44 | 001,695,040 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2012/02/01 17:29:58 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2012/02/01 17:29:56 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2012/01/27 17:30:16 | 000,465,216 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
PRC - [2012/01/26 22:49:34 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
PRC - [2012/01/26 22:47:36 | 004,293,952 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
PRC - [2012/01/20 17:29:28 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2012/01/20 17:29:26 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2011/10/01 10:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 10:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/09/02 16:06:38 | 000,065,657 | ---- | M] (Motorola) -- C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
PRC - [2011/06/29 09:52:54 | 000,474,176 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
PRC - [2011/06/27 20:26:30 | 002,022,976 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
PRC - [2011/04/13 11:39:14 | 000,503,942 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe


========== Modules (No Company Name) ==========

MOD - [2013/08/14 13:55:37 | 003,551,640 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013/07/11 03:38:02 | 001,358,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\e8d011c28cc3ac4273a87fd218e9f5cc\System.WorkflowServices.ni.dll
MOD - [2013/07/11 03:37:49 | 001,707,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\f6cda574b90024e648fd7f09abd525f5\System.ServiceModel.Web.ni.dll
MOD - [2013/07/11 03:36:45 | 001,084,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\e3ca9a94998013af52d329e926cbada9\System.IdentityModel.ni.dll
MOD - [2013/07/11 03:36:44 | 017,477,632 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\61b3634af1ad52330e566f4fd642c4c2\System.ServiceModel.ni.dll
MOD - [2013/07/11 03:36:17 | 000,489,472 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\58a8f7274b2f5cf46bfc459034b9b279\IAStorUtil.ni.dll
MOD - [2013/07/11 03:36:17 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\45581138b36fd338c87813390775b65f\IAStorCommon.ni.dll
MOD - [2013/07/11 03:31:42 | 002,347,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\c476801f82f0b0cff48afcafce7e919d\System.Runtime.Serialization.ni.dll
MOD - [2013/07/11 03:31:42 | 000,256,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\d84a4af2acd0a1489fb81d169a2ea00a\SMDiagnostics.ni.dll
MOD - [2013/07/11 03:31:40 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\83083fc40714f1ff675eb7b34387ed4f\System.Xml.Linq.ni.dll
MOD - [2013/07/11 03:31:38 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\2c5c86bb5156ff508ca8045aff50a482\System.Core.ni.dll
MOD - [2013/07/11 03:31:35 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a2920ed81e097f8551231a9350697bbd\PresentationFramework.Aero.ni.dll
MOD - [2013/07/11 03:31:28 | 011,914,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\c57eba08ab60f48e7d57228849d92a34\System.Web.ni.dll
MOD - [2013/07/11 03:31:24 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\89fe719039385377f6b5ad8d0070aa6b\System.Runtime.Remoting.ni.dll
MOD - [2013/07/11 03:31:15 | 014,340,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\fc4a8709f71eba20cc71c7905bba3dee\PresentationFramework.ni.dll
MOD - [2013/07/11 03:31:06 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\178644ab40108f3becd8b91049a254c3\System.Windows.Forms.ni.dll
MOD - [2013/07/11 03:31:01 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\bfa7a95284aec941f4b03bae0debe07c\System.Drawing.ni.dll
MOD - [2013/07/11 03:30:59 | 012,238,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\ef17be93e209cc95b9768c7822530432\PresentationCore.ni.dll
MOD - [2013/07/11 03:30:52 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\c25666b99761bc42322bae2e59968df8\WindowsBase.ni.dll
MOD - [2013/07/11 03:30:48 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\32066405eb9ab14056b2af3115d2a6de\System.Xml.ni.dll
MOD - [2013/07/11 03:30:46 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\9e24b9ffd816c0c90efc4d3fc9fd745f\System.Configuration.ni.dll
MOD - [2013/07/11 03:30:45 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\187c13e8967097d2ed1e5f123e7d890a\System.ni.dll
MOD - [2013/07/11 03:30:40 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013/05/28 00:00:13 | 016,033,160 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll
MOD - [2012/01/26 22:49:34 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
MOD - [2011/06/29 09:52:54 | 000,474,176 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
MOD - [2011/06/27 20:26:30 | 002,022,976 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
MOD - [2011/06/27 20:25:30 | 000,058,944 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\DataService.dll
MOD - [2011/06/25 00:21:46 | 000,322,624 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\en-US\UI\ManagerUI.dll
MOD - [2011/06/25 00:20:26 | 000,565,968 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\sqlite3.dll
MOD - [2010/03/22 16:52:42 | 006,776,832 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\QtGui4.dll
MOD - [2010/03/16 21:28:28 | 000,326,144 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\QtXml4.dll
MOD - [2010/03/16 21:28:16 | 000,635,904 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\QtNetwork4.dll
MOD - [2010/03/16 21:28:04 | 001,926,144 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\QtCore4.dll
MOD - [2010/03/11 20:52:34 | 000,225,280 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qmng4.dll
MOD - [2010/03/11 20:52:34 | 000,028,160 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qgif4.dll
MOD - [2010/03/05 16:07:58 | 000,125,952 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qjpeg4.dll
MOD - [2010/03/05 16:07:58 | 000,031,744 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qico4.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/07/18 20:33:12 | 000,366,600 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2013/07/18 20:33:12 | 000,023,816 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012/03/16 14:39:52 | 000,048,128 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE -- (wltrysvc)
SRV:64bit: - [2012/02/14 01:20:52 | 000,313,856 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2012/02/01 19:31:02 | 000,945,440 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2012/01/10 22:01:52 | 000,627,936 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV:64bit: - [2010/11/29 16:00:56 | 000,149,504 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2010/09/22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2013/08/14 13:55:29 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/07/26 18:46:24 | 000,563,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/06/21 09:53:36 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/05/11 06:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/03/25 15:45:52 | 000,121,144 | ---- | M] (Motorola Mobility LLC) [Auto | Running] -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe -- (Motorola Device Manager)
SRV - [2012/11/19 14:12:34 | 000,176,520 | ---- | M] (Impulse Point, LLC) [Auto | Running] -- C:\Program Files (x86)\SafeConnect\scManager.sys -- (SCManager)
SRV - [2012/08/23 22:25:56 | 000,683,696 | ---- | M] (Juniper Networks) [Auto | Running] -- C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe -- (dsNcService)
SRV - [2012/04/10 01:33:28 | 000,166,912 | ---- | M] (Dell Products, LP.) [Auto | Stopped] -- c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe -- (DellDigitalDelivery)
SRV - [2012/04/05 00:12:04 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/02/16 13:49:44 | 001,695,040 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)
SRV - [2012/02/01 17:29:58 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2012/01/20 17:29:28 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/01/20 17:29:26 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2011/10/01 10:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 10:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/09/02 16:06:38 | 000,065,657 | ---- | M] (Motorola) [Auto | Running] -- C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe -- (PST Service)
SRV - [2010/08/25 21:28:54 | 002,823,000 | ---- | M] (Dell, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe -- (NOBU)
SRV - [2010/03/18 17:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/09/08 13:51:24 | 001,037,824 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/08/06 23:22:11 | 000,014,456 | ---- | M] (GFI Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\gfibto.sys -- (gfibto)
DRV:64bit: - [2013/06/18 21:50:08 | 000,139,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2013/06/12 14:10:56 | 000,033,512 | ---- | M] () [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\DasPtct.SYS -- (DasPtct)
DRV:64bit: - [2013/04/29 09:17:34 | 000,047,632 | ---- | M] (Panda Security, S.L.) [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\PSKMAD.sys -- (PSKMAD)
DRV:64bit: - [2012/12/19 16:47:20 | 000,132,008 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2012/12/13 15:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/08/23 21:51:12 | 000,032,768 | ---- | M] (Juniper Networks) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dsNcAdpt.sys -- (dsNcAdpt)
DRV:64bit: - [2012/08/21 15:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/09 01:19:33 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/07/09 01:19:30 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/07/09 01:19:30 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/03/26 23:09:54 | 014,748,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/03/16 14:39:50 | 000,022,592 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)
DRV:64bit: - [2012/03/16 14:39:44 | 000,021,568 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcmvwl64.sys -- (BcmVWL)
DRV:64bit: - [2012/03/15 06:14:50 | 005,441,088 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2012/03/09 23:41:16 | 000,685,160 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2012/02/27 06:01:00 | 000,788,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012/02/27 06:01:00 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012/02/27 06:01:00 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012/02/14 01:20:52 | 000,535,552 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2012/02/01 22:07:18 | 000,615,976 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2012/02/01 22:07:18 | 000,134,696 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcbtums.sys -- (bcbtums)
DRV:64bit: - [2012/02/01 22:07:12 | 000,211,496 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2012/02/01 22:07:12 | 000,184,360 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2012/02/01 22:07:12 | 000,039,976 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2012/02/01 22:07:12 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2012/02/01 19:16:40 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2012/01/24 19:01:40 | 000,416,592 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2011/12/06 07:23:08 | 000,331,264 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011/11/10 05:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2011/10/01 10:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011/10/01 10:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011/10/01 10:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011/10/01 10:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011/07/28 19:33:50 | 000,313,448 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUVStor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2011/01/31 08:30:38 | 000,027,288 | ---- | M] (Ekahau Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\ekaprot6.sys -- (EkaProt6)
DRV:64bit: - [2011/01/20 12:20:46 | 000,176,096 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2010/11/29 16:00:04 | 000,016,120 | ---- | M] (Intel® Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010/11/20 23:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 23:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/10 13:06:50 | 000,031,744 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motoandroid.sys -- (motandroidusb)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2006/11/01 05:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {28A4691A-123A-43D0-BB15-164F96B50B38}
IE:64bit: - HKLM\..\SearchScopes\{28A4691A-123A-43D0-BB15-164F96B50B38}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {28A4691A-123A-43D0-BB15-164F96B50B38}
IE - HKLM\..\SearchScopes\{28A4691A-123A-43D0-BB15-164F96B50B38}: "URL" = http://www.bing.com/...rc=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\..\SearchScopes,DefaultScope = {28A4691A-123A-43D0-BB15-164F96B50B38}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;192.168.*.*

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7Be001c731-5e37-4538-a5cb-8168736a2360%7D:0.9.9.119
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013/01/21 23:03:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013/01/21 23:03:00 | 000,000,000 | ---D | M]

[2013/01/17 20:10:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Patrick\AppData\Roaming\Mozilla\Extensions
[2013/08/05 16:21:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\rxydmdua.default\extensions
[2013/08/05 16:21:50 | 000,000,000 | ---D | M] (Bitdefender QuickScan) -- C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\rxydmdua.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2013/07/31 18:49:27 | 000,824,302 | ---- | M] () (No name found) -- C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\rxydmdua.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/08/20 19:54:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/08/20 19:54:15 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U11 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll
CHR - plugin: Java Deployment Toolkit 7.0.110.21 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
CHR - Extension: Google Docs = C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Adblock Plus = C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.3_0\
CHR - Extension: Google Search = C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Lavasoft NewTab = C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\oejkcgajlodefenbbjdnaiahmbnnoole\0.10_0\
CHR - Extension: Gmail = C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2013/08/02 14:47:38 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE (Dell Inc.)
O4:64bit: - HKLM..\Run: [DellStage] C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Stage Remote] C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe ()
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe (Dell, Inc.)
O4 - HKLM..\Run: [Dell Registration] C:\Program Files (x86)\System Registration\prodreg.exe (Dell, Inc.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16:64bit: - DPF: {AA570693-00E2-4907-B6F1-60A1199B030C} https://juniper.net/...tupClient64.cab (JuniperSetupClientControl64 Class)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/...SetupClient.cab (JuniperSetupClientControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EBA979AC-C4C7-44E1-8BB2-AFD4A95306D7}: DhcpNameServer = 75.75.75.75 75.75.76.76
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/08/20 23:20:01 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Patrick\Desktop\OTL.exe
[2013/08/20 19:26:49 | 000,047,632 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\PSKMAD.sys
[2013/08/20 19:26:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
[2013/08/19 20:24:13 | 000,000,000 | -HSD | C] -- C:\found.001
[2013/08/19 15:45:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Panda Security
[2013/08/17 14:12:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ETS
[2013/08/17 00:54:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/08/17 00:54:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/08/16 00:26:15 | 000,000,000 | ---D | C] -- C:\Program Files\My Dell
[2013/08/16 00:24:39 | 000,000,000 | ---D | C] -- C:\ProgramData\PCDr
[2013/08/16 00:23:53 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\PCDr
[2013/08/16 00:15:42 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
[2013/08/16 00:15:16 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Deployment
[2013/08/16 00:15:16 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Apps
[2013/08/15 23:56:16 | 000,000,000 | ---D | C] -- C:\Users\Patrick\Documents\diagnostics
[2013/08/15 03:03:50 | 000,000,000 | ---D | C] -- C:\9b12a99b23da99d50b7bc0e5
[2013/08/06 23:50:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Creative
[2013/08/06 23:46:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Antivirus
[2013/08/06 23:23:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2013/08/06 23:23:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ad-Aware Antivirus
[2013/08/06 23:22:11 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Ad-Aware Antivirus
[2013/08/05 17:02:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Bitdefender
[2013/08/05 16:57:48 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\LavasoftStatistics
[2013/08/05 16:57:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations
[2013/08/05 16:57:42 | 000,000,000 | ---D | C] -- C:\ProgramData\blekko toolbars
[2013/08/05 16:57:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavasoft
[2013/08/05 16:57:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Toolbar Cleaner
[2013/08/05 16:56:39 | 000,014,456 | ---- | C] (GFI Software) -- C:\Windows\SysNative\drivers\gfibto.sys
[2013/08/04 16:30:46 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2013/08/04 16:09:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Sophos
[2013/08/04 15:19:07 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\QuickScan
[2013/08/04 00:42:22 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
[2013/08/03 20:10:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2013/08/03 13:43:25 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Avg2013
[2013/08/03 13:21:16 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2013/08/02 21:59:28 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Immunet
[2013/08/02 21:54:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VirusTotalUploader2
[2013/08/02 21:54:08 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirusTotal Uploader 2.0
[2013/08/02 20:31:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2013/08/02 20:01:02 | 000,000,000 | ---D | C] -- C:\Users\Patrick\Doctor Web
[2013/08/02 15:43:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Seagate
[2013/08/02 15:21:06 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/08/02 14:40:35 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013/08/02 14:40:35 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013/08/02 14:40:35 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013/08/02 14:38:33 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/08/02 14:37:56 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/08/02 14:23:46 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\TuneUp Software
[2013/08/02 14:23:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2013/08/02 14:23:17 | 000,000,000 | -H-D | C] -- C:\$AVG
[2013/08/02 14:23:17 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2013
[2013/08/02 14:08:30 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2013/08/02 14:08:30 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\MFAData
[2013/08/02 14:08:30 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2013/08/02 11:43:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2013/08/02 11:43:05 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2013/08/02 11:42:38 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\Microsoft
[2013/07/31 21:41:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2013/07/31 21:41:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2013/07/31 21:41:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2013/07/31 20:08:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Motorola
[2013/07/31 20:08:27 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Motorola Mobility
[2013/07/31 20:08:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MSSoap
[2013/07/31 20:08:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Motorola Mobility
[2013/07/31 20:08:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Motorola
[2013/07/31 20:07:16 | 000,000,000 | ---D | C] -- C:\Program Files\Motorola Inc
[2013/07/31 20:07:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Motorola Shared
[2013/07/31 20:06:43 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Motorola
[2013/07/26 21:24:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/08/20 23:23:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/08/20 23:20:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Patrick\Desktop\OTL.exe
[2013/08/20 19:58:22 | 000,779,724 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/08/20 19:58:22 | 000,660,770 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/08/20 19:58:22 | 000,121,408 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/08/20 19:54:24 | 000,001,149 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/08/20 19:26:44 | 000,001,284 | ---- | M] () -- C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk
[2013/08/20 19:24:41 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/08/20 19:24:41 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/08/20 19:18:24 | 000,000,550 | ---- | M] () -- C:\Windows\tasks\MATLAB R2013a Startup Accelerator.job
[2013/08/20 19:16:04 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/08/20 19:15:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/08/20 19:14:54 | 2044,727,295 | -HS- | M] () -- C:\hiberfil.sys
[2013/08/20 18:59:09 | 000,000,005 | ---- | M] () -- C:\Users\Patrick\AppData\Roaming\mbam.context.scan
[2013/08/20 16:20:22 | 003,411,794 | ---- | M] () -- C:\Users\Patrick\Desktop\Screw You Remix.mp3
[2013/08/12 23:57:16 | 000,974,963 | ---- | M] () -- C:\Users\Patrick\AppData\Local\census.cache
[2013/08/12 23:57:10 | 000,180,198 | ---- | M] () -- C:\Users\Patrick\AppData\Local\ars.cache
[2013/08/12 23:45:57 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\igd10umd32.dll
[2013/08/06 23:22:11 | 000,014,456 | ---- | M] (GFI Software) -- C:\Windows\SysNative\drivers\gfibto.sys
[2013/08/05 17:00:31 | 000,002,243 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013/08/03 14:24:34 | 000,000,175 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys.sum
[2013/08/03 14:24:34 | 000,000,175 | ---- | M] () -- C:\Windows\SysNative\drivers\aswSP.sys.sum
[2013/08/03 14:24:34 | 000,000,175 | ---- | M] () -- C:\Windows\SysNative\drivers\aswSnx.sys.sum
[2013/08/03 14:23:52 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013/08/03 02:33:45 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\igdumd32.dll
[2013/08/03 00:58:35 | 000,000,036 | ---- | M] () -- C:\Users\Patrick\AppData\Local\housecall.guid.cache
[2013/08/02 21:59:05 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ImmunetNetworkMonitor_01009.Wdf
[2013/08/02 14:47:38 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013/08/02 00:38:41 | 000,129,294 | ---- | M] () -- C:\Users\Patrick\Documents\cc_20130802_003752.reg
[2013/07/31 20:11:51 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_motoandroid_01007.Wdf
[2013/07/31 18:50:11 | 000,002,185 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/08/20 23:24:58 | 000,033,512 | ---- | C] () -- C:\Windows\SysNative\drivers\DasPtct.SYS
[2013/08/20 19:26:44 | 000,001,284 | ---- | C] () -- C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk
[2013/08/20 18:59:00 | 000,000,005 | ---- | C] () -- C:\Users\Patrick\AppData\Roaming\mbam.context.scan
[2013/08/20 16:18:43 | 003,411,794 | ---- | C] () -- C:\Users\Patrick\Desktop\Screw You Remix.mp3
[2013/08/12 23:45:57 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\igd10umd32.dll
[2013/08/03 02:43:49 | 000,974,963 | ---- | C] () -- C:\Users\Patrick\AppData\Local\census.cache
[2013/08/03 02:43:38 | 000,180,198 | ---- | C] () -- C:\Users\Patrick\AppData\Local\ars.cache
[2013/08/03 02:33:45 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\igdumd32.dll
[2013/08/03 00:58:35 | 000,000,036 | ---- | C] () -- C:\Users\Patrick\AppData\Local\housecall.guid.cache
[2013/08/02 21:59:05 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ImmunetNetworkMonitor_01009.Wdf
[2013/08/02 14:40:35 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/08/02 14:40:35 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/08/02 14:40:35 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/08/02 14:40:35 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/08/02 14:40:35 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/08/02 11:43:14 | 000,002,243 | ---- | C] () -- C:\Windows\epplauncher.mif
[2013/08/02 11:43:09 | 000,002,079 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2013/08/02 00:37:56 | 000,129,294 | ---- | C] () -- C:\Users\Patrick\Documents\cc_20130802_003752.reg
[2013/07/31 20:11:51 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_motoandroid_01007.Wdf
[2013/04/17 21:51:05 | 000,000,104 | ---- | C] () -- C:\Users\Patrick\.gitconfig
[2013/02/22 13:26:30 | 000,000,017 | ---- | C] () -- C:\Users\Patrick\AppData\Local\resmon.resmoncfg
[2013/01/22 16:04:16 | 000,000,600 | ---- | C] () -- C:\Users\Patrick\AppData\Local\PUTTY.RND
[2013/01/21 23:00:15 | 000,205,085 | ---- | C] () -- C:\Windows\hpwins26.dat
[2013/01/21 23:00:15 | 000,000,370 | ---- | C] () -- C:\Windows\hpwmdl26.dat
[2013/01/21 22:46:31 | 000,000,385 | ---- | C] () -- C:\Windows\hpwmdl27.dat.temp
[2013/01/21 21:25:08 | 000,141,110 | ---- | C] () -- C:\Windows\hpwins27.dat
[2013/01/21 21:25:07 | 000,000,385 | ---- | C] () -- C:\Windows\hpwmdl27.dat
[2012/11/19 03:33:32 | 000,065,656 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
[2012/11/19 03:33:30 | 000,022,640 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll
[2012/07/09 01:05:32 | 000,755,188 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin
[2012/07/09 01:05:32 | 000,561,508 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin
[2012/07/09 01:05:29 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/07/09 01:05:28 | 013,024,768 | ---- | C] () -- C:\Windows\SysWow64\ig7icd32.dll
[2012/01/10 21:39:16 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll

========== ZeroAccess Check ==========

[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 01:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 00:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/04/19 00:57:04 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\.JSwat
[2013/08/08 02:47:33 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\Ad-Aware Antivirus
[2013/08/20 19:12:59 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\Audacity
[2013/08/20 19:12:59 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\BANDISOFT
[2013/04/12 23:11:49 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\DevPro
[2013/08/02 02:08:33 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\Dropbox
[2013/01/17 17:50:37 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\Fingertapps
[2013/01/22 18:03:14 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\IDT
[2013/01/22 14:33:49 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\Juniper Networks
[2013/01/17 17:49:41 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\Leadertech
[2013/07/31 20:06:43 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\Motorola
[2013/08/20 19:13:01 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\Motorola Mobility
[2013/01/17 21:27:37 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\Notepad++
[2013/08/20 19:13:02 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\OBS
[2013/01/17 18:29:12 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\OpenOffice.org
[2013/08/16 00:23:54 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\PCDr
[2013/08/20 21:29:26 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\QuickScan
[2013/08/02 02:08:34 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\SoftGrid Client
[2013/02/03 16:20:14 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\TP
[2013/08/02 14:23:46 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\TuneUp Software

========== Purity Check ==========



< End of report >

Also, here's the extras.txt that OTL gave me:






OTL Extras logfile created on: 8/20/2013 11:24:31 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Patrick\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.87 Gb Total Physical Memory | 5.28 Gb Available Physical Memory | 67.03% Memory free
15.74 Gb Paging File | 12.84 Gb Available in Paging File | 81.53% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 917.66 Gb Total Space | 836.67 Gb Free Space | 91.17% Space Free | Partition Type: NTFS

Computer Name: PATRICK-PC | User Name: Patrick | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0BE15265-518D-49A0-AAA9-FF1D9C235E9D}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{0E37F134-1F18-46B1-8C6C-C5992E00638C}" = rport=445 | protocol=6 | dir=out | app=system |
"{14CFAD25-5D2B-4BDC-8C2E-4B040EB8DCA3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{23D94C7E-E010-421F-96EA-EC77F7DBA096}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{27D17064-78FE-4A09-AB41-D8E66E0B75AA}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2E7C009D-9BBC-4A9F-9084-E3B603F0DBA6}" = lport=445 | protocol=6 | dir=in | app=system |
"{30CD88AF-9C31-4A1D-8C37-0078BA331121}" = lport=138 | protocol=17 | dir=in | app=system |
"{410B1516-62D8-45B8-AA1F-970D4A7449A3}" = rport=10243 | protocol=6 | dir=out | app=system |
"{564C0176-DBBC-4BC3-83DA-A5507245DF33}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{57F97629-D942-4D0F-99B0-D01DD3B9C21B}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6830060F-E3F5-472B-AB9B-5C8562ABDCD9}" = rport=138 | protocol=17 | dir=out | app=system |
"{7B109AA0-70F2-4C73-BA65-1054D34450C1}" = rport=137 | protocol=17 | dir=out | app=system |
"{7D211F0A-EEB1-4EE7-9B4B-F11140184AB6}" = lport=5900 | protocol=6 | dir=in | name=vnc |
"{801E2577-527F-4FC7-A2D1-4727686C2E3E}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{815C3100-AE93-49D1-A6AB-9AC0B6B27C72}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{85786867-9921-4C1C-8BB6-AC2D29F13B40}" = lport=137 | protocol=17 | dir=in | app=system |
"{9001275C-6666-49B4-844A-3B3EF713B53D}" = lport=139 | protocol=6 | dir=in | app=system |
"{90B03058-BAFE-4DAB-99BC-46A0B3BD7288}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{92ACD7F2-0555-4014-9F32-829A682E91EA}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{9477DBB8-E379-4445-A71B-0C51355A3AC6}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A47FC876-ECE8-471E-B31B-CBF47100F1C5}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A5A73114-E703-41CF-8FEF-834FFA92E22F}" = rport=139 | protocol=6 | dir=out | app=system |
"{AE3C970E-567F-403E-8051-ADE84C5AB7CB}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B430E58B-8023-466A-A4BB-F1B982C1A348}" = lport=10243 | protocol=6 | dir=in | app=system |
"{B83310E0-100F-4FC8-81AC-110A313C158E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F63663DA-3782-4189-A5CE-8FC931D49FFE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{15CBA208-5E32-4678-976C-5563D5F4F0A3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the binding of isaac\isaac.exe |
"{1615B149-90BC-4DAB-A582-CB1DB437C9FE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{18850568-E00B-44DA-9F73-F2A9C79AFF01}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1A331AF0-8D67-4101-9205-BD2BA05C8F04}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{317FD680-5E19-4F71-ABE8-18B6E01903FB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3CB203D5-7071-44B3-A5BB-FD0695A7A27C}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{415EDBBE-A5BB-4D96-8DE6-7D0FD0D01289}" = protocol=1 | dir=in | [email protected],-28543 |
"{43203542-DB9A-4BD2-AE02-A493754AE59F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{4A54DAD8-8275-4A0A-8A79-58CEE229165F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{4E0897FF-DD4A-4300-93E2-00782CBEA6DF}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{524E640B-A90D-4637-A62D-6F2160A66F85}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{52A9F682-C0EB-4716-BBF7-AB273954A4A6}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{557D7906-ECFB-4F48-A1E4-9FB3C3EA6122}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5888A19F-F026-496F-A1F6-348906553D79}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{604DB447-9AD5-4EA1-9E60-1C85BC6DA615}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{668A1F70-CB98-43AA-9A34-292391CCB5E2}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{69DE7AD1-5E1D-4902-A7D7-3AE61070B6AA}" = protocol=1 | dir=out | [email protected],-28544 |
"{6B6E26F8-194A-4449-B26D-0D3B3547B7B2}" = protocol=17 | dir=in | app=c:\users\patrick\documents\school\semester 6\os\vnc-viewer-5.0.3-windows-64bit.exe |
"{72F9EDB9-9382-489F-B308-8948594F3063}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe |
"{72FF13E4-C38D-4F6A-BA9A-F77D59BD3F10}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{73404D81-9F54-46FB-BD21-55D2E2685757}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{758E5B0B-0C1E-4F74-85D6-A48FEB85C1C2}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{76F961C9-EA6B-46EE-82F2-AA5D411E3983}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{7EE5A02C-7B5F-451C-89D4-7B629FB68FE2}" = dir=in | app=c:\program files (x86)\dell\videostage\videostage.exe |
"{8301B684-C012-4610-B19F-D249239C13AF}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{84F09F5A-EDE4-4445-B3FE-3E026123666D}" = protocol=58 | dir=out | [email protected],-28546 |
"{886741DB-3E85-4EEF-9F18-ACD34242B18F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{9192B530-DDAB-4CC1-8B71-D5BE1F50D8C9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9450248E-236F-42A0-8217-81387DEEDA08}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{98B35F62-C8D7-45FF-B5EF-AEC3A1BFB76B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{99709465-D6BD-46B5-AC6A-D9D26CF7EA92}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the binding of isaac\isaac.exe |
"{9F15871D-E00C-48CB-9526-329B782B4EBF}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{ACE575A9-C867-4502-936B-17199AB0CE91}" = protocol=6 | dir=out | app=system |
"{AF4394E8-D991-403E-AF8F-6D296F2BBC7F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{B77AE917-0594-4598-8E87-231D4DDAD8C2}" = protocol=6 | dir=in | app=c:\users\patrick\documents\school\semester 6\os\vnc-viewer-5.0.3-windows-64bit.exe |
"{B9FAF17A-4F6A-43C3-857D-0D6646CADF5C}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{BA16F08F-F9AB-42EA-801B-578A26FA0611}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{BB181564-6B79-441F-8DFB-655001C00227}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{BED1AABE-9E0C-4799-A8BA-4D45A8BCC5DE}" = protocol=58 | dir=in | [email protected],-28545 |
"{C6AE5736-03AD-4D05-8AAF-0C880BD1D41C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe |
"{D058FC23-C2A8-42D2-9032-9750C26B4775}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{D5236D45-18E8-4014-98E8-5EF2C6C6E6C7}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D55356EA-6309-4EA2-B265-3A90F399990A}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{D5CC737A-32D2-438B-95D8-C4C46B9C0180}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe |
"{D87BC45B-68ED-48A2-998C-60C50B2A06D7}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{E3D0C5DD-6DA4-4F12-A270-1D81560980D4}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe |
"{E81E28DA-508C-4CA9-BF8E-37F25FE0D0B3}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{EF87214B-1C0F-466C-9AF1-7977072F6AE6}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{EFD36294-9B15-47B3-A771-1445EC7D6625}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{EFDA9EC2-420C-4B84-8905-7BC3E10EB930}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F3D4C4AE-A2CE-471F-9ED8-EDA6D89917D6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F4EC99CA-189F-409F-A298-6BF1D6C6CF05}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{F696E57D-B33F-40A4-9620-60FFD1434381}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{F8E0D1B6-2E34-47DC-A043-28339D0C392D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{FA41BD75-25E6-4FCE-8C5B-1559B4549610}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe |
"{FF35AA84-9CB5-40B1-9DB3-76239C6405B7}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"TCP Query User{195F6615-C6CA-4091-A51D-37F767CFE36B}C:\program files (x86)\dell\stage remote\stageremoteservice.exe" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremoteservice.exe |
"TCP Query User{5D13AD24-87AD-49B7-A2AF-420D41B4A001}C:\windows\system32\javaw.exe" = protocol=6 | dir=in | app=c:\windows\system32\javaw.exe |
"TCP Query User{800DAA4B-9ABE-4150-A7F4-51AD02652AAC}C:\program files (x86)\dell\stage remote\stageremoteservice.exe" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremoteservice.exe |
"UDP Query User{1D5A4B5D-213B-4EFD-9EC6-579D3C7E345E}C:\windows\system32\javaw.exe" = protocol=17 | dir=in | app=c:\windows\system32\javaw.exe |
"UDP Query User{ABBA36DB-C5DB-47BB-9445-51306E91CBC1}C:\program files (x86)\dell\stage remote\stageremoteservice.exe" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremoteservice.exe |
"UDP Query User{EE59EB62-981E-47A1-B3F7-9668F25961C9}C:\program files (x86)\dell\stage remote\stageremoteservice.exe" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremoteservice.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"${PRODUCT_ID}-1.1.3.38636" = Ekahau HeatMapper
"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center
"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1EB2596D-80B0-4D55-AC31-6FCFE757081E}" = HP Officejet 4500 G510a-f
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{26A24AE4-039D-4CA4-87B4-2F86417021FF}" = Java 7 Update 21 (64-bit)
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{3DB84568-DD0E-401F-BC21-CE24720A0C5B}" = Microsoft Security Client
"{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10
"{538B98C3-773F-4F20-9C66-802D104DCBE2}" = Intel® Trusted Connect Service Client
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{64A3A4F4-B792-11D6-A78A-00B0D0170170}" = Java SE Development Kit 7 Update 17 (64-bit)
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7FCDABCC-1A1E-4D61-909D-BA9495172774}" = iTunes
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{82CD33B2-1DE6-4663-B6F0-1592B2376F78}" = VS10Runtimex64
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}" = WIDCOMM Bluetooth Software
"{A8A0B1C1-FBC7-4790-8E26-9DA1A6A95452}" = Oracle VM VirtualBox 4.2.6
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = Intel® Turbo Boost Technology Monitor 2.0
"{C5A22A98-AC82-4404-BFB0-1E9F654EB176}" = Motorola Mobile Drivers Installation 6.0.0
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E5083D57-D93F-404C-A91F-1C50D67C2BEB}" = HP Officejet 4500 G510g-m
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Dell Support Center" = Dell Support Center
"DW WLAN Card Utility" = DW WLAN Card Utility
"HP Document Manager" = HP Document Manager 2.0
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"Juniper_Setup_Client Activex Control" = Juniper Networks, Inc. Setup Client 64-bit Activex Control
"Matlab R2013a" = MATLAB R2013a
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"nbi-jswat-1.0.0.0.0" = JSwat Debugger
"Shop for HP Supplies" = Shop for HP Supplies

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0A5B39D2-7ED6-4779-BCC9-37F381139DB3}" = Adobe AIR
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0ECFCB07-9BFE-4970-ACA1-D568D982760B}" = Complete Care Business Service Agreement
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel® USB 3.0 eXtensible Host Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 21
"{28379381-B56A-43e1-B505-3098D82B1C30}" = 4500G510gm_Software_Min
"{28DB8373-C1BB-444F-A427-A55585A12ED7}" = Motorola Device Manager
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A0F2CC5-3065-492C-8380-B03AA7106B1A}" = Dell Product Registration
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3BD7DD08-991B-4A2F-A165-614ED14EAADD}" = Dell MusicStage
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{3EB6F78A-66E3-434f-BD0E-76C7D078DB5E}" = 4500G510af_Software_Min
"{400182B4-CA55-46A9-9D88-F8413DCFB36D}" = Blio
"{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}" = Banctec Service Agreement
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.6
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{65A5E87D-7A3F-4819-807D-B86990D5F369}" = inSSIDer
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79361740-EAE3-11E2-9911-B8AC6F98CCE3}" = Google Earth Plug-in
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{7EC66A95-AC2D-4127-940B-0445A526AB2F}" = Dell DataSafe Online
"{7FB00B6B-6843-97EC-EED6-78BD6D35370A}" = Zinio Reader 4
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
"{903679E8-44C8-4C07-9600-05C92654FC50}" = QualxServ Service Agreement
"{92A51949-EE4C-466D-AAF0-99E74A49A63F}" = DocMgr
"{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1" = Panda Cloud Cleaner
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DDFE322-6BA0-4F90-8689-D98382492371}" = Dell Digital Delivery
"{9F1F2AEA-C72A-4DD6-991E-C5506A5625E4}" = OpenOffice.org 3.4.1
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}" = Dell Home Systems Service Agreement
"{AC2C1BDB-1E91-4F94-B99C-E716FE2E9C75}_is1" = MinGW-Get version 0.5-beta-20120426-1
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.03)
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{AF4D3C63-009B-4A17-B02E-D395065DD3F0}" = Dell Stage Remote
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BE0D4271-69C9-4f28-AD9B-BB33D126A30E}" = 4500G510gm
"{C175D5B0-ED04-42C9-B23F-D8BD406173E7}" = 4500_G510af_Help_Web
"{C33AA6D6-F5EC-48F3-AFDC-8141345D473A}" = Premium Service Agreement
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DBDD570E-0952-475f-9453-AB88F3DD5659}" = Python 2.7.5
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DEAD13D3-BC70-4AAE-AEF9-BE6297E106D1}" = Motorola Device Software Update
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DF0B357C-5874-47D0-81E7-79AA890B0CE0}" = 4500_G510gm_Help
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4335E82-17B3-460F-9E70-39D9BC269DB3}" = Dell PhotoStage
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EC2F135B-48ED-4682-A90B-54846218C1F3}" = 4500G510af_web
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EF85FEF4-EB92-4075-A6D2-5F519BB30A2C}" = Accidental Damage Services Agreement
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F47C37A4-7189-430A-B81D-739FF8A7A554}" = Consumer In-Home Service Agreement
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE182796-F6BA-486A-8590-89B7E8D1D60F}" = Dell Stage
"7-Zip" = 7-Zip 9.22beta
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Audacity_is1" = Audacity 2.0.2
"Bandicam" = Bandicam
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"Dell Webcam Central" = Dell Webcam Central
"expat_is1" = Expat XML Parser 2.1.0
"FFmpeg for Audacity_is1" = FFmpeg v0.6.2 for Audacity
"Git_is1" = Git version 1.8.0-preview20121022
"Google Chrome" = Google Chrome
"InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage
"Juniper Network Connect 7.2.0" = Juniper Networks Network Connect 7.2.0
"Juniper_Setup_Client Activex Control" = Juniper Networks, Inc. Setup Client Activex Control
"LAME_is1" = LAME v3.99.3 (for Windows)
"MixMeister BPM Analyzer_is1" = MixMeister BPM Analyzer 1.0
"Mozilla Firefox 23.0.1 (x86 en-US)" = Mozilla Firefox 23.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Network Stumbler" = Network Stumbler 0.4.0 (remove only)
"Notepad++" = Notepad++
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"Open Broadcaster Software" = Open Broadcaster Software
"SafeConnect" = SafeConnect
"Steam App 113200" = The Binding of Isaac
"VirusTotalUploader2.0" = VirusTotal Uploader 2.0
"WinLiveSuite" = Windows Live Essentials
"ZinioReader4" = Zinio Reader 4

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Juniper_Setup_Client" = Juniper Networks, Inc. Setup Client
"Neoteris_Host_Checker" = Juniper Networks Host Checker

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 8/10/2013 8:03:31 AM | Computer Name = Patrick-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 8/10/2013 8:03:31 AM | Computer Name = Patrick-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 9188

Error - 8/10/2013 8:03:31 AM | Computer Name = Patrick-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 9188

Error - 8/10/2013 8:03:32 AM | Computer Name = Patrick-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 8/10/2013 8:03:32 AM | Computer Name = Patrick-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 10202

Error - 8/10/2013 8:03:32 AM | Computer Name = Patrick-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 10202

Error - 8/10/2013 8:03:33 AM | Computer Name = Patrick-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 8/10/2013 8:03:33 AM | Computer Name = Patrick-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 11201

Error - 8/10/2013 8:03:33 AM | Computer Name = Patrick-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 11201

Error - 8/10/2013 4:42:23 PM | Computer Name = Patrick-PC | Source = WinMgmt | ID = 10
Description =

[ Broadcom Wireless LAN Events ]
Error - 8/17/2013 1:11:37 AM | Computer Name = Patrick-PC | Source = WLAN-Tray | ID = 0
Description = 01:11:37, Sat, Aug 17, 13 Error - Unable to set enhanced country code


Error - 8/17/2013 1:11:37 AM | Computer Name = Patrick-PC | Source = WLAN-Tray | ID = 0
Description = 01:11:37, Sat, Aug 17, 13 Error - Unable to set enhanced country code


Error - 8/17/2013 1:12:18 AM | Computer Name = Patrick-PC | Source = WLAN-Tray | ID = 0
Description = 01:12:18, Sat, Aug 17, 13 Error - Unable to set enhanced country code


Error - 8/17/2013 12:50:44 PM | Computer Name = Patrick-PC | Source = WLAN-Tray | ID = 0
Description = 12:50:44, Sat, Aug 17, 13 Error - Unable to set enhanced country code


Error - 8/17/2013 8:36:57 PM | Computer Name = Patrick-PC | Source = WLAN-Tray | ID = 0
Description = 20:36:57, Sat, Aug 17, 13 Error - Unable to set enhanced country code


Error - 8/18/2013 12:35:18 PM | Computer Name = Patrick-PC | Source = WLAN-Tray | ID = 0
Description = 12:35:18, Sun, Aug 18, 13 Error - Unable to set enhanced country code


Error - 8/18/2013 5:25:30 PM | Computer Name = Patrick-PC | Source = WLAN-Tray | ID = 0
Description = 17:25:30, Sun, Aug 18, 13 Error - Unable to set enhanced country code


Error - 8/18/2013 5:25:31 PM | Computer Name = Patrick-PC | Source = WLAN-Tray | ID = 0
Description = 17:25:31, Sun, Aug 18, 13 Error - Unable to set enhanced country code


Error - 8/19/2013 8:51:15 PM | Computer Name = Patrick-PC | Source = WLAN-Tray | ID = 0
Description = 20:50:53, Mon, Aug 19, 13 Error - (WLTRAY.EXE-3016) Unable to start
peernet session, after 200 iterations

Error - 8/19/2013 8:51:16 PM | Computer Name = Patrick-PC | Source = WLAN-Tray | ID = 0
Description = 20:51:16, Mon, Aug 19, 13 Error - Unable to initialize peernet library


[ System Events ]
Error - 8/2/2013 8:17:43 PM | Computer Name = Patrick-PC | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 8/2/2013 8:17:43 PM | Computer Name = Patrick-PC | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 8/2/2013 8:17:43 PM | Computer Name = Patrick-PC | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 8/2/2013 8:17:43 PM | Computer Name = Patrick-PC | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 8/2/2013 8:17:43 PM | Computer Name = Patrick-PC | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 8/2/2013 8:17:43 PM | Computer Name = Patrick-PC | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 8/2/2013 8:17:45 PM | Computer Name = Patrick-PC | Source = DCOM | ID = 10005
Description =

Error - 8/2/2013 8:17:45 PM | Computer Name = Patrick-PC | Source = DCOM | ID = 10005
Description =

Error - 8/2/2013 8:17:46 PM | Computer Name = Patrick-PC | Source = Service Control Manager | ID = 7001
Description = The HomeGroup Provider service depends on the Function Discovery Provider
Host service which failed to start because of the following error: %%1068

Error - 8/2/2013 8:23:04 PM | Computer Name = Patrick-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 8:20:29 PM on ?8/?2/?2013 was unexpected.


< End of report >


Thanks in advance for your help! (Alhough it may be strained by the hanging at the NLSLexicons that may occur)
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP