Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

possible oyodomo redirect


  • Please log in to reply

#1
orion44

orion44

    New Member

  • Member
  • Pip
  • 4 posts
Hi,

A few days ago, I installed a few different pieces of freeware, including Stardock and Rocketdock, a CD to MP3 converter, an M4A to MP3 converter, a utility called Core Temp, and a start menu called Classic Shell for my Windows 8 OS. I think one of these downloads ended up putting the oyodomo virus on to my laptop...I get a lot of pop-ups from various webpages, and the first URL in the pop-up redirect that comes up is oyodomo. At first, I was getting a lot of these pop-ups, so I tried to do various scans using Malwarebytes, SuperAntiSpyware, and Spybot - Search & Destroy. They detected a few things that I removed, including a piece of adware called DealPly, but there was nothing that obviously pointed to oyodomo. I also uninstalled Stardock after deciding to go with Rocketdock instead.

After that, I did a system restore to an earlier time, and this seemed to help to some degree. However, whenever I open Firefox now (Firefox is the only browser I use), I often get a message at the top of the screen that says 'Firefox prevented this page from automatically redirecting to another page'. There's no particular website that triggers this message, and the ones that do only do it from time to time...it seems to be almost random.

I did a search on your website for oyodomo, and it gave me a few links, but I wasn't able to find the one that referred to oyodomo, so I started a new topic and followed your instructions.

Here is my OTL.txt file:

OTL logfile created on: 2013-08-24 1:59:44 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Matt\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16660)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: yyyy-MM-dd

15.89 Gb Total Physical Memory | 12.27 Gb Available Physical Memory | 77.20% Memory free
18.14 Gb Paging File | 14.65 Gb Available in Paging File | 80.78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 667.82 Gb Total Space | 534.73 Gb Free Space | 80.07% Space Free | Partition Type: NTFS
Drive D: | 29.04 Gb Total Space | 3.36 Gb Free Space | 11.56% Space Free | Partition Type: NTFS

Computer Name: MATT-PC | User Name: Matt | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013-08-24 13:59:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Matt\Downloads\OTL.exe
PRC - [2013-08-16 22:18:38 | 001,861,512 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
PRC - [2013-08-16 21:32:58 | 000,276,376 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013-08-12 19:19:20 | 000,078,352 | ---- | M] (cyberlink) -- C:\Program Files (x86)\CyberLink\Shared files\brs.exe
PRC - [2013-06-29 10:49:28 | 000,068,608 | ---- | M] (IvoSoft) -- C:\Program Files\Classic Shell\ClassicShellService.exe
PRC - [2013-05-16 10:56:34 | 001,033,688 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2013-05-16 10:56:30 | 001,817,560 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2013-05-15 13:21:32 | 000,171,928 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2013-05-11 04:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013-02-27 14:22:42 | 001,260,320 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013-02-07 09:20:20 | 001,641,768 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
PRC - [2013-02-07 09:20:08 | 003,695,912 | ---- | M] (AuthenTec Inc.) -- C:\Program Files (x86)\HP SimplePass\TouchControl.exe
PRC - [2013-02-07 09:19:54 | 004,073,768 | ---- | M] () -- C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
PRC - [2012-11-05 16:14:34 | 001,343,904 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
PRC - [2012-09-27 21:42:26 | 000,014,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2012-09-07 19:33:08 | 000,581,024 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2012-09-07 19:33:08 | 000,035,232 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2012-09-06 06:50:40 | 001,124,288 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2012-08-27 10:45:56 | 001,112,000 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2012-07-17 19:10:32 | 000,364,416 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2012-07-17 19:10:30 | 000,276,864 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2012-07-17 19:10:24 | 000,128,896 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2012-07-17 19:10:16 | 000,165,760 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
PRC - [2012-06-07 21:34:06 | 000,111,120 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
PRC - [2011-09-15 00:06:38 | 000,169,624 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
PRC - [2007-09-02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe


========== Modules (No Company Name) ==========

MOD - [2013-08-24 09:32:59 | 006,998,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\acf905c62ab9c1b77ca69e8b745e3fdb\System.Core.ni.dll
MOD - [2013-08-24 09:32:38 | 007,566,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\624ad6159b6e241ad6d28bf4dca9f14b\System.Xml.ni.dll
MOD - [2013-08-24 09:32:34 | 012,698,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\3143512c68ba24d18b7444b13fae2abb\System.Windows.Forms.ni.dll
MOD - [2013-08-24 09:32:28 | 001,631,744 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\3603744988436295da5d16e76038e484\System.Drawing.ni.dll
MOD - [2013-08-24 09:31:42 | 009,937,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\375a937eec7d6faa53ac11ab2973eb76\System.ni.dll
MOD - [2013-08-16 22:18:37 | 016,166,280 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
MOD - [2013-08-16 21:32:43 | 003,551,640 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013-08-12 20:04:48 | 016,547,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\5e3a9f3d64adfb3c69b49d37368bf454\mscorlib.ni.dll
MOD - [2013-08-12 20:04:48 | 000,197,120 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\1fc03f9a739f1ac6b62134debfafd32b\CustomMarshalers.ni.dll
MOD - [2013-02-07 09:19:54 | 004,073,768 | ---- | M] () -- C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
MOD - [2012-06-08 11:34:06 | 000,016,400 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
MOD - [2012-06-07 21:34:06 | 000,627,216 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
MOD - [2007-09-02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe
MOD - [2007-09-02 13:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013-08-12 19:09:03 | 000,323,072 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2013-07-01 18:44:21 | 000,016,048 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013-06-29 10:49:28 | 000,068,608 | ---- | M] (IvoSoft) [Auto | Running] -- C:\Program Files\Classic Shell\ClassicShellService.exe -- (ClassicShellService)
SRV:64bit: - [2013-06-28 16:55:18 | 000,409,720 | ---- | M] () [Auto | Running] -- C:\Program Files\Macrium\Reflect\ReflectService.exe -- (ReflectService.exe)
SRV:64bit: - [2013-06-24 16:54:45 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2013-06-09 16:05:18 | 001,900,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe -- (OfficeSvc)
SRV:64bit: - [2013-06-01 03:19:58 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013-05-23 14:12:02 | 000,143,120 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
SRV:64bit: - [2013-05-04 00:58:02 | 000,470,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013-05-04 00:57:05 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2013-04-08 22:48:42 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013-03-01 20:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013-03-01 20:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013-01-09 17:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013-01-09 17:22:35 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2013-01-07 23:31:42 | 000,401,856 | ---- | M] (AuthenTec, Inc.) [On_Demand | Running] -- C:\Program Files\Common Files\AuthenTec\TrueService.exe -- (TrueService)
SRV:64bit: - [2012-11-14 12:30:00 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2012-11-14 12:29:48 | 002,367,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2012-11-14 12:29:45 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2012-09-24 18:03:12 | 001,153,840 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV:64bit: - [2012-09-24 18:02:54 | 000,272,176 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2012-09-24 18:02:42 | 000,617,776 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2012-09-24 18:02:16 | 000,149,296 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2012-09-24 13:40:56 | 000,031,040 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2012-09-13 06:33:50 | 000,731,688 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV:64bit: - [2012-09-06 03:47:02 | 000,028,160 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\valWBFPolicyService.exe -- (valWBFPolicyService)
SRV:64bit: - [2012-08-15 19:08:14 | 000,135,984 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV:64bit: - [2012-07-25 21:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2012-07-25 21:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2012-07-25 21:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2012-07-25 21:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2012-07-25 21:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2012-07-25 21:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012-07-25 21:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2012-07-25 21:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2012-07-25 21:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2012-07-25 21:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:64bit: - [2012-07-25 18:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2012-07-25 18:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2012-07-25 18:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2012-07-25 18:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2012-07-25 18:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2012-07-25 18:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2012-04-20 16:16:12 | 000,635,104 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV - [2013-08-16 21:32:57 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013-05-11 04:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013-02-27 14:22:42 | 001,260,320 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013-02-07 09:20:20 | 001,641,768 | ---- | M] (HP) [Auto | Running] -- C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe -- (FPLService)
SRV - [2012-11-14 12:29:45 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012-10-12 19:22:08 | 000,035,744 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe -- (HPConnectedRemote)
SRV - [2012-09-27 21:42:26 | 000,014,904 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2012-09-27 13:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2012-09-25 05:35:10 | 000,276,288 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012-09-07 19:33:08 | 000,035,232 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2012-09-06 06:50:40 | 001,124,288 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2012-08-27 10:45:56 | 001,112,000 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2012-07-25 21:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2012-07-25 21:18:41 | 000,408,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2012-07-25 21:17:52 | 000,060,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2012-07-24 20:00:08 | 002,457,232 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2012-07-17 19:10:32 | 000,364,416 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012-07-17 19:10:30 | 000,276,864 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012-07-17 19:10:24 | 000,128,896 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe -- (Intel®
SRV - [2012-07-17 19:10:16 | 000,165,760 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012-07-16 16:54:08 | 000,244,752 | ---- | M] (CyberLink) [Auto | Stopped] -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe -- (CLKMSVC10_38F51D56)
SRV - [2011-09-15 00:06:38 | 000,169,624 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor10.0)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013-08-12 22:41:50 | 000,231,376 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\truecrypt.sys -- (truecrypt)
DRV:64bit: - [2013-08-12 19:09:04 | 000,542,208 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2013-07-09 02:04:07 | 000,120,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2013-07-01 18:44:14 | 000,036,288 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013-07-01 16:08:49 | 000,247,216 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013-06-29 00:15:54 | 000,195,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013-06-10 15:17:46 | 000,096,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2013-06-01 05:29:35 | 000,337,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013-06-01 05:29:35 | 000,213,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2013-05-31 21:08:57 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013-05-13 15:36:06 | 000,050,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\point64.sys -- (Point64)
DRV:64bit: - [2013-05-04 01:34:17 | 000,446,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013-05-04 01:34:15 | 000,284,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013-03-25 14:41:46 | 000,076,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2013-03-02 04:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013-03-02 04:45:20 | 000,148,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013-03-02 04:39:38 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013-02-27 14:22:40 | 000,030,496 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2013-01-11 19:02:34 | 000,064,624 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2013-01-09 19:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2012-11-26 21:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2012-11-19 22:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2012-11-14 12:29:45 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2012-11-14 12:29:45 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2012-11-05 21:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2012-10-12 02:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012-10-11 01:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2012-10-11 01:13:49 | 000,058,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)
DRV:64bit: - [2012-10-10 13:18:16 | 004,309,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NETwew00.sys -- (NETwNe64)
DRV:64bit: - [2012-10-09 20:48:50 | 000,035,296 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2012-10-09 20:48:50 | 000,025,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2012-10-09 20:48:48 | 000,188,896 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\xHCIPort.sys -- (XHCIPort)
DRV:64bit: - [2012-10-09 20:48:48 | 000,047,072 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\usb3Hub.sys -- (usb3Hub)
DRV:64bit: - [2012-09-28 12:37:04 | 000,650,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012-09-24 16:13:30 | 005,338,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012-09-24 13:40:56 | 000,043,840 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2012-09-24 13:40:56 | 000,031,040 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2012-09-14 16:09:34 | 000,457,528 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2012-09-14 16:09:32 | 000,043,832 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:64bit: - [2012-09-14 16:09:32 | 000,041,272 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\Smb_driver_AMDASF.sys -- (SmbDrv)
DRV:64bit: - [2012-09-13 06:35:08 | 000,162,344 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\AmpPal.sys -- (AMPPALP)
DRV:64bit: - [2012-09-13 06:35:08 | 000,162,344 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2012-08-31 11:40:24 | 000,020,800 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\WirelessButtonDriver64.sys -- (WirelessButtonDriver)
DRV:64bit: - [2012-08-29 10:36:54 | 000,857,472 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2012-08-27 10:48:12 | 000,121,728 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2012-08-12 05:47:16 | 000,056,336 | ---- | M] (Corel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2012-08-08 21:17:50 | 000,273,040 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\RtsP2Stor.sys -- (RSP2STOR)
DRV:64bit: - [2012-08-06 13:07:08 | 000,068,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\iBtFltCoex.sys -- (ibtfltcoex)
DRV:64bit: - [2012-07-25 23:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012-07-25 23:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
DRV:64bit: - [2012-07-25 23:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2012-07-25 23:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2012-07-25 23:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2012-07-25 23:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2012-07-25 23:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2012-07-25 23:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2012-07-25 23:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2012-07-25 23:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2012-07-25 23:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2012-07-25 23:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2012-07-25 23:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2012-07-25 23:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2012-07-25 23:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:64bit: - [2012-07-25 23:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012-07-25 23:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012-07-25 22:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2012-07-25 22:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
DRV:64bit: - [2012-07-25 21:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012-07-25 20:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2012-07-25 20:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2012-07-25 20:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2012-07-25 20:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2012-07-25 20:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2012-07-25 20:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2012-07-25 20:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2012-07-25 20:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2012-07-25 20:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2012-07-25 20:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2012-07-25 20:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2012-07-25 20:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2012-07-25 20:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2012-07-25 20:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012-07-25 20:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2012-07-25 20:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2012-07-25 20:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012-07-25 20:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2012-07-25 20:25:02 | 000,202,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2012-07-25 20:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2012-07-25 20:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2012-07-25 20:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2012-06-25 10:24:50 | 000,092,536 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\CLVirtualDrive.sys -- (CLVirtualDrive)
DRV:64bit: - [2012-06-20 00:40:52 | 000,342,528 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2012-06-12 23:41:22 | 000,683,664 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2011-07-22 10:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011-07-12 15:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2009-05-18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCON13/4
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPCON13/4
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...0TR&pc=HPNTDFJS
IE:64bit: - HKLM\..\SearchScopes\{913465D7-3D1A-47B2-9FE5-B3B1DAFE96C0}: "URL" = http://www.amazon.ca...s={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...56705-11896-0/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCON13/4
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPCON13/4
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...0TR&pc=HPNTDFJS
IE - HKLM\..\SearchScopes\{913465D7-3D1A-47B2-9FE5-B3B1DAFE96C0}: "URL" = http://www.amazon.ca...s={searchTerms}
IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...56705-11896-0/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCON13/4
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPCON13/4
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...0TR&pc=HPNTDFJS
IE - HKCU\..\SearchScopes\{913465D7-3D1A-47B2-9FE5-B3B1DAFE96C0}: "URL" = http://www.amazon.ca...s={searchTerms}
IE - HKCU\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...56705-11896-0/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "DuckDuckGo"
FF - prefs.js..browser.search.selectedEngine: "DuckDuckGo"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://www.webmail....aw.ca/uwc/auth"
FF - prefs.js..extensions.enabledAddons: donottrackplus%40abine.com:2.2.9.618
FF - prefs.js..extensions.enabledAddons: %7B45d8ff86-d909-11db-9705-005056c00008%7D:1.1.0
FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20130515
FF - prefs.js..extensions.enabledAddons: %7BF53C93F1-07D5-430c-86D4-C9531B27DFAF%7D:1.0.0.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@authentec.com/ffwloplugin: C:\Program Files (x86)\HP SimplePass\npffwloplugin.dll ( HP)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3503.0728: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2013-08-18 19:33:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Matt\AppData\Roaming\Mozilla\Extensions
[2013-08-23 23:03:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\d0ebe14p.default\extensions
[2013-08-12 18:45:06 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\d0ebe14p.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2013-08-12 18:38:41 | 000,000,000 | ---D | M] (AVG Do Not Track) -- C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\d0ebe14p.default\extensions\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}
[2013-08-12 18:39:51 | 000,000,000 | ---D | M] (DoNotTrackMe) -- C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\d0ebe14p.default\extensions\[email protected]
[2013-08-16 21:29:44 | 001,312,907 | ---- | M] () (No name found) -- C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\d0ebe14p.default\extensions\[email protected]
[2013-08-12 18:43:31 | 000,269,092 | ---- | M] () (No name found) -- C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\d0ebe14p.default\extensions\[email protected]
[2013-08-12 18:43:16 | 000,080,318 | ---- | M] () (No name found) -- C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\d0ebe14p.default\extensions\[email protected]
[2013-08-16 21:22:28 | 000,320,337 | ---- | M] () (No name found) -- C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\d0ebe14p.default\extensions\[email protected]
[2013-08-12 18:39:19 | 000,060,243 | ---- | M] () (No name found) -- C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\d0ebe14p.default\extensions\{45d8ff86-d909-11db-9705-005056c00008}.xpi
[2013-08-12 18:37:17 | 000,824,302 | ---- | M] () (No name found) -- C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\d0ebe14p.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013-08-12 18:47:24 | 000,010,530 | ---- | M] () -- C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\d0ebe14p.default\searchplugins\duckduckgo.xml
[2013-08-16 21:32:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013-08-16 21:32:58 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

O1 HOSTS File: ([2012-07-25 23:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - MRI_DISABLED - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
O3 - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
O4:64bit: - HKLM..\Run: [Eraser] C:\Program Files\Eraser\Eraser.exe (The Eraser Project)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [Power2GoExpress8] C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe (CyberLink Corp.)
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8:64bit: - Extra context menu item: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm ()
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.59.184.15 64.59.190.245
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A11B3A60-54B6-43AE-8F70-305A0FA8089E}: DhcpNameServer = 64.59.184.15 64.59.190.245
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BF79B64A-227B-4FB9-BAF5-4FAF5C11CE5E}: DhcpNameServer = 10.188.15.20 10.188.15.58
O18:64bit: - Protocol\Handler\gopher - No CLSID value found
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\gopher - No CLSID value found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\deflate - No CLSID value found
O18:64bit: - Protocol\Filter\gzip - No CLSID value found
O18:64bit: - Protocol\Filter\lzdhtml - No CLSID value found
O18 - Protocol\Filter\deflate - No CLSID value found
O18 - Protocol\Filter\gzip - No CLSID value found
O18 - Protocol\Filter\lzdhtml - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013-08-23 19:22:21 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013-08-23 22:02:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SadMan Software
[2013-08-23 22:01:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\File Type Advisor
[2013-08-23 22:01:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\File Type Advisor
[2013-08-23 22:01:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free M4a to MP3 Converter
[2013-08-23 21:58:31 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Roaming\Eusing
[2013-08-23 21:58:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CD to MP3 Freeware
[2013-08-23 19:22:04 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2013-08-23 19:22:04 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2013-08-23 11:45:32 | 000,000,000 | ---D | C] -- C:\Users\Matt\Documents\Custom Office Templates
[2013-08-23 11:43:17 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Local\Microsoft Help
[2013-08-19 20:52:35 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Local\AdFender
[2013-08-19 20:50:41 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013-08-19 20:48:48 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Roaming\SuperAdBlocker.com
[2013-08-19 20:48:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SuperAdBlocker.com
[2013-08-19 17:32:40 | 000,000,000 | ---D | C] -- C:\ProgramData\SadMan Software
[2013-08-19 17:32:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SadMan Software
[2013-08-18 19:38:14 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CD to MP3 Freeware
[2013-08-18 19:38:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CD to MP3 Freeware
[2013-08-18 19:35:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Conduit
[2013-08-18 19:34:37 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Local\Google
[2013-08-18 19:26:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free M4a to MP3 Converter
[2013-08-17 18:18:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
[2013-08-17 18:18:28 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Mouse and Keyboard Center
[2013-08-17 14:06:08 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Local\HP
[2013-08-16 22:34:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RocketDock
[2013-08-16 22:34:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RocketDock
[2013-08-16 22:27:03 | 000,000,000 | ---D | C] -- C:\Users\Matt\Documents\Stardock
[2013-08-16 22:27:03 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Roaming\Stardock
[2013-08-16 22:27:03 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Local\Stardock
[2013-08-16 22:18:54 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Local\Macromedia
[2013-08-16 22:15:41 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2013-08-16 22:02:39 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Roaming\WebApp
[2013-08-16 22:01:32 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Local\Cyberlink
[2013-08-16 22:01:30 | 000,000,000 | ---D | C] -- C:\Users\Matt\Documents\CyberLink
[2013-08-16 21:57:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2013-08-16 21:57:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013-08-16 21:56:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2013-08-16 21:49:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2013-08-16 21:49:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2013-08-16 21:48:45 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Roaming\Apple Computer
[2013-08-16 21:48:45 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Local\Apple Computer
[2013-08-16 21:48:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013-08-16 21:48:19 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013-08-16 21:48:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2013-08-16 21:48:19 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013-08-16 21:48:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2013-08-16 21:48:19 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2013-08-16 21:48:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2013-08-16 21:48:12 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Local\Apple
[2013-08-16 21:47:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2013-08-16 21:47:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2013-08-16 21:32:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013-08-16 20:39:38 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Roaming\vlc
[2013-08-16 20:31:59 | 000,000,000 | ---D | C] -- C:\Users\Matt\Documents\DVDFab
[2013-08-16 20:31:23 | 000,000,000 | ---D | C] -- C:\Users\Matt\Documents\article
[2013-08-16 19:35:41 | 000,000,000 | -H-D | C] -- C:\Users\Matt\Documents\Tax
[2013-08-16 19:35:41 | 000,000,000 | ---D | C] -- C:\Users\Matt\Documents\samsung
[2013-08-16 19:35:36 | 000,000,000 | ---D | C] -- C:\Users\Matt\Documents\Linden Method
[2013-08-16 19:35:35 | 000,000,000 | ---D | C] -- C:\Users\Matt\Documents\Holton
[2013-08-16 19:35:35 | 000,000,000 | ---D | C] -- C:\Users\Matt\Documents\GERD
[2013-08-16 19:16:58 | 000,000,000 | ---D | C] -- C:\Users\Matt\Documents\Yukon
[2013-08-16 19:16:57 | 000,000,000 | ---D | C] -- C:\Users\Matt\Desktop\Work
[2013-08-16 19:16:57 | 000,000,000 | ---D | C] -- C:\Users\Matt\Documents\Virus
[2013-08-16 19:16:56 | 000,000,000 | ---D | C] -- C:\Users\Matt\Desktop\Utah
[2013-08-16 19:16:51 | 000,000,000 | ---D | C] -- C:\Users\Matt\Desktop\Turkey
[2013-08-16 19:16:51 | 000,000,000 | ---D | C] -- C:\Users\Matt\Desktop\South Dakota
[2013-08-16 19:16:50 | 000,000,000 | ---D | C] -- C:\Users\Matt\Desktop\Smartphones
[2013-08-16 19:16:50 | 000,000,000 | ---D | C] -- C:\Users\Matt\Desktop\Investing
[2013-08-16 19:16:50 | 000,000,000 | ---D | C] -- C:\Users\Matt\Desktop\Health
[2013-08-16 19:16:49 | 000,000,000 | ---D | C] -- C:\Users\Matt\Desktop\Fog study
[2013-08-12 23:21:20 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Local\Eraser 6
[2013-08-12 23:02:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp
[2013-08-12 23:02:08 | 000,000,000 | ---D | C] -- C:\Program Files\Core Temp
[2013-08-12 22:54:45 | 000,000,000 | ---D | C] -- C:\Users\Matt\.gnucash
[2013-08-12 22:54:45 | 000,000,000 | ---D | C] -- C:\Users\Matt\.gnome2_private
[2013-08-12 22:54:45 | 000,000,000 | ---D | C] -- C:\Users\Matt\.gnome2
[2013-08-12 22:54:45 | 000,000,000 | ---D | C] -- C:\Users\Matt\.gconfd
[2013-08-12 22:54:45 | 000,000,000 | ---D | C] -- C:\Users\Matt\.gconf
[2013-08-12 22:39:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell
[2013-08-12 22:39:07 | 000,000,000 | ---D | C] -- C:\Program Files\Classic Shell
[2013-08-12 22:35:29 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Roaming\TrueCrypt
[2013-08-12 22:18:39 | 000,000,000 | ---D | C] -- C:\Users\Matt\Documents\e-Sword
[2013-08-12 22:18:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\e-Sword
[2013-08-12 22:18:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\EzTools
[2013-08-12 22:18:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\e-Sword
[2013-08-12 22:18:02 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Local\Downloaded Installations
[2013-08-12 22:17:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013-08-12 22:17:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2013-08-12 22:13:12 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Macrium
[2013-08-12 22:13:10 | 000,000,000 | ---D | C] -- C:\Program Files\Macrium
[2013-08-12 22:06:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
[2013-08-12 22:06:32 | 000,000,000 | ---D | C] -- C:\Program Files\Recuva
[2013-08-12 22:05:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Macrium
[2013-08-12 22:01:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2013-08-12 22:01:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2013-08-12 22:01:42 | 000,017,272 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe
[2013-08-12 22:01:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2013-08-12 21:57:51 | 000,000,000 | ---D | C] -- C:\Program Files\Eraser
[2013-08-12 21:57:06 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Roaming\SUPERAntiSpyware.com
[2013-08-12 21:56:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2013-08-12 21:56:30 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2013-08-12 21:56:30 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2013-08-12 21:49:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013-08-12 21:49:19 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013-08-12 21:47:54 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Roaming\Malwarebytes
[2013-08-12 21:47:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013-08-12 21:47:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013-08-12 21:47:40 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013-08-12 21:47:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013-08-12 21:47:22 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Local\Programs
[2013-08-12 21:45:40 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TrueCrypt
[2013-08-12 21:45:38 | 000,231,376 | ---- | C] (TrueCrypt Foundation) -- C:\Windows\SysNative\drivers\truecrypt.sys
[2013-08-12 21:45:35 | 000,000,000 | ---D | C] -- C:\Program Files\TrueCrypt
[2013-08-12 19:52:35 | 000,000,000 | ---D | C] -- C:\Program Files\IDT
[2013-08-12 19:39:50 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Roaming\CyberLink
[2013-08-12 19:37:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2013-08-12 19:37:36 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2013-08-12 19:32:48 | 000,000,000 | -H-D | C] -- C:\Users\Public\Documents\YouCam
[2013-08-12 19:16:03 | 000,092,536 | ---- | C] (CyberLink) -- C:\Windows\SysNative\drivers\CLVirtualDrive.sys
[2013-08-12 19:16:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\CyberLink
[2013-08-12 19:09:28 | 000,542,208 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\drivers\stwrt64.sys
[2013-08-12 19:09:28 | 000,499,200 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stcplx64.dll
[2013-08-12 19:09:27 | 002,188,800 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stapo64.dll
[2013-08-12 19:09:27 | 000,671,744 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stapi64.dll
[2013-08-12 19:09:27 | 000,255,488 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\st646425.dll
[2013-08-12 18:51:03 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Roaming\Thunderbird
[2013-08-12 18:51:03 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Local\Thunderbird
[2013-08-12 18:50:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2013-08-12 18:34:43 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Roaming\Mozilla
[2013-08-12 18:34:43 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Local\Mozilla
[2013-08-12 18:34:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013-08-12 18:34:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013-08-12 18:12:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2013-08-12 17:42:49 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Local\Diagnostics
[2013-08-12 17:23:58 | 000,000,000 | ---D | C] -- C:\ProgramData\TrueSuite
[2013-08-08 19:41:34 | 000,000,000 | R--D | C] -- C:\Users\Matt\SkyDrive
[2013-08-08 19:40:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2013-08-08 19:30:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
[2013-08-08 19:29:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office 15
[2013-08-08 19:26:30 | 000,166,464 | ---- | C] (Geek Squad) -- C:\Users\Public\Desktop\Geek Squad Support.exe
[2013-08-08 19:26:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Geek Squad
[2013-08-08 18:38:37 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Local\assembly
[2013-08-08 18:38:36 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Roaming\Hewlett-Packard
[2013-08-08 18:37:16 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Roaming\hpqlog
[2013-08-08 18:36:59 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Local\Hewlett-Packard
[2013-08-08 18:36:55 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Local\Adobe
[2013-08-08 18:36:31 | 000,000,000 | R--D | C] -- C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013-08-08 18:36:31 | 000,000,000 | R--D | C] -- C:\Users\Matt\Searches
[2013-08-08 18:36:31 | 000,000,000 | R--D | C] -- C:\Users\Matt\Contacts
[2013-08-08 18:36:31 | 000,000,000 | R--D | C] -- C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013-08-08 18:36:29 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Roaming\Adobe
[2013-08-08 18:36:25 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shopping and Services
[2013-08-08 18:36:23 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Local\AuthenTec
[2013-08-08 18:36:17 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Local\Power2Go8
[2013-08-08 18:36:04 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Roaming\Synaptics
[2013-08-08 18:35:51 | 000,000,000 | -H-D | C] -- C:\Users\Matt\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2013-08-08 18:35:51 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Local\VirtualStore
[2013-08-08 18:35:44 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Local\Packages
[2013-08-08 18:35:41 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Roaming\Intel
[2013-08-08 18:35:39 | 000,000,000 | -HSD | C] -- C:\Users\Matt\AppData\Local\Temporary Internet Files
[2013-08-08 18:35:39 | 000,000,000 | -HSD | C] -- C:\Users\Matt\Templates
[2013-08-08 18:35:39 | 000,000,000 | -HSD | C] -- C:\Users\Matt\Start Menu
[2013-08-08 18:35:39 | 000,000,000 | -HSD | C] -- C:\Users\Matt\SendTo
[2013-08-08 18:35:39 | 000,000,000 | -HSD | C] -- C:\Users\Matt\Recent
[2013-08-08 18:35:39 | 000,000,000 | -HSD | C] -- C:\Users\Matt\PrintHood
[2013-08-08 18:35:39 | 000,000,000 | -HSD | C] -- C:\Users\Matt\NetHood
[2013-08-08 18:35:39 | 000,000,000 | -HSD | C] -- C:\Users\Matt\Documents\My Videos
[2013-08-08 18:35:39 | 000,000,000 | -HSD | C] -- C:\Users\Matt\Documents\My Pictures
[2013-08-08 18:35:39 | 000,000,000 | -HSD | C] -- C:\Users\Matt\Documents\My Music
[2013-08-08 18:35:39 | 000,000,000 | -HSD | C] -- C:\Users\Matt\My Documents
[2013-08-08 18:35:39 | 000,000,000 | -HSD | C] -- C:\Users\Matt\Local Settings
[2013-08-08 18:35:39 | 000,000,000 | -HSD | C] -- C:\Users\Matt\AppData\Local\History
[2013-08-08 18:35:39 | 000,000,000 | -HSD | C] -- C:\Users\Matt\Cookies
[2013-08-08 18:35:39 | 000,000,000 | -HSD | C] -- C:\Users\Matt\Application Data
[2013-08-08 18:35:39 | 000,000,000 | -HSD | C] -- C:\Users\Matt\AppData\Local\Application Data
[2013-08-08 18:35:34 | 000,000,000 | --SD | C] -- C:\Users\Matt\AppData\Roaming\Microsoft
[2013-08-08 18:35:34 | 000,000,000 | R--D | C] -- C:\Users\Matt\Videos
[2013-08-08 18:35:34 | 000,000,000 | R--D | C] -- C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2013-08-08 18:35:34 | 000,000,000 | R--D | C] -- C:\Users\Matt\Saved Games
[2013-08-08 18:35:34 | 000,000,000 | R--D | C] -- C:\Users\Matt\Pictures
[2013-08-08 18:35:34 | 000,000,000 | R--D | C] -- C:\Users\Matt\Music
[2013-08-08 18:35:34 | 000,000,000 | R--D | C] -- C:\Users\Matt\Links
[2013-08-08 18:35:34 | 000,000,000 | R--D | C] -- C:\Users\Matt\Favorites
[2013-08-08 18:35:34 | 000,000,000 | R--D | C] -- C:\Users\Matt\Downloads
[2013-08-08 18:35:34 | 000,000,000 | R--D | C] -- C:\Users\Matt\Documents
[2013-08-08 18:35:34 | 000,000,000 | R--D | C] -- C:\Users\Matt\Desktop
[2013-08-08 18:35:34 | 000,000,000 | R--D | C] -- C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013-08-08 18:35:34 | 000,000,000 | R--D | C] -- C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2013-08-08 18:35:34 | 000,000,000 | -H-D | C] -- C:\Users\Matt\Documents\hp.system.package.metadata
[2013-08-08 18:35:34 | 000,000,000 | -H-D | C] -- C:\Users\Matt\Documents\hp.applications.package.appdata
[2013-08-08 18:35:34 | 000,000,000 | -H-D | C] -- C:\Users\Matt\AppData
[2013-08-08 18:35:34 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Local\Temp
[2013-08-08 18:35:34 | 000,000,000 | ---D | C] -- C:\Users\Matt\Roaming
[2013-08-08 18:35:34 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Local\Microsoft
[2013-08-08 18:35:34 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013-08-08 18:35:34 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Roaming\Macromedia
[2013-08-08 18:35:28 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2013-08-08 07:14:55 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2013-08-01 16:30:34 | 000,076,408 | ---- | C] (Paramount Software UK Ltd) -- C:\Windows\SysNative\drivers\psmounterex.sys
[2013-07-25 14:47:38 | 001,535,608 | ---- | C] (Codejock Software) -- C:\Windows\SysWow64\Codejock.ReportControl.Unicode.v16.2.2.ocx
[2013-07-25 14:47:00 | 001,977,976 | ---- | C] (Codejock Software) -- C:\Windows\SysWow64\Codejock.Controls.Unicode.v16.2.2.ocx

========== Files - Modified Within 30 Days ==========

[2013-08-24 13:54:04 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForMatt.job
[2013-08-24 13:08:19 | 001,997,784 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013-08-24 13:08:19 | 000,878,386 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2013-08-24 13:08:19 | 000,789,214 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013-08-24 13:08:19 | 000,192,342 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2013-08-24 13:08:19 | 000,162,994 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013-08-24 13:03:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-08-24 13:01:24 | 000,320,016 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013-08-24 13:01:13 | 766,107,645 | -HS- | M] () -- C:\hiberfil.sys
[2013-08-24 13:01:13 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013-08-23 21:59:07 | 000,000,040 | ---- | M] () -- C:\Users\Matt\AppData\Roaming\cdr.ini
[2013-08-23 19:22:21 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2013-08-17 17:40:37 | 000,001,134 | ---- | M] () -- C:\Users\Matt\Desktop\Snipping Tool.lnk
[2013-08-12 22:41:50 | 000,231,376 | ---- | M] (TrueCrypt Foundation) -- C:\Windows\SysNative\drivers\truecrypt.sys
[2013-08-12 19:09:04 | 006,085,632 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\stlang64.dll
[2013-08-12 19:09:04 | 001,664,000 | ---- | M] (IDT, Inc.) -- C:\Windows\sttray64.exe
[2013-08-12 19:09:04 | 000,542,208 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\drivers\stwrt64.sys
[2013-08-12 19:09:03 | 002,188,800 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\stapo64.dll
[2013-08-12 19:09:03 | 000,671,744 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\stapi64.dll
[2013-08-12 19:09:03 | 000,499,200 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\stcplx64.dll
[2013-08-12 19:09:03 | 000,255,488 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\st646425.dll
[2013-08-12 19:09:01 | 007,986,176 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\IDTNGUI.exe
[2013-08-12 19:09:01 | 007,712,768 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\IDTNHP.dll
[2013-08-12 19:09:01 | 002,213,376 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\IDTNX.dll
[2013-08-12 19:09:01 | 001,821,184 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\IDTNC64.cpl
[2013-08-12 19:09:01 | 000,464,384 | ---- | M] (SRS Labs, Inc.) -- C:\Windows\SysNative\slapoi64.dll
[2013-08-12 19:09:01 | 000,253,952 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\IDTNJ.exe
[2013-08-12 19:09:00 | 000,224,256 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\HPToneCtrls64.dll
[2013-08-12 19:09:00 | 000,042,482 | ---- | M] () -- C:\Windows\SysNative\Balen&Yeats_dv7.xml
[2013-08-08 19:31:23 | 001,351,264 | ---- | M] () -- C:\Windows\NIRMALA.tt2
[2013-08-08 19:31:22 | 001,303,396 | ---- | M] () -- C:\Windows\NIRMALAB.tt2
[2013-08-08 19:27:07 | 000,001,424 | ---- | M] () -- C:\Users\Matt\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013-08-08 18:38:42 | 000,000,141 | ---- | M] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
[2013-08-08 07:16:23 | 000,000,535 | ---- | M] () -- C:\CTOERROR.flg
[2013-08-01 16:30:34 | 000,076,408 | ---- | M] (Paramount Software UK Ltd) -- C:\Windows\SysNative\drivers\psmounterex.sys
[2013-07-25 14:47:38 | 001,535,608 | ---- | M] (Codejock Software) -- C:\Windows\SysWow64\Codejock.ReportControl.Unicode.v16.2.2.ocx
[2013-07-25 14:47:00 | 001,977,976 | ---- | M] (Codejock Software) -- C:\Windows\SysWow64\Codejock.Controls.Unicode.v16.2.2.ocx

========== Files Created - No Company Name ==========

[2013-08-24 13:01:16 | 000,320,016 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013-08-23 23:09:21 | 000,387,583 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml
[2013-08-23 21:58:31 | 000,000,040 | ---- | C] () -- C:\Users\Matt\AppData\Roaming\cdr.ini
[2013-08-23 19:22:21 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2013-08-17 17:40:37 | 000,001,134 | ---- | C] () -- C:\Users\Matt\Desktop\Snipping Tool.lnk
[2013-08-17 17:28:59 | 000,001,345 | ---- | C] () -- C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows.Defender (3).lnk
[2013-08-17 17:09:10 | 000,001,345 | ---- | C] () -- C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows.Defender (2).lnk
[2013-08-16 23:09:17 | 000,000,299 | ---- | C] () -- C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recycle Bin (2).lnk
[2013-08-16 23:09:11 | 000,000,299 | ---- | C] () -- C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recycle Bin.lnk
[2013-08-16 22:04:52 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013-08-16 21:48:12 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2013-08-16 19:27:20 | 000,041,984 | ---- | C] () -- C:\Users\Matt\Documents\table1new.xlr
[2013-08-16 19:27:20 | 000,037,376 | ---- | C] () -- C:\Users\Matt\Documents\table 1.xlr
[2013-08-16 19:27:20 | 000,033,280 | ---- | C] () -- C:\Users\Matt\Documents\table1a.xlr
[2013-08-16 19:27:20 | 000,032,256 | ---- | C] () -- C:\Users\Matt\Documents\table1b.xlr
[2013-08-16 19:27:20 | 000,006,913 | ---- | C] () -- C:\Users\Matt\Documents\Untitled Data CD Project.cl5
[2013-08-16 19:27:20 | 000,004,784 | ---- | C] () -- C:\Users\Matt\Documents\Untitled Music CD Project.cl5
[2013-08-16 19:27:20 | 000,000,933 | ---- | C] () -- C:\Users\Matt\Documents\Visualization.lnk
[2013-08-16 19:27:20 | 000,000,467 | ---- | C] () -- C:\Users\Matt\Documents\startups.css
[2013-08-16 19:27:20 | 000,000,044 | ---- | C] () -- C:\Users\Matt\Documents\Track04.cda
[2013-08-16 19:27:20 | 000,000,044 | ---- | C] () -- C:\Users\Matt\Documents\Track03.cda
[2013-08-16 19:27:20 | 000,000,044 | ---- | C] () -- C:\Users\Matt\Documents\Track02.cda
[2013-08-16 19:27:20 | 000,000,044 | ---- | C] () -- C:\Users\Matt\Documents\Track01.cda
[2013-08-16 19:27:19 | 003,892,333 | ---- | C] () -- C:\Users\Matt\Documents\Newton.pdf
[2013-08-16 19:27:19 | 001,157,632 | ---- | C] () -- C:\Users\Matt\Documents\ppttot_latest.xlr
[2013-08-16 19:27:19 | 000,499,025 | ---- | C] () -- C:\Users\Matt\Documents\perfect game baseball.PNG
[2013-08-16 19:27:19 | 000,446,942 | ---- | C] () -- C:\Users\Matt\Documents\Russia map.PNG
[2013-08-16 19:27:19 | 000,031,232 | ---- | C] () -- C:\Users\Matt\Documents\Notes.wps
[2013-08-16 19:27:19 | 000,016,046 | ---- | C] () -- C:\Users\Matt\Documents\perfect game penguin.PNG
[2013-08-16 19:27:19 | 000,000,998 | ---- | C] () -- C:\Users\Matt\Documents\Nine Pillars Visualization.lnk
[2013-08-16 19:27:18 | 001,456,334 | ---- | C] () -- C:\Users\Matt\Documents\Galaxy S2 manual.pdf
[2013-08-16 19:27:18 | 001,277,996 | ---- | C] () -- C:\Users\Matt\Documents\Matt2.jpg
[2013-08-16 19:27:18 | 001,166,860 | ---- | C] () -- C:\Users\Matt\Documents\Matt1.jpg
[2013-08-16 19:27:18 | 001,130,464 | ---- | C] () -- C:\Users\Matt\Documents\Mt Temple 2.jpg
[2013-08-16 19:27:18 | 001,064,598 | ---- | C] () -- C:\Users\Matt\Documents\Mt Temple 1.jpg
[2013-08-16 19:27:18 | 000,618,995 | ---- | C] () -- C:\Users\Matt\Documents\Hurricane Earl 2.PNG
[2013-08-16 19:27:18 | 000,570,017 | ---- | C] () -- C:\Users\Matt\Documents\Hurricane Earl.PNG
[2013-08-16 19:27:18 | 000,548,921 | ---- | C] () -- C:\Users\Matt\Documents\Kohler.pdf
[2013-08-16 19:27:18 | 000,319,048 | ---- | C] () -- C:\Users\Matt\Documents\Hurricane Earl 3.PNG
[2013-08-16 19:27:18 | 000,075,673 | ---- | C] () -- C:\Users\Matt\Documents\Matt.jpg
[2013-08-16 19:27:18 | 000,035,981 | ---- | C] () -- C:\Users\Matt\Documents\love handles.htm
[2013-08-16 19:27:18 | 000,028,672 | ---- | C] () -- C:\Users\Matt\Documents\new spreadsheet.xlr
[2013-08-16 19:27:18 | 000,025,236 | ---- | C] () -- C:\Users\Matt\Documents\Hearts.PNG
[2013-08-16 19:27:18 | 000,022,712 | ---- | C] () -- C:\Users\Matt\Documents\hearts2.PNG
[2013-08-16 19:27:18 | 000,020,800 | ---- | C] () -- C:\Users\Matt\Documents\logout.srf
[2013-08-16 19:27:18 | 000,015,857 | ---- | C] () -- C:\Users\Matt\Documents\Hard_Sudoku.png
[2013-08-16 19:27:18 | 000,007,984 | ---- | C] () -- C:\Users\Matt\Documents\mixed1.cl5
[2013-08-16 19:27:18 | 000,002,061 | ---- | C] () -- C:\Users\Matt\Documents\mic.cl5
[2013-08-16 19:27:18 | 000,000,919 | ---- | C] () -- C:\Users\Matt\Documents\MSN Hotmail - Attachment2.htm
[2013-08-16 19:27:18 | 000,000,917 | ---- | C] () -- C:\Users\Matt\Documents\MSN Hotmail - Attachment.htm
[2013-08-16 19:27:17 | 001,799,576 | ---- | C] () -- C:\Users\Matt\Documents\Fitness_Studio_mr.wmv
[2013-08-16 19:27:17 | 000,900,138 | ---- | C] () -- C:\Users\Matt\Documents\figure3b_old.jpg
[2013-08-16 19:27:17 | 000,897,553 | ---- | C] () -- C:\Users\Matt\Documents\figure3c_old.jpg
[2013-08-16 19:27:17 | 000,887,569 | ---- | C] () -- C:\Users\Matt\Documents\figure4.JPG
[2013-08-16 19:27:17 | 000,807,764 | ---- | C] () -- C:\Users\Matt\Documents\figure3a_old.jpg
[2013-08-16 19:27:17 | 000,778,210 | ---- | C] () -- C:\Users\Matt\Documents\figure3d_old.JPG
[2013-08-16 19:27:17 | 000,737,830 | ---- | C] () -- C:\Users\Matt\Documents\figure2.jpg
[2013-08-16 19:27:17 | 000,733,282 | ---- | C] () -- C:\Users\Matt\Documents\fig2_3.jpg
[2013-08-16 19:27:17 | 000,639,011 | ---- | C] () -- C:\Users\Matt\Documents\figure2_old.jpg
[2013-08-16 19:27:17 | 000,609,978 | ---- | C] () -- C:\Users\Matt\Documents\figure 4.PDF
[2013-08-16 19:27:17 | 000,446,339 | ---- | C] () -- C:\Users\Matt\Documents\figure4.GIF
[2013-08-16 19:27:17 | 000,429,611 | ---- | C] () -- C:\Users\Matt\Documents\figure2.GIF
[2013-08-16 19:27:17 | 000,429,226 | ---- | C] () -- C:\Users\Matt\Documents\figure2_new.GIF
[2013-08-16 19:27:17 | 000,329,897 | ---- | C] () -- C:\Users\Matt\Documents\figure2_old.GIF
[2013-08-16 19:27:17 | 000,294,640 | ---- | C] () -- C:\Users\Matt\Documents\figure 5.PDF
[2013-08-16 19:27:17 | 000,239,616 | ---- | C] () -- C:\Users\Matt\Documents\eventarch50_latest.xlr
[2013-08-16 19:27:17 | 000,238,442 | ---- | C] () -- C:\Users\Matt\Documents\figure3a.gif
[2013-08-16 19:27:17 | 000,231,350 | ---- | C] () -- C:\Users\Matt\Documents\figure3b.gif
[2013-08-16 19:27:17 | 000,226,959 | ---- | C] () -- C:\Users\Matt\Documents\figure3c.gif
[2013-08-16 19:27:17 | 000,220,605 | ---- | C] () -- C:\Users\Matt\Documents\figure3d.gif
[2013-08-16 19:27:17 | 000,193,424 | ---- | C] () -- C:\Users\Matt\Documents\fig2_1.jpg
[2013-08-16 19:27:17 | 000,158,694 | ---- | C] () -- C:\Users\Matt\Documents\fig2_2.jpg
[2013-08-16 19:27:17 | 000,027,174 | ---- | C] () -- C:\Users\Matt\Documents\Evil_Sudoku.PNG
[2013-08-16 19:27:17 | 000,026,467 | ---- | C] () -- C:\Users\Matt\Documents\figure5.GIF
[2013-08-16 19:27:17 | 000,026,152 | ---- | C] () -- C:\Users\Matt\Documents\figure4_latest.GIF
[2013-08-16 19:27:17 | 000,025,992 | ---- | C] () -- C:\Users\Matt\Documents\figure6.GIF
[2013-08-16 19:27:17 | 000,025,405 | ---- | C] () -- C:\Users\Matt\Documents\figure1.GIF
[2013-08-16 19:27:17 | 000,012,800 | ---- | C] () -- C:\Users\Matt\Documents\figure3_data.xlr
[2013-08-16 19:27:16 | 009,258,605 | ---- | C] () -- C:\Users\Matt\Documents\Canon user manual.pdf
[2013-08-16 19:27:16 | 000,512,214 | ---- | C] () -- C:\Users\Matt\Documents\BobC_HLYdata_200305021204_77957.zip
[2013-08-16 19:27:16 | 000,506,173 | ---- | C] () -- C:\Users\Matt\Documents\Duffman!.rsrc
[2013-08-16 19:27:16 | 000,451,584 | ---- | C] () -- C:\Users\Matt\Documents\adjusted_mthppt_latest.xlr
[2013-08-16 19:27:16 | 000,305,492 | ---- | C] () -- C:\Users\Matt\Documents\duffman.sit
[2013-08-16 19:27:16 | 000,141,104 | ---- | C] () -- C:\Users\Matt\Documents\Cell phones.pdf
[2013-08-16 19:27:16 | 000,122,737 | ---- | C] () -- C:\Users\Matt\Documents\BobC_HLYdata_200306121221_79284.zip
[2013-08-16 19:27:16 | 000,073,116 | ---- | C] () -- C:\Users\Matt\Documents\dino.PNG
[2013-08-16 19:27:16 | 000,023,207 | ---- | C] () -- C:\Users\Matt\Documents\b-day invite.PNG
[2013-08-16 19:27:16 | 000,019,174 | ---- | C] () -- C:\Users\Matt\Documents\Escapa.PNG
[2013-08-16 19:27:16 | 000,001,714 | ---- | C] () -- C:\Users\Matt\Documents\DLAC2a.htm
[2013-08-16 19:27:16 | 000,001,705 | ---- | C] () -- C:\Users\Matt\Documents\DLAC_Cvctn1.htm
[2013-08-16 19:27:16 | 000,001,701 | ---- | C] () -- C:\Users\Matt\Documents\DLAC_Cvctn2.htm
[2013-08-16 19:27:16 | 000,000,804 | ---- | C] () -- C:\Users\Matt\Documents\comcast.js
[2013-08-16 19:27:15 | 002,913,357 | ---- | C] () -- C:\Users\Matt\Documents\06-114a.pdf
[2013-08-16 19:27:15 | 000,462,970 | ---- | C] () -- C:\Users\Matt\Documents\23683527p.pdf
[2013-08-16 19:27:15 | 000,371,233 | ---- | C] () -- C:\Users\Matt\Documents\Abs Plan.mht
[2013-08-16 19:16:59 | 089,999,730 | ---- | C] () -- C:\Users\Matt\Documents\Global-Climate-Change-Impacts.pdf
[2013-08-16 19:16:58 | 001,521,800 | ---- | C] () -- C:\Users\Matt\Documents\cominco.pdf
[2013-08-16 19:16:58 | 000,040,481 | ---- | C] () -- C:\Users\Matt\Documents\dim_Defenders300x500 with inches.jpg
[2013-08-12 22:40:46 | 000,001,171 | ---- | C] () -- C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner.lnk
[2013-08-12 22:01:45 | 000,001,351 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2013-08-12 21:57:53 | 000,001,759 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eraser.lnk
[2013-08-12 19:53:32 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForMatt.job
[2013-08-12 18:34:37 | 000,001,119 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013-08-08 19:31:23 | 001,351,264 | ---- | C] () -- C:\Windows\NIRMALA.tt2
[2013-08-08 19:31:23 | 001,303,396 | ---- | C] () -- C:\Windows\NIRMALAB.tt2
[2013-08-08 19:27:07 | 000,001,424 | ---- | C] () -- C:\Users\Matt\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013-08-08 18:38:42 | 000,000,141 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
[2013-08-08 18:36:29 | 000,001,430 | ---- | C] () -- C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013-08-08 18:35:37 | 000,002,216 | ---- | C] () -- C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
[2013-08-08 18:35:37 | 000,000,352 | ---- | C] () -- C:\Users\Matt\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2013-08-08 18:35:37 | 000,000,334 | ---- | C] () -- C:\Users\Matt\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2013-08-08 07:16:48 | 766,107,645 | -HS- | C] () -- C:\hiberfil.sys
[2013-08-08 07:16:23 | 000,000,535 | ---- | C] () -- C:\CTOERROR.flg
[2013-08-08 07:14:56 | 268,435,456 | -HS- | C] () -- C:\swapfile.sys
[2013-03-08 00:39:40 | 000,024,036 | ---- | C] () -- C:\Users\Matt\SDActivate.lng
[2013-02-03 03:43:38 | 000,598,780 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin
[2013-02-03 03:43:35 | 000,755,048 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin
[2013-02-03 03:43:35 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012-12-03 05:04:00 | 000,000,582 | ---- | C] () -- C:\Windows\SysWow64\tx19_ic.ini
[2012-11-14 12:29:48 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2012-08-03 16:40:09 | 002,012,008 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012-07-26 02:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2012-07-26 02:13:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2012-07-26 01:21:26 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2012-07-25 19:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2012-07-25 14:37:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2012-07-25 14:28:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2012-07-25 14:22:54 | 000,982,240 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2012-07-25 14:22:54 | 000,439,308 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2012-07-25 14:22:54 | 000,092,356 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2012-06-02 08:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2012-04-20 15:59:44 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll

========== ZeroAccess Check ==========

[2012-11-14 11:47:57 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013-03-06 00:31:28 | 019,758,592 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013-03-05 23:03:37 | 017,561,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012-07-25 21:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012-07-25 21:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012-07-25 21:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013-08-23 21:58:31 | 000,000,000 | ---D | M] -- C:\Users\Matt\AppData\Roaming\Eusing
[2013-08-16 22:27:03 | 000,000,000 | ---D | M] -- C:\Users\Matt\AppData\Roaming\Stardock
[2013-08-19 20:48:48 | 000,000,000 | ---D | M] -- C:\Users\Matt\AppData\Roaming\SuperAdBlocker.com
[2013-08-08 18:36:05 | 000,000,000 | ---D | M] -- C:\Users\Matt\AppData\Roaming\Synaptics
[2013-08-12 18:51:03 | 000,000,000 | ---D | M] -- C:\Users\Matt\AppData\Roaming\Thunderbird
[2013-08-12 22:44:15 | 000,000,000 | ---D | M] -- C:\Users\Matt\AppData\Roaming\TrueCrypt
[2013-08-16 22:02:39 | 000,000,000 | ---D | M] -- C:\Users\Matt\AppData\Roaming\WebApp

========== Purity Check ==========



< End of report >



And here is the Extras.txt file that was also generated:

OTL Extras logfile created on: 2013-08-24 1:59:44 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Matt\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16660)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: yyyy-MM-dd

15.89 Gb Total Physical Memory | 12.27 Gb Available Physical Memory | 77.20% Memory free
18.14 Gb Paging File | 14.65 Gb Available in Paging File | 80.78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 667.82 Gb Total Space | 534.73 Gb Free Space | 80.07% Space Free | Partition Type: NTFS
Drive D: | 29.04 Gb Total Space | 3.36 Gb Free Space | 11.56% Space Free | Partition Type: NTFS

Computer Name: MATT-PC | User Name: Matt | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files (x86)\File Type Advisor\fileadvisor.exe" /info "%1" (File Type Advisor)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files (x86)\File Type Advisor\fileadvisor.exe" /info "%1" (File Type Advisor)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1049D953-0ED5-46B5-8213-E1872B3250A9}" = lport=52000 | protocol=6 | dir=in | name=hpconnectedremoteuser.exe |
"{2A407D82-E6A7-4133-831A-92F078BB2613}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{5154035C-FE22-477A-B33D-C00D00E4E656}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{830F9F2F-397E-4EB4-856F-4310D68332C0}" = lport=53000 | protocol=6 | dir=in | name=hpconnectedremoteservice.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{049213AB-9612-40D7-A10C-930400A42F2D}" = protocol=17 | dir=in | app=m:\gnucash\bin\gnucash.exe |
"{13F85E0A-6F43-4D17-B644-D7616C942BFC}" = dir=out | app=%localappdata%\hpconnectedmusic\application\hpconnectedmusic.exe |
"{1710BFEA-BA77-4547-B673-3B5515013CF8}" = dir=out | name=skype |
"{177B7469-C072-4B2F-84FF-5C24630FB0FF}" = dir=in | [email protected]{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{17E7F199-6B77-42A7-A6F7-F546678E02F6}" = protocol=17 | dir=in | app=m:\gnucash\bin\gconfd-2.exe |
"{183AFEBA-54FA-4F4A-B397-77A05273F235}" = dir=out | [email protected]{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{1B3C4EA4-4A17-47A1-BE80-F06C4098C896}" = dir=out | name=norton studio |
"{1FC10C67-D73B-4663-8695-CEB6326BA9EE}" = dir=in | [email protected]{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{209C7380-AC11-41A9-B80B-D4235BA1BE4B}" = dir=out | name=hp connected photo powered by snapfish |
"{222D6538-1B39-46D5-A65B-6EB06A281B21}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{2E35D1EF-A373-4B28-9B6D-0D300A14A813}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{2E97BBE1-E759-47CF-9850-4D5E31007A76}" = dir=out | [email protected]{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{31A5A20B-72F8-4745-B128-FD58EC8CDF05}" = protocol=6 | dir=in | app=m:\gnucash\bin\gnucash.exe |
"{32205855-5A26-4997-A7A8-871139A72507}" = dir=out | [email protected]{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{32BABAA4-689C-4811-8A76-6F0F8C23FED9}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe |
"{38C38255-D603-407C-9792-79FD6BF72E86}" = dir=out | [email protected]{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{3A3F3D83-8028-4A10-B5A9-E3A34DF8E539}" = dir=in | name=ebay |
"{3A78666F-63E6-44D5-AF8D-326F945C4E0B}" = dir=out | [email protected]{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{3E73DCEE-88A4-4761-A39C-1C7D48043540}" = dir=in | app=c:\program files\intel corporation\intel widi\widiapp.exe |
"{42E1D137-6536-402E-B7A1-F6DE6A0FE987}" = dir=in | app=c:\users\administrator\appdata\local\microsoft\skydrive\skydrive.exe |
"{4F913481-92F2-46A5-9B27-FD50CED9E561}" = dir=out | [email protected]{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{50DEA2F2-0012-4D2C-A26D-ECEAB69691D0}" = dir=in | name=skype |
"{525D0B23-B94C-44DB-8E97-A2FCE1B2604D}" = dir=in | [email protected]{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{5A445071-539A-46BA-8D64-7C1B1E37E71D}" = dir=out | [email protected]{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{5B0336B1-C42F-44DB-869C-A1CBD92D3A6C}" = dir=out | name=ebay |
"{5C1A4379-F2E0-441D-B14A-863F7B36C7BE}" = protocol=17 | dir=in | name=hpconnectedremoteservice.exe |
"{6969AA1C-4E36-4801-BDB3-1B8D44D5D01D}" = dir=out | app=%localappdata%\hpconnectedmusic\application\spotify_helper.exe |
"{6F506BCE-2096-4228-A19A-262117175A81}" = dir=out | [email protected]{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{7284D949-EB00-4233-98BD-A64E13A0BD7D}" = dir=out | name=hp games |
"{75D272F8-2F73-49D1-B091-1A63E8E8C3E7}" = dir=out | name=hp+ |
"{7BFD9547-2DD8-4462-9CD8-CBCEA6698F46}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{7C77BE8E-BD13-48DE-A04B-F0AD719EF7DA}" = protocol=6 | dir=in | app=c:\program files (x86)\spybot - search & destroy 2\sdupdate.exe |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | [email protected]{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{890DB706-A826-4C69-86CE-5ABF208683DC}" = dir=out | name=windows_ie_ac_001 |
"{8D8803C6-A41F-4727-8E91-6BDA08A95E1E}" = dir=out | name=microsoft mahjong |
"{8F6D0F32-7A2F-4D33-969D-FF0DD611D094}" = dir=in | name=kindle |
"{91A4E82D-0773-4652-A0AD-51AC4DDA60AA}" = dir=out | [email protected]{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{932D093D-6F49-465D-ABDF-44395F36C7B6}" = dir=out | name=hp registration |
"{964F81E4-9F6C-438A-A955-77DA5F93C8A4}" = dir=out | [email protected]{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{98FBA0B5-FB96-4BC7-956A-A1B25450F023}" = dir=out | [email protected]{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{A0137C0D-7562-436B-A067-624586E36155}" = dir=out | app=c:\program files (x86)\hpconnectedmusic\hpconnectedmusic.exe |
"{A31665C0-1C38-4EF9-9779-74B072D398F3}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{B3B7DE69-627C-4339-97A6-F0C3EE3AE1C2}" = dir=out | name=microsoft solitaire collection |
"{B8019B6C-FB1B-4DDB-87F9-E36F4D6F05EE}" = dir=out | name=netflix |
"{B8CBE699-1CF5-4C29-844E-80A167DED761}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{BC8206E6-AA4A-40F1-BFC4-3B0AE7AEE9AF}" = dir=out | [email protected]{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{BE171A47-1B79-4A63-B9B6-A5A284071C5F}" = dir=out | name=getting started with windows 8 |
"{BE25A60E-AFC7-476F-8354-6D4FE1259F45}" = protocol=17 | dir=in | app=c:\program files (x86)\spybot - search & destroy 2\sdupdate.exe |
"{BF3BA45E-AB42-47C9-B2C4-CE4CBB772015}" = protocol=6 | dir=in | app=m:\gnucash\bin\gconfd-2.exe |
"{CFE9DAEB-AB49-4C20-88F9-A8D2F2924A38}" = dir=out | name=kindle |
"{D3710E82-79E2-4C37-B4E5-9BF27933A594}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D5058164-5CE8-460D-AF6C-FBF63D51F119}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{DC79E521-13CE-4EC0-9DFD-3993A2681553}" = dir=in | [email protected]{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{DDB239DD-3653-42E2-9179-E26104E73178}" = dir=in | app=%localappdata%\hpconnectedmusic\application\hpconnectedmusic.exe |
"{DE3D7DB7-B20E-4C6B-B7C3-A8787F339650}" = dir=out | [email protected]{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{E3AF879A-8B51-49E3-89F4-1DD4B4DDDFA6}" = dir=in | app=c:\program files (x86)\hpconnectedmusic\hpconnectedmusic.exe |
"{E4703CBA-553C-4B42-A8EA-1AD3B472CB2F}" = dir=in | app=%localappdata%\hpconnectedmusic\application\spotify_helper.exe |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | [email protected]{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{FA68BA69-CC8F-4F71-9ED0-08AE594DE5C9}" = dir=out | [email protected]{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{FC20D11B-9618-44B6-82BD-283CBAC8E6ED}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"TCP Query User{C185ADF7-8B16-45D5-AE73-71C4EED022B2}C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe" = protocol=6 | dir=in | app=c:\program files (x86)\spybot - search & destroy 2\sdupdate.exe |
"UDP Query User{B16D7642-297A-492E-A136-CBF7386449DF}C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe" = protocol=17 | dir=in | app=c:\program files (x86)\spybot - search & destroy 2\sdupdate.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0728A184-F899-4356-B93D-8228674F0DEB}" = Intel® PROSet/Wireless Software for Bluetooth® Technology
"{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1" = Core Temp 1.0 RC5
"{1593C708-5535-47A4-8C0F-F8D4BE2B4560}" = Intel® PROSet/Wireless WiFi Software
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1F91C200-8F0F-4009-A75E-DB6CE151BD4E}" = Validity WBF DDK
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26F481C6-8DBE-4F8B-9D8D-715081C23ADE}" = Adobe Premiere Elements 10
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{54CE68A8-4F2D-4328-B1F7-D6C720405F7F}" = HP 3D DriveGuard
"{5A847522-375C-4D05-BD3D-88C450CC047F}" = HP Launch Box
"{5E11C972-1E76-45FE-8F92-14E0D1140B1B}" = iTunes
"{6097158B-0184-4140-BEC3-7885794D2571}" = Intel® WiDi
"{6E14E6D6-3175-4E1A-B934-CAB5A86367CD}" = HP Postscript Converter
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6E5159B4-A519-41EF-80EF-AD58371515DF}" = Eraser 6.0.10.2620
"{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support
"{859E0A9A-52A2-4643-BFB9-9E2EE242E472}" = Macrium Reflect Free Edition
"{90150000-008F-0000-1000-0000000FF1CE}" = Office 15 Click-to-Run Licensing Component
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 311.00
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 311.00
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{C2E428EB-116E-41C0-9E84-B22DE9CCA42F}" = HP Registration Service
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{E3047FA0-2D6B-4BD6-8CD4-599955F1CE9D}" = Microsoft Mouse and Keyboard Center
"{E77289CF-12B9-4CAB-A49E-FEAE947F4D95}" = Intel® PROSet/Wireless for Bluetooth® + High Speed
"{EBC0CC3F-B7A1-4FC8-8014-4C7BFD3925E8}" = AuthenTec TrueAPI 64-bit
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"{F842F8B0-6942-4930-821F-543E976B2C66}" = MSVCRT110_amd64
"{FEA1590B-540A-41FC-A95C-664493C82A21}" = Classic Shell
"CCleaner" = CCleaner
"HomeStudentRetail - en-us" = Microsoft Office Home and Student 2013 - en-us
"MacriumReflect" = Macrium Reflect Free Edition
"Microsoft Mouse and Keyboard Center" = Microsoft Mouse and Keyboard Center
"PremElem100" = Adobe Premiere Elements 10
"ProInst" = Intel PROSet Wireless
"Recuva" = Recuva
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0C57987A-A03A-4B95-A309-D23F78F406CA}" = HP Utility Center
"{1057511B-F8FE-4230-9ED3-AB949A57EE4A}" = Windows Live PIMT Platform
"{11AF9A96-6D83-4C3B-8DCB-16EA2A358E3F}" = HP CoolSense
"{11D08055-939C-432b-98C3-E072478A0CD7}" = PSE10 STI Installer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite 10
"{22D3A614-482C-444A-932C-9DA1B8ECDFD2}" = Elements 10 Organizer
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{29315CEC-E6CE-4394-84DC-6F862E8D9A52}" = Windows Live UX Platform
"{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"{2CBE100E-B963-4B4B-8435-FEA8F5F93516}" = e-Sword
"{2D416A80-0BB1-4D8B-B770-7BE8F53D5937}" = Windows Live UX Platform Language Pack
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{34C821CA-6B55-44A0-8A9B-2EF471D6019E}" = HP SimplePass
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{40F55150-F43D-4C9F-9A00-1A0A6F1EB7F0}" = Movie Maker
"{46316411-80D8-4F68-8118-696E05FCE199}" = Windows Live Essentials
"{4689F012-C8E3-4F6E-BDEF-13671D53A6DC}" = Windows Live UX Platform Language Pack
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4F9A382F-4478-4036-905C-F77DF2EA0370}" = Windows Live SOXE
"{4FA8F084-C42F-45E1-B7E5-E0C8A1083DC5}" = Windows Live SOXE Definitions
"{528AB81B-D65A-4AB0-A2B6-82B51A087D01}" = HP Recovery Manager
"{5CC4C963-F772-4766-BFF2-DE551E205EE9}" = Photo Common
"{60A1253C-2D51-4166-95C2-52E9CF4F8D64}" = Photo Gallery
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{64DF7404-9D46-44AF-AFA1-A2F8D5648C2D}" = Windows Live Photo Common
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.1.1
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76EE8FE7-1957-4C51-9074-4930A8CFB1AF}" = Windows Live Installer
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78F35489-621D-4FFD-BCE7-2C7C3897E47C}" = Windows Live
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{90150000-008C-0000-0000-0000000FF1CE}" = Office 15 Click-to-Run Extensibility Component
"{90150000-008C-0409-0000-0000000FF1CE}" = Office 15 Click-to-Run Localization Component
"{941DE69D-6CEE-4171-8F1F-3D7E352AA498}" = HP Wireless Button Driver
"{9846E46F-07E0-4BDF-985A-E3FBA8C15877}" = Movie Maker
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B2E55F8-5BA8-4A45-9682-ACB6F2CC0DA5}" = Photo Gallery
"{9C35EDE5-4B0F-45E7-A438-314BA889948E}" = HP MyRoom
"{9F06F464-479A-403E-AF92-70CBB8D674A1}" = PRE10STI64Installer
"{A127C3C0-055E-38CF-B38F-1E85F8BBBFFE}" = Adobe Community Help
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.03)
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{B7037DD6-85FD-4FF6-9059-39532F796257}" = HP Documentation
"{BA73469B-D8C7-4FE3-B33C-1340D09F0709}" = Windows Live Communications Platform
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{D531FC91-6F4E-49A7-B912-15289D05B6F8}" = Photo Common
"{D71BC54E-A4E6-4E06-866C-FD6EE16EA187}" = Movie Maker
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E5823036-6F09-4D0A-B05C-E2BAA129288A}" = HP Quick Launch
"{EE202411-2C26-49E8-9784-1BC1DBF7DE96}" = HP Support Assistant
"{EE549AF9-8FAA-4584-83B2-ECF1BC9DC1FF}" = Adobe Photoshop Elements 10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F243A34B-AB7F-4065-B770-B85B767C247C}" = HP Connected Remote
"{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}" = Energy Star
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel® SDK for OpenCL - CPU Only Runtime Package
"{FE8DFDD0-A543-4A83-B7A9-C411138194D5}" = Galerie de photos
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop Elements 10" = Adobe Photoshop Elements 10
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"File Type Advisor_is1" = File Type Advisor 1.3
"Free CD to MP3 Converter" = Free CD to MP3 Converter
"Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 8.1
"GnuCash_is1" = GnuCash 2.4.13
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite 10
"InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Mozilla Firefox 23.0.1 (x86 en-US)" = Mozilla Firefox 23.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"RocketDock_is1" = RocketDock 1.3.5
"SadMan Software Sudoku_is1" = SadMan Software Sudoku V4.1
"StartHPConnectedMusic" = HP Connected Music (Meridian - installer)
"TrueCrypt" = TrueCrypt
"VLC media player" = VLC media player 2.0.8
"WinLiveSuite" = Windows Live Essentials

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"SkyDriveSetup.exe" = Microsoft SkyDrive

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 2013-08-19 10:10:50 PM | Computer Name = Matt-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1970234

Error - 2013-08-19 10:11:06 PM | Computer Name = Matt-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 2013-08-19 10:11:06 PM | Computer Name = Matt-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1985859

Error - 2013-08-19 10:11:06 PM | Computer Name = Matt-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1985859

Error - 2013-08-19 10:11:21 PM | Computer Name = Matt-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 2013-08-19 10:11:21 PM | Computer Name = Matt-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2001453

Error - 2013-08-19 10:11:21 PM | Computer Name = Matt-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2001453

Error - 2013-08-19 10:50:42 PM | Computer Name = Matt-PC | Source = Microsoft-Windows-RestartManager | ID = 10007
Description = Application or service 'Super Ad Blocker Service' could not be restarted.

Error - 2013-08-20 1:06:39 PM | Computer Name = Matt-PC | Source = Application Hang | ID = 1002
Description = The program firefox.exe version 23.0.1.4974 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 5b4c Start
Time: 01ce9dc773d5e8c1 Termination Time: 15 Application Path: C:\Program Files (x86)\Mozilla
Firefox\firefox.exe Report Id: dcf119f7-09ba-11e3-be7b-6036ddadad44 Faulting package
full name: Faulting package-relative application ID:

Error - 2013-08-20 6:31:45 PM | Computer Name = Matt-PC | Source = ESENT | ID = 455
Description = svchost (2036) SRUJet: Error -1811 (0xfffff8ed) occurred while opening
logfile C:\Windows\system32\SRU\SRU0004E.log.

[ Spybot - Search and Destroy Events ]
Error - 2013-08-20 12:57:36 PM | Computer Name = Matt-PC | Source = SDCleaner | ID = 100
Description = LoadCleaningInstructions

Error - 2013-08-20 12:57:51 PM | Computer Name = Matt-PC | Source = SDCleaner | ID = 100
Description = LoadCleaningInstructions

Error - 2013-08-20 1:09:02 PM | Computer Name = Matt-PC | Source = SDCleaner | ID = 100
Description = LoadCleaningInstructions

[ System Events ]
Error - 2013-08-19 10:48:49 PM | Computer Name = Matt-PC | Source = Service Control Manager | ID = 7000
Description = The SABDIFSV service failed to start due to the following error: %%1275

Error - 2013-08-19 10:48:49 PM | Computer Name = Matt-PC | Source = Application Popup | ID = 1060
Description =

Error - 2013-08-19 10:48:49 PM | Computer Name = Matt-PC | Source = Service Control Manager | ID = 7000
Description = The SABKUTIL service failed to start due to the following error: %%1275

Error - 2013-08-19 10:48:50 PM | Computer Name = Matt-PC | Source = Application Popup | ID = 1060
Description =

Error - 2013-08-19 10:48:50 PM | Computer Name = Matt-PC | Source = Service Control Manager | ID = 7000
Description = The SABProcEnum service failed to start due to the following error:
%%1275

Error - 2013-08-20 12:57:33 PM | Computer Name = Matt-PC | Source = Service Control Manager | ID = 7034
Description = The Search Protect by Conduit Updater service terminated unexpectedly.
It has done this 1 time(s).

Error - 2013-08-20 1:07:54 PM | Computer Name = Matt-PC | Source = Service Control Manager | ID = 7000
Description = The Search Protect by Conduit Updater service failed to start due
to the following error: %%2

Error - 2013-08-20 1:37:43 PM | Computer Name = Matt-PC | Source = Service Control Manager | ID = 7000
Description = The Search Protect by Conduit Updater service failed to start due
to the following error: %%2

Error - 2013-08-20 6:57:41 PM | Computer Name = Matt-PC | Source = Service Control Manager | ID = 7034
Description = The Computer Backup (MyPC Backup) service terminated unexpectedly.
It has done this 1 time(s).

Error - 2013-08-23 4:17:51 PM | Computer Name = Matt-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 12:49:02 PM on ?2013-?08-?23 was unexpected.


< End of report >


Whatever help you can give me would be great. Thanks for your time.
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP