Computer Security Specialist was helping. She says: "It takes someone at his skill level to prove or understand what he is capable of.."
6 Hacked computers going to forensics were stolen when she started helping me.
Challenges:
I do not get emails. People do not receive mine or they are altered.
My computer gets 404, 401, 505,4 errors and randomly shuts down all the time - especially if I am working on legal or getting support.
I had to write this TWICE - the first time I posted it completely disappeared.
I was not able to use GMER, etc. because they would not load or run or had errors but I used the recommendations exe.helper and it worked. Shut down message "..ran into a problem and needs to restart..
Domestic Violence Specialist put hi m in top 10% or most dangerous perpetrators. I have no privacy. He knows too much about me and stalks me via computers/technology but I cannot "prove" it is him bc of his expertise level.
I print screen messages and hard print now to prove I sent them but it is mind-numbing.
Facebook I have sent messages. They are time-stamped and print screened and people still did not get them. Middlemanware
Settings; I disable Bluetooth and it comes back on. I enable logs and error reporting and it is always turned off. He has "ownership and administrative privileges" of my computers at all times but his technology is designed to be stealth.
I know that at one point he used SpectorSoft pro and something from Eset ..
I've had technicians help in the past but then he is always able to "intrude" on my new computers or they did not understand fully what he is capable of.. I think I need to lock down ports, and only connect through a secure Ethernet etc.. but it is pointless to try those precautions until my computer is clean.Also I would like to sue him for malicious criminal invasion of privacy to I will be saving logs and activity.
This is just a Walmart computer but any help you could give me would be greatly appreciated.
TL logfile created on: 12/29/2013 4:35:26 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mary\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16750)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.87 Gb Total Physical Memory | 1.66 Gb Available Physical Memory | 42.84% Memory free
7.74 Gb Paging File | 5.69 Gb Available in Paging File | 73.48% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 457.42 Gb Total Space | 411.81 Gb Free Space | 90.03% Space Free | Partition Type: NTFS
Drive X: | 500.00 Mb Total Space | 228.57 Mb Free Space | 45.71% Space Free | Partition Type: NTFS
Drive Y: | 7.20 Gb Total Space | 0.30 Gb Free Space | 4.16% Space Free | Partition Type: NTFS
Computer Name: LOVE | User Name: Mary | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/12/29 16:34:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mary\Desktop\OTL.exe
PRC - [2013/12/29 15:50:02 | 000,377,856 | ---- | M] () -- C:\Users\Mary\Desktop\random.exe
PRC - [2013/11/06 15:00:10 | 000,151,848 | ---- | M] (Sophos Limited) -- C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\SVRTservice.exe
PRC - [2013/11/06 14:59:20 | 001,167,656 | ---- | M] (Sophos Limited) -- C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\SVRTgui.exe
PRC - [2013/10/08 07:05:13 | 000,264,360 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/12/04 20:40:03 | 000,143,928 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\ccsvchst.exe
PRC - [2012/09/12 22:18:36 | 004,037,480 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
PRC - [2012/09/12 22:18:34 | 001,914,728 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
PRC - [2012/07/17 15:57:22 | 000,365,376 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2012/07/17 15:57:20 | 000,277,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2012/07/09 14:47:18 | 000,277,504 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2012/07/09 14:47:14 | 000,007,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2012/06/25 11:57:14 | 000,166,720 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/06/07 22:34:06 | 000,111,120 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
========== Modules (No Company Name) ==========
MOD - [2013/12/29 15:50:02 | 000,377,856 | ---- | M] () -- C:\Users\Mary\Desktop\random.exe
MOD - [2013/10/13 16:42:24 | 002,959,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\8089e3484b45e44781f0c7a1a78881d5\System.IdentityModel.ni.dll
MOD - [2013/10/13 16:39:36 | 000,029,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorDataMcfeeca6f#\d8755f81e94bff4954c305caf7a93a05\IAStorDataMgrSvcInterfaces.ni.dll
MOD - [2013/10/12 15:16:45 | 001,075,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servf73e6522#\32379693bdcd278fe2951267458193e4\System.ServiceModel.Web.ni.dll
MOD - [2013/10/12 15:16:00 | 000,397,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\6029d35b6cfaf94b1d39ec54c724a8c7\System.Xml.Linq.ni.dll
MOD - [2013/10/12 13:49:27 | 012,698,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\e6606a84f8a4cdc18c74e63ec807c689\System.Windows.Forms.ni.dll
MOD - [2013/10/12 13:49:14 | 019,537,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\6b40a60180e23feff705e28e351e10e1\System.ServiceModel.ni.dll
MOD - [2013/10/12 13:48:51 | 002,786,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\e1c6945213ca43ec9769fe95576962ce\System.Runtime.Serialization.ni.dll
MOD - [2013/10/12 13:48:44 | 000,964,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\c508451271803f1677317735db499f5c\System.Configuration.ni.dll
MOD - [2013/10/12 13:48:42 | 003,910,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\3e52c3479469fe72eed0716b48859e91\WindowsBase.ni.dll
MOD - [2013/10/12 13:48:36 | 006,998,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\79e8b7b183668471ab364d4132fb8018\System.Core.ni.dll
MOD - [2013/08/31 12:44:28 | 000,026,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorCommon\0a71c7804f1648e41fafdd407af38c96\IAStorCommon.ni.dll
MOD - [2013/08/31 12:43:56 | 000,366,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorUtil\15412a4711e5447bd0a45681c8e355ab\IAStorUtil.ni.dll
MOD - [2013/08/31 12:43:52 | 000,802,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\d438e7ec4899763070e7b5db3f166373\System.ServiceModel.Internals.ni.dll
MOD - [2013/08/31 12:43:52 | 000,121,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\3df2fdd27a3e685ce5dda8bce4956e5b\SMDiagnostics.ni.dll
MOD - [2013/08/31 12:34:01 | 007,566,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\624ad6159b6e241ad6d28bf4dca9f14b\System.Xml.ni.dll
MOD - [2013/08/31 12:33:56 | 001,880,576 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\123cf617d7b6b31c44e39f8594f064c5\System.Xaml.ni.dll
MOD - [2013/08/31 12:32:51 | 001,156,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\2e5a89ab2f90d59d374eb8d093602939\System.Management.ni.dll
MOD - [2013/08/31 12:32:48 | 001,631,744 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\3603744988436295da5d16e76038e484\System.Drawing.ni.dll
MOD - [2013/08/31 12:32:40 | 018,545,152 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\972bf4ffab06e561447d12baf3b3dfa9\PresentationFramework.ni.dll
MOD - [2013/08/31 12:32:40 | 000,467,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatioaec034ca#\cb65dcc8c60f33d257283ef1416a2175\PresentationFramework.Aero2.ni.dll
MOD - [2013/08/31 12:32:26 | 010,926,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\5b504b7cd800dcd6c06d841d94ca099a\PresentationCore.ni.dll
MOD - [2013/08/31 12:32:08 | 009,937,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\375a937eec7d6faa53ac11ab2973eb76\System.ni.dll
MOD - [2013/08/31 12:31:58 | 016,547,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\5e3a9f3d64adfb3c69b49d37368bf454\mscorlib.ni.dll
MOD - [2012/09/12 22:18:38 | 002,003,304 | ---- | M] () -- C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll
MOD - [2012/08/06 11:59:24 | 000,117,608 | ---- | M] () -- C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll
MOD - [2012/08/06 11:59:16 | 001,153,384 | ---- | M] () -- C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll
MOD - [2012/06/08 12:34:06 | 000,016,400 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
MOD - [2012/06/07 22:34:06 | 000,627,216 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
========== Services (SafeList) ==========
SRV:64bit: - [2013/08/16 00:39:26 | 002,371,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2013/07/01 19:44:21 | 000,016,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013/06/24 17:54:45 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2013/06/01 04:19:58 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/05/04 01:58:02 | 000,470,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/05/04 01:57:05 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2013/04/08 23:48:42 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013/03/01 21:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/03/01 21:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/01/09 18:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013/01/09 18:22:35 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2012/09/20 01:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2012/08/06 20:16:40 | 000,007,168 | ---- | M] (Cirrus Logic) [Auto | Stopped] -- c:\Program Files\Cirrus Logic Audio Panel\Cirrvus.exe -- (CirrusAudioService)
SRV:64bit: - [2012/08/06 20:12:02 | 000,099,696 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\AECLSr64.exe -- (AECLFilters)
SRV:64bit: - [2012/07/25 22:30:05 | 002,675,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2012/07/25 22:08:48 | 000,011,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\TCPSVCS.EXE -- (simptcp)
SRV:64bit: - [2012/07/25 22:08:45 | 000,050,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\snmp.exe -- (SNMP)
SRV:64bit: - [2012/07/25 22:08:33 | 000,168,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mqtgsvc.exe -- (MSMQTriggers)
SRV:64bit: - [2012/07/25 22:08:33 | 000,025,088 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mqsvc.exe -- (MSMQ)
SRV:64bit: - [2012/07/25 22:08:30 | 000,016,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\inetsrv\inetinfo.exe -- (IISADMIN)
SRV:64bit: - [2012/07/25 22:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2012/07/25 22:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2012/07/25 22:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2012/07/25 22:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2012/07/25 22:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2012/07/25 22:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012/07/25 22:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2012/07/25 22:05:51 | 000,034,816 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\iprip.dll -- (iprip)
SRV:64bit: - [2012/07/25 22:05:40 | 000,369,152 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\inetsrv\ftpsvc.dll -- (ftpsvc)
SRV:64bit: - [2012/07/25 22:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2012/07/25 22:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2012/07/25 22:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:64bit: - [2012/07/25 19:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2012/07/25 19:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2012/07/25 19:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2012/07/25 19:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2012/07/25 19:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2012/07/25 19:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2012/07/19 16:09:48 | 002,247,992 | ---- | M] (Broadcom Corporation.) [Disabled | Stopped] -- C:\Windows\SysNative\BtwRSupportService.exe -- (BcmBtRSupport)
SRV:64bit: - [2012/04/20 15:16:12 | 000,635,104 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV - [2013/12/28 18:22:01 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/12/10 13:45:27 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/11/06 15:00:10 | 000,151,848 | ---- | M] (Sophos Limited) [On_Demand | Running] -- C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\SVRTservice.exe -- (SophosVirusRemovalTool)
SRV - [2013/10/08 07:05:13 | 000,264,360 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe -- (N360)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/03/15 15:07:56 | 000,395,640 | ---- | M] (Eastman Kodak Company) [On_Demand | Stopped] -- C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe -- (Kodak AiO Network Discovery Service)
SRV - [2013/01/15 13:07:42 | 000,780,152 | ---- | M] (Eastman Kodak Company) [On_Demand | Stopped] -- C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe -- (Kodak AiO Status Monitor Service)
SRV - [2012/12/04 20:40:03 | 000,143,928 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\ccSvcHst.exe -- (MCLIENT)
SRV - [2012/10/06 00:12:10 | 000,277,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/09/12 22:18:34 | 001,914,728 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe -- (SftService)
SRV - [2012/07/25 22:30:05 | 002,675,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012/07/25 22:20:59 | 000,010,752 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\TCPSVCS.EXE -- (simptcp)
SRV - [2012/07/25 22:20:56 | 000,045,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\snmp.exe -- (SNMP)
SRV - [2012/07/25 22:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2012/07/25 22:18:41 | 000,408,064 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2012/07/25 22:18:41 | 000,408,064 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2012/07/25 22:17:52 | 000,060,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2012/07/17 15:57:22 | 000,365,376 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/07/17 15:57:20 | 000,277,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/07/09 14:47:14 | 000,007,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2012/06/25 11:57:14 | 000,166,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013/11/19 21:25:39 | 000,177,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2013/10/10 06:53:35 | 000,096,600 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2013/10/05 01:10:20 | 000,285,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013/10/01 21:50:07 | 000,447,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013/09/26 22:18:30 | 001,147,480 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\N360x64\1501000.012\SymEFA64.sys -- (SymEFA)
DRV:64bit: - [2013/09/26 21:45:56 | 000,264,280 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\N360x64\1501000.012\Ironx64.sys -- (SymIRON)
DRV:64bit: - [2013/09/26 21:26:03 | 000,858,200 | R--- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\N360x64\1501000.012\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2013/09/25 22:28:00 | 000,590,936 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\N360x64\1501000.012\symnets.sys -- (SymNetS)
DRV:64bit: - [2013/09/25 21:50:25 | 000,162,392 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\N360x64\1501000.012\ccSetx64.sys -- (ccSet_N360)
DRV:64bit: - [2013/09/09 21:47:38 | 000,023,568 | R--- | M] (Symantec Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\N360x64\1501000.012\SymELAM.sys -- (SymELAM)
DRV:64bit: - [2013/09/09 21:47:26 | 000,493,656 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\N360x64\1501000.012\SymDS64.sys -- (SymDS)
DRV:64bit: - [2013/09/09 20:49:49 | 000,036,952 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\N360x64\1501000.012\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2013/08/16 00:41:13 | 000,058,200 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/10 01:30:22 | 000,151,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/07/09 03:04:07 | 000,120,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2013/07/01 20:41:47 | 000,337,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013/07/01 20:41:47 | 000,213,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2013/07/01 19:44:14 | 000,036,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013/07/01 17:08:49 | 000,247,216 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013/06/29 01:15:54 | 000,195,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013/05/31 22:08:57 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\Drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013/03/02 05:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/03/02 05:39:38 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013/01/09 20:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2012/11/26 22:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2012/11/19 23:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2012/11/05 22:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2012/10/27 00:02:10 | 000,651,832 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012/10/12 03:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/10/11 02:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2012/10/06 00:12:34 | 009,004,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/10/03 12:19:14 | 000,168,096 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\MCLIENTx64\0302020.00C\ccsetx64.sys -- (ccSet_MCLIENT)
DRV:64bit: - [2012/09/20 02:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2012/09/20 02:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/08/06 20:12:02 | 000,041,328 | ---- | M] (Cirrus Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\CSLFDx64.sys -- (CirrusLFD)
DRV:64bit: - [2012/08/05 01:22:10 | 000,010,752 | ---- | M] (OSR Open Systems Resources, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\DellRbtn.sys -- (DellRbtn)
DRV:64bit: - [2012/07/26 00:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/07/26 00:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
DRV:64bit: - [2012/07/26 00:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2012/07/26 00:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2012/07/26 00:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2012/07/26 00:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2012/07/26 00:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2012/07/26 00:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2012/07/26 00:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2012/07/26 00:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2012/07/26 00:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2012/07/26 00:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2012/07/26 00:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2012/07/26 00:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2012/07/26 00:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:64bit: - [2012/07/26 00:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/07/26 00:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/07/25 23:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2012/07/25 23:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
DRV:64bit: - [2012/07/25 22:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012/07/25 21:30:26 | 000,185,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\mqac.sys -- (MQAC)
DRV:64bit: - [2012/07/25 21:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2012/07/25 21:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2012/07/25 21:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2012/07/25 21:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2012/07/25 21:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2012/07/25 21:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2012/07/25 21:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2012/07/25 21:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2012/07/25 21:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2012/07/25 21:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2012/07/25 21:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2012/07/25 21:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2012/07/25 21:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2012/07/25 21:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/07/25 21:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2012/07/25 21:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2012/07/25 21:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/07/25 21:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2012/07/25 21:25:02 | 000,202,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2012/07/25 21:25:01 | 000,146,944 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\rmcast.sys -- (RMCAST)
DRV:64bit: - [2012/07/25 21:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2012/07/25 21:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2012/07/25 21:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2012/07/19 16:09:46 | 000,164,152 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\bcbtums.sys -- (bcbtums)
DRV:64bit: - [2012/07/11 10:04:30 | 000,445,304 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2012/07/10 15:00:56 | 006,824,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\BCMWL63a.SYS -- (BCM43XX)
DRV:64bit: - [2012/07/02 18:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/06/25 11:24:50 | 000,092,536 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\CLVirtualDrive.sys -- (CLVirtualDrive)
DRV:64bit: - [2012/06/19 10:40:50 | 000,342,528 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2012/06/13 21:24:00 | 000,252,048 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2012/06/13 00:41:22 | 000,683,664 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Rt630x64.sys -- (RTL8168)
DRV - [2013/12/28 11:04:20 | 002,099,288 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20131228.006\ex64.sys -- (NAVEX15)
DRV - [2013/12/28 11:04:20 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20131228.006\eng64.sys -- (NAVENG)
DRV - [2013/12/13 01:17:12 | 000,521,944 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20131227.001\IDSviA64.sys -- (IDSVia64)
DRV - [2013/12/03 13:27:32 | 001,526,488 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20131203.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2013/11/29 12:32:16 | 000,137,648 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2013/11/20 22:39:31 | 000,484,952 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {EA33A3E5-AB0A-4A06-A611-1BF48D457D1B}
IE:64bit: - HKLM\..\SearchScopes\{EA33A3E5-AB0A-4A06-A611-1BF48D457D1B}: "URL" = http://www.bing.com/...E10TR&pc=MDDCJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {EA33A3E5-AB0A-4A06-A611-1BF48D457D1B}
IE - HKLM\..\SearchScopes\{EA33A3E5-AB0A-4A06-A611-1BF48D457D1B}: "URL" = http://www.bing.com/...E10TR&pc=MDDCJS
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\SearchScopes,DefaultScope = {8AE3B960-A6E1-4745-8B0F-E57A7AEA21EA}
IE - HKCU\..\SearchScopes\{2C648A44-81C4-4029-A980-F27D93F6FAB8}: "URL" = http://search.condui...q={searchTerms}
IE - HKCU\..\SearchScopes\{8AE3B960-A6E1-4745-8B0F-E57A7AEA21EA}: "URL" = http://www.google.co...utputEncoding?}
IE - HKCU\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://nortonsafe.se...t=kwd&qsrc=2869
IE - HKCU\..\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}: "URL" = http://www2.inbox.co...&iwk=278&lng=en
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: wecarereminder%40bryan:4.1.23.4
FF - prefs.js..extensions.enabledAddons: %7B73007fef-a6e0-47d3-b4e7-dfc116ed6f65%7D:1.1
FF - prefs.js..extensions.enabledAddons: %7BF32E7E42-9AFA-47CA-A0C4-D07EE651D404%7D:1.0
FF - prefs.js..extensions.enabledAddons: %7B2D3F3651-74B9-4795-BDEC-6DA2F431CB62%7D:2014.6.2.3
FF - prefs.js..extensions.enabledAddons: %7BBBDA0591-3099-440a-AA10-41764D9DB4DB%7D:12.0.4.5%20-%201
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - prefs.js..network.proxy.type: 4
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Musicnotes.com/Musicnotes Viewer: C:\Program Files\Musicnotes\npmusicn64.dll (Musicnotes, Inc.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Musicnotes.com/Musicnotes Viewer: C:\Program Files (x86)\Musicnotes\npmusicn.dll (Musicnotes, Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ [2013/12/29 15:58:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2013/11/20 18:10:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\McAfee\MSK
[2013/09/02 11:34:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mary\AppData\Roaming\mozilla\Extensions
[2013/12/17 10:34:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mary\AppData\Roaming\mozilla\Firefox\Profiles\hymemkmm.default\extensions
[2013/12/15 14:03:27 | 000,000,000 | ---D | M] (ArcadeParlor) -- C:\Users\Mary\AppData\Roaming\mozilla\Firefox\Profiles\hymemkmm.default\extensions\{F32E7E42-9AFA-47CA-A0C4-D07EE651D404}
[2013/12/17 10:34:45 | 000,000,000 | ---D | M] (We-Care App) -- C:\Users\Mary\AppData\Roaming\mozilla\Firefox\Profiles\hymemkmm.default\extensions\wecarereminder@bryan
[2013/11/05 17:18:03 | 000,833,307 | ---- | M] () (No name found) -- C:\Users\Mary\AppData\Roaming\mozilla\firefox\profiles\hymemkmm.default\extensions\[email protected]
[2013/11/05 18:10:04 | 000,003,771 | ---- | M] () (No name found) -- C:\Users\Mary\AppData\Roaming\mozilla\firefox\profiles\hymemkmm.default\extensions\{73007fef-a6e0-47d3-b4e7-dfc116ed6f65}.xpi
[2013/11/06 11:05:58 | 000,002,531 | ---- | M] () -- C:\Users\Mary\AppData\Roaming\mozilla\firefox\profiles\hymemkmm.default\searchplugins\safesearch.xml
[2013/12/28 18:21:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/12/28 18:21:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/12/28 18:22:09 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/12/29 15:58:03 | 000,000,000 | ---D | M] (Norton Toolbar) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\COFFPLGN
[2013/11/20 18:10:01 | 000,000,000 | ---D | M] (Norton Vulnerability Protection) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF
O1 HOSTS File: ([2012/07/26 00:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2:64bit: - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\CoIEPlg.dll (Symantec Corporation)
O2:64bit: - BHO: (Inbox Toolbar) - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\PROGRA~2\INBOXT~1\Inbox64.dll File not found
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\IPS\ipsbho.dll (Symantec Corporation)
O3:64bit: - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\CoIEPlg.dll (Symantec Corporation)
O3:64bit: - HKLM\..\Toolbar: (&Inbox Toolbar) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\PROGRA~2\INBOXT~1\Inbox64.dll File not found
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\CoIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coieplg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [Dell Audio] c:\Program Files\Cirrus Logic Audio Panel\CirrusAudioPanel_Dell.exe ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] c:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [CLMLServer_For_P2G8] C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (CyberLink)
O4 - HKLM..\Run: [CLVirtualDrive] C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Conime] %windir%\system32\conime.exe File not found
O4 - HKLM..\Run: [EKStatusMonitor] C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe (Eastman Kodak Company)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4 - HKCU..\Run: [DW7] "C:\Program Files (x86)\The Weather Channel\The Weather Channel App\TWCApp.exe" File not found
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0EB18565-B211-4604-B561-FBB02414F6C3}: DhcpNameServer = 172.41.1.171
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{804C0BC9-E39E-44B2-9070-0E6E717CA368}: DhcpNameServer = 75.75.75.75 75.75.76.76 192.168.1.1
O18:64bit: - Protocol\Handler\inbox {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\PROGRA~2\INBOXT~1\Inbox64.dll File not found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\inbox {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\PROGRA~2\INBOXT~1\Inbox.dll File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{b11676f0-4fb4-11e3-be8d-642737f9b920}\Shell - "" = AutoRun
O33 - MountPoints2\{b11676f0-4fb4-11e3-be8d-642737f9b920}\Shell\AutoRun\command - "" = "E:\MotoCastSetup.exe" -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013/12/29 16:50:25 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Mary\Desktop\3rd try otl.com
[2013/12/29 16:41:21 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Mary\Desktop\otl22222.scr
[2013/12/29 16:34:31 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Mary\Desktop\OTL.exe
[2013/12/29 16:11:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Sophos
[2013/12/29 16:11:37 | 000,000,000 | ---D | C] -- C:\Users\Mary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sophos
[2013/12/29 16:11:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sophos
[2013/12/29 16:05:07 | 081,357,672 | ---- | C] (Sophos Limited) -- C:\Users\Mary\Desktop\sopotool.exe
[2013/12/29 15:51:43 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2013/12/29 13:49:56 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CyberLink
[2013/12/29 12:43:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/12/29 12:43:37 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013/12/28 18:21:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/12/25 15:26:49 | 000,000,000 | ---D | C] -- C:\Users\Mary\AppData\Roaming\Apple Computer
[2013/12/25 15:26:49 | 000,000,000 | ---D | C] -- C:\Users\Mary\AppData\Local\Apple Computer
[2013/12/25 15:26:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013/12/25 15:25:34 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2013/12/25 15:21:54 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013/12/25 15:21:53 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013/12/25 15:21:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2013/12/25 15:21:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2013/12/25 15:21:53 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013/12/25 15:20:19 | 000,000,000 | ---D | C] -- C:\Users\Mary\AppData\Local\Apple
[2013/12/25 15:20:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2013/12/25 15:18:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2013/12/25 15:18:20 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2013/12/25 15:18:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2013/12/25 15:17:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2013/12/25 15:17:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2013/12/16 17:38:07 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/12/16 17:38:06 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/12/16 17:37:51 | 003,959,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/12/16 17:37:51 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/12/16 17:37:43 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/12/16 17:37:41 | 000,915,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uxtheme.dll
[2013/12/16 17:37:23 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2013/12/16 17:37:06 | 000,773,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2013/12/16 17:37:06 | 000,628,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2013/12/16 17:37:06 | 000,626,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\resutils.dll
[2013/12/16 17:37:06 | 000,374,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\clusapi.dll
[2013/12/16 17:37:05 | 001,622,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2013/12/16 17:37:05 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2013/12/16 17:37:05 | 000,488,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\resutils.dll
[2013/12/16 17:37:05 | 000,447,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBHUB3.SYS
[2013/12/16 17:37:05 | 000,302,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\clusapi.dll
[2013/12/16 17:37:05 | 000,285,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\spaceport.sys
[2013/12/16 17:37:04 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUSettingsProvider.dll
[2013/12/16 17:37:04 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\storewuauth.dll
[2013/12/16 17:37:04 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2013/12/16 17:37:04 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2013/12/16 17:37:04 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2013/12/16 17:37:04 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2013/12/16 17:37:04 | 000,059,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2013/12/16 17:37:04 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2013/12/16 17:37:04 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2013/12/16 17:36:40 | 000,222,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrobj.dll
[2013/12/16 17:36:40 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrrun.dll
[2013/12/16 17:36:40 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrobj.dll
[2013/12/16 17:36:40 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrrun.dll
[2013/12/16 17:36:40 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscript.exe
[2013/12/16 17:36:40 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshom.ocx
[2013/12/16 17:36:40 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cscript.exe
[2013/12/16 17:36:38 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013/12/16 17:36:38 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013/12/16 17:36:34 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys
[2013/12/16 17:36:33 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msieftp.dll
[2013/12/16 17:36:33 | 000,273,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msieftp.dll
[2013/12/15 14:03:28 | 000,000,000 | ---D | C] -- C:\Users\Mary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ArcadeParlor
[2013/12/15 14:03:12 | 000,000,000 | ---D | C] -- C:\Users\Mary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Association Manager
[2013/12/15 14:03:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\File Association Manager
[2013/12/15 14:02:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avanquest
[2013/12/15 14:02:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Expert PDF Jobs
[2013/12/15 14:02:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Expert PDF 7
[2013/12/15 14:02:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Avanquest
[2013/12/15 14:02:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avanquest
[2013/12/15 14:02:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\The Weather Channel
[2013/12/15 14:02:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo!
[2013/12/15 14:01:59 | 000,000,000 | ---D | C] -- C:\Users\Mary\AppData\Roaming\FileAssociationManager
[2013/12/15 14:01:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileAssociationManager
[2013/12/15 14:01:56 | 000,000,000 | ---D | C] -- C:\Users\Mary\AppData\Local\The Weather Channel
[2013/12/15 13:20:27 | 000,000,000 | ---D | C] -- C:\Users\Mary\AppData\Roaming\Musicnotes
[2013/12/15 13:20:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Musicnotes
[2013/12/15 13:20:12 | 000,000,000 | ---D | C] -- C:\Users\Mary\Documents\Musicnotes
[2013/12/15 13:20:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Musicnotes
[2013/12/15 13:20:12 | 000,000,000 | ---D | C] -- C:\Program Files\Musicnotes
[2013/12/15 13:20:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Musicnotes
[2013/12/10 13:45:05 | 009,272,200 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2013/12/06 11:01:14 | 000,078,304 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/12/06 11:01:13 | 000,694,240 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/12/04 19:57:06 | 013,661,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.UI.Xaml.dll
[2013/12/04 19:57:02 | 010,799,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.UI.Xaml.dll
[2013/12/04 19:56:56 | 001,173,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAutomationCore.dll
[2013/12/04 19:56:56 | 000,914,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAutomationCore.dll
[2013/12/04 19:56:56 | 000,328,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ubpm.dll
[2013/12/04 19:56:55 | 000,151,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tpm.sys
[2013/12/04 19:56:53 | 000,247,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ubpm.dll
[2013/12/04 19:56:53 | 000,061,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\crashdmp.sys
[2013/12/04 19:56:35 | 001,300,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2013/12/04 19:56:29 | 001,890,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013/12/04 19:56:22 | 000,096,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wfplwfs.sys
[2013/12/04 19:55:33 | 002,062,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013/12/04 19:55:33 | 001,711,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013/12/04 19:55:23 | 002,304,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2013/12/04 19:55:23 | 002,035,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/12/29 16:50:25 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mary\Desktop\3rd try otl.com
[2013/12/29 16:49:13 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/12/29 16:45:04 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/12/29 16:41:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mary\Desktop\otl22222.scr
[2013/12/29 16:34:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mary\Desktop\OTL.exe
[2013/12/29 16:11:37 | 000,003,201 | ---- | M] () -- C:\Users\Mary\Desktop\Sophos Virus Removal Tool.lnk
[2013/12/29 16:09:14 | 000,000,000 | ---- | M] () -- C:\Users\Mary\Desktop\random.reg
[2013/12/29 16:09:08 | 000,000,000 | ---- | M] () -- C:\Users\Mary\Desktop\random.bat
[2013/12/29 16:05:07 | 081,357,672 | ---- | M] (Sophos Limited) -- C:\Users\Mary\Desktop\sopotool.exe
[2013/12/29 16:04:20 | 000,949,944 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/12/29 16:04:20 | 000,792,812 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/12/29 16:04:20 | 000,158,018 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/12/29 15:59:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/12/29 15:57:06 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013/12/29 15:57:05 | 3321,122,816 | -HS- | M] () -- C:\hiberfil.sys
[2013/12/29 15:51:37 | 582,492,442 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/12/29 15:50:02 | 000,377,856 | ---- | M] () -- C:\Users\Mary\Desktop\random.exe
[2013/12/29 12:43:41 | 000,001,135 | ---- | M] () -- C:\Users\Mary\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2013/12/29 11:08:51 | 000,000,278 | ---- | M] () -- C:\Windows\tasks\ArcadeParlor.job
[2013/12/29 10:28:09 | 000,434,392 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/12/25 15:26:41 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/12/25 00:55:27 | 000,000,215 | ---- | M] () -- C:\Users\Mary\Desktop\Help Terry Taylor.url
[2013/12/24 12:23:02 | 000,000,157 | ---- | M] () -- C:\Windows\SysWow64\SystemPreferences.xml
[2013/12/16 15:57:23 | 000,141,980 | ---- | M] () -- C:\Users\Mary\Documents\ResumeExamples.pdf
[2013/12/15 17:31:55 | 000,292,650 | ---- | M] () -- C:\Users\Mary\Documents\GAL.pdf
[2013/12/15 14:02:52 | 000,002,153 | ---- | M] () -- C:\Users\Public\Desktop\Expert PDF 7 Reader.lnk
[2013/12/15 13:20:13 | 000,001,138 | ---- | M] () -- C:\Users\Public\Desktop\Musicnotes Player.lnk
[2013/12/10 13:45:05 | 009,272,200 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2013/12/06 17:29:23 | 000,032,361 | ---- | M] () -- C:\Users\Mary\Desktop\dear self.jpg
[2013/12/03 19:53:54 | 000,694,240 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/12/03 19:53:54 | 000,078,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013/12/29 16:11:37 | 000,003,201 | ---- | C] () -- C:\Users\Mary\Desktop\Sophos Virus Removal Tool.lnk
[2013/12/29 16:09:14 | 000,000,000 | ---- | C] () -- C:\Users\Mary\Desktop\random.reg
[2013/12/29 16:09:08 | 000,000,000 | ---- | C] () -- C:\Users\Mary\Desktop\random.bat
[2013/12/29 15:51:37 | 582,492,442 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2013/12/29 15:50:02 | 000,377,856 | ---- | C] () -- C:\Users\Mary\Desktop\random.exe
[2013/12/29 12:43:41 | 000,001,135 | ---- | C] () -- C:\Users\Mary\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2013/12/29 12:43:40 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/12/29 10:27:53 | 000,434,392 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/12/25 15:26:41 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/12/25 15:20:07 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2013/12/25 00:55:27 | 000,000,215 | ---- | C] () -- C:\Users\Mary\Desktop\Help Terry Taylor.url
[2013/12/16 17:37:04 | 000,385,528 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml
[2013/12/16 15:57:23 | 000,141,980 | ---- | C] () -- C:\Users\Mary\Documents\ResumeExamples.pdf
[2013/12/15 17:31:55 | 000,292,650 | ---- | C] () -- C:\Users\Mary\Documents\GAL.pdf
[2013/12/15 14:03:24 | 000,000,278 | ---- | C] () -- C:\Windows\tasks\ArcadeParlor.job
[2013/12/15 14:02:52 | 000,002,153 | ---- | C] () -- C:\Users\Public\Desktop\Expert PDF 7 Reader.lnk
[2013/12/15 13:20:13 | 000,001,138 | ---- | C] () -- C:\Users\Public\Desktop\Musicnotes Player.lnk
[2013/12/06 17:30:05 | 000,032,361 | ---- | C] () -- C:\Users\Mary\Desktop\dear self.jpg
[2013/11/29 18:58:10 | 000,000,157 | ---- | C] () -- C:\Windows\SysWow64\SystemPreferences.xml
[2013/10/16 20:21:49 | 000,007,638 | ---- | C] () -- C:\Users\Mary\AppData\Local\Resmon.ResmonCfg
[2013/09/11 17:51:12 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2013/09/02 11:34:08 | 000,000,258 | RHS- | C] () -- C:\Users\Mary\ntuser.pol
[2012/11/15 11:09:20 | 000,272,928 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin
[2012/11/15 11:09:05 | 000,963,388 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin
[2012/11/15 09:48:27 | 000,866,452 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/10/06 00:12:10 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/07/26 03:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2012/07/26 03:13:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2012/07/26 02:21:26 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2012/07/25 20:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2012/07/25 15:37:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2012/07/25 15:28:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2012/06/02 09:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2012/04/20 14:59:44 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
========== ZeroAccess Check ==========
[2013/04/20 15:49:19 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/08/02 01:28:20 | 019,758,080 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/08/02 00:08:10 | 017,561,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/07/25 22:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/25 22:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/07/25 22:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
< End of report >
OTL Extras logfile created on: 12/29/2013 4:35:26 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mary\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16750)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.87 Gb Total Physical Memory | 1.66 Gb Available Physical Memory | 42.84% Memory free
7.74 Gb Paging File | 5.69 Gb Available in Paging File | 73.48% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 457.42 Gb Total Space | 411.81 Gb Free Space | 90.03% Space Free | Partition Type: NTFS
Drive X: | 500.00 Mb Total Space | 228.57 Mb Free Space | 45.71% Space Free | Partition Type: NTFS
Drive Y: | 7.20 Gb Total Space | 0.30 Gb Free Space | 4.16% Space Free | Partition Type: NTFS
Computer Name: LOVE | User Name: Mary | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0797430B-29A7-4759-9197-ADFB2E0504A2}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{19639FBF-6965-4F0B-A219-DBEAF656924B}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{29E676DB-7AA9-47BC-862B-0BBDD8E2CD4C}" = lport=9322 | protocol=6 | dir=in | name=ekdiscovery |
"{BE7D77D4-4851-4D4F-A223-18E6D4E3E9EA}" = lport=5353 | protocol=17 | dir=in | name=bonjour port 5353 |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0356B944-6EF4-4772-8A62-B1F00E8529D4}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{0378519A-4937-432A-8EEC-FAE5DE095A74}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{0A9ACF72-11BE-49F5-907F-826E3770248F}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe |
"{13B26A90-A5C7-41BE-84EE-62DDE78A2663}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{22B703B6-EBBD-4534-89CE-95106C4AB398}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{24BBE964-1B04-4A42-B285-6C85023C1CEA}" = protocol=17 | dir=in | app=c:\program files (x86)\kodak\aio\center\kodak.statistics.exe |
"{280B41A4-77B9-40C8-B4F4-A673028F1AC7}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{295F0E47-A843-4D40-97BD-D3E9BA748D97}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{2BB5D53B-C6EA-4D84-9D5E-DAED75D869A4}" = dir=out | name=ebay |
"{2C68A6F5-BF18-44B9-BAEE-742272839EFA}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{36A0DA7F-FD24-4215-8CE0-89AF54D09EFC}" = protocol=17 | dir=in | app=c:\program files (x86)\kodak\aio\center\networkprinterdiscovery.exe |
"{36B2D205-B802-484D-8A11-E0FF67C472A8}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{3A207017-537C-40AB-8EF5-2D75D96704CF}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{3B9F4731-446B-4947-8CF5-7D0D79193007}" = dir=in | name=hp printer control |
"{434269A6-D8E9-47ED-9D87-F3CC731B6F16}" = protocol=17 | dir=in | app=c:\programdata\kodak\installer\setup.exe |
"{4358AD52-6535-4727-8B82-2FF8569E3181}" = dir=out | name=kindle |
"{4395AD07-898D-452E-AD76-431F756461BC}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{43D3A601-FF6A-49DF-A8D0-B19185791BE7}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{4F2E44BE-0774-4776-B7BE-79B154B9FFAC}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{5D31D723-27C8-4BB0-905D-AC788118D475}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{6EBF9C4E-67F2-46FB-9BA2-2A39013CB05F}" = protocol=6 | dir=in | app=c:\programdata\kodak\installer\setup.exe |
"{786048D0-B8D3-43B6-9274-6C3E410B3494}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{9094B1C4-52C6-4721-98C0-CE0936127EB1}" = protocol=6 | dir=in | app=c:\program files (x86)\kodak\aio\center\kodak.statistics.exe |
"{94594AAA-C100-4B53-97DF-B2076BB240FE}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{994B748C-18E1-4FD1-975E-2147ABD64D65}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{9F040CF5-5A6F-4FBA-AF5F-1E9FA5CD3246}" = dir=in | name=ebay |
"{A6D6B075-C31C-4A50-B5C5-E94DC083DF03}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{AE3A934A-E1E2-4900-BC88-A654D3F4793A}" = protocol=6 | dir=in | app=c:\program files (x86)\kodak\aio\center\aiohomecenter.exe |
"{B2E55563-B512-488B-A293-D6547DC0CDEB}" = protocol=17 | dir=in | app=c:\program files (x86)\kodak\aio\center\aiohomecenter.exe |
"{B932404D-ED9D-4A99-B0A9-50C9B67F56A0}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{BC4C4B2B-6800-422F-9E21-758E01FA884B}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{C5E0EC4B-5096-4DA7-B7F3-B9273F50D9A4}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe |
"{CB37A6B6-E9AD-402A-94F2-21000CEDC402}" = dir=in | name=kindle |
"{CCA1E379-34E4-49FA-BB24-A22DA9B9AEF6}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{D420647D-5F5A-4EDC-9000-5568175779D6}" = dir=in | name=amazon for windows |
"{DA45AA28-76A9-4AF7-9646-FB4492AC0614}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{DF0AFB61-0F70-4A70-8CB0-4B5363084D51}" = protocol=6 | dir=in | app=c:\program files (x86)\kodak\aio\firmware\kodakaioupdater.exe |
"{DFBDD96B-38C0-4ED3-B7A3-06F45982FD7F}" = protocol=6 | dir=in | app=c:\program files (x86)\kodak\aio\center\networkprinterdiscovery.exe |
"{DFCFCE0B-855A-4F3E-8D03-963A6710B16A}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{E3403595-C96D-425C-8DB4-43712AA009C3}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{E3955AAB-720B-450E-AB8B-493BCF1BCEB6}" = protocol=17 | dir=in | app=c:\program files (x86)\kodak\aio\firmware\kodakaioupdater.exe |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{F41F0B2D-DD51-4780-8446-E979C33A8B94}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{F6957548-43EE-49E8-808E-D00A4667222E}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector10\pdr10.exe |
"{F86BD490-5D72-4D29-AEAA-E677722C17E2}" = dir=out | name=amazon for windows |
"{FC5CCFEE-97A7-4B40-B44C-C7FA1FCB42F1}" = dir=out | name=hp printer control |
"{FE564E1B-9223-44C6-B260-30780A010A52}" = dir=out | name=dell shop |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{27EF8E7F-88D1-4ec5-ADE2-7E447FDF114E}" = Kodak AIO Printer
"{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}" = Apple Mobile Device Support
"{327AD405-F05D-4AB9-81DB-CA6964C5D7C8}" = Cirrus Logic Audio Panel
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}" = iTunes
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"DW WLAN Card" = DW WLAN Card
"PC-Doctor for Windows" = My Dell
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0228288D-975E-42F7-9993-E91A82E6BBD9}" = CWA Reminder by We-Care.com v4.1.24.3
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}" = Amazon Browser App
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell Backup and Recovery
"{18272881-CFC0-434D-A975-E5BE44206AA0}" = Windows Live UX Platform Language Pack
"{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite 10
"{2A0F2CC5-3065-492C-8380-B03AA7106B1A}" = Dell Product Registration
"{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{48B41C3A-9A92-4B81-B653-C97FEB85C910}" = C4USelfUpdater
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{52E225FC-FCB4-41F7-837B-6E37FB05BD7B}" = Adobe AIR
"{56BA241F-580C-43D2-8403-947241AAE633}" = center
"{5BABDA39-61CF-41EE-992D-4054B6649A9B}" = Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell Backup and Recovery - Support Software
"{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10
"{B829E117-D072-41EA-9606-9826A38D34C1}" = Sophos Virus Removal Tool
"{BE94C681-68E2-4561-8ABC-8D2E799168B4}" = essentials
"{BFBCF96F-7361-486A-965C-54B17AC35421}" = ocr
"{C034A6F9-6569-491B-B3BF-F5D15221A708}" = Windows Live Essentials
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint 2.5
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{D888F114-7537-4D48-AF03-5DA9C82D7540}" = Photo Common
"{DA5BDB2A-12F0-4343-8351-21AAEB293990}" = PreReq
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"{E08426B6-7ADC-439F-1739-EA9938651933}" = Bulkr
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0F274B7-592B-4669-8FB8-8D9825A09858}" = KODAK AiO Software
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{EF53BFAB-4C10-40DB-A82D-9B07111715C6}" = aioscnnr
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{FC279721-37A6-4777-AFD8-7A56681EBA14}" = Expert PDF 7 Reader
"{FC6C7107-7D72-41A1-A031-3CE751159BAB}" = Photo Gallery
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"com.prakaz.project.photogettr" = Bulkr
"FileAssociationManager" = File Association Manager
"InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}" = CyberLink Media Suite Essentials
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"MCLIENT" = Norton Management
"Mozilla Firefox 26.0 (x86 en-US)" = Mozilla Firefox 26.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Musicnotes Player_is1" = Musicnotes Player V1.32.2 and Viewer V1.19.0
"N360" = Norton 360
"PrintProjects" = PrintProjects
"WinLiveSuite" = Windows Live Essentials
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 12/24/2013 9:24:59 PM | Computer Name = Love | Source = Application Hang | ID = 1002
Description = The program IEXPLORE.EXE version 10.0.9200.16537 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: fa64 Start
Time: 01cf00c38da673c9 Termination Time: 3044 Application Path: C:\Program Files
(x86)\Internet Explorer\IEXPLORE.EXE Report Id: 56492f44-6d03-11e3-be98-642737f9b920
Faulting
package full name: Faulting package-relative application ID:
Error - 12/24/2013 9:27:18 PM | Computer Name = Love | Source = Application Hang | ID = 1002
Description = The program wwahost.exe version 6.2.9200.16420 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: cf8 Start
Time: 01cefd9772074d4c Termination Time: 4294967295 Application Path: C:\Windows\system32\wwahost.exe
Report
Id: 47c1f492-6d03-11e3-be98-642737f9b920 Faulting package full name: microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe
Faulting
package-relative application ID: Microsoft.WindowsLive.Mail
Error - 12/25/2013 12:03:03 PM | Computer Name = Love | Source = Application Hang | ID = 1002
Description = The program IEXPLORE.EXE version 10.0.9200.16537 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: d4b0 Start
Time: 01cf0184d319d24c Termination Time: 32 Application Path: C:\Program Files (x86)\Internet
Explorer\IEXPLORE.EXE Report Id: 05bb4250-6d7e-11e3-be98-642737f9b920 Faulting package
full name: Faulting package-relative application ID:
Error - 12/25/2013 12:04:35 PM | Computer Name = Love | Source = Application Hang | ID = 1002
Description = The program IEXPLORE.EXE version 10.0.9200.16537 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: c63c Start
Time: 01cf018aca8498a1 Termination Time: 46 Application Path: C:\Program Files (x86)\Internet
Explorer\IEXPLORE.EXE Report Id: 3d63dba5-6d7e-11e3-be98-642737f9b920 Faulting package
full name: Faulting package-relative application ID:
Error - 12/25/2013 3:07:05 PM | Computer Name = Love | Source = .NET Runtime | ID = 1026
Description =
Error - 12/25/2013 3:07:08 PM | Computer Name = Love | Source = Application Error | ID = 1000
Description = Faulting application name: pcdrcui.exe, version: 6.0.6308.28, time
stamp: 0x5226cda4 Faulting module name: KERNELBASE.dll, version: 6.2.9200.16451,
time stamp: 0x50988aa6 Exception code: 0xe0434352 Fault offset: 0x000000000003811c
Faulting
process id: 0xd45c Faulting application start time: 0x01cf01a47daed56d Faulting application
path: C:\Program Files\My Dell\pcdrcui.exe Faulting module path: C:\Windows\system32\KERNELBASE.dll
Report
Id: bfcef3a1-6d97-11e3-be98-642737f9b920 Faulting package full name: Faulting package-relative
application ID:
Error - 12/25/2013 9:15:39 PM | Computer Name = Love | Source = Application Error | ID = 1000
Description = Faulting application name: IEXPLORE.EXE, version: 10.0.9200.16537,
time stamp: 0x512347f7 Faulting module name: MSHTML.dll, version: 10.0.9200.16750,
time stamp: 0x5269d985 Exception code: 0xc0000005 Fault offset: 0x001f9d40 Faulting
process id: 0x128a4 Faulting application start time: 0x01cf01c47cc042ee Faulting
application path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Faulting
module path: C:\Windows\SYSTEM32\MSHTML.dll Report Id: 3a9abf39-6dcb-11e3-be98-642737f9b920
Faulting
package full name: Faulting package-relative application ID:
Error - 12/26/2013 4:23:36 AM | Computer Name = Love | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 12/26/2013 4:23:37 AM | Computer Name = Love | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 15547
Error - 12/26/2013 4:23:37 AM | Computer Name = Love | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 15547
Error - 12/26/2013 12:52:18 PM | Computer Name = Love | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
[ System Events ]
Error - 12/6/2013 12:00:37 PM | Computer Name = Love | Source = SNMP | ID = 16713180
Description = The SNMP Service encountered an error while accessing the registry
key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
Error - 12/7/2013 5:44:01 PM | Computer Name = Love | Source = SNMP | ID = 16713180
Description = The SNMP Service encountered an error while accessing the registry
key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
Error - 12/11/2013 12:10:00 AM | Computer Name = Love | Source = DCOM | ID = 10010
Description =
Error - 12/11/2013 12:10:00 AM | Computer Name = Love | Source = DCOM | ID = 10010
Description =
Error - 12/12/2013 6:19:41 PM | Computer Name = Love | Source = EventLog | ID = 6008
Description = The previous system shutdown at 5:04:12 PM on ?12/?12/?2013 was unexpected.
Error - 12/12/2013 6:20:28 PM | Computer Name = Love | Source = SNMP | ID = 16713180
Description = The SNMP Service encountered an error while accessing the registry
key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
Error - 12/13/2013 1:55:17 AM | Computer Name = Love | Source = SNMP | ID = 16713180
Description = The SNMP Service encountered an error while accessing the registry
key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
Error - 12/16/2013 1:57:31 PM | Computer Name = Love | Source = SNMP | ID = 16713180
Description = The SNMP Service encountered an error while accessing the registry
key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
Error - 12/20/2013 11:19:32 AM | Computer Name = Love | Source = Service Control Manager | ID = 7043
Description = The Windows Modules Installer service did not shut down properly after
receiving a preshutdown control.
Error - 12/20/2013 11:22:26 AM | Computer Name = Love | Source = SNMP | ID = 16713180
Description = The SNMP Service encountered an error while accessing the registry
key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
< End of report >