Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Low disk space [Solved]

Started by tomvilfroy , Apr 19 2014 12:54 PM

  • This topic is locked This topic is locked

#16
tomvilfroy
Posted 26 April 2014 - 10:31 AM

tomvilfroy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts
Okay will try to move files to USB drive. Thought you might be thinking of reformatting the drive. Probably won't be till tomorrow though when I can do moving of files.

Windirstat - did I give you the info you were looking for or what did I miss? And please elaborate on that step(s)

Edited by tomvilfroy, 26 April 2014 - 10:31 AM.

  • 0

Advertisements

#17
tomvilfroy
Posted 27 April 2014 - 08:59 PM

tomvilfroy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts

Well hopefully one step closer.   Been a long day.

 

Started to move files over to the USB drive when Norton started acting up.  So after numerous support contacts with norton, got Norton back up and running. 

So it would appear the removing of files appears to not losing disk space. 

 

But with Norton acting up, I would like to run some test that would reaffirm that there is no more losing drive space.

 

Thomas


  • 0

#18
crooleeck
Posted 29 April 2014 - 01:53 PM

crooleeck

    Member

  • Member
  • PipPipPip
  • 882 posts

OK can you rerun WinDirStat, take a screenshot and post it?


  • 0

#19
tomvilfroy
Posted 29 April 2014 - 11:30 PM

tomvilfroy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts

Sure can...I'll attach it to this post.

 

 

Attached Files


Edited by tomvilfroy, 29 April 2014 - 11:34 PM.

  • 0

#20
crooleeck
Posted 01 May 2014 - 02:35 PM

crooleeck

    Member

  • Member
  • PipPipPip
  • 882 posts

Thanks!

 

Please rerun WinDirStat and click on this rectangle:

 

windirstat%20pic.jpg

 

Do you recognize this file?


  • 0

#21
tomvilfroy
Posted 02 May 2014 - 11:03 AM

tomvilfroy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts

if it is the file name mention at the bottom of the pic, then it is my picture collection mosaic software.  I include some pics in the software and that one was for my church.  So anything with OSLC is for my church.

 

Also ment to mention, in the above pic, why is $RECYCLE_BIN directory showing?  I don't think it use to display at all in windows explorer.  Ditto for found.000

 

Lastly, been watching the space on the C: drive.  Was 395 GB last week and now 373 gb (well now 372 gb).  Sure hope there isn't anything still running in the background to slowly take space away.   I know I had to update some files (iTunes, and a few others) so hope that is due to that (sadly didn't think to look after the updates. 

 

Thomas


  • 0

#22
tomvilfroy
Posted 03 May 2014 - 11:17 AM

tomvilfroy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts
Was going to post something here but found the solution to it so never mind.

Edited by tomvilfroy, 03 May 2014 - 04:30 PM.

  • 0

#23
crooleeck
Posted 05 May 2014 - 02:02 PM

crooleeck

    Member

  • Member
  • PipPipPip
  • 882 posts

This is great news! Please post the solution - we all want to know it :)


  • 0

#24
tomvilfroy
Posted 05 May 2014 - 10:01 PM

tomvilfroy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts

No, this was something else..not to this issue. 

 

Thought I had another problem with the computer but remember I had to run this batch file to make the program work correctly.


  • 0

#25
tomvilfroy
Posted 09 May 2014 - 09:52 PM

tomvilfroy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts
So any other help??
  • 0

Advertisements

#26
crooleeck
Posted 10 May 2014 - 07:15 AM

crooleeck

    Member

  • Member
  • PipPipPip
  • 882 posts

Sorry for the delay.

 

Please tell me how mach free space do you have on system drive. Is there any other problems?


  • 0

#27
tomvilfroy
Posted 12 May 2014 - 10:33 AM

tomvilfroy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts

400 GB currently available on C: drive

 

Other than it appears to be slow upon boot up.  I see a lot of arrow cursor with a swirly circle underneath it for like 3-5 minutes after getting to windows.


Edited by tomvilfroy, 12 May 2014 - 10:34 AM.

  • 0

#28
crooleeck
Posted 12 May 2014 - 12:30 PM

crooleeck

    Member

  • Member
  • PipPipPip
  • 882 posts
OK, can you generate new OTL log?
  • Double click on the OTL icon to run it. 
    otlico.png
    Make sure all other windows are closed and to let it run uninterrupted.
  • Select: options:
    • All users.
    • 64-bit scan if appears.
    • Under Extra registry select Use SafeList
    • LOP Check
    • Purity Check
      otl.png
  • Under the Custom Scan box paste this in:

    netsvcs
    BASESERVICES
    %SYSTEMDRIVE%\*.exe
    /md5start
    services.*
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    winsock.*
    /md5stop
    CREATERESTOREPOINT

  • Click the Run scan button.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and paste them into your reply.
copy-paste.png
  • 0

#29
tomvilfroy
Posted 15 May 2014 - 10:36 AM

tomvilfroy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts

okay.  Here is the OTL.Text log file :

 

OTL logfile created on: 5/15/2014 9:28:37 AM - Run 4
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Tom\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19518)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
6.00 Gb Total Physical Memory | 2.87 Gb Available Physical Memory | 47.86% Memory free
12.20 Gb Paging File | 9.31 Gb Available in Paging File | 76.32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 683.95 Gb Total Space | 391.06 Gb Free Space | 57.18% Space Free | Partition Type: NTFS
Drive D: | 14.65 Gb Total Space | 8.16 Gb Free Space | 55.73% Space Free | Partition Type: NTFS
 
Computer Name: OWNERR | User Name: Tom | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/05/15 09:25:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tom\Desktop\OTL.exe
PRC - [2014/05/14 12:00:55 | 001,863,856 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
PRC - [2014/05/14 09:03:23 | 000,317,728 | ---- | M] () -- C:\Program Files (x86)\WiseEnhance\updateWiseEnhance.exe
PRC - [2014/05/14 08:32:40 | 000,317,728 | ---- | M] () -- C:\Program Files (x86)\WiseEnhance\bin\utilWiseEnhance.exe
PRC - [2014/05/12 17:41:52 | 000,096,544 | ---- | M] () -- C:\Program Files (x86)\WiseEnhance\bin\WiseEnhance.BrowserAdapter.exe
PRC - [2014/05/12 10:46:56 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014/04/29 11:27:32 | 000,295,512 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2014/04/17 21:07:28 | 004,672,920 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Tom\AppData\Local\Akamai\netsession_win.exe
PRC - [2014/04/07 22:40:40 | 002,854,952 | ---- | M] (The Nielsen Company) -- C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenUpdate.exe
PRC - [2014/04/07 22:40:38 | 000,091,688 | ---- | M] (The Nielsen Company) -- C:\Program Files (x86)\NetRatingsNetSight\NetSight\nielsenonline.exe
PRC - [2014/03/14 13:38:52 | 000,265,040 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Security Suite\Engine\21.2.0.38\n360.exe
PRC - [2014/03/11 23:36:06 | 000,247,968 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
PRC - [2013/12/18 12:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/10/17 16:27:02 | 000,166,912 | ---- | M] () -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2013/08/14 15:19:58 | 000,233,048 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
PRC - [2013/08/14 15:19:24 | 000,039,056 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2013/06/21 11:58:50 | 000,234,784 | ---- | M] (Apple Inc.) -- C:\AirPrint\airprint.exe
PRC - [2011/10/14 00:01:50 | 000,994,360 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\psia.exe
PRC - [2011/10/14 00:01:48 | 000,399,416 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\sua.exe
PRC - [2011/10/14 00:01:46 | 000,291,896 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
PRC - [2011/03/21 14:05:32 | 002,113,536 | ---- | M] (NCP) -- C:\Program Files (x86)\National Consumer Panel\NCP Internet Transporter\HSTrans.exe
PRC - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/09/23 22:09:52 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/05/14 12:00:54 | 016,361,136 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll
MOD - [2014/05/12 17:41:52 | 000,096,544 | ---- | M] () -- C:\Program Files (x86)\WiseEnhance\bin\WiseEnhance.BrowserAdapter.exe
MOD - [2014/05/12 10:46:55 | 003,839,088 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2014/04/07 22:38:48 | 000,504,320 | ---- | M] () -- C:\Program Files (x86)\NetRatingsNetSight\NetSight\nsmmc.dll
MOD - [2014/04/07 22:35:24 | 000,851,968 | ---- | M] () -- C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter8\npfirefoxprocessor.dll
MOD - [2014/04/07 22:34:50 | 001,246,720 | ---- | M] () -- C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter8\npffaddons.dll
MOD - [2014/04/07 22:34:16 | 000,228,864 | ---- | M] () -- C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter8\npsurvey.dll
MOD - [2014/04/07 22:34:06 | 000,224,768 | ---- | M] () -- C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter8\npwmi.dll
MOD - [2014/04/07 22:33:44 | 000,150,528 | ---- | M] () -- C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter8\npsp1.dll
MOD - [2014/04/07 22:33:22 | 000,504,832 | ---- | M] () -- C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter8\communication.dll
MOD - [2014/02/12 20:58:32 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/02/12 20:58:10 | 001,044,808 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2004/07/19 11:06:58 | 000,520,192 | ---- | M] () -- C:\Program Files (x86)\National Consumer Panel\NCP Internet Transporter\c4dll.dll
MOD - [2003/05/28 06:55:30 | 000,155,648 | ---- | M] () -- C:\Program Files (x86)\National Consumer Panel\NCP Internet Transporter\ssleay32.dll
MOD - [2003/05/28 06:55:28 | 000,684,032 | ---- | M] () -- C:\Program Files (x86)\National Consumer Panel\NCP Internet Transporter\libeay32.dll
MOD - [2002/09/12 07:29:46 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\National Consumer Panel\NCP Internet Transporter\zlib.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2012/12/19 13:56:00 | 000,240,640 | ---- | M] (AMD) [Disabled | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2008/09/23 22:09:52 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV:64bit: - [2008/07/17 22:54:02 | 000,086,016 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\AERTSr64.exe -- (AERTFilters)
SRV:64bit: - [2008/07/02 01:11:34 | 000,412,672 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysNative\DRIVERS\xaudio64.exe -- (XAudioService)
SRV:64bit: - [2008/01/20 20:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2014/05/14 12:00:59 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/05/14 09:03:23 | 000,317,728 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\WiseEnhance\updateWiseEnhance.exe -- (Update WiseEnhance)
SRV - [2014/05/14 08:32:40 | 000,317,728 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\WiseEnhance\bin\utilWiseEnhance.exe -- (Util WiseEnhance)
SRV - [2014/04/07 22:40:40 | 002,854,952 | ---- | M] (The Nielsen Company) [Auto | Running] -- C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenUpdate.exe -- (NielsenUpdate)
SRV - [2014/03/14 13:38:52 | 000,265,040 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Security Suite\Engine\21.2.0.38\N360.exe -- (N360)
SRV - [2014/03/11 23:36:06 | 000,247,968 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE -- (BBUpdate)
SRV - [2014/03/11 23:36:06 | 000,193,696 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE -- (BBSvc)
SRV - [2013/12/18 12:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/10/17 16:27:02 | 000,166,912 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/08/14 15:19:24 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2013/06/21 11:58:50 | 000,234,784 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\AirPrint\airprint.exe -- (AirPrint)
SRV - [2013/05/27 14:51:47 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2011/10/14 00:01:50 | 000,994,360 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
SRV - [2011/10/14 00:01:48 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2009/03/29 22:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/04/27 20:28:22 | 000,177,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2014/04/24 12:32:28 | 000,060,096 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\{2c976a7f-dbdc-4756-870f-f6d183fe7a7e}Gt64.sys -- ({2c976a7f-dbdc-4756-870f-f6d183fe7a7e}Gt64)
DRV:64bit: - [2014/04/19 11:27:52 | 000,119,512 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2014/03/03 22:18:12 | 001,148,120 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1502000.026\SYMEFA64.SYS -- (SymEFA)
DRV:64bit: - [2014/02/17 19:32:41 | 000,510,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\N360x64\1502000.026\SYMTDIV.SYS -- (SYMTDIv)
DRV:64bit: - [2014/02/12 19:59:49 | 000,875,736 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\Drivers\N360x64\1502000.026\SRTSP64.SYS -- (SRTSP)
DRV:64bit: - [2013/10/17 16:27:02 | 000,036,928 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\htcnprot.sys -- (htcnprot)
DRV:64bit: - [2013/09/26 20:45:56 | 000,264,280 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1502000.026\Ironx64.SYS -- (SymIRON)
DRV:64bit: - [2013/09/25 20:50:25 | 000,162,392 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1502000.026\ccSetx64.sys -- (ccSet_N360)
DRV:64bit: - [2013/09/09 20:47:26 | 000,493,656 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1502000.026\SYMDS64.SYS -- (SymDS)
DRV:64bit: - [2013/09/09 19:49:49 | 000,036,952 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1502000.026\SRTSPX64.SYS -- (SRTSPX)
DRV:64bit: - [2012/12/19 14:48:48 | 011,278,336 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (R300)
DRV:64bit: - [2012/12/19 14:48:48 | 011,278,336 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/12/19 13:32:54 | 000,552,960 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/12/13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/04/09 16:27:34 | 000,352,144 | ---- | M] (EldoS Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\cbfs3.sys -- (cbfs3)
DRV:64bit: - [2012/02/29 07:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/23 06:31:50 | 000,092,176 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdLH6.sys -- (AtiHDAudioService)
DRV:64bit: - [2011/07/20 13:58:22 | 000,044,032 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\RimSerial_AMD64.sys -- (RimVSerPort)
DRV:64bit: - [2010/09/01 02:30:58 | 000,017,976 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\psi_mf.sys -- (PSI)
DRV:64bit: - [2010/07/12 12:36:10 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/10/22 16:10:30 | 000,069,320 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS)
DRV:64bit: - [2009/09/30 18:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009/09/15 14:48:00 | 000,975,360 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\Dnetr28ux.sys -- (netr28ux)
DRV:64bit: - [2009/03/06 19:10:10 | 000,015,872 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\anodlwfx.sys -- (anodlwf)
DRV:64bit: - [2009/02/17 06:17:00 | 000,084,808 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K)
DRV:64bit: - [2009/01/16 10:00:32 | 010,275,296 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys -- (igfx)
DRV:64bit: - [2008/11/11 14:42:00 | 000,033,792 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\lgx64modem.sys -- (USBModem)
DRV:64bit: - [2008/11/11 14:42:00 | 000,027,136 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\lgx64diag.sys -- (UsbDiag)
DRV:64bit: - [2008/11/11 14:42:00 | 000,017,920 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\lgx64bus.sys -- (usbbus)
DRV:64bit: - [2008/07/02 01:11:34 | 000,010,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\xaudio64.sys -- (XAudio)
DRV:64bit: - [2008/07/02 01:11:32 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\mdmxsdk.sys -- (mdmxsdk)
DRV:64bit: - [2008/07/02 01:11:28 | 001,487,872 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAX_DPV.sys -- (HSF_DPV)
DRV:64bit: - [2008/07/02 01:11:28 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAX_CNXT.sys -- (winachsf)
DRV:64bit: - [2008/07/02 01:11:28 | 000,411,136 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAXHWBS2.sys -- (CAXHWBS2)
DRV:64bit: - [2008/05/05 03:31:38 | 000,313,472 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\e1e6032e.sys -- (e1express)
DRV:64bit: - [2008/01/20 20:49:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\RootMdm.sys -- (ROOTMODEM)
DRV:64bit: - [2008/01/20 20:47:25 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\serscan.sys -- (StillCam)
DRV - [2014/04/27 14:48:04 | 000,525,016 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20140514.001\IDSviA64.sys -- (IDSVia64)
DRV - [2014/04/27 12:55:08 | 002,099,288 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20140514.034\ex64.sys -- (NAVEX15)
DRV - [2014/04/27 12:55:08 | 000,484,952 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2014/04/27 12:55:08 | 000,137,648 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2014/04/27 12:55:08 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20140514.034\eng64.sys -- (NAVENG)
DRV - [2014/04/09 20:31:18 | 001,525,976 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20140409.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2014/04/07 22:35:40 | 000,026,664 | ---- | M] (The Nielsen Company) [Kernel | System | Running] -- C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter8\nnfwdk64.sys -- (nnfwdk)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...ie7&rlz=1I7DKUS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\URLSearchHook: {e917fc61-7f80-4f1f-a882-cdffffbe4c8d} - SOFTWARE\Classes\CLSID\{e917fc61-7f80-4f1f-a882-cdffffbe4c8d}\InprocServer32 File not found
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-21-4257781629-3628011693-409112458-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-4257781629-3628011693-409112458-1002\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-4257781629-3628011693-409112458-1002\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-4257781629-3628011693-409112458-1002\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search
IE - HKU\S-1-5-21-4257781629-3628011693-409112458-1002\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...&rlz=1I7ADBF_en
IE - HKU\S-1-5-21-4257781629-3628011693-409112458-1002\..\SearchScopes\{9B97950D-482C-1D79-568F-FC7B9D40C785}: "URL" = http://www.bing.com/...eferrer:source}
IE - HKU\S-1-5-21-4257781629-3628011693-409112458-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4257781629-3628011693-409112458-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
========== FireFox ==========
 
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@fileplanet.com/fpdlm: C:\Program Files (x86)\Download Manager\npfpdlm.dll (IGN Entertainment)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nielsen/FirefoxTracker: C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter8\FirefoxAddOns\npfirefoxtracker.dll (Nielsen)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/09/02 12:21:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2014/04/27 20:30:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ [2014/05/14 15:57:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/09/02 12:21:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter8\FirefoxAddOns\[email protected] [2014/05/15 00:02:00 | 000,009,382 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/05/12 10:46:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/05/12 10:46:51 | 000,000,000 | ---D | M]
 
[2009/10/31 18:30:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tom\AppData\Roaming\Mozilla\Extensions
[2014/04/28 19:30:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\kx43be6t.default\extensions
[2014/04/29 10:45:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\nq43kb59.default-1370981831842\extensions
[2014/04/28 21:30:40 | 000,007,788 | ---- | M] () (No name found) -- C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\kx43be6t.default\extensions\{2c976a7f-dbdc-4756-870f-f6d183fe7a7e}.xpi
[2014/03/31 11:58:00 | 000,537,036 | ---- | M] () (No name found) -- C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\nq43kb59.default-1370981831842\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi
[2014/05/12 10:46:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/05/12 10:46:56 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014/04/29 11:27:43 | 000,124,504 | ---- | M] (RealPlayer) -- C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Error reading preferences file
CHR - Extension: RealDownloader = C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.3_1\
CHR - Extension: Nielsen = C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgceplfonlgodadnpognljgdjlcnpjnh\1.8.1_0\
CHR - Extension: Norton Identity Protection = C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2014.7.0.43_0\
CHR - Extension: Google Wallet = C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
 
O1 HOSTS File: ([2013/07/08 01:09:29 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg64.dll (Google Inc.)
O2:64bit: - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\21.2.0.38\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\21.2.0.38\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\21.2.0.38\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKU\S-1-5-21-4257781629-3628011693-409112458-1002\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [WPCUMI] C:\Windows\SysNative\WpcUmi.exe (Microsoft Corporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [MegaPanel] C:\Program Files (x86)\National Consumer Panel\NCP Internet Transporter\HSTrans.exe (NCP)
O4 - HKLM..\Run: [mobilegeni daemon] "C:\Program Files (x86)\Mobogenie\DaemonProcess.exe" File not found
O4 - HKLM..\Run: [NielsenOnline] C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenOnline.exe (The Nielsen Company)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-21-4257781629-3628011693-409112458-1002..\Run: [Akamai NetSession Interface] C:\Users\Tom\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKU\S-1-5-21-4257781629-3628011693-409112458-1002..\Run: [HP Photosmart 5520 series (NET)] C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O4 - HKU\S-1-5-21-4257781629-3628011693-409112458-1002..\Run: [igndlm.exe] C:\Program Files (x86)\Download Manager\DLM.exe (IGN Entertainment)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4257781629-3628011693-409112458-1002\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4257781629-3628011693-409112458-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKU\S-1-5-21-4257781629-3628011693-409112458-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-4257781629-3628011693-409112458-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-4257781629-3628011693-409112458-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-4257781629-3628011693-409112458-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe (Hewlett-Packard)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-4257781629-3628011693-409112458-1002\..Trusted Domains: ncponline.com ([www] * in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B2957CC1-5FCC-498D-A092-939CE9B94B1A}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysNative\CbFsMntNtf3.dll (EldoS Corporation)
O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
O22:64bit: - SharedTaskScheduler: {5FF49FE8-B332-4CB9-B102-FB6951629E55} - Virtual Storage Mount Notification - C:\Windows\SysNative\CbFsMntNtf3.dll (EldoS Corporation)
O22 - SharedTaskScheduler: {5FF49FE8-B332-4CB9-B102-FB6951629E55} - Virtual Storage Mount Notification - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/05/15 09:25:53 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Tom\Desktop\OTL.exe
[2014/05/14 12:12:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2014/05/14 08:49:53 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/05/14 08:49:53 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/05/13 12:18:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Legacy 8.0
[2014/05/13 12:18:29 | 000,496,384 | ---- | C] (Xceed Software Inc        (450) 442-2626        [email protected]        www.xceedsoft.com) -- C:\Windows\SysWow64\XceedZip.dll
[2014/05/13 12:18:29 | 000,169,216 | ---- | C] (Wintertree Software Inc.) -- C:\Windows\SysWow64\WSpell.ocx
[2014/05/13 12:18:28 | 001,010,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCHRT20.OCX
[2014/05/13 12:18:28 | 000,832,448 | ---- | C] (APEX Software Corporation) -- C:\Windows\SysWow64\tdbg6.ocx
[2014/05/13 12:18:28 | 000,751,104 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltocx11n.ocx
[2014/05/13 12:18:28 | 000,458,752 | ---- | C] (ComponentOne) -- C:\Windows\SysWow64\vsprint8.ocx
[2014/05/13 12:18:28 | 000,262,144 | ---- | C] (ComponentOne ) -- C:\Windows\SysWow64\vspdf8.ocx
[2014/05/13 12:18:28 | 000,237,568 | ---- | C] (VideoSoft) -- C:\Windows\SysWow64\Vsocx6.ocx
[2014/05/13 12:18:28 | 000,203,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RICHTX32.OCX
[2014/05/13 12:18:28 | 000,198,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MCI32.OCX
[2014/05/13 12:18:28 | 000,115,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSINET.OCX
[2014/05/13 12:18:28 | 000,065,536 | ---- | C] (Sheridan Software Systems, Inc) -- C:\Windows\SysWow64\ssfm1032.dll
[2014/05/13 12:18:28 | 000,065,536 | ---- | C] (Larcom and Young) -- C:\Windows\SysWow64\ReSize32.ocx
[2014/05/13 12:18:27 | 001,882,104 | ---- | C] (Codejock Software) -- C:\Windows\SysWow64\Codejock.Controls.v15.0.2.ocx
[2014/05/13 12:18:27 | 001,374,200 | ---- | C] (Codejock Software) -- C:\Windows\SysWow64\Codejock.ReportControl.v15.0.2.ocx
[2014/05/13 12:18:27 | 000,886,776 | ---- | C] (Codejock Software) -- C:\Windows\SysWow64\Codejock.TaskPanel.v15.0.2.ocx
[2014/05/13 12:18:27 | 000,501,752 | ---- | C] (Codejock Software) -- C:\Windows\SysWow64\Codejock.ShortcutBar.v15.0.2.ocx
[2014/05/13 12:18:26 | 002,660,344 | ---- | C] (Codejock Software) -- C:\Windows\SysWow64\Codejock.CommandBars.v15.0.2.ocx
[2014/05/13 12:18:26 | 000,391,168 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltkrn11n.dll
[2014/05/13 12:18:26 | 000,262,144 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LTDIS11n.dll
[2014/05/13 12:18:26 | 000,226,816 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltefx11n.dll
[2014/05/13 12:18:26 | 000,212,480 | ---- | C] (Eastman Kodak) -- C:\Windows\SysWow64\PCDLIB32.DLL
[2014/05/13 12:18:26 | 000,200,704 | ---- | C] (CIA, The company) -- C:\Windows\SysWow64\ciaSCls20.dll
[2014/05/13 12:18:26 | 000,184,320 | ---- | C] (CIA, The Company) -- C:\Windows\SysWow64\ciaXPButton30.ocx
[2014/05/13 12:18:26 | 000,172,544 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\Lfpng11n.dll
[2014/05/13 12:18:26 | 000,151,040 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lftif11n.dll
[2014/05/13 12:18:26 | 000,127,488 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltimg11n.dll
[2014/05/13 12:18:26 | 000,118,272 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltfil11n.DLL
[2014/05/13 12:18:26 | 000,089,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VB5DB.dll
[2014/05/13 12:18:26 | 000,080,896 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lffax11n.dll
[2014/05/13 12:18:26 | 000,059,392 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfwmf11n.dll
[2014/05/13 12:18:26 | 000,053,248 | ---- | C] (CIA, The Company) -- C:\Windows\SysWow64\ciaXPRegSvr20.dll
[2014/05/13 12:18:26 | 000,045,936 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltvdd11w.drv
[2014/05/13 12:18:26 | 000,041,472 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfgif11n.dll
[2014/05/13 12:18:26 | 000,038,400 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lttwn11n.dll
[2014/05/13 12:18:26 | 000,032,768 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfpcx11n.dll
[2014/05/13 12:18:26 | 000,027,648 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfwpg11n.dll
[2014/05/13 12:18:26 | 000,027,648 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lftga11n.dll
[2014/05/13 12:18:26 | 000,027,136 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfimg11n.dll
[2014/05/13 12:18:26 | 000,026,112 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfpcd11n.dll
[2014/05/13 12:18:26 | 000,026,112 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfmsp11n.dll
[2014/05/13 12:18:26 | 000,003,824 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltthk11w.dll
[2014/05/13 12:18:25 | 000,276,992 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LFCMP11n.DLL
[2014/05/13 12:18:25 | 000,036,864 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfbmp11n.dll
[2014/05/13 12:18:25 | 000,035,328 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfcal11n.dll
[2014/05/13 12:18:25 | 000,031,232 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfeps11n.dll
[2014/05/12 20:23:36 | 000,000,000 | ---D | C] -- C:\Users\Tom\AppData\Roaming\KeyingTool
[2014/05/12 20:23:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Ancestry.com
[2014/05/12 20:22:48 | 000,000,000 | ---D | C] -- C:\Users\Tom\AppData\Local\Ancestry.com
[2014/05/12 20:16:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ancestry
[2014/05/12 20:15:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ancestry
[2014/05/12 20:07:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft WSE
[2014/05/12 10:46:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/05/05 22:04:39 | 000,000,000 | ---D | C] -- C:\Legacy Genealogy Files
[2014/04/30 09:24:38 | 000,692,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/04/30 09:24:38 | 000,070,832 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/04/29 23:32:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014/04/29 23:32:12 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2014/04/29 23:32:09 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2014/04/29 23:32:09 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2014/04/29 23:24:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2014/04/29 23:24:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2014/04/29 11:28:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xing shared
[2014/04/29 11:27:51 | 000,201,872 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\rmoc3260.dll
[2014/04/29 11:27:38 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5016.dll
[2014/04/29 11:27:38 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5032.dll
[2014/04/29 11:27:37 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll
[2014/04/29 11:19:33 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2014/04/29 10:29:40 | 000,000,000 | ---D | C] -- C:\Users\Tom\AppData\Local\cache
[2014/04/29 10:29:36 | 000,000,000 | ---D | C] -- C:\Users\Tom\Documents\Mobogenie
[2014/04/29 10:29:36 | 000,000,000 | ---D | C] -- C:\Users\Tom\AppData\Local\Mobogenie
[2014/04/28 21:00:40 | 000,060,096 | ---- | C] (StdLib) -- C:\Windows\SysNative\drivers\{2c976a7f-dbdc-4756-870f-f6d183fe7a7e}Gt64.sys
[2014/04/28 19:29:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WiseEnhance
[2014/04/28 19:22:39 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014/04/28 19:21:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/04/28 19:21:54 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014/04/28 19:21:54 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014/04/28 17:34:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Visan
[2014/04/28 17:34:26 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Photo Creations
[2014/04/28 17:34:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP Photo Creations
[2014/04/28 17:33:07 | 000,741,480 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\SysNative\HPDiscoPMB111.dll
[2014/04/28 17:32:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2014/04/28 17:29:30 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2014/04/28 17:27:38 | 000,000,000 | ---D | C] -- C:\Users\Tom\AppData\Local\HP
[2014/04/27 20:38:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2014/04/27 20:35:39 | 001,148,120 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\1502000.026\symefa64.sys
[2014/04/27 20:35:39 | 000,875,736 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\1502000.026\srtsp64.sys
[2014/04/27 20:35:39 | 000,593,112 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\1502000.026\symnets.sys
[2014/04/27 20:35:39 | 000,510,168 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\1502000.026\symtdiv.sys
[2014/04/27 20:35:39 | 000,493,656 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\1502000.026\symds64.sys
[2014/04/27 20:35:39 | 000,264,280 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\1502000.026\ironx64.sys
[2014/04/27 20:35:39 | 000,162,392 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\1502000.026\ccsetx64.sys
[2014/04/27 20:35:39 | 000,036,952 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\1502000.026\srtspx64.sys
[2014/04/27 20:35:39 | 000,023,568 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\1502000.026\symelam.sys
[2014/04/27 20:35:31 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\N360x64\1502000.026
[2014/04/27 20:28:22 | 000,177,752 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2014/04/27 20:27:15 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\N360x64
[2014/04/27 20:27:13 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Suite
[2014/04/27 20:27:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Security Suite
[2014/04/27 20:27:05 | 000,000,000 | ---D | C] -- C:\Users\Tom\Documents\Symantec
[2014/04/27 20:27:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2014/04/27 18:34:27 | 000,000,000 | ---D | C] -- C:\NPE
[2014/04/27 18:31:08 | 000,000,000 | ---D | C] -- C:\Users\Tom\AppData\Local\NPE
[2014/04/27 15:25:35 | 000,000,000 | ---D | C] -- C:\Users\Tom\AppData\Local\LogMeIn Rescue Applet
[2014/04/27 13:47:48 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/04/27 13:47:46 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2014/04/27 13:47:44 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2014/04/27 13:47:43 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2014/04/27 13:47:43 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/04/27 13:47:43 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/04/27 13:47:25 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2014/04/27 13:47:23 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2014/04/27 13:47:21 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2014/04/27 13:47:14 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2014/04/27 13:47:07 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\corpol.dll
[2014/04/27 13:47:05 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/04/27 13:47:03 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2014/04/27 13:47:00 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/04/27 13:46:54 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/04/27 13:46:54 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2014/04/27 13:46:52 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2014/04/27 13:46:52 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/04/27 13:46:51 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/04/27 13:46:51 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/04/27 13:46:48 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2014/04/27 13:46:45 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/04/27 13:46:42 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2014/04/27 13:46:40 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2014/04/27 13:46:39 | 000,742,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/04/27 13:46:35 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2014/04/27 13:46:35 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2014/04/27 13:46:32 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\corpol.dll
[2014/04/27 13:46:31 | 001,538,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/04/19 12:11:47 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro
[2014/04/19 12:05:37 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2014/04/19 11:27:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/04/19 11:27:00 | 000,063,192 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/04/19 11:27:00 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/04/19 10:38:54 | 000,000,000 | ---D | C] -- C:\Users\Tom\Documents\Outlook Files
[2014/04/18 08:53:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDirStat
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/05/15 09:35:15 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/05/15 09:34:00 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{05589FB7-93BA-465D-89A0-B5C602FF0A47}.job
[2014/05/15 09:34:00 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{B9EF5B1D-A4FF-4E35-A03D-E8566A5F53EF}.job
[2014/05/15 09:25:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tom\Desktop\OTL.exe
[2014/05/15 08:57:22 | 000,002,579 | ---- | M] () -- C:\Users\Public\Desktop\Ancestry World Archives Project - Keying Tool.lnk
[2014/05/15 08:47:20 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/05/15 07:54:09 | 000,003,744 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014/05/15 07:54:09 | 000,003,744 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014/05/14 17:13:15 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/05/14 16:07:21 | 000,002,027 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/05/14 15:54:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/05/14 12:00:55 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/05/14 12:00:55 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/05/14 08:49:26 | 003,391,756 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\1502000.026\Cat.DB
[2014/05/13 12:18:30 | 000,000,549 | ---- | M] () -- C:\Users\Public\Desktop\Legacy 8.0.lnk
[2014/05/05 14:06:29 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/05/05 13:31:46 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/04/30 03:52:11 | 000,035,791 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\1502000.026\VT20140430.005
[2014/04/29 23:32:51 | 000,001,696 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/04/29 23:22:55 | 000,790,592 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/04/29 23:22:55 | 000,664,470 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/04/29 23:22:55 | 000,128,354 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/04/29 11:28:33 | 000,001,101 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2014/04/29 11:27:51 | 000,201,872 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\rmoc3260.dll
[2014/04/29 11:27:38 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5016.dll
[2014/04/29 11:27:38 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5032.dll
[2014/04/29 11:27:37 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll
[2014/04/29 11:19:37 | 000,000,816 | ---- | M] () -- C:\Users\Public\Desktop\WinRAR.lnk
[2014/04/28 19:21:44 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014/04/28 19:21:42 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014/04/28 19:21:42 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014/04/28 19:21:42 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014/04/28 18:33:43 | 000,534,451 | ---- | M] () -- C:\Users\Tom\Documents\RobertVilfroyJrBirthCertificate.jpg
[2014/04/28 17:44:14 | 000,002,177 | ---- | M] () -- C:\Users\Tom\Desktop\HP Photosmart 5520 series.lnk
[2014/04/28 17:34:29 | 000,001,832 | ---- | M] () -- C:\Users\Public\Desktop\HP Photo Creations.lnk
[2014/04/28 17:33:05 | 000,001,085 | ---- | M] () -- C:\Users\Public\Desktop\Shop for Supplies - HP Photosmart 5520 series.lnk
[2014/04/28 17:28:18 | 000,000,057 | ---- | M] () -- C:\ProgramData\Ament.ini
[2014/04/27 20:43:13 | 000,002,260 | ---- | M] () -- C:\Users\Public\Desktop\Norton Security Suite.lnk
[2014/04/27 20:28:22 | 000,177,752 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2014/04/27 20:28:22 | 000,008,222 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2014/04/27 20:28:22 | 000,000,854 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2014/04/27 20:25:52 | 000,000,810 | ---- | M] () -- C:\Users\Tom\Desktop\Norton Installation Files.lnk
[2014/04/27 20:00:07 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{F0164BE5-75FF-4CDD-BBB2-66C23D025398}.job
[2014/04/24 12:32:28 | 000,060,096 | ---- | M] (StdLib) -- C:\Windows\SysNative\drivers\{2c976a7f-dbdc-4756-870f-f6d183fe7a7e}Gt64.sys
[2014/04/21 17:04:03 | 000,000,580 | ---- | M] () -- C:\Users\Tom\Desktop\WinDirStat.lnk
[2014/04/19 12:11:48 | 000,001,734 | ---- | M] () -- C:\Users\Public\Desktop\HitmanPro.lnk
[2014/04/19 11:27:52 | 000,119,512 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/04/19 11:27:19 | 000,000,578 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/04/19 10:39:07 | 000,000,968 | ---- | M] () -- C:\Users\Tom\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/05/13 12:18:30 | 000,000,561 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Legacy 8.0.lnk
[2014/05/13 12:18:29 | 000,021,504 | ---- | C] () -- C:\Windows\SysWow64\WBCustomizer.dll
[2014/05/13 12:18:29 | 000,000,549 | ---- | C] () -- C:\Users\Public\Desktop\Legacy 8.0.lnk
[2014/05/12 20:16:01 | 000,002,579 | ---- | C] () -- C:\Users\Public\Desktop\Ancestry World Archives Project - Keying Tool.lnk
[2014/05/01 13:59:13 | 000,035,791 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1502000.026\VT20140430.005
[2014/04/30 09:24:39 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/04/29 23:32:51 | 000,001,696 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/04/29 11:28:33 | 000,001,101 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2014/04/29 11:19:36 | 000,000,816 | ---- | C] () -- C:\Users\Public\Desktop\WinRAR.lnk
[2014/04/28 18:33:43 | 000,534,451 | ---- | C] () -- C:\Users\Tom\Documents\RobertVilfroyJrBirthCertificate.jpg
[2014/04/28 17:44:14 | 000,002,177 | ---- | C] () -- C:\Users\Tom\Desktop\HP Photosmart 5520 series.lnk
[2014/04/28 17:34:28 | 000,001,832 | ---- | C] () -- C:\Users\Public\Desktop\HP Photo Creations.lnk
[2014/04/28 17:33:04 | 000,001,085 | ---- | C] () -- C:\Users\Public\Desktop\Shop for Supplies - HP Photosmart 5520 series.lnk
[2014/04/28 17:28:18 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2014/04/27 20:41:16 | 003,391,756 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1502000.026\Cat.DB
[2014/04/27 20:35:39 | 000,009,939 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1502000.026\symelam64.cat
[2014/04/27 20:35:39 | 000,008,202 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1502000.026\ccsetx64.cat
[2014/04/27 20:35:39 | 000,008,196 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1502000.026\srtspx64.cat
[2014/04/27 20:35:39 | 000,008,194 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1502000.026\symefa64.cat
[2014/04/27 20:35:39 | 000,008,192 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1502000.026\symnet64.cat
[2014/04/27 20:35:39 | 000,008,192 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1502000.026\srtsp64.cat
[2014/04/27 20:35:39 | 000,008,188 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1502000.026\symds64.cat
[2014/04/27 20:35:39 | 000,008,184 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1502000.026\iron.cat
[2014/04/27 20:35:39 | 000,003,433 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1502000.026\symefa.inf
[2014/04/27 20:35:39 | 000,002,852 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1502000.026\symds.inf
[2014/04/27 20:35:39 | 000,001,440 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1502000.026\symnet.inf
[2014/04/27 20:35:39 | 000,001,437 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1502000.026\srtsp64.inf
[2014/04/27 20:35:39 | 000,001,420 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1502000.026\srtspx64.inf
[2014/04/27 20:35:39 | 000,001,098 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1502000.026\symelam.inf
[2014/04/27 20:35:39 | 000,000,855 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1502000.026\ccsetx64.inf
[2014/04/27 20:35:39 | 000,000,767 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1502000.026\iron.inf
[2014/04/27 20:35:31 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1502000.026\isolate.ini
[2014/04/27 20:28:22 | 000,008,222 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2014/04/27 20:28:22 | 000,000,854 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2014/04/27 20:28:12 | 000,002,260 | ---- | C] () -- C:\Users\Public\Desktop\Norton Security Suite.lnk
[2014/04/27 20:00:07 | 000,000,418 | -H-- | C] () -- C:\Windows\tasks\User_Feed_Synchronization-{F0164BE5-75FF-4CDD-BBB2-66C23D025398}.job
[2014/04/19 12:11:48 | 000,001,734 | ---- | C] () -- C:\Users\Public\Desktop\HitmanPro.lnk
[2014/04/19 11:27:19 | 000,000,578 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/04/19 10:39:06 | 000,000,968 | ---- | C] () -- C:\Users\Tom\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2014/04/18 08:53:07 | 000,000,580 | ---- | C] () -- C:\Users\Tom\Desktop\WinDirStat.lnk
[2014/04/05 14:10:17 | 000,000,000 | ---- | C] () -- C:\ProgramData\PreferencePane
[2014/04/05 14:10:17 | 000,000,000 | ---- | C] () -- C:\ProgramData\Plug-Ins
[2014/04/05 14:10:17 | 000,000,000 | ---- | C] () -- C:\ProgramData\Metadata Importer
[2013/07/28 21:55:39 | 000,000,000 | ---- | C] () -- C:\Windows\ViewNX2.INI
[2013/06/09 22:24:41 | 000,000,207 | ---- | C] () -- C:\Windows\tweaking.com-regbackup-OWNERR-Microsoft®-Windows-Vista™-Home-Premium-(64-bit).dat
[2013/05/24 00:49:45 | 000,116,866 | ---- | C] () -- C:\Windows\hpqins00.dat
[2013/05/23 19:54:59 | 000,000,000 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT
[2013/05/23 19:52:02 | 000,000,000 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT
[2013/05/23 19:52:02 | 000,000,000 | ---- | C] () -- C:\Users\Tom\AppData\Roaming\Phaser
[2013/05/23 19:52:01 | 000,000,000 | ---- | C] () -- C:\Users\Tom\AppData\Roaming\Percussion Kit
[2013/05/23 19:52:00 | 000,000,000 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT
[2013/05/23 19:48:27 | 000,000,000 | ---- | C] () -- C:\Users\Tom\AppData\Roaming\Plugins
[2013/05/23 19:48:26 | 000,000,000 | -H-- | C] () -- C:\ProgramData\PKP_DLeo.DAT
[2013/01/22 11:18:04 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2013/01/22 11:18:04 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2013/01/22 11:18:02 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2013/01/22 11:18:01 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2013/01/22 10:42:45 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012/12/18 11:03:37 | 000,207,348 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2012/04/06 14:45:42 | 000,007,836 | ---- | C] () -- C:\Users\Tom\AppData\Local\d3d9caps.dat
[2012/04/06 14:28:24 | 000,001,460 | ---- | C] () -- C:\Users\Tom\AppData\Local\d3d9caps64.dat
[2011/05/20 12:35:12 | 000,001,940 | ---- | C] () -- C:\Users\Tom\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011/01/24 00:57:15 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2010/12/14 14:44:27 | 000,003,284 | ---- | C] () -- C:\Users\Tom\AppData\Roaming\ANIWZCS{6F197489-71C4-487E-90C4-A453BF248EE7}
[2010/03/15 10:16:36 | 000,000,091 | ---- | C] () -- C:\Users\Tom\AppData\Local\fusioncache.dat
[2010/02/24 10:01:18 | 049,877,254 | ---- | C] () -- C:\Users\Tom\ebp-backup-02242010.zip
[2010/01/29 18:06:20 | 000,012,288 | ---- | C] () -- C:\Users\Tom\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/31 14:32:42 | 000,000,632 | RHS- | C] () -- C:\Users\Tom\ntuser.pol
 
========== ZeroAccess Check ==========
 
[2006/11/02 09:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/25 10:30:37 | 012,900,864 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\SysWow64\shdocvw.dll -- [2011/01/20 10:07:03 | 001,075,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/04/11 01:11:14 | 000,891,392 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\SysWow64\wbem\fastprox.dll -- [2009/04/11 00:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008/01/20 20:50:58 | 000,513,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2011/11/19 20:45:11 | 000,000,000 | ---D | M] -- C:\Users\Krystin\AppData\Roaming\.minecraft
[2010/03/07 18:01:19 | 000,000,000 | ---D | M] -- C:\Users\Krystin\AppData\Roaming\Facebook
[2013/11/26 18:50:38 | 000,000,000 | ---D | M] -- C:\Users\Krystin\AppData\Roaming\ID Vault
[2010/11/01 22:19:03 | 000,000,000 | ---D | M] -- C:\Users\Krystin\AppData\Roaming\LimeWire
[2011/12/25 12:10:57 | 000,000,000 | ---D | M] -- C:\Users\Krystin\AppData\Roaming\Research In Motion
[2013/11/26 18:50:38 | 000,000,000 | ---D | M] -- C:\Users\NewKrystin\AppData\Roaming\ID Vault
[2014/02/22 15:52:26 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\HTC
[2013/11/26 18:50:38 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\ID Vault
[2010/11/01 21:14:03 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\LimeWire
[2013/07/28 21:55:26 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\Nikon
[2010/01/31 20:23:52 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\Research In Motion
[2012/11/10 18:08:23 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\Template
[2012/06/15 00:52:51 | 000,000,000 | ---D | M] -- C:\Users\Test\AppData\Roaming\.minecraft
[2012/06/15 00:52:53 | 000,000,000 | ---D | M] -- C:\Users\Test\AppData\Roaming\Facebook
[2012/06/15 00:53:13 | 000,000,000 | ---D | M] -- C:\Users\Test\AppData\Roaming\LimeWire
[2012/06/15 00:53:55 | 000,000,000 | ---D | M] -- C:\Users\Test\AppData\Roaming\Research In Motion
[2011/12/27 13:59:21 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\.minecraft
[2013/01/22 12:15:38 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\avidemux
[2012/06/12 09:05:16 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\BSW
[2014/04/04 14:32:29 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\Dropbox
[2013/11/26 18:48:45 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\ID Vault
[2012/04/07 11:09:12 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\Image Zone Express
[2014/05/12 20:23:36 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\KeyingTool
[2009/12/16 15:34:55 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\Namco
[2013/05/23 20:13:51 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\Nikon
[2013/07/10 17:25:21 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\Nuance
[2009/12/16 15:48:52 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\OtherSide Realm of Eons
[2009/12/16 15:35:01 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\PlayFirst
[2010/04/13 11:23:50 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\Printer Info Cache
[2010/02/15 15:20:22 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\RailGameFans
[2010/08/27 13:59:03 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\runic games
[2011/05/25 10:58:06 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\SystemRequirementsLab
[2010/08/04 08:18:18 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\Turbine
[2012/12/04 19:50:13 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\Unity
[2011/01/17 12:05:44 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\Windows Live Writer
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
========== Base Services ==========
SRV:64bit: - [2006/11/02 05:16:28 | 000,026,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:64bit: - [2008/01/20 20:48:17 | 000,045,056 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:64bit: - [2008/01/20 20:48:16 | 000,080,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:64bit: - [2009/04/11 01:11:22 | 001,081,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:64bit: - [2009/04/11 01:11:13 | 000,458,240 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bfe.dll -- (BFE)
SRV:64bit: - [2011/11/16 08:34:41 | 000,011,264 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:64bit: - [2009/04/11 01:11:14 | 000,361,984 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2009/04/11 00:28:19 | 000,268,800 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:64bit: - [2008/01/20 20:49:11 | 000,103,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:64bit: - [2013/07/07 22:12:34 | 000,174,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV - [2013/07/07 22:16:55 | 000,133,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV:64bit: - [2009/04/11 01:11:23 | 000,719,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:64bit: - [2009/04/11 01:11:14 | 000,268,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcsvc.dll -- (Dhcp)
SRV - [2009/04/11 00:28:18 | 000,204,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcsvc.dll -- (Dhcp)
SRV:64bit: - [2011/03/02 10:12:21 | 000,117,760 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:64bit: - [2008/01/20 20:50:17 | 000,074,752 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:64bit: - [2009/04/11 01:11:15 | 000,024,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2009/04/11 00:28:19 | 000,026,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:64bit: - [2008/01/20 20:48:03 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:64bit: - [2009/04/11 01:11:15 | 000,533,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\ipsecsvc.dll -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:64bit: - [2009/04/11 01:11:26 | 000,480,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:64bit: - [2008/01/20 20:49:56 | 000,037,888 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:64bit: - [2008/01/20 20:48:10 | 000,348,160 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:64bit: - [2008/01/20 20:48:40 | 000,304,128 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV - [2008/01/20 20:49:21 | 000,237,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV:64bit: - [2008/01/20 20:50:27 | 000,206,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:64bit: - [2008/01/20 20:49:42 | 000,024,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:64bit: - [2009/04/11 01:11:27 | 000,313,344 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:64bit: - [2010/08/17 08:54:20 | 000,273,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:64bit: - [2011/11/16 08:34:41 | 000,011,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
SRV:64bit: - [2009/04/11 01:11:14 | 000,399,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\emdmgmt.dll -- (EMDMgmt)
SRV:64bit: - [2008/01/20 20:48:24 | 000,098,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:64bit: - [2009/04/11 01:11:22 | 000,309,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:64bit: - [2009/04/11 01:11:23 | 000,719,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:64bit: - [2008/01/20 20:49:09 | 000,028,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:64bit: - [2011/11/16 08:34:41 | 000,011,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:64bit: - [2009/04/11 01:11:31 | 000,074,752 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:64bit: - [2010/09/06 12:28:38 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:64bit: - [2009/07/10 05:51:23 | 000,302,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2009/07/10 05:47:42 | 000,247,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
SRV:64bit: - [2009/04/11 01:10:35 | 002,582,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SLsvc.exe -- (slsvc)
SRV:64bit: - [2010/11/06 05:18:13 | 000,855,040 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:64bit: - [2009/04/11 01:11:26 | 000,318,976 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2009/04/11 00:28:24 | 000,242,688 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:64bit: - [2009/07/10 05:51:23 | 000,302,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (Themes)
SRV - [2009/07/10 05:47:42 | 000,247,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (Themes)
SRV:64bit: - [2009/04/11 01:11:22 | 000,178,176 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:64bit: - [2009/04/11 01:11:03 | 001,433,600 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vssvc.exe -- (VSS)
SRV:64bit: - [2009/04/11 01:11:13 | 000,446,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\Audiosrv.dll -- (AudioSrv)
SRV:64bit: - [2009/04/11 01:11:13 | 000,446,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\Audiosrv.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2008/01/20 20:47:28 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SDRSVC.dll -- (SDRSVC)
SRV:64bit: - [2008/01/20 20:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/04/11 01:11:28 | 001,491,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (Eventlog)
SRV:64bit: - [2009/04/11 01:11:15 | 000,603,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mpssvc.dll -- (MpsSvc)
SRV:64bit: - [2009/04/11 01:11:28 | 000,572,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:64bit: - [2009/04/11 01:10:29 | 000,125,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2009/04/11 00:27:45 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver)
SRV:64bit: - [2009/04/11 01:11:29 | 000,221,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:64bit: - [2012/06/02 16:19:43 | 002,428,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:64bit: - [2009/04/11 01:11:14 | 000,208,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:64bit: - [2009/07/11 13:11:20 | 000,615,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:64bit: - [2009/06/10 05:53:17 | 000,203,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)
 
< %SYSTEMDRIVE%\*.exe >
 
< MD5 for: EXPLORER.EXE  >
[2008/10/29 00:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_b5f700fe698beb14\explorer.exe
[2008/10/29 00:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_b7eb106e66a7ac19\explorer.exe
[2008/10/29 00:15:50 | 003,087,360 | ---- | M] (Microsoft Corporation) MD5=50514057C28A74BAC2BD04B7B990D615 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_aba256ac352b2919\explorer.exe
[2008/10/29 21:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_b8583e9d7fda0512\explorer.exe
[2009/04/11 01:10:17 | 003,079,168 | ---- | M] (Microsoft Corporation) MD5=6B08E54A451B3F95E4109DBA7E594270 -- C:\Windows\ERDNT\cache86\explorer.exe
[2009/04/11 01:10:17 | 003,079,168 | ---- | M] (Microsoft Corporation) MD5=6B08E54A451B3F95E4109DBA7E594270 -- C:\Windows\explorer.exe
[2009/04/11 01:10:17 | 003,079,168 | ---- | M] (Microsoft Corporation) MD5=6B08E54A451B3F95E4109DBA7E594270 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_afbebba22f3bab41\explorer.exe
[2008/10/27 20:30:12 | 003,086,848 | ---- | M] (Microsoft Corporation) MD5=72B9990E45C25AA3C75C4FB50A9D6CE0 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_ac5266dd4e2b0a41\explorer.exe
[2008/10/29 00:49:22 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=BBD8E74F23D7605CB0CDB57A1B25D826 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_ad96661c3246ea1e\explorer.exe
[2009/04/11 00:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\SysWOW64\explorer.exe
[2009/04/11 00:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_ba1365f4639c6d3c\explorer.exe
[2008/10/29 23:30:07 | 003,081,216 | ---- | M] (Microsoft Corporation) MD5=E404A65EF890140410E9F3D405841C95 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_ae03944b4b794317\explorer.exe
[2008/10/27 20:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_b6a7112f828bcc3c\explorer.exe
[2008/01/20 20:48:44 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=F6D765FB6B457542D954682F50C26E4F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_add342963219dff5\explorer.exe
[2008/01/20 20:49:23 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_b827ece8667aa1f0\explorer.exe
 
< MD5 for: SERVICES  >
[2006/09/18 15:37:24 | 000,017,244 | ---- | M] () MD5=9F534244B7F8F55D5C0BB498D8D481E7 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.0.6001.18000_none_60a39df1afb86c9f\services
 
< MD5 for: SERVICES.CFG  >
[2013/12/18 12:42:40 | 000,558,851 | ---- | M] () MD5=A044715A48D8FADB9366D554F20D3331 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Services\Services.cfg
[2011/06/06 12:55:30 | 000,584,045 | R--- | M] () MD5=B82DD53FA8C260DDD7FDC42182DB816E -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\services.cfg
 
< MD5 for: SERVICES.DAT  >
[2013/04/21 21:04:55 | 000,001,720 | ---- | M] () MD5=43C1700D78D89F0B1F6FA88FD132BE1A -- C:\JRT\services.dat
 
< MD5 for: SERVICES.EXE  >
[2008/01/20 20:50:34 | 000,279,040 | ---- | M] (Microsoft Corporation) MD5=2B336AB6286D6C81FA02CBAB914E3C6C -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
[2009/04/11 01:10:50 | 000,384,512 | ---- | M] (Microsoft Corporation) MD5=934E0B7D77FF78C18D9F8891221B6DE3 -- C:\Windows\ERDNT\cache64\services.exe
[2009/04/11 01:10:50 | 000,384,512 | ---- | M] (Microsoft Corporation) MD5=934E0B7D77FF78C18D9F8891221B6DE3 -- C:\Windows\SysNative\services.exe
[2009/04/11 01:10:50 | 000,384,512 | ---- | M] (Microsoft Corporation) MD5=934E0B7D77FF78C18D9F8891221B6DE3 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_2d69d4f782c83d8c\services.exe
[2009/04/11 00:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\SysWOW64\services.exe
[2009/04/11 00:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe
[2008/01/20 20:49:44 | 000,384,512 | ---- | M] (Microsoft Corporation) MD5=DFAC660F0F139276CC9299812DE42719 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_2b7e5beb85a67240\services.exe
 
< MD5 for: SERVICES.EXE.MUI  >
[2006/11/02 09:13:31 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=1626EACF0E7E59F85C59DDDD27C4169C -- C:\Windows\SysWOW64\en-US\services.exe.mui
[2006/11/02 09:13:31 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=1626EACF0E7E59F85C59DDDD27C4169C -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.0.6000.16386_en-us_67c6851b290a1ced\services.exe.mui
[2006/11/02 09:13:56 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=F514B57C09E143F1E14415A9E9ADD695 -- C:\Windows\SysNative\en-US\services.exe.mui
[2006/11/02 09:13:56 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=F514B57C09E143F1E14415A9E9ADD695 -- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.0.6000.16386_en-us_c3e5209ee1678e23\services.exe.mui
 
< MD5 for: SERVICES.LNK  >
[2008/01/20 21:20:59 | 000,001,688 | ---- | M] () MD5=EFDD08F4E5E26430885F26F0C35B8C62 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 21:20:59 | 000,001,688 | ---- | M] () MD5=EFDD08F4E5E26430885F26F0C35B8C62 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
 
< MD5 for: SERVICES.MOF  >
[2006/09/18 15:44:54 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\SysNative\wbem\services.mof
[2006/09/18 15:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\SysWOW64\wbem\services.mof
[2006/09/18 15:44:54 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_2b7e5beb85a67240\services.mof
[2006/09/18 15:44:54 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_2d69d4f782c83d8c\services.mof
[2006/09/18 15:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.mof
[2006/09/18 15:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.mof
 
< MD5 for: SERVICES.MSC  >
[2006/11/02 09:13:51 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\en-US\services.msc
[2006/09/18 15:29:41 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\services.msc
[2006/11/02 09:14:00 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\en-US\services.msc
[2006/09/18 15:29:40 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\services.msc
[2006/11/02 09:13:51 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.0.6000.16386_en-us_fe26f08ab7d12816\services.msc
[2006/09/18 15:29:41 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.0.6001.18000_none_2b827e27fe185619\services.msc
[2006/11/02 09:14:00 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.0.6000.16386_en-us_a2085506ff73b6e0\services.msc
[2006/09/18 15:29:40 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.0.6001.18000_none_cf63e2a445bae4e3\services.msc
 
< MD5 for: SVCHOST.EXE  >
[2008/01/20 20:48:05 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\ERDNT\cache86\svchost.exe
[2008/01/20 20:48:05 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\SysWOW64\svchost.exe
[2008/01/20 20:48:05 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
[2008/01/20 20:50:24 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=CDA9F1373805AF88F6FA4F2064BBA24D -- C:\Windows\ERDNT\cache64\svchost.exe
[2008/01/20 20:50:24 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=CDA9F1373805AF88F6FA4F2064BBA24D -- C:\Windows\SysNative\svchost.exe
[2008/01/20 20:50:24 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=CDA9F1373805AF88F6FA4F2064BBA24D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_11d9f524bdab2f1b\svchost.exe
 
< MD5 for: USERINIT.EXE  >
[2008/01/20 20:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\ERDNT\cache86\userinit.exe
[2008/01/20 20:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\SysWOW64\userinit.exe
[2008/01/20 20:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2008/01/20 20:49:46 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\ERDNT\cache64\userinit.exe
[2008/01/20 20:49:46 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\SysNative\userinit.exe
[2008/01/20 20:49:46 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_384755998a0d6941\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009/04/11 01:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\ERDNT\cache64\winlogon.exe
[2009/04/11 01:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\SysNative\winlogon.exe
[2009/04/11 01:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_cdcd15a68a70b877\winlogon.exe
[2008/01/20 20:49:47 | 000,406,016 | ---- | M] (Microsoft Corporation) MD5=856491FCED98093D824B9EB2892F564A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_cbe19c9a8d4eed2b\winlogon.exe
[2009/04/11 00:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SysWOW64\winlogon.exe
[2009/04/11 00:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008/01/20 20:50:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< End of report >
 


  • 0

#30
tomvilfroy
Posted 15 May 2014 - 10:37 AM

tomvilfroy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts

Here is Extras.txt file :

 

OTL Extras logfile created on: 5/15/2014 9:28:37 AM - Run 4
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Tom\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19518)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
6.00 Gb Total Physical Memory | 2.87 Gb Available Physical Memory | 47.86% Memory free
12.20 Gb Paging File | 9.31 Gb Available in Paging File | 76.32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 683.95 Gb Total Space | 391.06 Gb Free Space | 57.18% Space Free | Partition Type: NTFS
Drive D: | 14.65 Gb Total Space | 8.16 Gb Free Space | 55.73% Space Free | Partition Type: NTFS
 
Computer Name: OWNERR | User Name: Tom | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-4257781629-3628011693-409112458-1002\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UpdatesDisableNotify" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01  [binary data]
"VistaSp2" = 38 D9 0F A3 47 77 CA 01  [binary data]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{058E7C61-350B-411F-B9B9-3E3E1DB38A68}" = dir=in | app=c:\program files\hp\hp photosmart 5520 series\bin\devicesetup.exe |
"{65E43633-25A5-4844-9096-BC20EF9251C5}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{C8E873C1-6BD4-43B7-A01F-7D7C460153BF}" = dir=in | app=c:\program files\hp\hp photosmart 5520 series\bin\hpnetworkcommunicator.exe |
"{CF015972-BA1B-4648-B2E2-656077EEE420}" = dir=in | app=c:\program files\hp\hp photosmart 5520 series\bin\hpnetworkcommunicatorcom.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{0335701D-8E28-4A7F-B0EF-312974755BB2}" = Modem Diagnostic Tool
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{20384EBF-4F10-13F0-07C6-7A6C87FD83DF}" = AMD Catalyst Install Manager
"{22ABA92B-6C1B-46D8-AC2B-C48EEAE172A9}" = VD64Inst
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{68C0736C-3E47-43A6-B14D-236BEF198A5F}" = HP Photosmart 5520 series Basic Device Software
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{787136D2-F0F8-4625-AA3F-72D7795AC842}" = Apple Mobile Device Support
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B8BA155B-1E75-405F-9CB4-8A99615D09DC}" = iTunes
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE97E4D3-9F91-4D72-8A29-ED9EA90E5A15}" = iCloud
"{D61EB116-6878-9676-F28F-54F6B647023C}" = ccc-utility64
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{DCC176F0-3CE3-4DA9-8FF9-3809C1B48C47}" = HP Photosmart 5520 series Product Improvement Study
"{F6CB42B9-F033-4152-8813-FF11DA8E6A78}" = Dell Dock
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"2DC0AA065FA83047D7ECD51C7000C1620D79A4C5" = Windows Driver Package - FTDI CDM Driver Package (02/17/2009 2.04.16)
"51A4D522DD31538335EF5736F0E7F588C70BCB12" = Windows Driver Package - FTDI CDM Driver Package (02/17/2009 2.04.16)
"CNXT_MODEM_PCI_HSF" = Conexant D850 PCI V.92 Modem
"HDMI" = Intel® Graphics Media Accelerator Driver
"HitmanPro37" = HitmanPro 3.7
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"WinRAR archiver" = WinRAR 5.10 beta 3 (64-bit)
"WiseEnhance" = WiseEnhance
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{009B1E9D-38AB-8B9E-DB07-8318DAAE1941}" = CCC Help Greek
"{022BC727-ACB7-4C1D-109C-177515714A32}" = Catalyst Control Center
"{07E46A4A-F2BA-FE48-9464-E11250502C6A}" = CCC Help Swedish
"{07E5C16F-9194-E31B-BB6C-C3E8FBD79C30}" = CCC Help English
"{08208143-777D-4A06-BB54-71BF0AD1BB70}" = IPTInstaller
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0F2CF890-D101-6CFA-8D99-0CFBF7EF4AD0}" = CCC Help Chinese Standard
"{10CFB5DF-985A-8320-B4D8-461CC1F83CBF}" = CCC Help Japanese
"{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0
"{111EE7DF-FC45-40C7-98A7-753AC46B12FB}" = QuickTime 7
"{11E9DB47-6A91-43ED-8B8D-C3260456C3BB}" = Ancestry World Archives Project - Keying Tool
"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{22D071EF-A06A-6341-DFDA-FE448659A63C}" = CCC Help Portuguese
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83217055FF}" = Java 7 Update 55
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{30909F74-4B46-2842-DECF-1C66F355338C}" = CCC Help Turkish
"{3365E735-48A6-4194-9988-CE59AC5AE503}" = Bing Bar
"{365E16A2-FE3B-EA13-4EE0-88D570F82497}" = CCC Help Korean
"{3D8AB6C1-3932-F551-2AF0-ED0612AD4B26}" = CCC Help Dutch
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{40AD5E62-A31A-C414-01BA-310100577C7E}" = CCC Help Chinese Traditional
"{415FA9AD-DA10-4ABE-97B6-5051D4795C90}" = HP FWUpdateEDO2
"{4F9E0D27-5525-E8C8-43D0-BA15C1A22E03}" = CCC Help Czech
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{647E62F0-F1BC-E0C3-EDF5-67716EE75014}" = CCC Help Hungarian
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{667DB2C0-AF52-021A-7CF6-DA8DD27AC215}" = CCC Help Italian
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A4C6C0F-8791-B753-742E-06C40A6E023C}" = CCC Help Polish
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7137E26A-10F7-4B1C-9980-0893579E92DA}" = HP Photosmart 5520 series Help
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79C61902-F44E-4190-A2B9-9B467B0380CE}" = CCC Help French
"{7CEB5AC4-B6F8-414C-845D-4295C125D17B}" = NCP Internet Transporter
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{7FD8B0C1-CDDA-4B4D-A577-B2E3570EA3A3}_is1" = iExplorer 3.2.4.2
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91140000-0015-0000-0000-0000000FF1CE}" = Microsoft Office Access 2010
"{91140000-0019-0000-0000-0000000FF1CE}" = Microsoft Office Publisher 2010
"{91A3CEFE-A2C1-3E83-3789-F2BF8EC82106}" = CCC Help Thai
"{92BF38A8-5616-4209-87A3-D910B45A1D98}" = Internet Transporter - NCP Link
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{96CAEB1D-7BFB-2A98-EBB2-414C894F694F}" = CCC Help Danish
"{97486FBE-A3FC-4783-8D55-EA37E9D171CC}" = HP Update
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A664A708-E454-4416-7D19-D0F10879522C}" = CCC Help German
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}" = Apple Application Support
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.9)
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{B935C985-A17F-484B-8470-09E4FC27DC26}" = Dell-eBay
"{B98BE95C-E76F-4246-B8E6-BEB8EE791D06}" = Roxio Media Manager
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{C39A4E1F-9AF1-4FE1-A80E-A5B867FABB42}" = Dell Best of Web
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}" = RealDownloader
"{CD41B576-4787-4D5C-95EE-24A4ABD89CD3}" = System Requirements Lab for Intel
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D6F46E2D-4FE2-5FAB-5C30-230E99563DEE}" = Catalyst Control Center InstallProxy
"{D9DA23F5-CE0B-EE04-B498-7EC8AFC9F232}" = CCC Help Finnish
"{DF5182CB-192B-A6C8-9707-D7214557691C}" = CCC Help Norwegian
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E6757654-CE6A-0D0B-BBE6-F6247F05B7CD}" = Catalyst Control Center Localization All
"{E8759AD8-3A58-77F1-D16D-F3C8F9E98722}" = Catalyst Control Center Graphics Previews Common
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE
"{EEEB604C-C1A7-4f8c-B03F-56F9C1C9C45F}" = Fax
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1C39CBE-4521-BEC8-5238-4A8B55FEB6B7}" = CCC Help Russian
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{FBFA39D2-C55A-56DC-7EBB-767FC31B04A3}" = CCC Help Spanish
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"0731-5765-0485-3896" = Ticket to Ride Online 1.1.7
"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
"Diablo III" = Diablo III
"D-Link Toolbar" = D-Link Toolbar
"Download Manager" = Download Manager 2.3.10
"Google Chrome" = Google Chrome
"HP Photo Creations" = HP Photo Creations
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 9.7.0
"Legacy 8.0" = Legacy 8.0
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.1.1004
"Might and Magic VI_whitelabel_is1" = Might and Magic VI
"Mozilla Firefox 29.0.1 (x86 en-US)" = Mozilla Firefox 29.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"N360" = Norton Security Suite
"NetSight" = NCP Connect
"Neverwinter" = Neverwinter
"Office14.AccessR" = Microsoft Access 2010
"Office14.PUBLISHERR" = Microsoft Publisher 2010
"Office14.SingleImage" = Microsoft Office Professional 2010
"OpenAL" = OpenAL
"RealPlayer 16.0" = RealPlayer
"Secunia PSI" = Secunia PSI (2.0.0.4003)
"SystemRequirementsLab" = System Requirements Lab
"Uplay" = Uplay
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-4257781629-3628011693-409112458-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Dropbox" = Dropbox
"WinDirStat" = WinDirStat 1.1.2
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 5/15/2014 10:12:58 AM | Computer Name = Ownerr | Source = MsiInstaller | ID = 11706
Description = Product: Roxio Media Manager -- Error 1706.No valid source could be
 found for product Roxio Media Manager.  The Windows Installer cannot continue.
 
Error - 5/15/2014 10:25:35 AM | Computer Name = Ownerr | Source = MsiInstaller | ID = 11706
Description = Product: Roxio Media Manager -- Error 1706.No valid source could be
 found for product Roxio Media Manager.  The Windows Installer cannot continue.
 
Error - 5/15/2014 10:28:04 AM | Computer Name = Ownerr | Source = MsiInstaller | ID = 11706
Description = Product: Roxio Media Manager -- Error 1706.No valid source could be
 found for product Roxio Media Manager.  The Windows Installer cannot continue.
 
Error - 5/15/2014 10:40:40 AM | Computer Name = Ownerr | Source = MsiInstaller | ID = 11706
Description = Product: Roxio Media Manager -- Error 1706.No valid source could be
 found for product Roxio Media Manager.  The Windows Installer cannot continue.
 
Error - 5/15/2014 10:43:11 AM | Computer Name = Ownerr | Source = MsiInstaller | ID = 11706
Description = Product: Roxio Media Manager -- Error 1706.No valid source could be
 found for product Roxio Media Manager.  The Windows Installer cannot continue.
 
Error - 5/15/2014 10:55:45 AM | Computer Name = Ownerr | Source = MsiInstaller | ID = 11706
Description = Product: Roxio Media Manager -- Error 1706.No valid source could be
 found for product Roxio Media Manager.  The Windows Installer cannot continue.
 
Error - 5/15/2014 10:58:18 AM | Computer Name = Ownerr | Source = MsiInstaller | ID = 11706
Description = Product: Roxio Media Manager -- Error 1706.No valid source could be
 found for product Roxio Media Manager.  The Windows Installer cannot continue.
 
Error - 5/15/2014 11:11:03 AM | Computer Name = Ownerr | Source = MsiInstaller | ID = 11706
Description = Product: Roxio Media Manager -- Error 1706.No valid source could be
 found for product Roxio Media Manager.  The Windows Installer cannot continue.
 
Error - 5/15/2014 11:13:41 AM | Computer Name = Ownerr | Source = MsiInstaller | ID = 11706
Description = Product: Roxio Media Manager -- Error 1706.No valid source could be
 found for product Roxio Media Manager.  The Windows Installer cannot continue.
 
Error - 5/15/2014 11:26:41 AM | Computer Name = Ownerr | Source = MsiInstaller | ID = 11706
Description = Product: Roxio Media Manager -- Error 1706.No valid source could be
 found for product Roxio Media Manager.  The Windows Installer cannot continue.
 
[ System Events ]
Error - 5/14/2014 2:17:09 PM | Computer Name = Ownerr | Source = DCOM | ID = 10005
Description =
 
Error - 5/14/2014 2:17:09 PM | Computer Name = Ownerr | Source = Service Control Manager | ID = 7009
Description =
 
Error - 5/14/2014 2:17:09 PM | Computer Name = Ownerr | Source = Service Control Manager | ID = 7000
Description =
 
Error - 5/14/2014 5:54:07 PM | Computer Name = Ownerr | Source = HTTP | ID = 15021
Description =
 
Error - 5/14/2014 5:55:16 PM | Computer Name = Ownerr | Source = Service Control Manager | ID = 7003
Description =
 
Error - 5/14/2014 5:55:16 PM | Computer Name = Ownerr | Source = Service Control Manager | ID = 7003
Description =
 
Error - 5/14/2014 5:55:16 PM | Computer Name = Ownerr | Source = Service Control Manager | ID = 7001
Description =
 
Error - 5/14/2014 5:55:16 PM | Computer Name = Ownerr | Source = Service Control Manager | ID = 7009
Description =
 
Error - 5/14/2014 5:56:36 PM | Computer Name = Ownerr | Source = Service Control Manager | ID = 7026
Description =
 
Error - 5/14/2014 5:59:08 PM | Computer Name = Ownerr | Source = DCOM | ID = 10000
Description =
 
 
< End of report >
 


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP