Hi,
I was given a laptop to clean that had multiple problems. I've cleaned it as best I could, but could use a lookover to see if I've missed anything.
System: Windows 8.11 64 bit
Symptoms: multiple pop-up browser windows selling products.
multiple toolbars for shopping sites, etc
several pc optimizers, malware scanners, all installed and running at the same time. Windows Defender basically doing nothing.
Steps taken: I first download and installed MalwareBytes. Scan found over 2000 items. Cleaned up those. The used Spybot. After that, used BitDefender, Comodo, Dr. Web, live cds to boot from and scan system. Reset the browsers back to default, and enabled extensions back carefully.
As I said, I may have gotten everything, but I'm not sure. Here's the results of the OTL quick scan:
OTL logfile created on: 2014-05-13 1:36:00 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Joyce McEachern\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17031)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: yyyy-MM-dd
7.87 Gb Total Physical Memory | 5.72 Gb Available Physical Memory | 72.65% Memory free
9.12 Gb Paging File | 6.84 Gb Available in Paging File | 74.98% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 650.96 Gb Total Space | 616.00 Gb Free Space | 94.63% Space Free | Partition Type: NTFS
Drive D: | 25.00 Gb Total Space | 22.03 Gb Free Space | 88.11% Space Free | Partition Type: NTFS
Computer Name: CRAFTY | User Name: Joyce McEachern 2 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014-05-13 13:32:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Joyce McEachern\Desktop\OTL.exe
PRC - [2014-04-18 15:18:48 | 003,645,456 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
PRC - [2014-04-06 21:21:36 | 005,180,432 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgui.exe
PRC - [2014-04-01 21:58:05 | 000,841,032 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014-03-27 22:10:20 | 000,291,912 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
PRC - [2013-12-21 02:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013-11-12 00:44:29 | 000,363,520 | ---- | M] (Microsoft) -- C:\Program Files\WindowsApps\Microsoft.Taptiles_1.8.0.31101_x86__8wekyb3d8bbwe\Taptiles.exe
PRC - [2013-09-17 17:22:40 | 000,585,032 | ---- | M] (LENOVO INCORPORATED.) -- C:\Program Files\Lenovo\SystemAgent\SystemAgentService.exe
PRC - [2013-03-28 15:55:58 | 001,058,880 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
PRC - [2012-10-28 10:29:22 | 000,063,488 | ---- | M] (IvoSoft) -- C:\Program Files\Classic Shell\ClassicShellService.exe
PRC - [2012-08-13 12:11:44 | 010,376,704 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2012-08-13 12:11:44 | 010,368,512 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2012-07-27 14:52:44 | 000,167,024 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
PRC - [2012-07-27 14:52:44 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
PRC - [2012-07-17 17:57:22 | 000,365,376 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2012-07-17 17:57:20 | 000,277,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2012-06-25 13:57:14 | 000,166,720 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
PRC - [2012-05-01 21:56:02 | 000,548,864 | ---- | M] (Vimicro) -- C:\Program Files (x86)\USB Camera\VM331STI.EXE
PRC - [2012-03-28 21:34:30 | 000,091,432 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
PRC - [2011-03-03 10:33:48 | 000,591,248 | ---- | M] (Oberon Media ) -- C:\Program Files (x86)\GamesBar\SearchEngineProtection.exe
========== Modules (No Company Name) ==========
MOD - [2014-04-15 14:20:01 | 000,008,704 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml.429e8964#\d875b108d13cb8d893ac4c27fff8f539\System.Xml.XmlSerializer.ni.dll
MOD - [2014-04-15 14:19:49 | 000,014,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Servdea05680#\0c4ca02c69ce55cfcfefb541f195d705\System.ServiceModel.Primitives.ni.dll
MOD - [2014-04-15 14:19:48 | 000,785,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\ee53227bcc4430088d0b560752c1cd02\System.ServiceModel.Internals.ni.dll
MOD - [2014-04-15 14:19:46 | 000,118,272 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\352d34797f7cd44cd0973c33539200f1\SMDiagnostics.ni.dll
MOD - [2014-04-15 14:19:42 | 000,770,560 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Media\ae986fe3d2717c157eb1eeeb4d99aaa1\Windows.Media.ni.dll
MOD - [2014-04-10 15:11:35 | 001,282,048 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Devices\bf5509cf3a0d2e3afbd0c33e9153ecbd\Windows.Devices.ni.dll
MOD - [2014-04-10 15:11:35 | 000,012,800 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runt9e372c89#\b3ad6730fe2c9bc26d2656994615e29e\System.Runtime.InteropServices.ni.dll
MOD - [2014-04-10 15:11:33 | 000,797,696 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Networking\66db718389f1cd2503053c09b3de857f\Windows.Networking.ni.dll
MOD - [2014-04-10 15:11:31 | 000,238,080 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Gloaae92e31#\a1306b1fdd9c22508f9e5d901fceb4cd\Windows.Globalization.ni.dll
MOD - [2014-04-10 15:11:26 | 000,402,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Security\27136c94fce321fc4e76bccb5fc38fe0\Windows.Security.ni.dll
MOD - [2014-04-10 15:11:25 | 000,337,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Data\95e459fe3e0f12f2dc9f48fb91886621\Windows.Data.ni.dll
MOD - [2014-04-10 15:11:25 | 000,008,704 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Net.caf7096d#\a609227cf29283a141334946144866f3\System.Net.Primitives.ni.dll
MOD - [2014-04-10 15:11:24 | 000,133,120 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.System\726121cd59d8545addcd2c64688b5309\Windows.System.ni.dll
MOD - [2014-04-10 15:11:20 | 000,008,704 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtdf6812ee#\b7c90cd61aa57b4858a896d7e33c30d9\System.Runtime.Serialization.Primitives.ni.dll
MOD - [2014-04-10 15:11:19 | 000,008,192 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Diagaa8d7fa5#\a374d5cee262e00ef48bb80a46ef261b\System.Diagnostics.Debug.ni.dll
MOD - [2014-04-10 15:11:18 | 000,808,448 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Storage\f3deb382d1f91df4e2bf1801afb4ea21\Windows.Storage.ni.dll
MOD - [2014-04-10 15:11:18 | 000,304,128 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Graphics\4e33edd5ee2ee09f751c0071ba0a26c3\Windows.Graphics.ni.dll
MOD - [2014-04-10 15:11:17 | 000,960,000 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.UI\c95c4deae76420a882bef7161a449d72\Windows.UI.ni.dll
MOD - [2014-04-10 15:11:17 | 000,008,704 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ObjectModel\67dd353e70bac0caa6a7dde153081d12\System.ObjectModel.ni.dll
MOD - [2014-04-10 15:11:16 | 001,130,496 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.App640a3541#\224ab0385dc2991b9139bdbf7bcf8e0e\Windows.ApplicationModel.ni.dll
MOD - [2014-04-10 15:11:16 | 000,228,864 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Foundation\cf021988965369c551bb0987fe019862\Windows.Foundation.ni.dll
MOD - [2014-04-10 15:11:16 | 000,009,216 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Thre7bb2aad0#\7ab875026ab88e106bf40c8db4f640a1\System.Threading.Tasks.ni.dll
MOD - [2014-04-10 15:11:16 | 000,008,704 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Collections\ebeafb298ff3f25b6291e44deceb1d0c\System.Collections.ni.dll
MOD - [2014-04-10 15:11:16 | 000,008,192 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.IO\232833346ca4e705c2a15dd57af73bac\System.IO.ni.dll
MOD - [2014-04-10 15:11:14 | 003,530,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.UI.Xaml\f2bf020fc6307e10194fd94e85d52a72\Windows.UI.Xaml.ni.dll
MOD - [2014-04-10 15:11:14 | 000,008,704 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtbff93e24#\1849d6bdd0f61a224d41ac2963221204\System.Runtime.InteropServices.WindowsRuntime.ni.dll
MOD - [2014-04-10 15:11:10 | 000,018,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime\7bf2203bf2d88857c463948cccf6156c\System.Runtime.ni.dll
MOD - [2014-04-10 13:36:25 | 000,041,984 | ---- | M] () -- C:\Users\Joyce McEachern\AppData\Local\Packages\Microsoft.Taptiles_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Microsoft.G42d2c636#\fd561324312606ea5e028d3d974483e6\Microsoft.Games.Sentient.ni.dll
MOD - [2014-04-10 13:36:18 | 000,122,368 | ---- | M] () -- C:\Users\Joyce McEachern\AppData\Local\Packages\Microsoft.Taptiles_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.Ap4e5cc921#\5e7a3519c51f6a3f39c48752e8487c57\Arkadium.ApplicationFramework.ni.dll
MOD - [2014-04-10 13:36:15 | 000,469,504 | ---- | M] () -- C:\Users\Joyce McEachern\AppData\Local\Packages\Microsoft.Taptiles_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Microsoft.Xbox\6416f87092fbbe9e12dafdd5bd1f2824\Microsoft.Xbox.ni.dll
MOD - [2014-04-10 13:36:12 | 000,563,200 | ---- | M] () -- C:\Users\Joyce McEachern\AppData\Local\Packages\Microsoft.Taptiles_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.Ad1735b4ba#\d83cf8f4a7a1fa6022aa3f838c352e38\Arkadium.Advertisement.ni.dll
MOD - [2014-04-10 13:36:12 | 000,285,696 | ---- | M] () -- C:\Users\Joyce McEachern\AppData\Local\Packages\Microsoft.Taptiles_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.Wi4bbc307d#\ec4bdd23e3efae51dd3a55fc30564d3d\Arkadium.WindowsStoreModule.ni.dll
MOD - [2014-04-10 13:36:12 | 000,254,976 | ---- | M] () -- C:\Users\Joyce McEachern\AppData\Local\Packages\Microsoft.Taptiles_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.CdnModule\d7bf5f6e41423876649185ab22fc2852\Arkadium.CdnModule.ni.dll
MOD - [2014-04-10 13:36:11 | 000,142,848 | ---- | M] () -- C:\Users\Joyce McEachern\AppData\Local\Packages\Microsoft.Taptiles_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.Acc213f109#\3d4a5498d7f0cd8980c9eec61eb0a1cd\Arkadium.AchievementsModule.ni.dll
MOD - [2014-04-10 13:36:10 | 000,295,936 | ---- | M] () -- C:\Users\Joyce McEachern\AppData\Local\Packages\Microsoft.Taptiles_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.Le816657bc#\a9f01fd5168602e1f2337fb96b641dba\Arkadium.LeaderboardModule.ni.dll
MOD - [2014-04-10 13:36:10 | 000,246,784 | ---- | M] () -- C:\Users\Joyce McEachern\AppData\Local\Packages\Microsoft.Taptiles_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.Awd4f12c8f#\3a209adbb856f3ef11e419d9e90ba636\Arkadium.AwardsModule.ni.dll
MOD - [2014-04-10 13:36:10 | 000,114,176 | ---- | M] () -- C:\Users\Joyce McEachern\AppData\Local\Packages\Microsoft.Taptiles_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.Xaba8eb3bf#\4aa48440ff18447c1ccf234df9edcf95\Arkadium.Xaml.Toolkit.ni.dll
MOD - [2014-04-10 13:36:09 | 001,696,256 | ---- | M] () -- C:\Users\Joyce McEachern\AppData\Local\Packages\Microsoft.Taptiles_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.Dae4911807#\5c7e1b3c9657928343fb4a5c211495bb\Arkadium.DailyChallengeModule.ni.dll
MOD - [2014-04-10 13:36:01 | 000,227,328 | ---- | M] () -- C:\Users\Joyce McEachern\AppData\Local\Packages\Microsoft.Taptiles_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\CEServices\5c7c9f4bd1fc9e9f637b2435b69ce105\CEServices.ni.dll
MOD - [2014-04-10 13:22:29 | 000,392,704 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\6f7a4225a199ad7894379512ca6ae50c\System.Xml.Linq.ni.dll
MOD - [2014-04-10 13:22:28 | 007,802,880 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\77bc1a994f64193efc124c297b93fdb7\System.Xml.ni.dll
MOD - [2014-04-10 13:22:04 | 019,566,080 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\4c3126aec3364546e4ade89c24c4e742\System.ServiceModel.ni.dll
MOD - [2014-04-10 13:21:47 | 000,573,952 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runt0d283adf#\32aee6654d81a07e698f9ee18c886a2a\System.Runtime.WindowsRuntime.ni.dll
MOD - [2014-04-10 13:21:47 | 000,098,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtc259d85b#\ed68489987b413410ccb94c6e704f6b4\System.Runtime.WindowsRuntime.UI.Xaml.ni.dll
MOD - [2014-04-10 13:21:46 | 002,804,736 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\183eaaded316165bfbd32a991e4e8c8a\System.Runtime.Serialization.ni.dll
MOD - [2014-04-10 13:21:43 | 000,522,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Net.Http\5ba9e9e2d2253e30f3f28e12016e441d\System.Net.Http.ni.dll
MOD - [2014-04-10 13:21:24 | 000,968,192 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\c5bf2f5c3e13726b3984a900221e1778\System.Configuration.ni.dll
MOD - [2014-04-10 13:20:08 | 006,951,424 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\c1194e56644c7688e7eb0f68a57dcc30\System.Core.ni.dll
MOD - [2014-04-10 13:19:56 | 010,003,456 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\c24d08cc4e93fc4f6f15a637b00a2721\System.ni.dll
MOD - [2014-04-01 21:58:03 | 000,390,472 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ppgooglenaclpluginchrome.dll
MOD - [2014-04-01 21:57:59 | 004,081,480 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\pdf.dll
MOD - [2014-04-01 21:57:54 | 000,674,632 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\libglesv2.dll
MOD - [2014-04-01 21:57:53 | 000,093,000 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\libegl.dll
MOD - [2014-04-01 21:57:52 | 001,647,432 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ffmpegsumo.dll
MOD - [2014-04-01 21:57:49 | 000,065,352 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\chrome_elf.dll
MOD - [2014-01-27 07:52:41 | 017,395,376 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\c90ef9a73ea0044641d31b19023aad61\mscorlib.ni.dll
MOD - [2012-08-10 17:51:32 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
========== Services (SafeList) ==========
SRV:64bit: - [2014-04-09 20:53:51 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014-03-08 01:41:25 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014-03-06 03:02:13 | 000,834,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2014-03-06 02:34:46 | 000,201,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2014-02-22 11:53:10 | 003,394,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2014-02-22 05:57:16 | 000,710,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2014-02-22 05:26:58 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014-02-22 05:25:39 | 000,399,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2014-02-22 05:25:14 | 000,269,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2014-02-22 05:23:58 | 001,576,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2014-01-27 11:38:59 | 001,584,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2013-12-10 03:35:18 | 000,530,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2013-11-23 00:50:00 | 000,282,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013-11-14 03:25:26 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2013-10-30 20:29:53 | 000,348,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2013-10-30 20:29:53 | 000,023,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013-09-17 17:22:40 | 000,585,032 | ---- | M] (LENOVO INCORPORATED.) [Auto | Running] -- C:\Program Files\Lenovo\SystemAgent\SystemAgentService.exe -- (Lenovo System Agent Service)
SRV:64bit: - [2013-09-04 19:12:54 | 002,252,504 | ---- | M] (Broadcom Corporation.) [Auto | Stopped] -- C:\Windows\SysNative\BtwRSupportService.exe -- (BcmBtRSupport)
SRV:64bit: - [2013-08-22 08:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2013-08-22 07:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013-08-22 07:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013-08-22 07:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013-08-22 07:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013-08-22 07:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013-08-22 06:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013-08-22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013-08-22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013-08-22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013-08-22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013-08-22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013-08-22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013-08-22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013-08-22 06:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013-08-22 05:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013-08-22 05:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013-08-22 05:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013-08-22 05:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013-08-22 05:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013-08-22 05:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013-08-22 05:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013-08-22 05:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2013-05-01 16:00:00 | 000,651,328 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe -- (EpsonCustomerParticipation)
SRV:64bit: - [2012-10-28 10:29:22 | 000,063,488 | ---- | M] (IvoSoft) [Auto | Running] -- C:\Program Files\Classic Shell\ClassicShellService.exe -- (ClassicShellService)
SRV:64bit: - [2012-09-06 18:53:50 | 000,957,304 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2012-07-18 15:14:38 | 002,699,568 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV:64bit: - [2012-07-18 15:14:16 | 000,272,176 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2012-07-18 15:14:04 | 000,627,504 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2012-07-18 15:13:40 | 000,149,296 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2012-06-08 05:07:16 | 000,201,376 | ---- | M] (Conexant Systems Inc.) [Auto | Running] -- C:\Windows\SysNative\CxAudMsg64.exe -- (CxAudMsg)
SRV:64bit: - [2012-05-17 00:00:00 | 000,144,560 | ---- | M] (Seiko Epson Corporation) [Auto | Running] -- C:\Windows\SysNative\escsvc64.exe -- (EpsonScanSvc)
SRV:64bit: - [2012-04-20 17:16:12 | 000,635,104 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV - [2014-04-29 18:13:50 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014-04-18 15:18:48 | 003,645,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2014-04-16 11:14:08 | 000,011,776 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\NewPlayer\NewPlayerUpdaterService.exe -- (NewPlayerUpdaterService)
SRV - [2014-03-27 22:10:20 | 000,291,912 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe -- (avgwd)
SRV - [2013-12-26 20:42:24 | 001,364,256 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013-12-21 02:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013-12-21 01:02:54 | 000,279,000 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2013-11-14 03:25:25 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2013-08-22 08:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013-08-21 23:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013-08-21 22:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2012-07-17 17:57:22 | 000,365,376 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012-07-17 17:57:20 | 000,277,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012-06-25 13:57:14 | 000,166,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2014-04-18 15:01:30 | 000,237,336 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2014-03-31 16:06:48 | 000,274,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgwfpa.sys -- (Avgwfpa)
DRV:64bit: - [2014-03-31 16:06:26 | 000,130,840 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2014-03-27 22:14:26 | 000,192,792 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2014-03-27 22:14:24 | 000,153,368 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgdiska.sys -- (Avgdiska)
DRV:64bit: - [2014-03-27 22:07:10 | 000,236,824 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2014-03-27 22:05:02 | 000,324,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2014-03-27 22:03:16 | 000,032,536 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2014-03-19 23:41:20 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2014-03-13 08:35:24 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2014-03-08 16:40:16 | 000,136,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2014-03-08 16:35:45 | 000,467,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2014-02-22 12:00:25 | 000,236,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2014-02-22 11:50:31 | 000,054,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2014-02-22 11:49:51 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2014-02-22 11:49:49 | 000,384,856 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014-02-22 11:49:49 | 000,189,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2014-02-22 11:49:49 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2014-02-22 11:49:47 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2014-02-22 11:44:13 | 000,924,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2014-02-22 08:14:02 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2014-02-09 23:49:01 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2014-02-09 23:49:00 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2014-02-09 23:49:00 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2013-12-26 20:42:48 | 000,032,544 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2013-12-21 01:02:44 | 004,216,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2013-12-14 19:34:54 | 000,039,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2013-12-14 19:34:54 | 000,027,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2013-12-04 14:41:54 | 000,226,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2013-11-14 03:28:58 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013-11-14 03:25:25 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013-11-14 03:16:57 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013-11-14 03:16:54 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013-10-30 20:29:36 | 000,236,888 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013-10-30 20:29:36 | 000,124,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2013-10-30 20:28:47 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013-09-04 19:12:52 | 000,166,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2013-09-04 19:12:38 | 000,170,712 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcbtums.sys -- (bcbtums)
DRV:64bit: - [2013-09-04 16:35:06 | 000,020,496 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\avgboota.sys -- (Avgboota)
DRV:64bit: - [2013-08-22 09:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013-08-22 09:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013-08-22 08:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013-08-22 08:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013-08-22 08:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013-08-22 08:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013-08-22 08:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013-08-22 08:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013-08-22 08:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013-08-22 08:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013-08-22 08:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013-08-22 08:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013-08-22 08:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013-08-22 08:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013-08-22 08:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013-08-22 08:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013-08-22 08:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013-08-22 08:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013-08-22 08:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013-08-22 08:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013-08-22 08:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013-08-22 08:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013-08-22 08:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013-08-22 08:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013-08-22 08:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013-08-22 08:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013-08-22 08:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013-08-22 08:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013-08-22 08:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013-08-22 07:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013-08-22 07:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013-08-22 07:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013-08-22 07:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013-08-22 07:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013-08-22 07:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013-08-22 07:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013-08-22 07:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013-08-22 07:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013-08-22 07:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013-08-22 07:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013-08-22 07:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013-08-22 07:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013-08-22 07:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013-08-22 07:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013-08-22 07:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013-08-22 07:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013-08-22 07:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013-08-22 07:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013-08-22 07:36:17 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2013-08-22 07:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013-08-22 07:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013-08-22 04:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013-08-12 19:25:46 | 000,017,624 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013-08-09 20:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013-07-30 14:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013-07-25 15:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013-07-08 14:37:41 | 003,344,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwew00.sys -- (NETwNe64)
DRV:64bit: - [2013-06-18 10:44:59 | 000,129,224 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C63x64.sys -- (L1C)
DRV:64bit: - [2012-10-06 09:18:49 | 000,039,008 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LhdX64.sys -- (LHDmgr)
DRV:64bit: - [2012-10-06 09:18:49 | 000,033,560 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AcpiVpc.sys -- (ACPIVPC)
DRV:64bit: - [2012-08-29 22:23:58 | 000,186,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2012-08-29 22:23:56 | 000,212,792 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2012-08-29 22:23:54 | 000,022,328 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2012-08-26 22:52:42 | 000,448,312 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2012-08-26 22:52:40 | 000,043,832 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:64bit: - [2012-08-24 05:07:36 | 000,975,104 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vm331avs.sys -- (vm331avs)
DRV:64bit: - [2012-08-16 16:33:42 | 000,645,952 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012-08-09 22:29:52 | 000,188,384 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xHCIPort.sys -- (XHCIPort)
DRV:64bit: - [2012-07-26 19:48:26 | 000,040,248 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2012-07-02 18:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012-06-26 22:08:32 | 001,608,864 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2012-06-19 10:40:51 | 000,342,528 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2012-06-15 01:50:46 | 000,315,536 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUVStor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2012-06-13 20:10:32 | 000,102,376 | ---- | M] ("CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wsvd.sys -- (wsvd)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6097BA1E-EA64-4BFD-8552-16337C2FC9A0}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-976370131-2331909618-2087438408-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://lenovo13.msn.com
IE - HKU\S-1-5-21-976370131-2331909618-2087438408-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
http://www.lenovo.com [binary data]
IE - HKU\S-1-5-21-976370131-2331909618-2087438408-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
http://www.google.com
IE - HKU\S-1-5-21-976370131-2331909618-2087438408-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.google.com
IE - HKU\S-1-5-21-976370131-2331909618-2087438408-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.com/
IE - HKU\S-1-5-21-976370131-2331909618-2087438408-1002\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://www.google.com
IE - HKU\S-1-5-21-976370131-2331909618-2087438408-1002\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com
IE - HKU\S-1-5-21-976370131-2331909618-2087438408-1002\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKU\S-1-5-21-976370131-2331909618-2087438408-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-976370131-2331909618-2087438408-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
IE - HKU\S-1-5-21-976370131-2331909618-2087438408-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:59472;https=127.0.0.1:59472
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.8\npapicomadapter.dll (Oberon-Media )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.updatepm.com/PriceMeterLiveUpdate Update;version=3: C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.updatepm.com/PriceMeterLiveUpdate Update;version=9: C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\
[email protected]: C:\Program Files\McAfee\MSK
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Intel® Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel® Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\progra~2\mcafee\msc\npmcsn~1.dll
CHR - Extension: Google Drive = C:\Users\Joyce McEachern\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Joyce McEachern\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Adblock Plus = C:\Users\Joyce McEachern\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.1_0\
CHR - Extension: Google Search = C:\Users\Joyce McEachern\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: SPOTS - A better way to start = C:\Users\Joyce McEachern\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejocekekgcaldnmjngfdbmbeebcekelc\0.1.37_0\
CHR - Extension: Pin It Button = C:\Users\Joyce McEachern\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic\1.3.1_0\
CHR - Extension: Google Wallet = C:\Users\Joyce McEachern\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Joyce McEachern\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2013-08-22 09:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [cAudioFilterAgent] C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe (Conexant Systems, Inc.)
O4:64bit: - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4:64bit: - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SACpl.exe (Conexant Systems, Inc.)
O4:64bit: - HKLM..\Run: [SynLenovoGestureMgr] C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe (Synaptics)
O4 - HKLM..\Run: [331BigDog] C:\Program Files (x86)\USB Camera\VM331STI.EXE (Vimicro)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Dolby Home Theater v4] C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe (Dolby Laboratories Inc.)
O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [Intel AppUp(SM) center] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe (Intel Corporation)
O4 - HKLM..\Run: [LTCM Client] C:\Program Files (x86)\LTCM Client\ltcmClient.exe (Leader Technologies Inc.)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GShortCut] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [YouCam Mirage] C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe (CyberLink)
O4 - HKLM..\Run: [YouCam Tray] C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe (CyberLink Corp.)
O4 - HKU\S-1-5-21-976370131-2331909618-2087438408-1002..\Run: [EPLTarget\P0000000000000000] C:\windows\system32\spool\DRIVERS\x64\3\E_IATILBE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-310 Series" File not found
O4 - HKU\S-1-5-21-976370131-2331909618-2087438408-1002..\Run: [EPLTarget\P0000000000000001] C:\windows\system32\spool\DRIVERS\x64\3\E_IATILBE.EXE /EPT "EPLTarget\P0000000000000001" /M "XP-310 Series" File not found
O4 - HKU\S-1-5-21-976370131-2331909618-2087438408-1002..\Run: [SearchEngineProtection] C:\Program Files (x86)\GamesBar\SearchEngineProtection.exe (Oberon Media )
O4 - Startup: C:\Users\Joyce McEachern\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Epson all-in-one Registration.lnk = C:\Users\Joyce McEachern\AppData\Roaming\Leadertech\PowerRegister\Epson all-in-one Registration.exe (Leader Technologies/Epson)
O4 - Startup: C:\Users\Joyce McEachern\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 67.69.184.199 67.69.184.7
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B03EC1FA-029B-4335-BFA7-84B7972033A3}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E58F82D0-718D-485E-A269-3D8F30AE6AB4}: DhcpNameServer = 67.69.184.199 67.69.184.7
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll) - File not found
O20:64bit: - AppInit_DLLs: (C:\windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (c:\progra~2\searchprotect\searchprotect\bin\spvc32loader.dll) - File not found
O20 - AppInit_DLLs: (c:\windows\syswow64\nvinit.dll) - c:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014-05-13 13:32:31 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Joyce McEachern\Desktop\OTL.exe
[2014-05-13 04:27:36 | 000,000,000 | ---D | C] -- C:\cce_linux
[2014-05-11 20:40:32 | 000,000,000 | ---D | C] -- C:\Users\Joyce McEachern\AppData\Roaming\AVG2014
[2014-05-11 20:40:07 | 000,000,000 | ---D | C] -- C:\Users\Joyce McEachern\AppData\Roaming\TuneUp Software
[2014-05-11 20:40:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2014-05-11 20:39:47 | 000,000,000 | -H-D | C] -- C:\$AVG
[2014-05-11 20:39:47 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2014
[2014-05-11 20:39:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2014-05-11 20:35:54 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2014-05-11 20:35:54 | 000,000,000 | ---D | C] -- C:\Users\Joyce McEachern\AppData\Local\MFAData
[2014-05-11 20:35:54 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2014-05-11 20:35:54 | 000,000,000 | ---D | C] -- C:\Users\Joyce McEachern\AppData\Local\Avg2014
[2014-05-11 03:18:54 | 000,000,000 | ---D | C] -- C:\RescueCD Logs
[2014-05-10 21:56:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2014-05-10 21:56:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2014-05-10 18:22:44 | 000,000,000 | ---D | C] -- C:\Users\Joyce McEachern\AppData\Local\Intel_Corporation
[2014-05-09 21:51:37 | 000,000,000 | ---D | C] -- C:\Users\Joyce McEachern\Doctor Web
[2014-05-09 21:08:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2014-05-09 21:08:52 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2014-05-09 19:40:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\System Optimizer Pro
[2014-05-09 19:36:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DiscaoUntLocatoR
[2014-05-09 18:37:40 | 000,119,512 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2014-05-09 18:37:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014-04-27 20:26:01 | 000,000,000 | ---D | C] -- C:\Users\Joyce McEachern\AppData\Local\SlimWare Utilities Inc
[2014-04-27 20:25:37 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Downloaded Installers
[2014-04-27 09:22:24 | 000,000,000 | ---D | C] -- C:\Users\Joyce McEachern\AppData\Local\fastcleanpro
[2014-04-27 09:19:18 | 000,000,000 | ---D | C] -- C:\Users\Joyce McEachern\AppData\Local\IsolatedStorage
[2014-04-27 09:16:35 | 000,000,000 | ---D | C] -- C:\ProgramData\RoyaliCoupoN
[2014-04-26 22:31:13 | 000,000,000 | ---D | C] -- C:\Users\Joyce McEachern\AppData\Local\com
[2014-04-26 22:29:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Uninstaller
[2014-04-26 22:02:26 | 000,000,000 | ---D | C] -- C:\Users\Joyce McEachern\.android
[2014-04-26 22:02:25 | 000,000,000 | ---D | C] -- C:\Users\Joyce McEachern\AppData\Local\cache
[2014-04-26 22:02:22 | 000,000,000 | ---D | C] -- C:\Users\Joyce McEachern\AppData\Local\Mobogenie
[2014-04-26 22:01:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Systweak
[2014-04-26 22:00:38 | 000,000,000 | ---D | C] -- C:\Users\Joyce McEachern\AppData\Local\PriceMeterLiveUpdate
[2014-04-26 22:00:38 | 000,000,000 | ---D | C] -- C:\ProgramData\PriceMeterLiveUpdate
[2014-04-26 22:00:35 | 000,000,000 | ---D | C] -- C:\Users\Joyce McEachern\AppData\Roaming\systweak
[2014-04-26 21:51:56 | 000,000,000 | ---D | C] -- C:\Users\Joyce McEachern\AppData\Local\newplayer
[2014-04-26 21:51:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewPlayer
[2014-04-26 21:51:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NewPlayer
[2014-04-26 21:50:58 | 000,000,000 | ---D | C] -- C:\Users\Joyce McEachern\AppData\Roaming\Activeris
[2014-04-26 21:48:50 | 000,000,000 | ---D | C] -- C:\Users\Joyce McEachern\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
[2014-04-26 21:45:44 | 000,000,000 | ---D | C] -- C:\Users\Joyce McEachern\AppData\Local\Genesis
[2014-04-26 21:45:39 | 000,000,000 | ---D | C] -- C:\Program Files\003
[2014-04-21 12:08:49 | 000,000,000 | ---D | C] -- C:\ProgramData\d8b241c0b0684db9
[2014-04-21 12:08:36 | 000,000,000 | ---D | C] -- C:\ProgramData\DiscaoUntLocatoR
[2014-04-20 15:57:53 | 000,000,000 | ---D | C] -- C:\Users\Joyce McEachern\AppData\Roaming\Oracle
[2014-04-20 15:52:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014-04-18 15:01:30 | 000,237,336 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\SysNative\drivers\avgidsdrivera.sys
[1 C:\Users\Joyce McEachern\AppData\Local\*.tmp files -> C:\Users\Joyce McEachern\AppData\Local\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014-05-13 13:32:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Joyce McEachern\Desktop\OTL.exe
[2014-05-13 13:25:00 | 000,000,933 | ---- | M] () -- C:\WINDOWS\tasks\EPSON XP-310 Series Update {9A00CD79-AA8B-4A66-B834-C09FD1EDCC53}.job
[2014-05-13 13:25:00 | 000,000,933 | ---- | M] () -- C:\WINDOWS\tasks\EPSON XP-310 Series Update {06A0F5CE-62A6-4D5A-AAB5-DFCD7FADBFB0}.job
[2014-05-13 13:25:00 | 000,000,747 | ---- | M] () -- C:\WINDOWS\tasks\EPSON XP-310 Series Invitation {9A00CD79-AA8B-4A66-B834-C09FD1EDCC53}.job
[2014-05-13 13:25:00 | 000,000,747 | ---- | M] () -- C:\WINDOWS\tasks\EPSON XP-310 Series Invitation {06A0F5CE-62A6-4D5A-AAB5-DFCD7FADBFB0}.job
[2014-05-13 13:22:53 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014-05-13 13:22:16 | 000,000,369 | ---- | M] () -- C:\Users\Joyce McEachern\AppData\Local\RegisteredPackageInformation.xml
[2014-05-13 13:21:36 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014-05-13 13:20:51 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014-05-13 13:20:51 | 2464,378,879 | -HS- | M] () -- C:\hiberfil.sys
[2014-05-13 13:19:12 | 000,863,592 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014-05-13 13:19:12 | 000,735,932 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014-05-13 13:19:12 | 000,139,816 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014-05-13 13:17:45 | 000,000,166 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2014-05-13 13:13:01 | 000,000,336 | ---- | M] () -- C:\WINDOWS\tasks\Price Meter Updater.job
[2014-05-13 08:13:01 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014-05-13 08:00:00 | 000,000,336 | ---- | M] () -- C:\WINDOWS\tasks\MySearchDial.job
[2014-05-13 07:50:00 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014-05-13 07:09:20 | 000,119,512 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2014-05-11 20:40:07 | 000,000,992 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2014.lnk
[2014-05-10 14:36:11 | 524,288,000 | ---- | M] () -- C:\REMOVE_THIS_FILE.livecd.swap
[2014-05-09 19:48:09 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2014-05-09 19:31:54 | 001,201,864 | ---- | M] () -- C:\Users\Joyce McEachern\Documents\malware-scan.xml
[2014-05-09 18:42:02 | 000,000,702 | ---- | M] () -- C:\WINDOWS\SysWow64\ff.bin
[2014-05-09 18:31:19 | 000,000,552 | ---- | M] () -- C:\WINDOWS\SysWow64\schtasks.bin
[2014-05-02 00:42:16 | 000,000,380 | ---- | M] () -- C:\WINDOWS\tasks\APSnotifierPP1.job
[2014-05-02 00:42:16 | 000,000,378 | ---- | M] () -- C:\WINDOWS\tasks\APSnotifierPP3.job
[2014-04-27 22:27:11 | 000,000,378 | ---- | M] () -- C:\WINDOWS\tasks\APSnotifierPP2.job
[2014-04-27 21:00:01 | 000,000,043 | ---- | M] () -- C:\Users\Joyce McEachern\AppData\Roaming\WB.CFG
[2014-04-26 21:53:40 | 000,001,136 | ---- | M] () -- C:\Users\Public\Desktop\NewPlayer.lnk
[2014-04-26 21:51:04 | 000,000,318 | ---- | M] () -- C:\Users\Joyce McEachern\AppData\Roaming\aps.uninstall.scan.results
[2014-04-26 21:44:41 | 000,000,000 | ---- | M] () -- C:\END
[2014-04-18 15:01:30 | 000,237,336 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\SysNative\drivers\avgidsdrivera.sys
[1 C:\Users\Joyce McEachern\AppData\Local\*.tmp files -> C:\Users\Joyce McEachern\AppData\Local\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014-05-11 20:40:07 | 000,000,992 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2014.lnk
[2014-05-10 22:13:04 | 000,000,166 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2014-05-10 13:52:56 | 524,288,000 | ---- | C] () -- C:\REMOVE_THIS_FILE.livecd.swap
[2014-05-09 20:05:14 | 000,000,369 | ---- | C] () -- C:\Users\Joyce McEachern\AppData\Local\RegisteredPackageInformation.xml
[2014-05-09 19:45:52 | 000,000,426 | ---- | C] () -- C:\AVScanner.ini
[2014-05-09 19:32:23 | 001,201,864 | ---- | C] () -- C:\Users\Joyce McEachern\Documents\malware-scan.xml
[2014-04-27 21:00:01 | 000,000,043 | ---- | C] () -- C:\Users\Joyce McEachern\AppData\Roaming\WB.CFG
[2014-04-27 12:26:23 | 000,000,702 | ---- | C] () -- C:\WINDOWS\SysWow64\ff.bin
[2014-04-27 09:19:30 | 000,000,552 | ---- | C] () -- C:\WINDOWS\SysWow64\schtasks.bin
[2014-04-26 22:23:57 | 000,000,378 | ---- | C] () -- C:\WINDOWS\tasks\APSnotifierPP3.job
[2014-04-26 22:23:56 | 000,000,378 | ---- | C] () -- C:\WINDOWS\tasks\APSnotifierPP2.job
[2014-04-26 22:23:53 | 000,000,380 | ---- | C] () -- C:\WINDOWS\tasks\APSnotifierPP1.job
[2014-04-26 22:01:07 | 000,016,896 | ---- | C] () -- C:\WINDOWS\SysNative\sasnative64.exe
[2014-04-26 22:00:43 | 000,000,336 | ---- | C] () -- C:\WINDOWS\tasks\MySearchDial.job
[2014-04-26 22:00:35 | 000,000,336 | ---- | C] () -- C:\WINDOWS\tasks\Price Meter Updater.job
[2014-04-26 21:53:52 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014-04-26 21:51:49 | 000,001,136 | ---- | C] () -- C:\Users\Public\Desktop\NewPlayer.lnk
[2014-04-26 21:50:28 | 000,000,318 | ---- | C] () -- C:\Users\Joyce McEachern\AppData\Roaming\aps.uninstall.scan.results
[2014-04-26 21:43:23 | 000,000,000 | ---- | C] () -- C:\END
[2014-04-09 21:07:39 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2014-03-18 21:32:09 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2013-12-21 01:02:44 | 000,280,064 | ---- | C] () -- C:\WINDOWS\SysWow64\igdmd32.dll
[2013-12-21 01:02:40 | 000,182,272 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2013-12-21 01:02:40 | 000,142,848 | ---- | C] () -- C:\WINDOWS\SysWow64\igdail32.dll
[2013-08-22 12:44:40 | 000,000,044 | ---- | C] () -- C:\WINDOWS\XP-310.ini
[2013-08-22 11:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013-08-22 11:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013-08-22 10:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013-08-22 03:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013-08-21 23:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013-08-21 19:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013-08-21 19:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2013-08-07 23:13:46 | 000,000,478 | ---- | C] () -- C:\Program Files (x86)\none23134638.bat
[2012-10-06 09:00:52 | 000,001,897 | ---- | C] () -- C:\WINDOWS\vm331Rmv.ini
[2012-10-06 09:00:52 | 000,001,897 | ---- | C] () -- C:\WINDOWS\SysWow64\vm331Rmv.ini
[2012-10-06 08:48:34 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2012-07-25 16:22:56 | 000,267,284 | ---- | C] () -- C:\WINDOWS\SysWow64\igvpkrng600.bin
[2012-07-25 16:22:54 | 000,963,376 | ---- | C] () -- C:\WINDOWS\SysWow64\igcodeckrng600.bin
========== ZeroAccess Check ==========
[2014-04-01 01:54:32 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014-03-19 23:48:41 | 021,232,792 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014-03-19 21:20:53 | 018,679,216 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013-08-22 05:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013-08-21 22:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013-08-22 05:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013-08-23 11:30:09 | 000,000,000 | ---D | M] -- C:\Users\Joyce McEachern\AppData\Roaming\Acer
[2014-05-09 20:59:50 | 000,000,000 | ---D | M] -- C:\Users\Joyce McEachern\AppData\Roaming\Activeris
[2014-05-11 20:40:32 | 000,000,000 | ---D | M] -- C:\Users\Joyce McEachern\AppData\Roaming\AVG2014
[2013-08-23 11:30:05 | 000,000,000 | ---D | M] -- C:\Users\Joyce McEachern\AppData\Roaming\Epson
[2013-08-23 11:30:08 | 000,000,000 | ---D | M] -- C:\Users\Joyce McEachern\AppData\Roaming\Leader Technologies
[2013-08-22 12:45:24 | 000,000,000 | ---D | M] -- C:\Users\Joyce McEachern\AppData\Roaming\Leadertech
[2014-02-12 17:32:50 | 000,000,000 | ---D | M] -- C:\Users\Joyce McEachern\AppData\Roaming\Lenovo
[2013-01-18 00:51:55 | 000,000,000 | ---D | M] -- C:\Users\Joyce McEachern\AppData\Roaming\Oberon Media
[2013-12-24 16:45:14 | 000,000,000 | ---D | M] -- C:\Users\Joyce McEachern\AppData\Roaming\OpenOffice.org
[2014-04-20 15:57:53 | 000,000,000 | ---D | M] -- C:\Users\Joyce McEachern\AppData\Roaming\Oracle
[2014-05-09 19:42:30 | 000,000,000 | ---D | M] -- C:\Users\Joyce McEachern\AppData\Roaming\systweak
[2014-05-11 20:40:07 | 000,000,000 | ---D | M] -- C:\Users\Joyce McEachern\AppData\Roaming\TuneUp Software
[2014-02-12 22:51:37 | 000,000,000 | ---D | M] -- C:\Users\Joyce McEachern\AppData\Roaming\WebApp
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 220 bytes -> C:\Users\Joyce McEachern\SkyDrive:ms-properties
@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:DE22D45C
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:373E1720
< End of report >
Also, here is the Extras log file as well:
OTL Extras logfile created on: 2014-05-13 1:36:00 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Joyce McEachern\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17031)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: yyyy-MM-dd
7.87 Gb Total Physical Memory | 5.72 Gb Available Physical Memory | 72.65% Memory free
9.12 Gb Paging File | 6.84 Gb Available in Paging File | 74.98% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 650.96 Gb Total Space | 616.00 Gb Free Space | 94.63% Space Free | Partition Type: NTFS
Drive D: | 25.00 Gb Total Space | 22.03 Gb Free Space | 88.11% Space Free | Partition Type: NTFS
Computer Name: CRAFTY | User Name: Joyce McEachern 2 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-976370131-2331909618-2087438408-1002\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- Reg Error: Key error.
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- Reg Error: Key error.
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{013437C5-1C3C-4486-965F-F81DFB94D4D2}" = dir=in | name=taptiles |
"{01560BF5-5F9C-44C6-B103-C85D6ADAC183}" = dir=out | name=allrecipes |
"{02014995-0B83-4FFE-BDB8-4D27376E44D1}" = dir=out | name=bonus wordz |
"{0437E4D8-1A84-42E5-A47B-38DF919FDA48}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{0780F194-5582-4FD8-9472-45BB4773C93A}" = dir=out | name=powerdvd for lenovo idea |
"{09E9EE9D-3D70-40CD-A92E-A417B942C783}" = dir=out | name=map app for windows |
"{0C5231A1-E2BA-4498-AAE7-DFAC7A480C9E}" = dir=out | name=glo bible |
"{0D7E07F5-BC1B-406C-8A12-55C260A62DD9}" = dir=out | name=@{43248summitdatacorp.solitairepro_1.9.6.0_x64__hmd3687kaknfw?ms-resource://43248summitdatacorp.solitairepro/resources/appnamesolitaire} |
"{12380C42-CD33-4C26-A0FC-E8F9876AA8E7}" = dir=in | name=microsoft mahjong |
"{136EB9EF-F49D-4CA1-B356-639FB6343429}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{1498989C-5477-498D-9A4F-BAB5025B8171}" = dir=out | name=my pinterest |
"{16729F18-A2E3-4174-9056-340318BFFDF9}" = dir=out | name=mahjong deluxe free |
"{172144EB-047D-47F2-88C5-A38AF0920DFD}" = dir=out | name=@{microsoft.bingfinance_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} |
"{18D97E65-5FE1-47D9-888A-A59C8356E214}" = dir=out | name=my sudoku |
"{1ABF8F3A-D88E-4BB4-B25C-FD0D9AC89471}" = dir=in | name=sonicwall mobile connect |
"{1AFCFF82-C4EB-4A3D-8D49-78EC7302573F}" = dir=out | name=riddle me this! |
"{1C4B1B0D-22D4-476A-A734-459E75D190BC}" = dir=out | name=@{microsoft.bingmaps_1.6.1821.2624_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{1D9250B1-C1B6-41CE-A284-FC1444424E9C}" = dir=out | name=propoints calculator |
"{1F86A44A-B9B4-4CA6-A150-C1403121351B}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgnsa.exe |
"{224E49EC-0B99-49C9-B7DE-2EA5BAABAADF}" = dir=out | name=@{43248summitdatacorp.cardgameschest_1.9.6.0_x64__hmd3687kaknfw?ms-resource://43248summitdatacorp.cardgameschest/resources/appnamegamechest} |
"{234B3109-0DD2-4DE6-A886-E39787C7940E}" = dir=out | name=toronto events & festivals |
"{25354474-CB76-46EC-BC66-4F61A4066510}" = dir=out | name=wordament |
"{25E3D270-8550-4E4E-9B36-DD30812E1C58}" = protocol=6 | dir=in | app=e:\common\epsonnet setup\eneasyapp.exe |
"{2979F5A1-7E74-440B-82F7-074654341A42}" = dir=out | name=netflix |
"{2A145AAF-F1C6-42F3-9797-5CE4A77A1539}" = dir=out | name=taptiles |
"{2B92D856-EE55-4028-8F21-FDF8EABC2185}" = dir=out | name=microsoft solitaire collection |
"{2EE13455-B1AC-47F8-B199-3D1CC3B3F748}" = dir=out | name=gin rummy free |
"{3273FE2F-04F6-4FE6-B12B-4E395ECDC5F8}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe |
"{33A19CFB-AF0A-4E82-95B9-61E4E6E0EAAC}" = dir=out | name=@{microsoft.bingmaps_2.0.2530.2317_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{351867AA-693C-44D3-904F-2F156D6D01CA}" = protocol=17 | dir=in | app=c:\program files (x86)\epson software\ecprintersetup\enpapp.exe |
"{36B9D4B6-40B3-4A8A-9D9A-8097C1D52D03}" = dir=out | name=@{22514elbrinner.biblesquestions_1.0.0.23_neutral__5ac9hy7me1akm?ms-resource://22514elbrinner.biblesquestions/resources/app.titulo} |
"{380E9769-DFD8-45E2-B8BA-07893791DA05}" = dir=out | name=trip journal |
"{3A0649EC-A911-4F06-89B6-02A70AD3424A}" = dir=out | name=best western search & stay ℠ |
"{3E012DD3-5C53-4B0E-BED8-6DEA43450D1A}" = dir=out | name=candy fun |
"{3F52560E-7456-41A5-928A-78C14DD03917}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgnsa.exe |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{43BE4613-6D28-4318-99D3-8D5770F4CF15}" = dir=out | name=windows 8 cheat keys |
"{454F339E-8C4E-4BBB-B233-04A71221ED5E}" = dir=out | name=juniper networks junos pulse |
"{456DADA7-9D4E-4741-A3A4-331913C04602}" = dir=out | name=blocks win8 |
"{463353B0-5D3B-437C-A651-361D73F9A851}" = protocol=17 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
"{49D9D480-ED53-4D2D-8012-43516FA6FA3B}" = dir=out | name=tetrablox |
"{4A496496-AA2B-4741-960B-D32E6871A1D6}" = dir=out | name=@{microsoft.zunevideo_1.5.338.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{4DA07209-FECD-4106-BDBC-4850D62AD275}" = dir=in | name=trip journal |
"{4E476ED4-E516-450C-8E65-1CAE62E4A67D}" = dir=in | name=microsoft solitaire collection |
"{539FF009-1FA1-4EA3-9058-86053CF2A7BF}" = dir=in | name=powerdvd for lenovo idea |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{57952049-655C-4D2A-A4C0-73C3222B0644}" = dir=out | name=@{microsoft.bingtravel_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{5C7AF41E-3BBA-4F20-8B44-6236A91D34CB}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgdiagex.exe |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{609AD367-8180-4C0E-AE56-2A1A295CF9A9}" = protocol=6 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
"{60B66153-9270-46FF-AA40-824D705C5721}" = dir=out | name=dominoes |
"{632EFAD3-7745-4FFE-A226-ABA15AAC729A}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{6651A246-2914-43A9-8A86-51DBEBE93100}" = dir=out | name=@{microsoft.xboxlivegames_1.3.10.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{67A29117-4F25-4322-B1BF-D2C9857F9622}" = dir=out | name=@{microsoft.zunemusic_2.2.849.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{69F5C0C8-8B3E-42F0-BE02-3A0B7F4BA25B}" = dir=out | name=solitaire hd |
"{69F98476-0660-4B12-B97D-E74B92F9DBAC}" = dir=out | name=learn windows8 |
"{6AA5CC19-3267-4DD7-9FCA-01A4407229AA}" = dir=out | name=tunein radio |
"{6DFFEE1D-9DE2-46AA-AE93-03E4BB5D835B}" = dir=out | name=windows_ie_ac_001 |
"{6E296E6E-0EC0-4C2F-A799-75AB7CB86A65}" = dir=in | name=skype |
"{6F117E1F-1333-4CA9-9255-B73E47BFEA67}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgdiagex.exe |
"{710A0C1B-C733-4489-A8F7-F956CC79C763}" = dir=out | name=word search |
"{72D7A3B2-3B51-45B3-A645-E6625EC970C6}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{751FA56D-2E04-4A95-B4AC-7CA085D01B1A}" = dir=out | name=xolitaire |
"{761F2CB7-BC26-4351-A211-6EF5FE65E1E8}" = dir=out | name=hotels.com |
"{7D7B0CCB-C2D2-4EDA-A50C-C18C9C593373}" = dir=out | name=@{microsoft.bingfinance_2.0.0.308_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{7E39BA56-82ED-4D56-99BB-7B34709E97B1}" = dir=out | name=@{828b5831.mahjonggartifacts2_1.0.0.0_x86__ytsefhwckbdv6?ms-resource://828b5831.mahjonggartifacts2/resources/kd_app_name} |
"{7F40F28C-2801-4BBC-9E98-823DB7F78B6D}" = dir=out | name=new york city tourist guide |
"{7FD377BE-D6C3-43FE-A016-45E8FE20119A}" = dir=out | name=@{digitalchemyllc.calculatorfree_1.4.0.78_neutral__q7s52g45wnx0g?ms-resource://digitalchemyllc.calculatorfree/resources/freeappname} |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{80DE8399-5FDC-4C27-A978-C79DC152BD08}" = dir=out | name=f5 vpn |
"{832DC64F-026E-424D-9A05-6932DFA1CF2B}" = dir=out | name=@{43248summitdatacorp.freecellfree_1.9.6.0_x64__hmd3687kaknfw?ms-resource://43248summitdatacorp.freecellfree/resources/appnamefreecell} |
"{83392BCF-5F10-42D8-AEAA-3B618ECB1E5E}" = dir=out | name=cribbage free |
"{83638337-185F-4ACF-B096-493A4CDDAC32}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe |
"{8420C714-0699-4FA4-9B4E-69739744BC47}" = dir=in | name=check point vpn |
"{862D9512-DD1A-41EF-BA9D-FC504740D6C4}" = dir=out | name=google search |
"{87166AE4-1E4D-46E7-B1F7-B30A940FC514}" = dir=out | name=daily bread |
"{87EDD23C-6FA0-41E9-B5B9-33F198AC3635}" = dir=out | name=@{43248summitdatacorp.switch_1.9.8.0_x64__hmd3687kaknfw?ms-resource://43248summitdatacorp.switch/resources/appnameswitch} |
"{8A2A6A4A-8206-4DC0-9282-A34AF152E66F}" = dir=out | name=facebook |
"{8D67CD59-DDAB-41DF-B1A2-103EA05562ED}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{8FE78F32-BB9E-4FED-B19D-B651BE0BB699}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{9115EDBA-9EEB-4342-9909-DD53FFA2BD3E}" = dir=in | name=evernote touch |
"{96FCB269-B27D-42C4-AE50-B17DC85FE6C0}" = dir=in | app=c:\program files (x86)\lenovo\powerdvd10\powerdvd10.exe |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{9EC6FC42-5435-49DD-AEBB-ADE91C508E08}" = dir=out | name=bubble blast 2 |
"{A11AC77D-FBC5-4799-8D77-7A5B6AA751AC}" = dir=in | app=c:\program files (x86)\lenovo\powerdvd10\powerdvd cinema\powerdvdcinema10.exe |
"{A5CE8C65-D042-49EF-A35F-3A25E99931D9}" = dir=in | name=@{microsoft.reader_6.2.9200.20780_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{A6EEBC39-45DC-4B3C-8D2A-F0000ED28BC5}" = dir=in | name=f5 vpn |
"{A7C9AF6D-DFCC-42F8-BE02-58192E9F682D}" = dir=out | name=@{microsoft.bingnews_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} |
"{A89A3BEC-C35E-4AAC-B7AB-0C0E98DC8596}" = dir=out | name=@{microsoft.bingsports_2.0.0.310_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{AB0B7B6A-580D-4D83-A2C3-56853448B28A}" = dir=in | name=allrecipes |
"{ADDED5E0-92A6-4318-A865-A21DA224B365}" = dir=out | name=@{microsoft.zunemusic_1.5.216.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{B04EF500-DE24-4802-9C83-377E48051EC3}" = dir=out | name=@{microsoft.bingtravel_2.0.0.308_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{B198F343-C66C-4E65-B844-64B695939FA2}" = dir=out | name=@{microsoft.zunevideo_2.2.849.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{B3DE4B33-15FB-4782-95A5-7EFD0304149A}" = dir=out | name=accuweather for windows 8 |
"{B4D1F831-DC95-44DD-A86D-662F95B90C00}" = dir=out | name=holiday inn |
"{B5B100BC-0355-4E31-A0C8-B0E980C8DD96}" = dir=out | name=lenovo support |
"{B8A6B79A-023D-451B-856D-EC2DDFDAE18E}" = dir=out | name=mr. bean |
"{B91595D6-6132-498F-A709-BFA583535AC3}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgemca.exe |
"{BFBCC636-CC1E-4C49-9AA8-CEE6DD69D3DB}" = dir=out | name=check point vpn |
"{C0A276F1-3EAE-439F-94B1-A234949C201D}" = dir=out | name=@{b-interaktivegmbh.yahtzyfree_1.2.0.1_x64__qbsg90x8tpqqt?ms-resource://b-interaktivegmbh.yahtzyfree/resources/_appnamefree} |
"{C33BCD6D-3C3F-41D2-BC3D-55537ADD8082}" = dir=out | name=@{livestrong.com.livestrong.comcalorietracker_1.5.0.2198_x64__pvk2r70nnyfg4?ms-resource://livestrong.com.livestrong.comcalorietracker/resources/manifest_package_displayname} |
"{C3F1A0F9-0320-4309-AD22-A8B4A3C55412}" = dir=out | name=lenovo companion |
"{C5E73044-88DB-49E8-8BA4-F7A9A4D3B43C}" = dir=out | name=word twirl |
"{C60C489D-2430-4994-B48A-938E7CF5F079}" = dir=out | name=pacman pac-man super mega |
"{C8E60CBC-1BD2-4407-8E5A-39775469AF94}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{CB76E387-6F03-4EA2-9036-39A89A57E8FA}" = dir=out | name=candy crush: walkthrough |
"{D1417C9F-90E1-4FF8-8CD5-06951E6E4FC5}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{DA240A1F-A755-4246-80FC-098D34E09953}" = dir=out | name=groupon pro |
"{DAEEFCF9-94E3-4ACF-ACAA-9C60C66A84C4}" = dir=in | name=@{828b5831.mahjonggartifacts2_1.0.0.0_x86__ytsefhwckbdv6?ms-resource://828b5831.mahjonggartifacts2/resources/kd_app_name} |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{DCC85010-335F-4588-A859-F21E48FA0742}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgemca.exe |
"{DD481504-FFDC-4102-9AAD-B7FEB99EE783}" = dir=out | name=microsoft mahjong |
"{DD9AC0DF-3BF8-47D9-855F-F602FFCECF03}" = dir=in | name=juniper networks junos pulse |
"{E0FDB39B-679F-4D62-AFE3-C196C28C635C}" = dir=out | name=@{3574gindasoft.to-dos_2.1.0.0_neutral__vhpcp2ef0a8kc?ms-resource://3574gindasoft.to-dos/resources/manifest_appname} |
"{E14A41AB-D539-4BF5-BA64-87E0FE4D0857}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{E544865E-8C6E-4CED-AE9E-C52788ECACA9}" = dir=out | name=@{43248summitdatacorp.spidersolitairefree_1.9.6.0_x64__hmd3687kaknfw?ms-resource://43248summitdatacorp.spidersolitairefree/resources/appnamespider} |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{E8241154-A1B1-4D81-B3AD-56E1A97A5E98}" = dir=in | app=c:\program files\intel corporation\intel widi\widiapp.exe |
"{E8817B86-7292-46F5-BBE0-880C4D4FB396}" = dir=out | name=movie showtime |
"{E98D3B89-792B-4F6B-9208-48EED99CA06F}" = dir=out | name=evernote touch |
"{EA80D958-4352-4841-B159-524694575C1E}" = dir=out | name=@{microsoft.bingsports_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{EE60FE48-215F-4676-BE4C-0F82C91200A8}" = dir=out | name=@{microsoft.bingweather_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{F0C6D737-74EB-45D3-8B5D-4F2085B627BF}" = protocol=17 | dir=in | app=e:\common\epsonnet setup\eneasyapp.exe |
"{F154B593-DB28-4920-B7A6-C5C259269C4C}" = dir=out | name=@{microsoft.bingnews_2.0.0.308_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{F160F3EA-C079-4DB4-B287-FAF910B22410}" = dir=out | name=@{microsoft.reader_6.2.9200.20780_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F691C818-DB49-442A-AFC3-D20A717C071A}" = dir=out | name=skype |
"{F6B6819F-CDC3-4B0A-901C-60BA6CB48883}" = dir=out | name=windows_ie_ac_001 |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{F793BDC9-F899-4AFB-A33F-4CF70BDEE5C9}" = dir=out | name=@{microsoft.bingweather_2.0.0.310_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{FA38778A-0967-477C-BA1D-CCB58A6FFC54}" = dir=out | name=windows_ie_ac_001 |
"{FDC83C35-216F-494D-9C3C-34C855C5F083}" = dir=out | name=sonicwall mobile connect |
"{FE7F1D42-D644-49DB-918A-1116B80DA402}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{FF0A6408-CE02-4388-B665-1C9BEF43AF2E}" = protocol=6 | dir=in | app=c:\program files (x86)\epson software\ecprintersetup\enpapp.exe |
"TCP Query User{540DB7E0-5531-45EB-BAD2-B1B6BEBDC236}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
"TCP Query User{6F21A7D8-2C7C-4ADC-BF92-0ADE8A0A360D}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
"UDP Query User{96641659-6759-4FCE-B9DC-40526A86C97A}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
"UDP Query User{B2DE8DFE-C8CD-4F0E-8400-6CEA0D93A143}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{66E2237E-2E10-48A2-B8D3-2092B8BA8484}" = Classic Shell
"{814FA673-A085-403C-9545-747FC1495069}" = Epson Customer Participation
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{854E96CC-266C-4873-A50F-CDF5367EE848}" = AVG 2014
"{89D2FA50-6002-4AFB-8586-3E38B355E891}" = Intel® PROSet/Wireless WiFi Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 327.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 327.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.0613
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{BC06BAEB-6D52-4D69-82EB-56CF1594C6A7}" = AVG 2014
"{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}" = Lenovo Bluetooth with Enhanced Data Rate Software
"{EDBA2433-0910-4C72-8C5B-8FEDAE3EF18E}" = Intel® WiDi
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42" = Windows Driver Package - Lenovo (ACPIVPC) System (06/15/2012 8.1.0.1)
"8A223E56FB1ED4F697B54E5BF96F1EB63B512684" = Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (06/19/2012 10.13.29.733)
"AVG" = AVG 2014
"CCleaner" = CCleaner
"DOLBY Config" = Dolby Config
"EPSON XP-310 Series" = EPSON XP-310 Series Printer Uninstall
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Lenovo YouCam
"{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}" = Amazon Browser App
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 55
"{2970697F-2A11-4588-8B7F-97322D1CCF3C}" = Epson Event Manager
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}" = NVIDIA PhysX
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-510005576}" = Rainbow Web 3
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E3E3D64-5A2A-4CEF-A500-EB71188DBA90}" = OpenOffice.org 3.4.1
"{A3B308B9-BE96-4334-816F-3D82B19A7DE2}" = Software Updater
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC6E9B2A-A7E6-4B17-8A6C-29D519673E12}" = Shopping Helper Smartbar
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.06)
"{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}" = Lenovo EasyCamera
"{B26438B4-BF51-49C3-9567-7F14A5E40CB9}" = Dolby Home Theater v4
"{B38E9B55-7136-4E66-A084-320512FF3F6F}" = LTCM Client
"{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}" = LPT System Updater Service
"{D0956C11-0F60-43FE-99AD-524E833471BB}" = Energy Management
"{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}" = Epson Connect Printer Setup
"{DD7D6D84-93AB-48CA-A759-94324E341CBA}" = Intelligent Touchpad
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = Lenovo PowerDVD10
"{E6B105B8-1F65-4428-9397-1DFD8A03B94D}" = SupraSavings
"{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}" = UserGuide
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel® SDK for OpenCL - CPU Only Runtime Package
"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
"DMUninstaller" = DMUninstaller
"EPSON Connect_is1" = EPSON Connect version 1.0
"EPSON Scanner" = EPSON Scan
"Game Downloader" = Game Downloader
"GamesBar" = GamesBar 2.0.1.82
"Google Chrome" = Google Chrome
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Lenovo YouCam
"InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}" = Energy Management
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = Lenovo PowerDVD10
"InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}" = UserGuide
"Intel AppUp(SM) center 33057" = Intel AppUp(SM) center
"Kobo" = Kobo
"Lenovo Dependency Package_is1" = Lenovo Dependency Package
"NewPlayer" = NewPlayer
"SugarSync" = SugarSync Manager
"VLC media player" = VLC media player 2.1.3
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 2014-05-07 11:33:52 PM | Computer Name = Crafty | Source = Microsoft-Windows-Immersive-Shell | ID = 2486
Description = App microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe+Microsoft.WindowsLive.Mail
did not launch within its allotted time.
Error - 2014-05-07 11:34:18 PM | Computer Name = Crafty | Source = Application Hang | ID = 1002
Description = The program wwahost.exe version 6.3.9600.17031 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 3154 Start
Time: 01cf6a6e49ead1aa Termination Time: 4294967295 Application Path: C:\WINDOWS\system32\wwahost.exe
Report
Id: 95634b4d-d661-11e3-bea5-08edb9d9f1ce Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe
Faulting
package-relative application ID: Microsoft.WindowsLive.Mail
Error - 2014-05-07 11:34:18 PM | Computer Name = Crafty | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail
failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log
for additional information.
Error - 2014-05-07 11:38:21 PM | Computer Name = Crafty | Source = Application Hang | ID = 1002
Description = The program backgroundTaskHost.exe version 6.3.9600.16384 stopped
interacting with Windows and was closed. To see if more information about the problem
is available, check the problem history in the Action Center control panel. Process
ID: d48 Start Time: 01cf6a6e3dd84ea5 Termination Time: 4294967295 Application Path:
C:\WINDOWS\system32\backgroundTaskHost.exe Report Id: 31d1625d-d662-11e3-bea5-08edb9d9f1ce
Faulting
package full name: Facebook.Facebook_1.3.0.9_x64__8xx8rvfyw5nnt Faulting package-relative
application ID: App
Error - 2014-05-08 10:12:56 PM | Computer Name = Crafty | Source = Application Hang | ID = 1002
Description = The program backgroundTaskHost.exe version 6.3.9600.16384 stopped
interacting with Windows and was closed. To see if more information about the problem
is available, check the problem history in the Action Center control panel. Process
ID: 99c Start Time: 01cf6b2b7f134676 Termination Time: 4294967295 Application Path:
C:\WINDOWS\syswow64\backgroundTaskHost.exe Report Id: 6cf6d62c-d71f-11e3-bea5-08edb9d9f1ce
Faulting
package full name: Microsoft.MicrosoftMahjong_2.3.1403.3117_x86__8wekyb3d8bbwe Faulting
package-relative application ID: MicrosoftMahjong
Error - 2014-05-09 10:17:35 AM | Computer Name = Crafty | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 2014-05-09 7:37:25 PM | Computer Name = Crafty | Source = MsiInstaller | ID = 10005
Description =
Error - 2014-05-09 7:37:26 PM | Computer Name = Crafty | Source = MsiInstaller | ID = 10005
Description =
Error - 2014-05-09 7:37:27 PM | Computer Name = Crafty | Source = MsiInstaller | ID = 10005
Description =
Error - 2014-05-09 7:37:27 PM | Computer Name = Crafty | Source = MsiInstaller | ID = 10005
Description =
Error - 2014-05-09 7:37:30 PM | Computer Name = Crafty | Source = MsiInstaller | ID = 10005
Description =
[ System Events ]
Error - 2014-05-08 12:06:14 AM | Computer Name = Crafty | Source = DCOM | ID = 10010
Description =
Error - 2014-05-08 12:06:14 AM | Computer Name = Crafty | Source = DCOM | ID = 10010
Description =
Error - 2014-05-08 10:09:59 PM | Computer Name = Crafty | Source = bowser | ID = 8003
Description =
Error - 2014-05-08 10:23:51 PM | Computer Name = Crafty | Source = DCOM | ID = 10010
Description =
Error - 2014-05-08 10:23:51 PM | Computer Name = Crafty | Source = DCOM | ID = 10010
Description =
Error - 2014-05-08 10:23:52 PM | Computer Name = Crafty | Source = DCOM | ID = 10010
Description =
Error - 2014-05-09 7:43:41 PM | Computer Name = Crafty | Source = Service Control Manager | ID = 7034
Description = The Computer Backup (MyPC Backup) service terminated unexpectedly.
It has done this 1 time(s).
Error - 2014-05-09 7:55:25 PM | Computer Name = Crafty | Source = DCOM | ID = 10010
Description =
Error - 2014-05-09 7:55:25 PM | Computer Name = Crafty | Source = DCOM | ID = 10010
Description =
Error - 2014-05-09 7:55:25 PM | Computer Name = Crafty | Source = DCOM | ID = 10010
Description =
< End of report >
Thanks for any help!
Jim Dearden