This topic is locked
I have been asked to exorcise this computer for a friend. Malwarebytes ran for 6 hours never completing its task. I tried ComboFix and Rkill. Below is the OTL log and the extras log. Any help would be greatly appreciated.
OTL logfile created on: 6/9/2014 4:20:57 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\The Myers\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17041)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.97 Gb Total Physical Memory | 2.95 Gb Available Physical Memory | 74.38% Memory free
7.93 Gb Paging File | 6.95 Gb Available in Paging File | 87.59% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 911.88 Gb Total Space | 845.94 Gb Free Space | 92.77% Space Free | Partition Type: NTFS
Drive H: | 7.53 Gb Total Space | 7.34 Gb Free Space | 97.47% Space Free | Partition Type: FAT32
Computer Name: THEMYERS-PC | User Name: The Myers | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/06/09 16:09:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\The Myers\Desktop\OTL.com
========== Modules (No Company Name) ==========
========== Services (SafeList) ==========
SRV:64bit: - [2014/03/06 04:29:14 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010/09/22 21:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/01/28 19:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Stopped] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV - [2014/05/14 15:07:08 | 000,067,584 | ---- | M] (PasswordBox, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\PasswordBox\pbbtnService.exe -- (PasswordBox)
SRV - [2014/05/14 00:57:21 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/05/13 14:23:04 | 003,644,432 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2014/05/13 14:15:28 | 000,292,424 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe -- (avgwd)
SRV - [2014/05/12 10:40:38 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/05/08 18:28:21 | 001,801,752 | ---- | M] (AVG Secure Search) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.5\ToolbarUpdater.exe -- (vToolbarUpdater18.1.5)
SRV - [2014/02/13 19:58:00 | 000,176,624 | ---- | M] (Coupons.com Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Coupons\CouponPrinterService.exe -- (CouponPrinterService)
SRV - [2014/01/10 16:06:48 | 001,435,680 | R--- | M] (Fitbit, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe -- (Fitbit Connect)
SRV - [2013/12/21 02:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/10/23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Users\The Myers\Desktop\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/04/23 03:48:17 | 003,574,624 | ---- | M] (TeamViewer GmbH) [Auto | Stopped] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2010/04/03 19:01:24 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Acer Games\Acer Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010/01/15 17:08:38 | 000,935,208 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2010/01/08 09:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/04 22:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2014/05/13 14:20:26 | 000,235,800 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2014/05/13 14:20:06 | 000,273,176 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2014/05/13 14:06:06 | 000,323,352 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2014/05/13 14:05:40 | 000,191,768 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2014/05/13 14:05:08 | 000,152,344 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\avgdiska.sys -- (Avgdiska)
DRV:64bit: - [2014/05/13 14:05:06 | 000,130,328 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2014/05/13 14:04:56 | 000,236,312 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2014/05/13 14:04:30 | 000,031,512 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2014/05/08 18:28:21 | 000,050,464 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/14 03:42:36 | 000,028,160 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64diag.sys -- (UsbDiag)
DRV:64bit: - [2011/02/14 03:42:30 | 000,034,816 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64modem.sys -- (USBModem)
DRV:64bit: - [2011/02/14 03:42:28 | 000,017,920 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64bus.sys -- (usbbus)
DRV:64bit: - [2011/02/11 19:16:38 | 010,628,640 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/08/10 23:40:06 | 001,014,624 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2009/12/09 05:39:52 | 000,537,624 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 16:35:02 | 000,281,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1y60x64.sys -- (e1yexpress)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/25 16:13:10 | 000,138,752 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV:64bit: - [2009/03/18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearc...r=246922190&ir=
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\URLSearchHook: {bde6f3a2-2ce8-4430-94e0-cd4ce39eeb0d} - C:\Program Files (x86)\Tucows_Downloads\prxtbTuco.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\..\URLSearchHook: {bde6f3a2-2ce8-4430-94e0-cd4ce39eeb0d} - C:\Program Files (x86)\Tucows_Downloads\prxtbTuco.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{2EFE2B5A-6024-44AD-98EA-770F3E7E8BD4}: "URL" = http://search.condui...&ctid=CT3106518
IE - HKCU\..\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}: "URL" = http://mysearch.avg.com/search?cid={64481CF2-594D-4994-B320-1C5F4894F676}&mid=3d2ea970080b47d0afd4294607f26d34-1231171661c17a7a500f40b64c2cd56f282a994d&lang=en&ds=AVG&pr=fr&d=2013-08-27 08:05:55&v=17.1.3.3&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://start.mysearc...r=246922190&ir=
IE - HKCU\..\SearchScopes\{FB689C36-6BE7-4010-BB7F-7868996F0B6B}: "URL" = http://search.condui...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://mysearch.avg....8:05:55&sap=hp"
FF - prefs.js..extensions.enabledAddons: avg%40toolbar:18.1.5.515
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0.1
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.5\\npsitesafety.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\The Myers\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.5.515 [2014/05/08 18:28:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\PasswordBox\Firefox [2013/11/21 20:22:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/05/12 10:40:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/05/17 15:53:29 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/05/12 10:40:34 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/05/17 15:53:29 | 000,000,000 | ---D | M]
[2011/08/14 11:53:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\The Myers\AppData\Roaming\Mozilla\Extensions
[2014/06/09 06:38:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\The Myers\AppData\Roaming\Mozilla\Firefox\Profiles\s0415uw4.default-1353594358513\extensions
[2013/12/30 20:41:00 | 000,000,000 | ---D | M] (mysearchdial.com) -- C:\Users\The Myers\AppData\Roaming\Mozilla\Firefox\Profiles\s0415uw4.default-1353594358513\extensions\[email protected]
[2013/05/24 11:06:39 | 000,005,341 | ---- | M] () (No name found) -- C:\Users\The Myers\AppData\Roaming\Mozilla\Firefox\Profiles\s0415uw4.default-1353594358513\extensions\[email protected]
[2014/03/17 15:42:35 | 000,353,958 | ---- | M] () (No name found) -- C:\Users\The Myers\AppData\Roaming\Mozilla\Firefox\Profiles\s0415uw4.default-1353594358513\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}.xpi
[2014/01/24 08:52:30 | 000,009,594 | ---- | M] () -- C:\Users\The Myers\AppData\Roaming\Mozilla\Firefox\Profiles\s0415uw4.default-1353594358513\searchplugins\ask-web-search.xml
[2014/05/09 05:39:04 | 000,003,816 | ---- | M] () -- C:\Users\The Myers\AppData\Roaming\Mozilla\Firefox\Profiles\s0415uw4.default-1353594358513\searchplugins\avg-secure-search.xml
[2013/12/30 20:41:07 | 000,002,397 | ---- | M] () -- C:\Users\The Myers\AppData\Roaming\Mozilla\Firefox\Profiles\s0415uw4.default-1353594358513\searchplugins\Mysearchdial.xml
[2014/01/26 09:47:11 | 000,002,862 | ---- | M] () -- C:\Users\The Myers\AppData\Roaming\Mozilla\Firefox\Profiles\s0415uw4.default-1353594358513\searchplugins\web-search.xml
[2014/05/12 10:40:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/05/12 10:40:39 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014/05/08 18:28:32 | 000,000,000 | ---D | M] (AVG SafeGuard toolbar) -- C:\PROGRAMDATA\AVG SAFEGUARD TOOLBAR\FIREFOXEXT\18.1.5.515
[2011/04/14 14:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\mozilla firefox\components\Scriptff.dll
========== Chrome ==========
CHR - default_search_provider: Mysearchdial ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - Extension: No name found = C:\Users\The Myers\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: No name found = C:\Users\The Myers\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\The Myers\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: No name found = C:\Users\The Myers\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\The Myers\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\17.3.2.101_0\
CHR - Extension: No name found = C:\Users\The Myers\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\18.1.5.515_0\
CHR - Extension: No name found = C:\Users\The Myers\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\The Myers\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2014/06/09 06:38:55 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Plus-HD-5.0) - {11111111-1111-1111-1111-110411771118} - C:\Program Files (x86)\Plus-HD-5.0\Plus-HD-5.0-bho64.dll File not found
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (PasswordBox Helper) - {5DB69B97-934B-451D-94DB-32EF802A01CD} - C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll (PasswordBox, Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.5.515\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
O2 - BHO: (Tucows Downloads Toolbar) - {bde6f3a2-2ce8-4430-94e0-cd4ce39eeb0d} - C:\Program Files (x86)\Tucows_Downloads\prxtbTuco.dll (Conduit Ltd.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.5.515\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
O3 - HKLM\..\Toolbar: (Tucows Downloads Toolbar) - {bde6f3a2-2ce8-4430-94e0-cd4ce39eeb0d} - C:\Program Files (x86)\Tucows_Downloads\prxtbTuco.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Tucows Downloads Toolbar) - {BDE6F3A2-2CE8-4430-94E0-CD4CE39EEB0D} - C:\Program Files (x86)\Tucows_Downloads\prxtbTuco.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ArcadeMovieService] C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe ()
O4 - HKLM..\Run: [MDS_Menu] C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe ()
O4 - HKCU..\Run: [Rebuk] "C:\Users\The Myers\AppData\Roaming\Apyseqa\agagatn.exe" File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O13 - gopher Prefix: missing
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BC9B8ECA-8D3A-463C-A441-D44690C56727}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D486644F-BB99-42A1-B100-CA2FD71C5866}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.5\ViProtocol.dll (AVG Secure Search)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014/06/09 16:20:18 | 005,205,664 | R--- | C] (Swearware) -- C:\Users\The Myers\Desktop\ComboFix.exe
[2014/06/09 16:20:00 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\The Myers\Desktop\OTL.com
[2014/06/09 16:18:15 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014/06/09 15:43:41 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW
[2014/06/09 07:21:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2014/06/09 06:21:03 | 000,000,000 | ---D | C] -- C:\ComboFix
[2014/06/07 09:43:27 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2014/06/07 09:43:27 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2014/06/07 09:43:27 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2014/06/07 09:43:20 | 000,000,000 | ---D | C] -- C:\Qoobox
[2014/06/07 09:42:32 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2014/06/07 05:44:57 | 000,000,000 | ---D | C] -- C:\Users\The Myers\AppData\Roaming\Uhsuugu
[2014/06/07 01:45:29 | 000,000,000 | ---D | C] -- C:\Users\The Myers\AppData\Roaming\Uzirakw
[2014/06/06 13:48:50 | 000,000,000 | ---D | C] -- C:\Users\The Myers\AppData\Roaming\Kecaula
[2014/06/06 09:46:50 | 000,000,000 | ---D | C] -- C:\Users\The Myers\AppData\Roaming\Apyseqa
[2014/06/06 01:51:38 | 000,000,000 | ---D | C] -- C:\Users\The Myers\AppData\Roaming\Moumopik
[2014/06/05 21:47:27 | 000,000,000 | ---D | C] -- C:\Users\The Myers\AppData\Roaming\Emhycao
[2014/06/05 17:50:36 | 000,000,000 | ---D | C] -- C:\Users\The Myers\AppData\Roaming\Zunyonh
[2014/06/05 13:08:03 | 000,000,000 | ---D | C] -- C:\Users\The Myers\AppData\Roaming\Sezuliol
[2014/06/04 21:43:04 | 000,000,000 | ---D | C] -- C:\Users\The Myers\AppData\Roaming\Yvydok
[2014/06/03 21:10:13 | 000,000,000 | ---D | C] -- C:\Users\The Myers\AppData\Roaming\Wiicpo
[2014/06/03 07:37:32 | 000,000,000 | ---D | C] -- C:\Users\The Myers\AppData\Local\ElevatedDiagnostics
[2014/06/03 01:47:38 | 000,000,000 | ---D | C] -- C:\Users\The Myers\AppData\Roaming\Yludnuc
[2014/06/02 21:45:49 | 000,000,000 | ---D | C] -- C:\Users\The Myers\AppData\Roaming\Yrulzefi
[2014/06/02 20:14:42 | 000,000,000 | ---D | C] -- C:\Users\The Myers\AppData\Roaming\Ynosvidi
[2014/06/02 18:28:45 | 000,000,000 | ---D | C] -- C:\Users\The Myers\AppData\Roaming\Gaxueb
[2014/06/02 17:17:08 | 000,000,000 | ---D | C] -- C:\Users\The Myers\AppData\Roaming\Suuxevo
[2014/06/02 16:16:36 | 000,000,000 | ---D | C] -- C:\Users\The Myers\AppData\Roaming\Tabuold
[2014/06/02 16:12:11 | 000,000,000 | ---D | C] -- C:\Users\The Myers\AppData\Roaming\Yhaskyal
[2014/06/02 07:48:35 | 000,000,000 | ---D | C] -- C:\Users\The Myers\AppData\Roaming\Wyogun
[2014/06/02 07:48:30 | 000,000,000 | ---D | C] -- C:\Users\The Myers\AppData\Roaming\Quyshe
[2014/06/02 07:48:30 | 000,000,000 | ---D | C] -- C:\Users\The Myers\AppData\Roaming\Loyqruz
[2014/06/02 07:48:17 | 000,000,000 | ---D | C] -- C:\Users\The Myers\AppData\Roaming\Xowiuwri
[2014/06/01 09:40:55 | 000,000,000 | ---D | C] -- C:\Users\The Myers\AppData\Roaming\Alirez
[2014/06/01 05:40:32 | 000,000,000 | ---D | C] -- C:\Users\The Myers\AppData\Roaming\Ytboirnu
[2014/06/01 04:10:26 | 000,000,000 | ---D | C] -- C:\Users\The Myers\AppData\Roaming\Paesoss
[2014/05/14 03:05:14 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/05/14 03:05:14 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/05/14 03:04:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2014/05/14 00:23:08 | 000,477,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014/05/14 00:23:08 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014/05/14 00:22:45 | 001,460,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2014/05/14 00:22:44 | 005,550,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2014/05/14 00:22:44 | 003,969,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2014/05/14 00:22:44 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2014/05/14 00:22:44 | 000,722,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\objsel.dll
[2014/05/14 00:22:44 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2014/05/14 00:22:42 | 000,538,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\objsel.dll
[2014/05/14 00:22:42 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2014/05/14 00:22:41 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cngprovider.dll
[2014/05/14 00:22:41 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adprovider.dll
[2014/05/14 00:22:41 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cngprovider.dll
[2014/05/14 00:22:41 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adprovider.dll
[2014/05/14 00:22:41 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dimsroam.dll
[2014/05/14 00:22:41 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dimsroam.dll
[2014/05/14 00:22:40 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2014/05/14 00:22:40 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\capiprovider.dll
[2014/05/14 00:22:40 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpapiprovider.dll
[2014/05/14 00:22:40 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\capiprovider.dll
[2014/05/14 00:22:40 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpapiprovider.dll
[2014/05/14 00:22:40 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wincredprovider.dll
[2014/05/14 00:22:40 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wincredprovider.dll
[2014/05/14 00:22:40 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2014/05/14 00:22:40 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2014/05/13 14:20:26 | 000,235,800 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgldx64.sys
[2014/05/13 14:20:06 | 000,273,176 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys
[2014/05/13 14:06:06 | 000,323,352 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgloga.sys
[2014/05/13 14:05:40 | 000,191,768 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsha.sys
[2014/05/13 14:05:08 | 000,152,344 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgdiska.sys
[2014/05/13 14:05:06 | 000,130,328 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgmfx64.sys
[2014/05/13 14:04:56 | 000,236,312 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys
[2014/05/13 14:04:30 | 000,031,512 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgrkx64.sys
[2014/05/12 10:40:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
========== Files - Modified Within 30 Days ==========
[2014/06/09 16:17:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/06/09 16:17:50 | 3193,835,520 | -HS- | M] () -- C:\hiberfil.sys
[2014/06/09 16:09:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\The Myers\Desktop\OTL.com
[2014/06/09 16:05:36 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/06/09 16:00:33 | 000,000,824 | ---- | M] () -- C:\Windows\tasks\Security Center Update - 271640114.job
[2014/06/09 16:00:32 | 000,000,824 | ---- | M] () -- C:\Windows\tasks\Security Center Update - 3849768352.job
[2014/06/09 16:00:31 | 000,000,828 | ---- | M] () -- C:\Windows\tasks\Security Center Update - 2113702981.job
[2014/06/09 16:00:30 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Security Center Update - 1679535995.job
[2014/06/09 16:00:30 | 000,000,826 | ---- | M] () -- C:\Windows\tasks\Security Center Update - 3223429417.job
[2014/06/09 16:00:28 | 000,000,828 | ---- | M] () -- C:\Windows\tasks\Security Center Update - 3483887649.job
[2014/06/09 16:00:27 | 000,000,826 | ---- | M] () -- C:\Windows\tasks\Security Center Update - 75785538.job
[2014/06/09 16:00:26 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Security Center Update - 1949422797.job
[2014/06/09 16:00:24 | 000,000,824 | ---- | M] () -- C:\Windows\tasks\Security Center Update - 2900589214.job
[2014/06/09 16:00:22 | 000,000,826 | ---- | M] () -- C:\Windows\tasks\Security Center Update - 2925848665.job
[2014/06/09 16:00:22 | 000,000,824 | ---- | M] () -- C:\Windows\tasks\Security Center Update - 3908467978.job
[2014/06/09 16:00:22 | 000,000,824 | ---- | M] () -- C:\Windows\tasks\Security Center Update - 1518819644.job
[2014/06/09 16:00:21 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Security Center Update - 1440003018.job
[2014/06/09 16:00:21 | 000,000,828 | ---- | M] () -- C:\Windows\tasks\Security Center Update - 2843776151.job
[2014/06/09 16:00:21 | 000,000,824 | ---- | M] () -- C:\Windows\tasks\Security Center Update - 793415054.job
[2014/06/09 16:00:21 | 000,000,824 | ---- | M] () -- C:\Windows\tasks\Security Center Update - 419072211.job
[2014/06/09 16:00:19 | 000,000,828 | ---- | M] () -- C:\Windows\tasks\Security Center Update - 1749706860.job
[2014/06/09 15:25:08 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/06/09 14:35:27 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/06/09 07:39:11 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/06/09 07:39:11 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/06/09 07:21:02 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2014.lnk
[2014/06/09 06:48:44 | 000,003,408 | ---- | M] () -- C:\bootsqm.dat
[2014/06/09 06:38:55 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014/06/09 06:18:26 | 005,205,664 | R--- | M] (Swearware) -- C:\Users\The Myers\Desktop\ComboFix.exe
[2014/06/07 09:43:40 | 000,782,510 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/06/07 09:43:40 | 000,662,400 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/06/07 09:43:40 | 000,122,268 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/06/02 13:22:59 | 000,349,912 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/06/02 07:04:47 | 000,457,116 | ---- | M] () -- C:\Users\The Myers\Documents\img006.jpg
[2014/06/02 07:02:20 | 000,455,758 | ---- | M] () -- C:\Users\The Myers\Documents\img005.jpg
[2014/05/30 08:18:55 | 000,068,782 | ---- | M] () -- C:\Users\The Myers\AppData\Local\erwbobfb
[2014/05/30 08:14:52 | 000,000,000 | ---- | M] () -- C:\Users\The Myers\AppData\Roaming\SharedSettings.ccs
[2014/05/22 03:36:28 | 000,002,187 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/05/19 10:37:37 | 000,000,826 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/05/14 08:40:43 | 000,000,258 | RHS- | M] () -- C:\Users\The Myers\ntuser.pol
[2014/05/14 00:57:21 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/05/14 00:57:21 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/05/13 14:20:26 | 000,235,800 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgldx64.sys
[2014/05/13 14:20:06 | 000,273,176 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys
[2014/05/13 14:06:06 | 000,323,352 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgloga.sys
[2014/05/13 14:05:40 | 000,191,768 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsha.sys
[2014/05/13 14:05:08 | 000,152,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgdiska.sys
[2014/05/13 14:05:06 | 000,130,328 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgmfx64.sys
[2014/05/13 14:04:56 | 000,236,312 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys
[2014/05/13 14:04:30 | 000,031,512 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgrkx64.sys
========== Files Created - No Company Name ==========
[2014/06/09 07:21:02 | 000,000,969 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2014.lnk
[2014/06/09 06:48:44 | 000,003,408 | ---- | C] () -- C:\bootsqm.dat
[2014/06/07 09:43:27 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2014/06/07 09:43:27 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2014/06/07 09:43:27 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2014/06/07 09:43:27 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2014/06/07 09:43:27 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2014/06/07 05:44:57 | 000,000,824 | ---- | C] () -- C:\Windows\tasks\Security Center Update - 3908467978.job
[2014/06/07 01:45:29 | 000,000,824 | ---- | C] () -- C:\Windows\tasks\Security Center Update - 1518819644.job
[2014/06/06 13:48:52 | 000,000,826 | ---- | C] () -- C:\Windows\tasks\Security Center Update - 3223429417.job
[2014/06/06 09:46:52 | 000,000,828 | ---- | C] () -- C:\Windows\tasks\Security Center Update - 2113702981.job
[2014/06/06 01:51:38 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Security Center Update - 1949422797.job
[2014/06/05 21:47:29 | 000,000,824 | ---- | C] () -- C:\Windows\tasks\Security Center Update - 271640114.job
[2014/06/05 17:50:37 | 000,000,828 | ---- | C] () -- C:\Windows\tasks\Security Center Update - 3483887649.job
[2014/06/05 13:08:04 | 000,000,828 | ---- | C] () -- C:\Windows\tasks\Security Center Update - 2843776151.job
[2014/06/04 21:43:07 | 000,000,824 | ---- | C] () -- C:\Windows\tasks\Security Center Update - 793415054.job
[2014/06/03 21:10:13 | 000,000,824 | ---- | C] () -- C:\Windows\tasks\Security Center Update - 3849768352.job
[2014/06/03 01:47:40 | 000,000,826 | ---- | C] () -- C:\Windows\tasks\Security Center Update - 75785538.job
[2014/06/02 21:45:50 | 000,000,828 | ---- | C] () -- C:\Windows\tasks\Security Center Update - 1749706860.job
[2014/06/02 20:14:49 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Security Center Update - 1679535995.job
[2014/06/02 18:28:47 | 000,000,824 | ---- | C] () -- C:\Windows\tasks\Security Center Update - 2900589214.job
[2014/06/02 17:17:09 | 000,000,826 | ---- | C] () -- C:\Windows\tasks\Security Center Update - 2925848665.job
[2014/06/02 16:16:43 | 000,000,824 | ---- | C] () -- C:\Windows\tasks\Security Center Update - 419072211.job
[2014/06/02 16:12:11 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Security Center Update - 1440003018.job
[2014/06/02 13:22:44 | 000,349,912 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/06/02 07:04:47 | 000,457,116 | ---- | C] () -- C:\Users\The Myers\Documents\img006.jpg
[2014/06/02 07:02:19 | 000,455,758 | ---- | C] () -- C:\Users\The Myers\Documents\img005.jpg
[2014/05/30 08:18:55 | 000,068,782 | ---- | C] () -- C:\Users\The Myers\AppData\Local\erwbobfb
[2014/05/30 08:14:52 | 000,000,000 | ---- | C] () -- C:\Users\The Myers\AppData\Roaming\SharedSettings.ccs
[2014/02/25 04:02:42 | 000,774,632 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/12/30 21:40:01 | 000,000,030 | ---- | C] () -- C:\Users\The Myers\AppData\Roaming\WB.CFG
[2013/08/09 08:10:36 | 000,000,000 | ---- | C] () -- C:\Users\The Myers\acrobat.exe
[2013/06/25 18:37:34 | 000,000,258 | RHS- | C] () -- C:\Users\The Myers\ntuser.pol
[2013/05/27 09:26:48 | 000,003,737 | ---- | C] () -- C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
[2013/04/07 17:43:28 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat
[2012/11/19 03:33:32 | 000,065,656 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
[2012/11/19 03:33:30 | 000,022,640 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll
[2012/02/05 16:50:26 | 000,000,779 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
========== ZeroAccess Check ==========
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/24 22:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/24 22:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
< End of report >
OTL Extras logfile created on: 6/9/2014 4:20:57 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\The Myers\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17041)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.97 Gb Total Physical Memory | 2.95 Gb Available Physical Memory | 74.38% Memory free
7.93 Gb Paging File | 6.95 Gb Available in Paging File | 87.59% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 911.88 Gb Total Space | 845.94 Gb Free Space | 92.77% Space Free | Partition Type: NTFS
Drive H: | 7.53 Gb Total Space | 7.34 Gb Free Space | 97.47% Space Free | Partition Type: FAT32
Computer Name: THEMYERS-PC | User Name: The Myers | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09151C03-35A6-4E2F-A591-B159649513A4}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{16EC3392-5F27-472B-9B0E-1CB31877D2BB}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1B1F64CA-F895-4699-9001-94B80DA8DAF7}" = rport=137 | protocol=17 | dir=out | app=system |
"{1EF0E3BE-9F24-40A9-A9E9-FDA2433B2CF7}" = lport=2869 | protocol=6 | dir=in | app=system |
"{37242044-C29B-40AD-AEF1-6CB7B0EECF31}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{38B840E3-7C63-4732-98FE-0A59A7083EA1}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4A212A11-1665-40BA-A106-170D36D79CC7}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5BED8EA6-3F56-4403-A7B7-9565152DBDE0}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5C4523B2-77B1-4ACF-A608-6D3463D8D45D}" = lport=445 | protocol=6 | dir=in | app=system |
"{5E09327C-915D-4567-9E41-539439A0D436}" = lport=138 | protocol=17 | dir=in | app=system |
"{854F0355-9121-426A-9606-C452E0E6D311}" = rport=138 | protocol=17 | dir=out | app=system |
"{91A3040B-94C6-4F99-9613-8198F79A3306}" = lport=137 | protocol=17 | dir=in | app=system |
"{954FF445-FE24-4EAE-9AB9-A367A0EFB722}" = lport=139 | protocol=6 | dir=in | app=system |
"{A9A5BC5A-93D6-4F53-9FE9-6595ADFA4379}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{AA09BF83-29DC-48B4-835F-7846B5822AB3}" = rport=139 | protocol=6 | dir=out | app=system |
"{B8E2A74C-76BF-4BA4-8B94-F089DA5CD5EE}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BD9F322E-4D46-4173-9178-1155D7224A23}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{C062955D-77E3-40B4-907F-29C61A361895}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{C534B2BC-4DD7-4AFE-AE4D-68E09366F40A}" = rport=10243 | protocol=6 | dir=out | app=system |
"{C80ACD64-D5A5-4610-8888-55445FA75957}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D8D70D05-D8E5-40AE-AFF0-B5490EEE2F61}" = lport=10243 | protocol=6 | dir=in | app=system |
"{E632A1FA-49B3-4CE5-B3D4-11460A822A36}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{ED1B48CA-F13E-4F16-80F5-8E232BF4BFD3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FDEC8B82-C507-46E4-BFCD-E13A585DA8C5}" = rport=445 | protocol=6 | dir=out | app=system |
"{FEABEF51-75A2-4025-99EF-431E2F04286D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07EAC846-DE46-4A5E-95F8-57A742618F3C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1071E15F-ADE3-4669-9901-0368A2408014}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{15844F51-45F6-48E8-A812-962408136A47}" = protocol=58 | dir=out | [email protected],-28546 |
"{1C4BB884-0EBE-4104-B382-937F4EF4CAE1}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{1D1B4186-9B61-43F7-AA23-B2EC72A5E2A8}" = dir=in | app=c:\users\the myers\desktop\phone\skype.exe |
"{2E80A141-2425-4A2E-B45F-7B041F52E393}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{3119D8D4-4AF8-466B-A35C-40419CA5C109}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{31CCDF9F-D9A6-4E2A-960E-6050ADEEC31C}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgnsa.exe |
"{381B5F10-DB11-4E75-A512-0F9BF7421C96}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3C917F9E-2B42-489B-BD5F-9256BFC90450}" = protocol=1 | dir=in | [email protected],-28543 |
"{42F55D21-8D85-4FCA-A952-044176764123}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{43456046-C43E-4777-B5E0-92D13EF5BFA4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{46EA5B1E-2D25-4444-82CA-F31BD69EFC33}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{4B3E308A-4ED6-403E-8A41-72048AFB2003}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4DD06242-EF92-4B11-B71B-979C9136C8E5}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe |
"{59A01EBA-EFAE-49EF-A6B9-F0FC4FF257B3}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe |
"{5B30FCBC-7792-41ED-B0AF-DEC806D1A192}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{63F30319-40D9-430A-A21B-4AE7C29A334B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{65FE8EB5-10A7-4120-8805-D3CC0EECDC8C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{69BEBABE-2058-4636-AD8A-9D085A9886CF}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgdiagex.exe |
"{6D9DB6E6-4A5D-40C6-988B-10BFB7DA7E03}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8C55D4A8-DC9C-49CC-975C-8D200C3865CD}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{9E964263-678C-48C0-8FD0-7F2EC8BCBA81}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{A30A438A-6AB8-43BF-9691-97A80F46F5AE}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgemca.exe |
"{BD15E345-1490-4883-9906-4B0DBAEE5127}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BD29FCCF-E6E9-4170-9DAC-BDD21AC9F428}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\homemedia\homemedia.exe |
"{C29BE491-2802-47BE-928F-0ABFE878B6E9}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C3160318-9CAB-478E-BB25-842E59898B8D}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{C8BC1FE1-6E40-431D-9F7D-6426346466F7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C9E92C14-8FF1-438F-96DB-ED35B0F2D535}" = protocol=6 | dir=out | app=system |
"{D55B2822-B5FC-43AE-A6B1-37F1DF1EDA22}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DA0938E2-3227-4D75-8ED4-5A96682458CD}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{DCDE9950-122C-4F77-BC06-3C39A465E74B}" = protocol=1 | dir=out | [email protected],-28544 |
"{E0A22CF7-AA39-4D69-8FA9-EFE271722D34}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{E4621069-157F-42A8-9B52-82EA7B29DFE2}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe |
"{E4E49425-F243-46E9-A295-2DB6417AA949}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgemca.exe |
"{E589AB45-32DA-431C-B60C-CDD55C693E71}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E86364EA-C93E-4EAC-A530-9585EAA9375E}" = protocol=58 | dir=in | [email protected],-28545 |
"{EA294CBA-7F38-42BF-9B45-DCDE1B2F90E5}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgdiagex.exe |
"{EF0E9AA1-E5CA-4210-A06E-12DC7A2D7396}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{F757F2EC-A2FE-4F13-B6D0-533F2F06AFED}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{F8035BF3-89B3-4055-BA1D-A6F458B2FCC7}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F89251D2-9F43-464F-96DB-19A98C78DC22}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgnsa.exe |
"TCP Query User{03699D1F-1F30-44CE-BCFE-EF89231303C7}C:\programdata\kingsisle entertainment\pirate101\bin\pirate.exe" = protocol=6 | dir=in | app=c:\programdata\kingsisle entertainment\pirate101\bin\pirate.exe |
"TCP Query User{2EE21EFA-B4B4-4622-A2CB-6A2ED38C74C5}C:\users\the myers\desktop\stuff\phone\skype.exe" = protocol=6 | dir=in | app=c:\users\the myers\desktop\stuff\phone\skype.exe |
"TCP Query User{5F64AA87-ED34-434A-83B7-BFC968B06A1C}C:\program files (x86)\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"TCP Query User{6C65666A-F4C9-4B79-BE78-66A652C1589E}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"TCP Query User{D525A65E-2261-479A-8D5F-798B2BF5EDDB}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{0AE26817-F2E6-418F-890A-C085FAAEF1F7}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{35AD0855-FF81-4F16-A17A-7F9D4705A0E0}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"UDP Query User{826F092C-D594-4F7D-AC93-D4CE915A4D09}C:\programdata\kingsisle entertainment\pirate101\bin\pirate.exe" = protocol=17 | dir=in | app=c:\programdata\kingsisle entertainment\pirate101\bin\pirate.exe |
"UDP Query User{D7E2F072-B2BB-4988-9AF2-98C895AA5F68}C:\users\the myers\desktop\stuff\phone\skype.exe" = protocol=17 | dir=in | app=c:\users\the myers\desktop\stuff\phone\skype.exe |
"UDP Query User{EA846064-04DC-4EC3-8EAF-92CE00FF6431}C:\program files (x86)\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4FD80311-508F-42C3-A004-4CC8D08231F5}" = AVG 2013
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.10.03
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{CB21CD89-A4D3-4240-9AAA-55DCE7F3D076}" = AVG 2014
"{CFF43477-05A9-466C-8399-A2C151D82CA0}" = AVG 2014
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"AVG" = AVG 2014
"CCleaner" = CCleaner
"EPSON WorkForce 500 Series" = EPSON WorkForce 500 Series Printer Uninstall
"HDMI" = Intel® Graphics Media Accelerator Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0ca6db69-1557-428e-b75f-3f479f9a48bf}" = Nero 9 Essentials
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20400DBD-E6DB-45B8-9B6B-1DD7033818EC}" = Nero InfoTool Help
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2348B586-C9AE-46CE-936C-A68E9426E214}" = Nero StartSmart Help
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{4968622A-4D3F-489E-9ACE-5FEC4CC0BDE3}" = MediaShow Espresso
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4D43D635-6FDA-4FA5-AA9B-23CF73D058EA}" = Nero StartSmart OEM
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{662140BE-138C-4DC1-B4CD-B62C6C855A25}" = Pirate101
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6A7C2B2E-36A3-4EF5-96C6-708CD090A3AD}" = Fitbit Connect
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{83202942-84B3-4C50-8622-B8C0AA2D2885}" = Nero Express Help
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.07)
"{B03954CC-E130-4E57-BC83-869978685902}" = LG United Mobile Drivers
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B618B8E1-FB71-4237-8361-C3EA3EF15EF7}" = ASPCA Reminder by We-Care.com v4.1.18.1
"{B906C11A-D193-4143-9FA7-E2EE8A5A8F21}" = Acer Arcade Movie
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade
"{CC019E3F-59D2-4486-8D4B-878105B62A71}" = Nero DiscSpeed Help
"{CCF298AF-9CE1-4B26-B251-486E98A34789}" = Windows 7 USB/DVD Download Tool
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4C4A751-F7F3-4DCA-B825-9AC391BFFC3F}" = Google+ Auto Backup
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}" = eBay Worldwide
"{E5C7D048-F9B4-4219-B323-8BDB01A2563D}" = Nero DriveSpeed Help
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}" = Nero ControlCenter
"{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"7-Zip" = 7-Zip 4.65
"Acer Game Console" = Acer Game Console
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 13 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"AVG SafeGuard toolbar" = AVG SafeGuard toolbar
"Bandicam" = Bandicam
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"Coupon Printer for Windows5.0.0.7" = Coupon Printer for Windows
"DMUninstaller" = DMUninstaller
"EPSON Scanner" = EPSON Scan
"Google Chrome" = Google Chrome
"Hotkey Utility" = Hotkey Utility
"Identity Card" = Identity Card
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"IrfanView" = IrfanView (remove only)
"LS-C4DC987A-47E2-487C-9F63-7E1DB5F88FC3_is1" = Lazesoft Recover My Password version 2.0 Home Edition
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Mozilla Firefox 29.0.1 (x86 en-US)" = Mozilla Firefox 29.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"Opera 12.16.1860" = Opera 12.16
"TeamViewer 8" = TeamViewer 8
"Tucows_Downloads Toolbar" = Tucows Downloads Toolbar
"UBCD4Win_is1" = UBCD4Win 3.60
"VzInHomeAgent" = Vz In-Home Agent
"WildTangent acer Master Uninstall" = Acer Games
"WinLiveSuite" = Windows Live Essentials
"WT088295" = Agatha Christie - Death on the Nile
"WT088300" = Bejeweled 2 Deluxe
"WT088310" = Build-a-lot 2
"WT088312" = Chuzzle Deluxe
"WT088318" = Diner Dash 2 Restaurant Rescue
"WT088350" = Jewel Quest Solitaire 2
"WT088364" = Plants vs. Zombies
"WT088373" = Blackhawk Striker 2
"WT088393" = Dora's Carnival Adventure
"WT088413" = FATE
"WT088445" = John Deere Drive Green
"WT088449" = Penguins!
"WT088453" = Polar Bowler
"WT088457" = Polar Golfer
"WT088517" = Zuma's Revenge
"WT088553" = Virtual Villagers 4 - The Tree of Life
"WT088649" = 18 Wheels of Steel - American Long Haul
"WT088653" = Jewel Quest - Heritage
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player
"Virtual Families Packages" = Virtual Families Packages
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 3/11/2014 7:16:41 AM | Computer Name = TheMyers-PC | Source = Application Error | ID = 1000
Description = Faulting application name: firefox.exe, version: 27.0.1.5156, time
stamp: 0x52fc0faa Faulting module name: xul.dll, version: 27.0.1.5156, time stamp:
0x52fc0f79 Exception code: 0xc0000005 Fault offset: 0x001560c7 Faulting process id:
0xcc0 Faulting application start time: 0x01cf3d1adb1d7b6f Faulting application path:
C:\Program Files (x86)\Mozilla Firefox\firefox.exe Faulting module path: C:\Program
Files (x86)\Mozilla Firefox\xul.dll Report Id: 9e8775a2-a90e-11e3-a04b-f80f411684c7
Error - 3/12/2014 8:02:48 AM | Computer Name = TheMyers-PC | Source = MsiInstaller | ID = 11706
Description =
Error - 3/20/2014 7:13:16 AM | Computer Name = TheMyers-PC | Source = Application Error | ID = 1000
Description = Faulting application name: firefox.exe, version: 27.0.1.5156, time
stamp: 0x52fc0faa Faulting module name: xul.dll, version: 27.0.1.5156, time stamp:
0x52fc0f79 Exception code: 0xc0000005 Fault offset: 0x001560c7 Faulting process id:
0x128c Faulting application start time: 0x01cf442d0fcb292e Faulting application path:
C:\Program Files (x86)\Mozilla Firefox\firefox.exe Faulting module path: C:\Program
Files (x86)\Mozilla Firefox\xul.dll Report Id: a210a434-b020-11e3-a3bb-f80f411684c7
Error - 3/28/2014 11:45:37 AM | Computer Name = TheMyers-PC | Source = Application Hang | ID = 1002
Description = The program mbam.exe version 1.75.0.1 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Action Center control panel. Process ID: 137c Start Time:
01cf4a9c1bf9a420 Termination Time: 0 Application Path: C:\Program Files (x86)\Malwarebytes'
Anti-Malware\mbam.exe Report Id: e8cc0f9c-b68f-11e3-80c6-f80f411684c7
Error - 4/9/2014 1:57:54 PM | Computer Name = TheMyers-PC | Source = Application Error | ID = 1000
Description = Faulting application name: firefox.exe, version: 28.0.0.5186, time
stamp: 0x53240e37 Faulting module name: xul.dll, version: 28.0.0.5186, time stamp:
0x53240e04 Exception code: 0xc0000005 Fault offset: 0x00184729 Faulting process id:
0x1434 Faulting application start time: 0x01cf541c98971bb9 Faulting application path:
C:\Program Files (x86)\Mozilla Firefox\firefox.exe Faulting module path: C:\Program
Files (x86)\Mozilla Firefox\xul.dll Report Id: 791a0fd6-c010-11e3-a076-f80f411684c7
Error - 4/21/2014 9:24:57 AM | Computer Name = TheMyers-PC | Source = Application Error | ID = 1000
Description = Faulting application name: Explorer.EXE, version: 6.1.7601.17567,
time stamp: 0x4d672ee4 Faulting module name: msi.dll, version: 5.0.7601.17807, time
stamp: 0x4f80321a Exception code: 0xc0000005 Fault offset: 0x00000000001ec1e6 Faulting
process id: 0x4a4 Faulting application start time: 0x01cf570df46ae8f5 Faulting application
path: C:\Windows\Explorer.EXE Faulting module path: C:\Windows\system32\msi.dll Report
Id: 5463b68f-c958-11e3-9a13-f80f411684c7
Error - 4/28/2014 6:29:19 AM | Computer Name = TheMyers-PC | Source = MsiInstaller | ID = 11706
Description =
Error - 5/3/2014 7:00:54 AM | Computer Name = TheMyers-PC | Source = MsiInstaller | ID = 11706
Description =
Error - 5/17/2014 3:53:00 PM | Computer Name = TheMyers-PC | Source = MsiInstaller | ID = 1024
Description =
Error - 5/19/2014 9:55:19 AM | Computer Name = TheMyers-PC | Source = MsiInstaller | ID = 11706
Description =
[ System Events ]
Error - 6/9/2014 5:08:11 PM | Computer Name = TheMyers-PC | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068
Error - 6/9/2014 5:08:23 PM | Computer Name = TheMyers-PC | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068
Error - 6/9/2014 5:08:23 PM | Computer Name = TheMyers-PC | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068
Error - 6/9/2014 5:08:23 PM | Computer Name = TheMyers-PC | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068
Error - 6/9/2014 5:09:23 PM | Computer Name = TheMyers-PC | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068
Error - 6/9/2014 5:09:23 PM | Computer Name = TheMyers-PC | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068
Error - 6/9/2014 5:09:23 PM | Computer Name = TheMyers-PC | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068
Error - 6/9/2014 5:09:35 PM | Computer Name = TheMyers-PC | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068
Error - 6/9/2014 5:09:35 PM | Computer Name = TheMyers-PC | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068
Error - 6/9/2014 5:09:35 PM | Computer Name = TheMyers-PC | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068
< End of report >
Sign In
Create Account
