I was recently downloading a book using a free software downloader and my computer was taken over by Trovi. Both IE and Chrome were up and running at the time and they both closed and when I reopened they redirected my sites and instead of saying the actual site name they said trovi.name.com. I tried running my Norton Antivirus but remembered I had a backup disk so I recovered the system and attempted to remove the garbage that infected my computer. I believe I accomplished the task however, when I opened chrome after re-installing I still had the trovi. Funny thing is it was not on IE. I did a simple task and reset both browser settings to their defaults and downloaded the OTL.exe I have run the OTL and included the results below. I am seeking help to see if I still may have a problem and if I do what can I do exactly to rid myself of the problem and prevent future mishaps. (I know not to download my books from the free stuff)
OTL logfile created on: 6/24/2014 5:17:29 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\MTNSF\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
7.19 Gb Total Physical Memory | 4.69 Gb Available Physical Memory | 65.17% Memory free
7.58 Gb Paging File | 4.81 Gb Available in Paging File | 63.46% Paging File free
Paging file location(s): c:\pagefile.sys 400 4096 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1844.22 Gb Total Space | 1800.07 Gb Free Space | 97.61% Space Free | Partition Type: NTFS
Drive D: | 17.32 Gb Total Space | 2.16 Gb Free Space | 12.46% Space Free | Partition Type: NTFS
Computer Name: REARDON_PC | User Name: MTNSF | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/06/24 17:17:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\MTNSF\Desktop\OTL(Shortcut).exe
PRC - [2013/08/16 06:20:49 | 000,275,696 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\21.0.0.100\NIS.exe
PRC - [2013/06/09 22:44:38 | 000,089,864 | ---- | M] (CyberLink Corp.) -- c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
PRC - [2013/06/09 22:44:34 | 000,294,664 | ---- | M] (CyberLink) -- c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
PRC - [2013/06/09 22:44:31 | 000,077,576 | ---- | M] (CyberLink) -- c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
PRC - [2013/03/12 09:51:55 | 000,110,144 | ---- | M] (CyberLink) -- c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
========== Modules (No Company Name) ==========
MOD - [2013/03/13 00:53:32 | 000,015,424 | ---- | M] () -- c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
MOD - [2013/03/12 09:51:18 | 000,626,240 | ---- | M] () -- c:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
========== Services (SafeList) ==========
SRV:64bit: - [2013/06/04 00:33:18 | 000,333,824 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2013/04/09 21:29:11 | 000,467,456 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/04/09 21:25:49 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013/04/09 21:25:49 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2013/04/09 21:23:25 | 000,178,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/04/09 21:23:25 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/04/09 21:20:40 | 000,014,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013/04/09 21:19:03 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013/04/09 21:03:45 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/04/09 21:02:59 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2013/04/09 21:02:53 | 002,367,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2013/03/20 03:01:15 | 000,241,152 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012/07/25 22:30:05 | 002,675,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2012/07/25 22:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2012/07/25 22:07:42 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2012/07/25 22:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2012/07/25 22:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2012/07/25 22:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2012/07/25 22:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2012/07/25 22:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012/07/25 22:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2012/07/25 22:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2012/07/25 22:05:28 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2012/07/25 22:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2012/07/25 22:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:64bit: - [2012/07/25 19:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2012/07/25 19:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2012/07/25 19:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2012/07/25 19:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2012/07/25 19:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2012/07/25 19:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV - [2014/05/11 02:11:33 | 000,276,376 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\NIS.exe -- (NIS)
SRV - [2013/06/09 22:44:38 | 000,089,864 | ---- | M] (CyberLink Corp.) [Auto | Running] -- c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe -- (CLHNServiceForPowerDVD12)
SRV - [2013/06/09 22:44:34 | 000,294,664 | ---- | M] (CyberLink) [Auto | Running] -- c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe -- (CyberLink PowerDVD 12 Media Server Service)
SRV - [2013/06/09 22:44:31 | 000,077,576 | ---- | M] (CyberLink) [Auto | Running] -- c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe -- (CyberLink PowerDVD 12 Media Server Monitor Service)
SRV - [2013/06/07 20:31:40 | 000,092,160 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2012/07/25 22:30:05 | 002,675,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012/07/25 22:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2012/07/25 22:18:41 | 000,408,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2012/07/25 22:17:52 | 000,060,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2010/10/12 12:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2014/06/23 17:59:28 | 000,177,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2014/03/03 23:18:12 | 001,148,120 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\NISx64\1503000.00C\symefa64.sys -- (SymEFA)
DRV:64bit: - [2014/02/20 18:14:34 | 000,162,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\NISx64\1503000.00C\ccsetx64.sys -- (ccSet_NIS)
DRV:64bit: - [2014/01/07 11:02:04 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\nuidfltr.sys -- (NuidFltr)
DRV:64bit: - [2014/01/07 10:42:08 | 000,076,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2013/07/31 22:20:01 | 000,023,568 | R--- | M] (Symantec Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\NISx64\1503000.00C\symelam.sys -- (SymELAM)
DRV:64bit: - [2013/07/31 22:19:50 | 000,493,656 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\NISx64\1503000.00C\symds64.sys -- (SymDS)
DRV:64bit: - [2013/07/30 23:45:54 | 000,590,424 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NISx64\1500000.064\symnets.sys -- (SymNetS)
DRV:64bit: - [2013/07/30 23:13:30 | 000,264,280 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\NISx64\1503000.00C\ironx64.sys -- (SymIRON)
DRV:64bit: - [2013/07/30 22:44:44 | 000,854,616 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NISx64\1500000.064\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2013/07/30 22:44:44 | 000,036,952 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\NISx64\1503000.00C\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2013/06/04 00:33:18 | 000,550,912 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2013/04/09 21:29:11 | 000,446,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013/04/09 21:29:11 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/04/09 21:25:49 | 000,194,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013/04/09 21:25:49 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/04/09 21:22:07 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/04/09 21:21:18 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/04/09 21:20:40 | 000,230,904 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013/04/09 21:20:40 | 000,035,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013/04/09 21:18:58 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013/04/09 21:18:58 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/04/09 21:14:35 | 000,058,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)
DRV:64bit: - [2013/04/09 21:14:35 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2013/04/09 21:05:54 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013/04/09 21:02:51 | 000,120,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2013/04/09 21:02:48 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/04/09 21:02:48 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/04/09 21:02:48 | 000,337,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013/04/09 21:02:48 | 000,212,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2013/04/09 21:02:48 | 000,148,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/03/25 16:55:54 | 000,108,312 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2013/03/20 03:55:46 | 011,644,416 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013/03/20 02:34:01 | 000,581,120 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013/03/15 16:47:56 | 000,091,712 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\CLVirtualDrive.sys -- (CLVirtualDrive)
DRV:64bit: - [2013/03/01 14:28:50 | 000,259,144 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2013/02/20 21:50:32 | 003,765,760 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\athw8x.sys -- (athr)
DRV:64bit: - [2012/07/30 06:00:23 | 000,110,744 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\L1C63x64.sys -- (L1C)
DRV:64bit: - [2012/07/26 00:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/07/26 00:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
DRV:64bit: - [2012/07/26 00:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2012/07/26 00:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2012/07/26 00:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2012/07/26 00:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2012/07/26 00:00:55 | 000,283,888 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2012/07/26 00:00:55 | 000,077,552 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
DRV:64bit: - [2012/07/26 00:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2012/07/26 00:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2012/07/26 00:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2012/07/26 00:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2012/07/26 00:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2012/07/26 00:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2012/07/26 00:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2012/07/26 00:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2012/07/26 00:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:64bit: - [2012/07/26 00:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/07/26 00:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/07/25 23:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2012/07/25 23:54:34 | 000,096,496 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2012/07/25 23:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
DRV:64bit: - [2012/07/25 22:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012/07/25 21:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2012/07/25 21:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2012/07/25 21:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2012/07/25 21:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2012/07/25 21:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2012/07/25 21:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2012/07/25 21:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2012/07/25 21:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2012/07/25 21:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2012/07/25 21:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2012/07/25 21:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2012/07/25 21:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2012/07/25 21:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2012/07/25 21:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/07/25 21:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2012/07/25 21:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2012/07/25 21:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/07/25 21:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2012/07/25 21:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2012/07/25 21:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2012/07/25 21:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2012/07/16 21:36:29 | 000,057,000 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2012/06/02 09:32:26 | 010,627,744 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/06/02 09:31:38 | 000,333,824 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\e1i63x64.sys -- (e1iexpress)
DRV - [2014/06/23 18:22:46 | 002,099,288 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\VirusDefs\20140624.001\ex64.sys -- (NAVEX15)
DRV - [2014/06/23 18:22:46 | 000,486,192 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2014/06/23 18:22:46 | 000,142,128 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2014/06/23 18:22:46 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\VirusDefs\20140624.001\eng64.sys -- (NAVENG)
DRV - [2014/06/23 17:36:12 | 000,525,016 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\IPSDefs\20140623.001\IDSviA64.sys -- (IDSVia64)
DRV - [2014/06/06 18:04:12 | 001,530,160 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\BASHDefs\20140606.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2013/03/12 03:09:48 | 000,084,168 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys -- (ntk_PowerDVD12)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK13/1
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK13/1
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...0TR&pc=HPDTDFJS
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...54371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK13/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK13/1
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...0TR&pc=HPDTDFJS
IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...54371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK13/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/hpdsk13/1
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn\ [2014/06/24 00:33:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\IPSFF [2014/06/23 23:22:53 | 000,000,000 | ---D | M]
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.trovi.com...0DDEEEEB38=
CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = C:\Users\MTNSF\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\
CHR - Extension: Google Drive = C:\Users\MTNSF\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\MTNSF\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5019_0\
CHR - Extension: YouTube = C:\Users\MTNSF\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\MTNSF\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Norton Identity Protection = C:\Users\MTNSF\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2014.5.1.4_0\
CHR - Extension: Google Wallet = C:\Users\MTNSF\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\MTNSF\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2012/07/26 00:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.0.0.100\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.0.0.100\IPS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.0.0.100\CoIEPlg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [BeatsOSDApp] C:\Program Files\IDT\WDM\Beats64.exe (Hewlett-Packard )
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{19CB2DD7-1B59-480F-9FD5-11B2B87E6A26}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014/06/24 17:17:10 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\MTNSF\Desktop\OTL(Shortcut).exe
[2014/06/24 17:10:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/06/23 23:46:32 | 000,000,000 | ---D | C] -- C:\Users\MTNSF\AppData\Local\NPE
[2014/06/23 23:46:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
[2014/06/23 23:46:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2014/06/23 23:45:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services
[2014/06/23 23:45:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2014/06/23 23:45:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Sync Framework
[2014/06/23 23:42:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2014/06/23 23:42:20 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2014/06/23 23:42:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2014/06/23 23:42:09 | 000,000,000 | ---D | C] -- C:\Users\MTNSF\AppData\Local\Microsoft Help
[2014/06/23 23:42:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2014/06/23 23:42:05 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2014/06/23 23:15:25 | 000,000,000 | ---D | C] -- C:\windows\SysNative\MRT
[2014/06/23 22:40:22 | 000,000,000 | ---D | C] -- C:\Users\MTNSF\AppData\Local\CrashDumps
[2014/06/23 22:39:34 | 000,000,000 | ---D | C] -- C:\Users\MTNSF\AppData\Roaming\e-academy Inc
[2014/06/23 22:39:34 | 000,000,000 | ---D | C] -- C:\Users\MTNSF\AppData\Local\e-academy Inc
[2014/06/23 22:21:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2014/06/23 22:21:16 | 000,000,000 | ---D | C] -- C:\Users\MTNSF\AppData\Local\Google
[2014/06/23 22:21:00 | 000,000,000 | ---D | C] -- C:\Users\MTNSF\AppData\Local\Deployment
[2014/06/23 22:21:00 | 000,000,000 | ---D | C] -- C:\Users\MTNSF\AppData\Local\Apps
[2014/06/23 18:48:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Recovery
[2014/06/23 18:23:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2014/06/23 18:00:02 | 000,000,000 | ---D | C] -- C:\Users\MTNSF\Documents\Symantec
[2014/06/23 17:59:33 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
[2014/06/23 17:56:14 | 000,000,000 | ---D | C] -- C:\Users\MTNSF\AppData\Roaming\Macromedia
[2014/06/23 17:49:29 | 000,000,000 | ---D | C] -- C:\MediaServer
[2014/06/23 17:46:33 | 000,000,000 | ---D | C] -- C:\Users\MTNSF\AppData\Local\Hewlett-Packard
[2014/06/22 22:38:11 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2014/06/22 21:54:16 | 000,000,000 | ---D | C] -- C:\Users\MTNSF\AppData\Roaming\Hewlett-Packard
[2014/06/22 21:53:32 | 000,000,000 | ---D | C] -- C:\Users\MTNSF\AppData\Roaming\ATI
[2014/06/22 21:53:32 | 000,000,000 | ---D | C] -- C:\Users\MTNSF\AppData\Local\ATI
[2014/06/22 21:52:04 | 000,000,000 | R--D | C] -- C:\Users\MTNSF\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014/06/22 21:52:04 | 000,000,000 | R--D | C] -- C:\Users\MTNSF\Searches
[2014/06/22 21:52:04 | 000,000,000 | R--D | C] -- C:\Users\MTNSF\Contacts
[2014/06/22 21:52:04 | 000,000,000 | R--D | C] -- C:\Users\MTNSF\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014/06/22 21:52:04 | 000,000,000 | -H-D | C] -- C:\Users\MTNSF\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2014/06/22 21:51:58 | 000,000,000 | ---D | C] -- C:\Users\MTNSF\AppData\Roaming\Adobe
[2014/06/22 21:51:46 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shopping and Services
[2014/06/22 21:50:37 | 000,000,000 | ---D | C] -- C:\Users\MTNSF\AppData\Local\Power2Go8
[2014/06/22 21:50:12 | 000,000,000 | ---D | C] -- C:\Users\MTNSF\AppData\Local\VirtualStore
[2014/06/22 21:50:01 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Uninstall Information
[2014/06/22 21:50:01 | 000,000,000 | ---D | C] -- C:\Users\MTNSF\AppData\Local\Packages
[2014/06/22 21:49:56 | 000,000,000 | --SD | C] -- C:\Users\MTNSF\AppData\Roaming\Microsoft
[2014/06/22 21:49:56 | 000,000,000 | R--D | C] -- C:\Users\MTNSF\Videos
[2014/06/22 21:49:56 | 000,000,000 | R--D | C] -- C:\Users\MTNSF\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2014/06/22 21:49:56 | 000,000,000 | R--D | C] -- C:\Users\MTNSF\Saved Games
[2014/06/22 21:49:56 | 000,000,000 | R--D | C] -- C:\Users\MTNSF\Pictures
[2014/06/22 21:49:56 | 000,000,000 | R--D | C] -- C:\Users\MTNSF\Music
[2014/06/22 21:49:56 | 000,000,000 | R--D | C] -- C:\Users\MTNSF\Links
[2014/06/22 21:49:56 | 000,000,000 | R--D | C] -- C:\Users\MTNSF\Favorites
[2014/06/22 21:49:56 | 000,000,000 | R--D | C] -- C:\Users\MTNSF\Downloads
[2014/06/22 21:49:56 | 000,000,000 | R--D | C] -- C:\Users\MTNSF\Documents
[2014/06/22 21:49:56 | 000,000,000 | R--D | C] -- C:\Users\MTNSF\Desktop
[2014/06/22 21:49:56 | 000,000,000 | R--D | C] -- C:\Users\MTNSF\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/06/22 21:49:56 | 000,000,000 | R--D | C] -- C:\Users\MTNSF\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2014/06/22 21:49:56 | 000,000,000 | -HSD | C] -- C:\Users\MTNSF\AppData\Local\Temporary Internet Files
[2014/06/22 21:49:56 | 000,000,000 | -HSD | C] -- C:\Users\MTNSF\Templates
[2014/06/22 21:49:56 | 000,000,000 | -HSD | C] -- C:\Users\MTNSF\Start Menu
[2014/06/22 21:49:56 | 000,000,000 | -HSD | C] -- C:\Users\MTNSF\SendTo
[2014/06/22 21:49:56 | 000,000,000 | -HSD | C] -- C:\Users\MTNSF\Recent
[2014/06/22 21:49:56 | 000,000,000 | -HSD | C] -- C:\Users\MTNSF\PrintHood
[2014/06/22 21:49:56 | 000,000,000 | -HSD | C] -- C:\Users\MTNSF\NetHood
[2014/06/22 21:49:56 | 000,000,000 | -HSD | C] -- C:\Users\MTNSF\Documents\My Videos
[2014/06/22 21:49:56 | 000,000,000 | -HSD | C] -- C:\Users\MTNSF\Documents\My Pictures
[2014/06/22 21:49:56 | 000,000,000 | -HSD | C] -- C:\Users\MTNSF\Documents\My Music
[2014/06/22 21:49:56 | 000,000,000 | -HSD | C] -- C:\Users\MTNSF\My Documents
[2014/06/22 21:49:56 | 000,000,000 | -HSD | C] -- C:\Users\MTNSF\Local Settings
[2014/06/22 21:49:56 | 000,000,000 | -HSD | C] -- C:\Users\MTNSF\AppData\Local\History
[2014/06/22 21:49:56 | 000,000,000 | -HSD | C] -- C:\Users\MTNSF\Cookies
[2014/06/22 21:49:56 | 000,000,000 | -HSD | C] -- C:\Users\MTNSF\Application Data
[2014/06/22 21:49:56 | 000,000,000 | -HSD | C] -- C:\Users\MTNSF\AppData\Local\Application Data
[2014/06/22 21:49:56 | 000,000,000 | -H-D | C] -- C:\Users\MTNSF\Documents\hp.system.package.metadata
[2014/06/22 21:49:56 | 000,000,000 | -H-D | C] -- C:\Users\MTNSF\Documents\hp.applications.package.appdata
[2014/06/22 21:49:56 | 000,000,000 | -H-D | C] -- C:\Users\MTNSF\AppData
[2014/06/22 21:49:56 | 000,000,000 | ---D | C] -- C:\Users\MTNSF\AppData\Local\Temp
[2014/06/22 21:49:56 | 000,000,000 | ---D | C] -- C:\Users\MTNSF\AppData\Local\Microsoft
[2014/06/22 21:49:56 | 000,000,000 | ---D | C] -- C:\Users\MTNSF\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/06/22 21:49:46 | 000,000,000 | ---D | C] -- C:\windows\SoftwareDistribution
========== Files - Modified Within 30 Days ==========
[2014/06/24 17:17:46 | 002,622,709 | ---- | M] () -- C:\windows\SysNative\drivers\NISx64\1500000.064\Cat.DB
[2014/06/24 17:17:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\MTNSF\Desktop\OTL(Shortcut).exe
[2014/06/24 17:12:48 | 000,000,918 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/06/24 17:12:00 | 000,000,914 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/06/24 17:10:06 | 000,002,290 | ---- | M] () -- C:\Users\MTNSF\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/06/24 17:10:06 | 000,002,266 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/06/24 16:39:57 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2014/06/24 00:35:00 | 000,751,426 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2014/06/24 00:35:00 | 000,158,862 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2014/06/24 00:35:00 | 000,005,318 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2014/06/24 00:30:15 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/06/24 00:30:14 | 1883,635,711 | -HS- | M] () -- C:\hiberfil.sys
[2014/06/24 00:13:35 | 000,432,256 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2014/06/23 22:39:34 | 000,003,139 | ---- | M] () -- C:\Users\MTNSF\Desktop\Shortcut to SecureDownloadManager.exe.lnk
[2014/06/23 17:59:33 | 000,002,519 | ---- | M] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2014/06/23 17:59:28 | 000,177,752 | ---- | M] (Symantec Corporation) -- C:\windows\SysNative\drivers\SYMEVENT64x86.SYS
[2014/06/23 17:59:28 | 000,008,222 | ---- | M] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.CAT
[2014/06/23 17:59:28 | 000,000,854 | ---- | M] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.INF
[2014/06/23 17:50:08 | 000,001,435 | ---- | M] () -- C:\Users\MTNSF\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/06/22 21:56:21 | 000,000,000 | -H-- | M] () -- C:\windows\SysNative\drivers\Msft_Kernel_dc3d_01011.Wdf
[2014/06/22 21:51:52 | 000,002,103 | ---- | M] () -- C:\Users\Public\Desktop\HP Games.lnk
[2014/06/22 21:51:38 | 000,000,000 | RHS- | M] () -- C:\windows\SysWow64\drivers\103C_HP_cPC_500-164_Y53316J_0U_Q3CR3410MVH_E13AM5RR8601_4A_I2AE0_SMSI_V1.0_B80.35_T130710_W8101-0_L409_M7366_J2000_7AMD_8F31_93.50_#130927_N168C0032;19691091_Z_G1002990E_Ohp CDDVDW SH-216BB_DACR0359.MRK
[2014/06/22 21:51:37 | 000,000,000 | RHS- | M] () -- C:\windows\SysNative\drivers\103C_HP_cPC_500-164_Y53316J_0U_Q3CR3410MVH_E13AM5RR8601_4A_I2AE0_SMSI_V1.0_B80.35_T130710_W8101-0_L409_M7366_J2000_7AMD_8F31_93.50_#130927_N168C0032;19691091_Z_G1002990E_Ohp CDDVDW SH-216BB_DACR0359.MRK
[2014/06/17 03:30:53 | 000,039,538 | ---- | M] () -- C:\windows\SysNative\drivers\NISx64\1500000.064\VT20140617.006
========== Files Created - No Company Name ==========
[2014/06/24 17:10:06 | 000,002,290 | ---- | C] () -- C:\Users\MTNSF\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/06/24 17:10:05 | 000,002,266 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/06/24 17:07:52 | 000,000,918 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/06/24 17:07:50 | 000,000,914 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/06/24 00:13:25 | 000,432,256 | ---- | C] () -- C:\windows\SysNative\FNTCACHE.DAT
[2014/06/23 22:39:34 | 000,003,139 | ---- | C] () -- C:\Users\MTNSF\Desktop\Shortcut to SecureDownloadManager.exe.lnk
[2014/06/23 17:50:08 | 000,001,435 | ---- | C] () -- C:\Users\MTNSF\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/06/22 22:39:59 | 1883,635,711 | -HS- | C] () -- C:\hiberfil.sys
[2014/06/22 22:38:12 | 268,435,456 | -HS- | C] () -- C:\swapfile.sys
[2014/06/22 21:56:21 | 000,000,000 | -H-- | C] () -- C:\windows\SysNative\drivers\Msft_Kernel_dc3d_01011.Wdf
[2014/06/22 21:51:58 | 000,001,441 | ---- | C] () -- C:\Users\MTNSF\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/06/22 21:51:52 | 000,002,103 | ---- | C] () -- C:\Users\Public\Desktop\HP Games.lnk
[2014/06/22 21:51:46 | 000,002,265 | ---- | C] () -- C:\Users\Public\Desktop\eBay.lnk
[2014/06/22 21:51:46 | 000,002,215 | ---- | C] () -- C:\Users\Public\Desktop\Snapfish.lnk
[2014/06/22 21:51:38 | 000,000,000 | RHS- | C] () -- C:\windows\SysWow64\drivers\103C_HP_cPC_500-164_Y53316J_0U_Q3CR3410MVH_E13AM5RR8601_4A_I2AE0_SMSI_V1.0_B80.35_T130710_W8101-0_L409_M7366_J2000_7AMD_8F31_93.50_#130927_N168C0032;19691091_Z_G1002990E_Ohp CDDVDW SH-216BB_DACR0359.MRK
[2014/06/22 21:51:37 | 000,000,000 | RHS- | C] () -- C:\windows\SysNative\drivers\103C_HP_cPC_500-164_Y53316J_0U_Q3CR3410MVH_E13AM5RR8601_4A_I2AE0_SMSI_V1.0_B80.35_T130710_W8101-0_L409_M7366_J2000_7AMD_8F31_93.50_#130927_N168C0032;19691091_Z_G1002990E_Ohp CDDVDW SH-216BB_DACR0359.MRK
[2014/06/22 21:49:56 | 000,002,099 | ---- | C] () -- C:\Users\MTNSF\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
[2014/06/22 21:49:56 | 000,000,352 | ---- | C] () -- C:\Users\MTNSF\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2014/06/22 21:49:56 | 000,000,334 | ---- | C] () -- C:\Users\MTNSF\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2013/09/27 12:15:07 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2013/04/09 21:02:53 | 000,083,968 | ---- | C] () -- C:\windows\SysWow64\OEMLicense.dll
[2013/04/03 19:16:51 | 000,915,038 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2013/03/20 03:38:26 | 000,798,734 | ---- | C] () -- C:\windows\SysWow64\amdocl_ld32.exe
[2013/03/20 03:38:25 | 000,995,342 | ---- | C] () -- C:\windows\SysWow64\amdocl_as32.exe
[2013/03/20 03:00:33 | 000,204,952 | ---- | C] () -- C:\windows\SysWow64\ativvsvl.dat
[2013/03/20 03:00:33 | 000,157,144 | ---- | C] () -- C:\windows\SysWow64\ativvsva.dat
[2012/07/26 03:13:10 | 000,215,943 | ---- | C] () -- C:\windows\SysWow64\dssec.dat
[2012/07/26 03:13:09 | 000,000,741 | ---- | C] () -- C:\windows\SysWow64\NOISE.DAT
[2012/07/26 02:21:26 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2012/07/25 20:17:42 | 000,043,520 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll
[2012/07/25 15:37:29 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2012/07/25 15:28:31 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll
[2012/07/25 15:22:54 | 000,982,240 | ---- | C] () -- C:\windows\SysWow64\igkrng500.bin
[2012/07/25 15:22:54 | 000,439,308 | ---- | C] () -- C:\windows\SysWow64\igcompkrng500.bin
[2012/07/25 15:22:54 | 000,092,356 | ---- | C] () -- C:\windows\SysWow64\igfcg500m.bin
========== ZeroAccess Check ==========
[2013/09/27 12:19:23 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/04/09 21:25:49 | 019,791,360 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/04/09 21:25:49 | 017,560,576 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/07/25 22:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/25 22:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/07/25 22:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2014/06/23 22:39:34 | 000,000,000 | ---D | M] -- C:\Users\MTNSF\AppData\Roaming\e-academy Inc
========== Purity Check ==========
< End of report >
OTL Extras logfile created on: 6/24/2014 5:17:29 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\MTNSF\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
7.19 Gb Total Physical Memory | 4.69 Gb Available Physical Memory | 65.17% Memory free
7.58 Gb Paging File | 4.81 Gb Available in Paging File | 63.46% Paging File free
Paging file location(s): c:\pagefile.sys 400 4096 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1844.22 Gb Total Space | 1800.07 Gb Free Space | 97.61% Space Free | Partition Type: NTFS
Drive D: | 17.32 Gb Total Space | 2.16 Gb Free Space | 12.46% Space Free | Partition Type: NTFS
Computer Name: REARDON_PC | User Name: MTNSF | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{524BAEB4-AF4E-4271-85F4-40F878C3B7FC}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{AE902A84-5CAA-461D-9151-25BB4F11E34C}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{BE0715D0-CBEF-4CAA-9B40-F3D9B8459AE0}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{065EDB5C-F4FA-40D5-AECE-1D44B6208D9D}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{18D62A57-6886-4823-ABE8-9818CD17E8DC}" = dir=in | name=box |
"{201CD0C3-6840-4BD5-8121-0BB4E94EDDC4}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{25D79DB8-518D-428C-882B-61EC896F7BA5}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{294C1322-697B-4F25-9F49-E310F16368B5}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{2CCE9826-0AFC-441F-9BF0-A2E855387712}" = dir=out | name=norton studio |
"{2F033066-D157-497C-846F-758FB72EEE4C}" = dir=out | name=microsoft mahjong |
"{2FC4A7D8-BD13-4FD0-AF62-D5909C4EB6E6}" = dir=out | app=%localappdata%\hpconnectedmusic\application\spotify_helper.exe |
"{30858A4E-AFA6-4C46-8EF2-830F685B83F1}" = dir=in | app=c:\program files (x86)\hpconnectedmusic\hpconnectedmusic.exe |
"{32F124BC-129C-4007-A550-D1B73287E02C}" = dir=in | name=@{microsoft.skypeapp_1.2.0.129_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{34EBD0DE-5DF4-4EED-BE77-787DBE21C39F}" = dir=in | name=hp connected photo powered by snapfish |
"{3918899D-FEF1-42CB-AB0E-7AA36896DFAC}" = dir=out | name=hp games |
"{391E2888-E2B7-47E9-B612-335AB01FE42E}" = dir=out | name=kindle |
"{3A91B0B7-C3C2-432D-A8B9-41037D5B5309}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{3B26CAAA-EBC8-4B0A-8E26-1C4F7CA21EFA}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{465C6A5F-942C-4484-9F70-EBE7F1999F49}" = dir=out | app=c:\program files (x86)\hpconnectedmusic\hpconnectedmusic.exe |
"{47F5C923-7DC5-48FB-9242-E6FB7FD0E023}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12agent.exe |
"{484E6FE8-44AE-42B1-90F1-AE826C8B7657}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{49877C25-17B0-4B7F-B940-DE0B22664434}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{522A1B60-2E66-403C-A3F7-DA7809689E1F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{53CBDE8E-DD20-4667-9D31-309AB7D70B08}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12.exe |
"{5B6890D9-0F03-44FC-8A46-8331C8225A78}" = dir=out | name=box |
"{5EED96A3-F81F-44FC-B611-0437B3914EC2}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{6024CF6A-691A-4858-837F-B9155850BCC7}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12ml.exe |
"{786EB8C9-DFC9-4A61-AC2D-99704D797236}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{7CF82569-8C06-4F6B-A116-BCE8543F7185}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{8535D20B-FE83-4901-A1DA-F1A71AF85C21}" = dir=out | name=getting started with windows 8 |
"{867A07AC-EBC0-4DAB-BADD-52338A516C48}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{8C65A67C-8FF5-4B5A-8B3E-1C6F985A6A61}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector10\pdr10.exe |
"{9CF53BFB-FF94-42AF-94ED-9D2BB509F18A}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{9DAB583F-0A37-4907-A6E0-6A4D214A4AB9}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{9E74617A-25C6-453C-B123-222D2A4729B7}" = dir=out | name=microsoft solitaire collection |
"{AD4C5C78-57F2-4692-BDA7-6F678B6E0F35}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{B068FD36-D662-459F-8ABF-08F418CD681D}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{B8BE8FD4-16B4-4C34-B00C-C073A3B26B72}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{BA8C2E36-6285-42EE-A0C9-06D676946347}" = dir=in | name=ebay |
"{BF128750-A545-462D-BDCC-831C74C0A89E}" = dir=out | name=ebay |
"{C478EBFE-CD45-43A9-BC14-E9026819126C}" = dir=out | name=hp connected photo powered by snapfish |
"{C6619EC2-D4F1-4969-A4AA-FA6FD4179D0D}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{C687E555-FA13-497E-80A2-A088490705B5}" = dir=out | app=%localappdata%\hpconnectedmusic\application\hpconnectedmusic.exe |
"{C87A996C-3995-4531-A058-6D0CA9CC7836}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{C8BC2491-B415-464C-A934-306802DA25CE}" = dir=out | name=@{microsoft.skypeapp_1.2.0.129_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{D0405875-CDA6-40C2-8D8D-A5A1E1DACAAA}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\movie\powerdvd.exe |
"{D07187D5-A6A4-4803-89DB-ED35CA23CA07}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\kernel\dmr\powerdvd12dmrengine.exe |
"{D2F99AA2-B814-4BBC-B740-55F82AA16F36}" = dir=in | app=%localappdata%\hpconnectedmusic\application\spotify_helper.exe |
"{D598F0A9-5A86-410E-8C3F-DD675203C614}" = dir=out | name=hp registration |
"{D6252A62-11AA-4EC6-B9E7-649881EEA223}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{DC5221A5-BF23-4A65-8F1F-31D2B156B0DE}" = dir=out | name=netflix |
"{E15C3583-2D72-4EF7-9E11-57B8434826EE}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{E6D07738-B53B-4EE8-BD06-405ECCB931F3}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{E747880F-6657-46E4-81CB-B5FB2864560E}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{E8D72657-4418-4F70-953F-59C6F60465B7}" = dir=in | app=c:\users\administrator\appdata\local\microsoft\skydrive\skydrive.exe |
"{ED6BB0E2-2B34-4DB8-B6EE-0126E8C5056A}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{F11FBCDC-C75F-41C8-838C-4DC3229F499F}" = dir=in | app=%localappdata%\hpconnectedmusic\application\hpconnectedmusic.exe |
"{F199AAAF-4415-4B42-919E-E361B51BE82C}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{F3F60B20-8524-41B1-885B-964420007EBD}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\kernel\dms\clmsserverpdvd12.exe |
"{FEA615D2-F565-477E-AEAD-BF0DF00E987F}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04C75CF0-E8FD-7BE1-4BD1-0A59355B6F53}" = ccc-utility64
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{3C28BFD4-90C7-3138-87EF-418DC16E9598}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106
"{40959651-122E-1A16-9011-40629C01703F}" = AMD Catalyst Install Manager
"{5AF4E09F-5C9B-3AAF-B731-544D3DC821DD}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106
"{6E14E6D6-3175-4E1A-B934-CAB5A86367CD}" = HP Postscript Converter
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{D1E8F2D7-7794-4245-B286-87ED86C1893C}" = HP Registration Service
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0DEB2EEB-BE9A-44B1-9D90-183250B61785}" = Alcor Micro USB Card Reader Driver
"{1519D2B8-3935-4024-C6EC-A923E6478A5A}" = CCC Help Italian
"{15592907-D0C8-0937-0C4F-539CEC7BD68F}" = CCC Help Chinese Traditional
"{18272881-CFC0-434D-A975-E5BE44206AA0}" = Windows Live UX Platform Language Pack
"{19F04F3F-D786-85C4-1137-4EB28C71C682}" = CCC Help Norwegian
"{1C0A4A2B-308B-A3CD-7F50-77F856C7063F}" = CCC Help Korean
"{1ECC336F-2E29-47E8-5DC3-CA96C33E90FD}" = CCC Help Finnish
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite 10
"{27CEAECE-EA6C-C71C-E3B7-1ED292C7017B}" = CCC Help Greek
"{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{319C4F86-6F56-839D-77E1-4B1091F3AA89}" = CCC Help Czech
"{39337565-330E-4ab6-A9AE-AC81E0720B10}" = Cyberlink PhotoDirector
"{3D724DA9-7F1E-1C48-3A1D-EDED0196C8D8}" = Catalyst Control Center Graphics Previews Common
"{43B2FA6C-E9D2-2034-D31A-0A4E4A9D7EC0}" = CCC Help English
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{532646AF-441F-BEAE-94E4-F72F2EC94C97}" = CCC Help Japanese
"{55F66E7D-7DB0-1E16-7157-01473AC782F2}" = CCC Help Danish
"{574F0207-8E98-46CD-8F79-318348C98C46}" = HP Quick Start
"{5BABDA39-61CF-41EE-992D-4054B6649A9B}" = Movie Maker
"{604FDB0A-904B-58EB-6A41-935B765ED65B}" = CCC Help Thai
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6C772996-BFF3-3C8C-860B-B3D48FF05D65}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
"{6e8f74e0-43bd-4dce-8477-6ff6828acc07}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.2.1
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{777C6922-EFCC-A231-BF6D-ACC2EC39DAF1}" = CCC Help Polish
"{79883371-9F53-5A55-C9FD-E288746D9B76}" = CCC Help German
"{7A5BD063-38F5-4787-BB16-D193CB2D1DA3}" = CCC Help Spanish
"{7D239561-1825-4E59-92FA-CA3230963BBD}" = Catalyst Control Center - Branding
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8e70e4e1-06d7-470b-9f74-a51bef21088e}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUSR_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0116-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90150000-0138-0409-0000-0000000FF1CE}" = Microsoft Office
"{908D07B3-1AF3-4DC2-48B7-536ECEC0D23E}" = CCC Help Portuguese
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{95B4E71F-3299-A2CD-0320-5E244008046C}" = CCC Help Hungarian
"{95EDB5CB-5980-8136-52D5-7A89D028A248}" = Catalyst Control Center Localization All
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B56B031-A6C0-4BB7-8F61-938548C1B759}" = Pinger
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10
"{B2B7B1C8-7C8B-476C-BE2C-049731C55992}" = HP Support Information
"{B30CAE8B-C736-F594-FA87-BAD607880F6C}" = CCC Help Dutch
"{B46BEA36-0B71-4A4E-AE41-87241643FA0A}" = CyberLink PowerDVD 12
"{BA5B399D-A6E1-2CCA-D4B8-345CF58C1E94}" = CCC Help Chinese Standard
"{C034A6F9-6569-491B-B3BF-F5D15221A708}" = Windows Live Essentials
"{C06F92BA-4B12-98C0-2FCF-4E730775045A}" = CCC Help Turkish
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Qualcomm Atheros Driver Installation Program
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C88F84E5-AE23-44BD-922C-2ABEACACAF7A}" = HP Support Assistant
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{D5C91EDA-9860-A1DE-EB08-113C417F80D8}" = AMD VISION Engine Control Center
"{D888F114-7537-4D48-AF03-5DA9C82D7540}" = Photo Common
"{E040B65B-8683-4228-8C33-D44A141E40EA}" = Secure Download Manager
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2E0674E-CB74-B6C1-F431-14548969CDD5}" = CCC Help Russian
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{F0A8BF4A-972F-41E0-9800-1EFE3BF28266}" = Realtek Card Reader
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0ED1DB9-AD6D-B7EE-8960-AD27FEA20C98}" = CCC Help French
"{F741B2BB-D359-13EF-E064-9FD1A6A98193}" = Catalyst Control Center InstallProxy
"{F89CFE60-8CE5-AC20-F8FF-105E6349D8F6}" = CCC Help Swedish
"{FC6C7107-7D72-41A1-A031-3CE751159BAB}" = Photo Gallery
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"Google Chrome" = Google Chrome
"InstallShield_{0DEB2EEB-BE9A-44B1-9D90-183250B61785}" = Alcor Micro USB Card Reader Driver
"InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite 10
"InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}" = Cyberlink PhotoDirector
"InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10
"InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}" = CyberLink PowerDVD 12
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"NIS" = Norton Internet Security
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Pinger 1.1.1.2" = Pinger
"StartHPConnectedMusic" = HP Connected Music (Meridian - installer)
"WildTangent wildgames Master Uninstall" = WildTangent Games
"WinLiveSuite" = Windows Live Essentials
"WTA-066ad45b-5d8b-4896-b00d-42af31a7df1c" = Polar Bowler
"WTA-1aa95f18-4527-4f0e-bbb5-692f7a6f7b57" = Azteca
"WTA-28745bf0-5ac4-4cb9-b009-df8d15d769dd" = Governor of Poker 2 Premium Edition
"WTA-318112c0-d86c-467c-9d39-a772aec8710a" = Build-a-lot
"WTA-34848939-1f71-4dc9-8eab-2d487321fcf8" = Jewel Match 3
"WTA-42c52b62-30cf-4555-8102-44d3a076be67" = Cradle Of Egypt Collector's Edition
"WTA-4982e49f-66a6-4e41-90d9-cb59bfb21e44" = Airport Mania
"WTA-4a35ff2d-d269-41ca-aaca-7dab783038e1" = Delicious: Emily's Childhood Memories Premium Edition
"WTA-4b079505-46d6-4da9-80c0-527a0edef219" = Curse at Twilight
"WTA-4d8f6df8-282f-4065-9b49-cdf2368bc19e" = Farm Frenzy
"WTA-4e5b73a3-ad0e-4f84-be5e-cb1eac380766" = Roads of Rome 3
"WTA-6c4abe8e-d84a-4946-a3ad-5bfe5f708e16" = Peggle Nights
"WTA-74a8fa6e-7877-4f2c-900d-15f4d2250b1a" = Luxor Evolved
"WTA-8265a087-75cb-4075-87d7-ee12e4ccccae" = Youda Jewel Shop
"WTA-8b5dec18-7a6f-45f2-a617-99324ec76ed2" = Cradle of Rome 2
"WTA-8dc00096-9f69-4863-aa76-da4ab6dc7dd6" = Vacation Quest™ - Australia
"WTA-9ec74a9c-b04d-42ed-9226-d43239a53143" = Bejeweled 3
"WTA-9ef6bead-dc5a-4f8a-a64e-96b6e6353bb0" = Plants vs. Zombies - Game of the Year
"WTA-b397214f-55a6-4edc-bd61-a7c50185e465" = 4 Elements II
"WTA-bd456e63-dd30-4471-a880-07baada2b289" = Mah Jong Medley
"WTA-bff30761-12b4-4289-b3d8-63f9b5e56add" = Royal Envoy 2 Collector's Edition
"WTA-ce23a042-0bea-4633-9738-d119ac7ef82e" = Tales of Lagoona
"WTA-d08a5403-95e0-4aa8-a5a8-aed4293447f4" = House of 1000 Doors: Family Secrets
"WTA-d9e426b3-09a7-4ce2-a522-8996738b4251" = Zuma's Revenge
"WTA-e86f5471-a41d-4780-98a9-8321501818ad" = Mahjongg Dimensions Deluxe: Tiles in Time
"WTA-ec968bd6-00fa-44a2-8e34-c9d4eda2d8fb" = Bounce Symphony
"WTA-f82710b5-e7f2-4316-af6b-8f603d6a2fdc" = Mystery P.I. - Curious Case of Counterfeit Cove
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 6/23/2014 6:52:05 PM | Computer Name = Reardon_PC | Source = Application Hang | ID = 1002
Description = The program Start.exe version 21.0.0.100 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 410 Start
Time: 01cf8f357f472fa3 Termination Time: 44518 Application Path: E:\Start.exe Report
Id: e0cbcba5-fb28-11e3-be6f-78e3b5884d10 Faulting package full name: Faulting package-relative
application ID:
[ System Events ]
Error - 9/27/2013 1:49:38 PM | Computer Name = E341ODSQPLNIK | Source = DCOM | ID = 10010
Description =
Error - 6/22/2014 11:38:06 PM | Computer Name = E341ODSQPLNIK | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
Error - 6/22/2014 11:38:06 PM | Computer Name = E341ODSQPLNIK | Source = Microsoft-Windows-Kernel-General | ID = 6
Description =
Error - 6/22/2014 11:38:40 PM | Computer Name = E341ODSQPLNIK | Source = Service Control Manager | ID = 7023
Description = The IP Helper service terminated with the following error: %%1058
Error - 6/22/2014 11:38:41 PM | Computer Name = E341ODSQPLNIK | Source = Service Control Manager | ID = 7023
Description = The Network List Service service terminated with the following error:
%%21
Error - 6/22/2014 11:39:41 PM | Computer Name = Reardon_PC | Source = DCOM | ID = 10010
Description =
Error - 6/22/2014 11:08:27 PM | Computer Name = Reardon_PC | Source = Service Control Manager | ID = 7034
Description = The CyberLink PowerDVD 12 Media Server Service service terminated
unexpectedly. It has done this 1 time(s).
Error - 6/23/2014 7:26:56 PM | Computer Name = Reardon_PC | Source = Service Control Manager | ID = 7034
Description = The CyberLink PowerDVD 12 Media Server Service service terminated
unexpectedly. It has done this 1 time(s).
Error - 6/24/2014 12:51:24 AM | Computer Name = Reardon_PC | Source = DCOM | ID = 10010
Description =
< End of report >
I also have these two .ini files that were produced.
[.ShellClassInfo]
LocalizedResourceName=@%SystemRoot%\system32\shell32.dll,-21799
[LocalizedFileNames]
Norton Internet Security.lnk=@C:\PROGRA~2\NORTON~2\Branding\muis.dll,-102
[.ShellClassInfo]
LocalizedResourceName=@%SystemRoot%\system32\shell32.dll,-21769
IconResource=%SystemRoot%\system32\imageres.dll,-183
Thanks for helping!