Ok, the desktop change went great! Nothing wrong so far.
Here's the logs.
FSS:
Farbar Service Scanner Version: 21-07-2014
Ran by Conrad Bowen (administrator) on 10-09-2014 at 13:24:54
Running from "C:\Users\Conrad Bowen\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
Windows Firewall:
=============
Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0
System Restore:
============
System Restore Disabled Policy:
========================
Action Center:
============
Windows Update:
============
Windows Autoupdate Disabled Policy:
============================
Other Services:
==============
File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
**** End of log ****
OTL:
OTL logfile created on: 9/10/2014 1:50:41 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Conrad Bowen\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17239)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.87 Gb Total Physical Memory | 0.26 Gb Available Physical Memory | 14.08% Memory free
3.74 Gb Paging File | 1.03 Gb Available in Paging File | 27.45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 222.47 Gb Total Space | 138.61 Gb Free Space | 62.30% Space Free | Partition Type: NTFS
Computer Name: CBSLAPTOP | User Name: Conrad Bowen | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 360 Days
========== Processes (SafeList) ==========
PRC - [2014/09/10 13:50:34 | 017,328,816 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWOW64\FlashPlayerInstaller.exe
PRC - [2014/09/10 13:45:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Conrad Bowen\Desktop\OTL.exe
PRC - [2014/09/05 13:45:46 | 000,279,488 | ---- | M] (Bitdefender) -- C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwtxapps.exe
PRC - [2014/07/29 18:22:10 | 036,414,496 | ---- | M] (Dropbox, Inc.) -- C:\Users\Conrad Bowen\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2014/02/03 23:48:58 | 000,045,056 | ---- | M] (Intuit) -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
PRC - [2012/12/04 10:52:22 | 000,174,592 | ---- | M] (HP) -- C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
PRC - [2011/08/29 15:56:58 | 004,566,016 | ---- | M] (Visagesoft) -- C:\Program Files (x86)\PDF Pro Software\PDF Pro 10\vspdfprsrv.exe
PRC - [2011/06/30 13:25:52 | 001,248,256 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
PRC - [2009/02/20 10:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
========== Modules (No Company Name) ==========
MOD - [2014/09/10 13:05:47 | 000,043,008 | ---- | M] () -- c:\Users\Conrad Bowen\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpdglbqj.dll
MOD - [2014/07/29 18:20:20 | 003,610,624 | ---- | M] () -- C:\Users\Conrad Bowen\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2013/08/23 13:01:44 | 025,100,288 | ---- | M] () -- C:\Users\Conrad Bowen\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2011/08/29 15:57:12 | 001,135,616 | ---- | M] () -- C:\Program Files (x86)\PDF Pro Software\PDF Pro 10\TMSlite140.bpl
MOD - [2011/08/29 15:57:02 | 002,366,464 | ---- | M] () -- C:\Program Files (x86)\PDF Pro Software\PDF Pro 10\bblite140.bpl
MOD - [2011/08/29 15:57:02 | 000,088,576 | ---- | M] () -- C:\Program Files (x86)\PDF Pro Software\PDF Pro 10\expertpdfcore140.bpl
MOD - [2011/08/18 16:40:04 | 000,336,896 | ---- | M] () -- C:\Program Files (x86)\PDF Pro Software\PDF Pro 10\visage140.bpl
MOD - [2011/08/18 16:40:04 | 000,212,992 | ---- | M] () -- C:\Program Files (x86)\PDF Pro Software\PDF Pro 10\vsmisc140.bpl
MOD - [2011/07/31 08:45:46 | 000,684,032 | ---- | M] () -- C:\Program Files (x86)\PDF Pro Software\PDF Pro 10\js32.dll
MOD - [2010/11/23 09:46:22 | 002,387,456 | ---- | M] () -- C:\Program Files (x86)\PDF Pro Software\PDF Pro 10\PKIECtrl140.bpl
========== Services (SafeList) ==========
SRV:64bit: - [2014/09/05 13:44:33 | 000,067,320 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe -- (UPDATESRV)
SRV:64bit: - [2014/09/05 13:44:32 | 001,518,560 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe -- (VSSERV)
SRV:64bit: - [2014/08/27 13:48:42 | 000,077,632 | ---- | M] (Bitdefender) [Disabled | Stopped] -- C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe -- (BdDesktopParental)
SRV:64bit: - [2014/07/25 07:00:25 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/07/08 15:59:09 | 000,094,624 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe -- (SafeBox)
SRV:64bit: - [2013/05/26 23:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2011/11/18 14:21:16 | 000,739,672 | ---- | M] (CANON INC) [Auto | Running] -- C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwisam.exe -- (Canon imagePROGRAF Status Monitor)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/02/05 18:44:48 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2009/11/05 23:05:28 | 000,489,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2009/07/28 16:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:64bit: - [2008/12/08 08:29:24 | 000,210,944 | ---- | M] (CANON INC.) [Auto | Stopped] -- C:\Windows\SysNative\cnwiols6.exe -- (iPFDeviceAgentService)
SRV - [2014/09/10 13:51:35 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/07/29 14:10:24 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/03/20 16:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2014/02/03 23:48:58 | 000,045,056 | ---- | M] (Intuit) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2013/12/21 00:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012/12/04 10:52:22 | 000,174,592 | ---- | M] (HP) [Auto | Running] -- C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe -- (HP LaserJet Service)
SRV - [2011/10/17 15:51:54 | 000,013,824 | ---- | M] (Hewlett-Packard Company) [On_Demand | Stopped] -- C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe -- (HP DS Service)
SRV - [2011/06/30 13:25:52 | 001,248,256 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe -- (QBVSS)
SRV - [2009/07/23 21:10:38 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2009/02/20 10:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2007/05/31 17:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 17:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2014/08/27 13:49:12 | 000,647,752 | ---- | M] (BitDefender) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\avckf.sys -- (avckf)
DRV:64bit: - [2014/08/27 13:48:33 | 001,260,120 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avc3.sys -- (avc3)
DRV:64bit: - [2014/08/27 13:48:09 | 000,419,616 | ---- | M] (BitDefender S.R.L.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\trufos.sys -- (trufos)
DRV:64bit: - [2013/11/13 16:41:29 | 000,093,600 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- c:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys -- (BdfNdisf)
DRV:64bit: - [2013/11/04 16:47:36 | 000,082,824 | ---- | M] (BitDefender SRL) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bdsandbox.sys -- (BDSandBox)
DRV:64bit: - [2013/08/23 13:48:49 | 000,150,256 | ---- | M] (BitDefender LLC) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\gzflt.sys -- (gzflt)
DRV:64bit: - [2013/07/02 14:04:11 | 000,121,928 | ---- | M] (Bitdefender SRL) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys -- (bdfwfpf_pc)
DRV:64bit: - [2013/02/11 22:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2012/11/02 14:17:46 | 000,261,056 | ---- | M] (BitDefender) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avchv.sys -- (avchv)
DRV:64bit: - [2012/10/29 15:23:56 | 000,107,080 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys -- (bdfwfpf)
DRV:64bit: - [2012/08/23 08:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 08:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/04/17 14:34:26 | 000,076,944 | ---- | M] (BitDefender) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\bdvedisk.sys -- (BDVEDISK)
DRV:64bit: - [2012/03/01 00:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/04/20 09:24:56 | 000,169,584 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2011/03/11 00:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 00:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 07:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/03/10 19:51:32 | 000,316,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/02/20 10:24:34 | 010,300,800 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/02/01 11:29:48 | 000,232,992 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009/11/06 13:56:06 | 001,550,848 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/08/07 06:24:14 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/07/30 21:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009/07/14 16:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 18:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/07/13 18:00:13 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Dot4Scan.sys -- (Dot4Scan)
DRV:64bit: - [2009/07/07 09:51:42 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FwLnk.sys -- (FwLnk)
DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 19:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{0E5BE163-B4B7-4606-86A4-9A275814FF82}: "URL" = http://www.google.co...ng}&rlz=1I7TSNA
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{8EACC4AA-8F68-495E-873C-25480C25810A}: "URL" = http://www.google.co...ng}&rlz=1I7TSNA
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\..\SearchScopes\{8EACC4AA-8F68-495E-873C-25480C25810A}: "URL" = http://www.google.co...&rlz=1I7TSNA_en
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\..\SearchScopes\{8EACC4AA-8F68-495E-873C-25480C25810A}: "URL" = http://www.google.co...&rlz=1I7TSNA_en
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-4154370108-1394326414-2424723564-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
IE - HKU\S-1-5-21-4154370108-1394326414-2424723564-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-4154370108-1394326414-2424723564-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-4154370108-1394326414-2424723564-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com
IE - HKU\S-1-5-21-4154370108-1394326414-2424723564-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = www.google.com
IE - HKU\S-1-5-21-4154370108-1394326414-2424723564-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = www.google.com
IE - HKU\S-1-5-21-4154370108-1394326414-2424723564-1000\..\SearchScopes,DefaultScope = {0E5BE163-B4B7-4606-86A4-9A275814FF82}
IE - HKU\S-1-5-21-4154370108-1394326414-2424723564-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-4154370108-1394326414-2424723564-1000\..\SearchScopes\{0E5BE163-B4B7-4606-86A4-9A275814FF82}: "URL" = http://www.google.co...1I7TSNA_enUS398
IE - HKU\S-1-5-21-4154370108-1394326414-2424723564-1000\..\SearchScopes\{8EACC4AA-8F68-495E-873C-25480C25810A}: "URL" = http://www.google.co...ng}&rlz=1I7TSNA
IE - HKU\S-1-5-21-4154370108-1394326414-2424723564-1000\..\SearchScopes\{E10195EF-867C-49D7-BCA5-77419340AE66}: "URL" = http://www.google.co...1I7TSNA_enUS398
IE - HKU\S-1-5-21-4154370108-1394326414-2424723564-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://www.memotoo.com/"
FF - prefs.js..extensions.enabledAddons: bdwteff%40bitdefender.com:2.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:31.0
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF - HKLM\Software\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@citrixonline.com/appdetectorplugin: C:\Users\Conrad Bowen\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER 2015\BDTBEXT [2014/07/11 17:33:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff\ [2014/07/11 17:33:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/07/29 14:10:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/07/29 14:10:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext [2014/07/11 17:33:27 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 31.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/07/29 14:10:15 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 31.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/07/29 14:10:17 | 000,000,000 | ---D | M]
[2014/02/26 19:41:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Conrad Bowen\AppData\Roaming\Mozilla\Extensions
[2014/07/16 18:55:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Conrad Bowen\AppData\Roaming\Mozilla\Firefox\Profiles\nhg2jzjt.default-1400084744074\extensions
[2014/07/29 14:10:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/07/29 14:10:26 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014/07/11 17:33:33 | 000,000,000 | ---D | M] (Bitdefender Wallet) -- C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER 2015\ANTISPAM32\BDWTEFF
O1 HOSTS File: ([2010/10/31 06:26:14 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
O3:64bit: - HKLM\..\Toolbar: (Bitdefender Wallet ) - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll (Bitdefender)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bitdefender Wallet) - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\pmbxie.dll (Bitdefender)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKU\S-1-5-21-4154370108-1394326414-2424723564-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [Bdagent] C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe (Bitdefender)
O4:64bit: - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [vspdfprsrv.exe] C:\Program Files (x86)\PDF Pro Software\PDF Pro 10\vspdfprsrv.exe (Visagesoft)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-4154370108-1394326414-2424723564-1000..\Run: [Bitdefender Wallet Agent] C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe (Bitdefender)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Conrad Bowen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Conrad Bowen\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-4154370108-1394326414-2424723564-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: @C:\windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logme...?rnd=2750789380 (Performance Viewer Activex Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 208.67.220.220
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{072ABE1C-E17B-40D6-B3F6-FEF04F61A10A}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{42E3E135-8341-4569-B362-A380A0DF4BF5}: DhcpNameServer = 192.168.0.1 208.67.220.220
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{46D4A7BF-90E2-4C88-A85F-82CBB2C51980}: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4B0EF9D3-C5C8-4C9F-AB72-8393ACF51725}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9AB2917D-4D13-46A0-A1DD-9AE9A25F5BEA}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CDC89304-5822-4779-9B88-E92AC944280E}: DhcpNameServer = 192.168.42.129
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{0811df36-2892-11e0-8890-00266c5a3206}\Shell - "" = AutoRun
O33 - MountPoints2\{0811df36-2892-11e0-8890-00266c5a3206}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 360 Days ==========
[2014/09/10 13:45:57 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Conrad Bowen\Desktop\OTL.exe
[2014/09/10 13:22:26 | 000,415,232 | ---- | C] (Farbar) -- C:\Users\Conrad Bowen\Desktop\FSS.exe
[2014/09/10 13:12:36 | 000,000,000 | R--D | C] -- C:\Users\Conrad Bowen\Desktop\scan
[2014/09/10 13:12:36 | 000,000,000 | ---D | C] -- C:\Users\Conrad Bowen\Desktop\Old Firefox Data
[2014/09/10 13:12:36 | 000,000,000 | ---D | C] -- C:\Users\Conrad Bowen\Desktop\mbar
[2014/08/27 13:49:12 | 000,647,752 | ---- | C] (BitDefender) -- C:\windows\SysNative\drivers\avckf.sys
[2014/08/20 11:00:29 | 000,000,000 | ---D | C] -- C:\Users\Conrad Bowen\AppData\Local\LogMeIn
[2014/08/20 11:00:29 | 000,000,000 | ---D | C] -- C:\ProgramData\LogMeIn
[2014/08/19 17:12:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Hewlett-Packard
[2014/08/19 17:11:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SWF Studio
[2014/08/19 15:54:31 | 000,000,000 | ---D | C] -- C:\windows\ERUNT
[2014/08/18 16:19:04 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\windows\SysWow64\sqlite3.dll
[2014/08/14 15:20:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2014/08/13 10:57:34 | 000,000,000 | ---D | C] -- C:\FRST
[2014/08/13 10:45:38 | 000,000,000 | R--D | C] -- C:\Users\Public\Desktop\PC Repair Tools
[2014/08/07 09:28:17 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/08/02 15:01:52 | 000,000,000 | ---D | C] -- C:\Users\Conrad Bowen\Documents\FamHistPhotos
[2014/07/29 14:10:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/07/15 16:23:40 | 000,074,512 | ---- | C] (BitDefender SRL) -- C:\windows\SysNative\bdsandboxuiskin32.dll
[2014/07/15 15:53:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015
[2014/07/15 15:53:11 | 000,000,000 | ---D | C] -- C:\ProgramData\BDLogging
[2014/07/15 15:52:56 | 000,076,944 | ---- | C] (BitDefender) -- C:\windows\SysNative\drivers\bdvedisk.sys
[2014/07/15 15:52:51 | 000,093,600 | ---- | C] (BitDefender LLC) -- C:\windows\SysNative\drivers\BdfNdisf6.sys
[2014/07/15 15:52:51 | 000,074,512 | ---- | C] (BitDefender SRL) -- C:\windows\SysWow64\bdsandboxuiskin32.dll
[2014/07/15 15:52:50 | 000,082,824 | ---- | C] (BitDefender SRL) -- C:\windows\SysNative\drivers\bdsandbox.sys
[2014/07/15 15:52:35 | 001,260,120 | ---- | C] (BitDefender) -- C:\windows\SysNative\drivers\avc3.sys
[2014/07/15 15:52:35 | 000,261,056 | ---- | C] (BitDefender) -- C:\windows\SysNative\drivers\avchv.sys
[2014/07/15 15:50:54 | 000,000,000 | ---D | C] -- C:\Users\Conrad Bowen\AppData\Roaming\Bitdefender
[2014/07/15 15:41:14 | 000,084,848 | ---- | C] (BitDefender SRL) -- C:\windows\SysNative\BDSandBoxUISkin.dll
[2014/07/15 15:41:14 | 000,034,384 | ---- | C] (BitDefender SRL) -- C:\windows\SysNative\BDSandBoxUH.dll
[2014/07/15 15:41:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Bitdefender
[2014/07/15 15:41:13 | 000,150,256 | ---- | C] (BitDefender LLC) -- C:\windows\SysNative\drivers\gzflt.sys
[2014/07/15 15:41:11 | 000,419,616 | ---- | C] (BitDefender S.R.L.) -- C:\windows\SysNative\drivers\trufos.sys
[2014/07/15 15:41:11 | 000,000,000 | ---D | C] -- C:\Program Files\Bitdefender
[2014/07/15 15:40:57 | 000,000,000 | ---D | C] -- C:\Users\Conrad Bowen\AppData\Roaming\QuickScan
[2014/07/15 15:23:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bitdefender
[2014/07/15 15:23:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Bitdefender
[2014/07/15 14:47:00 | 000,122,584 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/07/15 14:46:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/07/15 14:46:10 | 000,092,888 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbamchameleon.sys
[2014/07/15 14:46:10 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mwac.sys
[2014/07/15 14:46:10 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2014/07/15 14:46:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/07/15 14:46:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/07/04 18:38:17 | 000,000,000 | ---D | C] -- C:\GalaxyS5-Transfer
[2014/06/11 07:00:16 | 000,000,000 | ---D | C] -- C:\Users\Conrad Bowen\AppData\Local\Adobe
[2014/06/10 16:07:11 | 000,000,000 | ---D | C] -- C:\Users\Conrad Bowen\AppData\Roaming\GoContactSyncMOD
[2014/06/08 19:29:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Apps Sync
[2014/06/05 20:21:22 | 000,000,000 | R--D | C] -- C:\Users\Conrad Bowen\Dropbox
[2014/06/05 20:19:47 | 000,000,000 | ---D | C] -- C:\Users\Conrad Bowen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2014/06/05 20:17:58 | 000,000,000 | ---D | C] -- C:\Users\Conrad Bowen\AppData\Roaming\Dropbox
[2014/05/19 16:35:54 | 000,000,000 | ---D | C] -- C:\Users\Conrad Bowen\AppData\Local\HP
[2014/05/14 17:23:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2014/05/14 10:32:43 | 000,000,000 | -HSD | C] -- C:\Users\Conrad Bowen\AppData\Local\EmieUserList
[2014/05/14 10:32:43 | 000,000,000 | -HSD | C] -- C:\Users\Conrad Bowen\AppData\Local\EmieSiteList
[2014/05/12 16:26:04 | 000,000,000 | ---D | C] -- C:\Users\Conrad Bowen\AppData\Roaming\Hewlett-Packard Company
[2014/05/12 16:25:12 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2014/05/12 16:24:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2014/05/12 16:24:40 | 000,000,000 | ---D | C] -- C:\Users\Conrad Bowen\AppData\Roaming\HpUpdate
[2014/05/12 16:23:29 | 000,000,000 | ---D | C] -- C:\Users\Conrad Bowen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP
[2014/05/12 16:21:41 | 000,217,656 | ---- | C] (Hewlett Packard) -- C:\windows\SysNative\hppscancoins64.dll
[2014/05/12 16:20:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP
[2014/05/12 16:19:42 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2014/05/05 23:00:38 | 000,000,000 | --SD | C] -- C:\windows\SysNative\CompatTel
[2014/04/01 12:48:44 | 000,000,000 | ---D | C] -- C:\Users\Conrad Bowen\Documents\MooreGreen
[2014/02/27 15:04:43 | 000,000,000 | ---D | C] -- C:\Users\Conrad Bowen\AppData\Local\Citrix
[2014/02/26 18:20:14 | 000,000,000 | ---D | C] -- C:\temp
[2014/02/26 15:12:09 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2014/02/26 15:10:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo! Companion
[2014/02/26 15:09:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo!
[2014/02/26 15:09:42 | 000,000,000 | ---D | C] -- C:\Users\Conrad Bowen\AppData\Roaming\Yahoo!
[2014/02/26 15:09:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yahoo!
[2014/02/26 14:37:24 | 000,000,000 | ---D | C] -- C:\Users\Conrad Bowen\Documents\Add-in Express
[2014/02/26 14:33:33 | 000,000,000 | ---D | C] -- C:\Users\Conrad Bowen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Best MP4 to MP3 Converter
[2014/02/26 14:33:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Best MP4 To MP3 Converter
[2014/02/26 00:25:18 | 000,000,000 | ---D | C] -- C:\windows\Migration
[2014/02/22 11:12:59 | 000,000,000 | ---D | C] -- C:\Users\Conrad Bowen\AppData\Local\SlimWare Utilities Inc
[2014/02/22 11:12:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DriverUpdate
[2014/02/22 11:12:42 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Downloaded Installers
[2014/02/07 10:23:04 | 000,000,000 | R--D | C] -- C:\Users\Conrad Bowen\Desktop
[2014/02/05 19:44:01 | 000,000,000 | ---D | C] -- C:\Users\Conrad Bowen\AppData\Roaming\Free Download Manager
[2014/01/26 10:40:20 | 000,000,000 | ---D | C] -- C:\Users\Conrad Bowen\Documents\Primary
[2014/01/21 09:00:17 | 000,000,000 | ---D | C] -- C:\prntdrvr
[2014/01/15 18:42:40 | 000,608,032 | ---- | C] (McAfee, Inc.) -- C:\SecurityScanner.dll
[2013/11/19 09:58:59 | 000,000,000 | ---D | C] -- C:\Users\Conrad Bowen\Documents\Janene
[2013/11/06 13:34:53 | 000,000,000 | ---D | C] -- C:\Users\Conrad Bowen\Documents\Pic-KSL
[2013/10/03 15:00:02 | 000,000,000 | ---D | C] -- C:\PDF Printer
[2013/10/03 14:58:31 | 000,000,000 | ---D | C] -- C:\Users\Conrad Bowen\AppData\Roaming\Softland
[2013/10/03 14:58:23 | 000,025,920 | ---- | C] (Softland) -- C:\windows\SysNative\dopdfmn7.dll
[2013/10/03 14:58:23 | 000,021,312 | ---- | C] (Softland) -- C:\windows\SysNative\dopdfmi7.dll
[2013/10/03 14:58:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\doPDF 7
[2013/10/03 14:58:15 | 000,000,000 | ---D | C] -- C:\Program Files\Softland
[2013/10/01 16:30:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013/10/01 16:29:42 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013/09/19 22:48:03 | 000,000,000 | ---D | C] -- C:\perflogs
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
========== Files - Modified Within 360 Days ==========
[2014/09/10 13:51:45 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2014/09/10 13:45:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Conrad Bowen\Desktop\OTL.exe
[2014/09/10 13:40:09 | 000,000,898 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/09/10 13:30:25 | 000,000,604 | ---- | M] () -- C:\windows\tasks\G2MUpdateTask-S-1-5-21-4154370108-1394326414-2424723564-1000.job
[2014/09/10 13:21:52 | 000,415,232 | ---- | M] (Farbar) -- C:\Users\Conrad Bowen\Desktop\FSS.exe
[2014/09/10 13:12:26 | 000,018,736 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/09/10 13:12:26 | 000,018,736 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/09/10 13:04:59 | 000,000,894 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/09/10 13:02:52 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2014/09/10 13:02:45 | 1506,783,232 | -HS- | M] () -- C:\hiberfil.sys
[2014/09/09 21:17:00 | 000,926,884 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2014/09/09 21:17:00 | 000,764,410 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2014/09/09 21:17:00 | 000,161,736 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2014/09/09 20:44:13 | 000,053,619 | ---- | M] () -- C:\Users\Conrad Bowen\Desktop\Carlson - Pre-qualification-5.pdf
[2014/09/09 20:42:19 | 000,016,329 | ---- | M] () -- C:\Users\Conrad Bowen\Desktop\michael kindon sig.PNG
[2014/09/09 20:35:35 | 000,002,272 | ---- | M] () -- C:\Users\Conrad Bowen\Desktop\norton.PNG
[2014/09/09 20:12:28 | 000,015,941 | ---- | M] () -- C:\Users\Conrad Bowen\Desktop\Michael Kingdon.PNG
[2014/08/29 06:03:43 | 000,438,128 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2014/08/27 13:49:12 | 000,647,752 | ---- | M] (BitDefender) -- C:\windows\SysNative\drivers\avckf.sys
[2014/08/27 13:48:33 | 001,260,120 | ---- | M] (BitDefender) -- C:\windows\SysNative\drivers\avc3.sys
[2014/08/27 13:48:09 | 000,419,616 | ---- | M] (BitDefender S.R.L.) -- C:\windows\SysNative\drivers\trufos.sys
[2014/08/27 13:32:07 | 000,000,409 | ---- | M] () -- C:\windows\SysNative\checkdnsid.xml
[2014/08/25 10:57:10 | 000,271,360 | ---- | M] () -- C:\Users\Conrad Bowen\Documents\Outlook backup.pst
[2014/08/22 18:42:42 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/08/22 13:08:58 | 000,000,000 | ---- | M] () -- C:\Users\Conrad Bowen\Documents\HPLJM127_128_Fax_Port
[2014/08/19 17:14:48 | 000,038,421 | ---- | M] () -- C:\windows\hplj3380.his
[2014/08/19 17:14:48 | 000,003,778 | ---- | M] () -- C:\windows\hplj3380.ini
[2014/08/19 17:13:34 | 000,000,103 | ---- | M] () -- C:\windows\SysWow64\hptrace.ini
[2014/08/19 17:12:55 | 000,013,438 | ---- | M] () -- C:\windows\hpbins01.dat.temp
[2014/08/19 17:12:55 | 000,013,438 | ---- | M] () -- C:\windows\hpbins01.dat
[2014/08/14 15:19:45 | 000,092,888 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbamchameleon.sys
[2014/08/14 11:19:20 | 000,001,069 | ---- | M] () -- C:\Users\Conrad Bowen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2014/08/14 11:19:05 | 000,001,069 | ---- | M] () -- C:\Users\Conrad Bowen\Desktop\Dropbox.lnk
[2014/08/14 11:07:08 | 000,018,432 | ---- | M] () -- C:\windows\SysNative\umstartup.etl
[2014/07/30 08:42:28 | 000,002,059 | ---- | M] () -- C:\Users\Conrad Bowen\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2014/07/23 07:59:03 | 015,344,640 | ---- | M] () -- C:\Users\Conrad Bowen\Desktop\B+2013-12 (Portable).QBM
[2014/07/22 16:18:06 | 000,000,000 | -H-- | M] () -- C:\Users\Conrad Bowen\Documents\Default.rdp
[2014/07/16 06:32:24 | 000,000,385 | ---- | M] () -- C:\windows\SysNative\user_gensett.xml
[2014/07/15 16:23:40 | 000,074,512 | ---- | M] (BitDefender SRL) -- C:\windows\SysNative\bdsandboxuiskin32.dll
[2014/07/15 15:57:32 | 000,642,321 | ---- | M] () -- C:\ProgramData\1405460457.bdinstall.bin
[2014/07/15 15:54:22 | 000,253,404 | -H-- | M] () -- C:\bdr-ld01
[2014/07/15 15:54:22 | 000,009,216 | -H-- | M] () -- C:\bdr-ld01.mbr
[2014/07/15 15:54:22 | 000,000,684 | -H-- | M] () -- C:\bdr-cf01
[2014/07/15 15:53:45 | 000,002,137 | ---- | M] () -- C:\Users\Public\Desktop\Bitdefender Total Security 2015.lnk
[2014/07/15 15:53:43 | 000,000,000 | -H-- | M] () -- C:\windows\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf
[2014/07/15 15:37:06 | 000,001,945 | ---- | M] () -- C:\windows\epplauncher.mif
[2014/07/14 15:23:07 | 000,001,085 | ---- | M] () -- C:\Users\Conrad Bowen\Desktop\Malwarebytes Anti-Malware.lnk
[2014/07/04 17:49:36 | 049,563,064 | -H-- | M] () -- C:\bdr-im01.gz
[2014/06/30 15:09:33 | 003,797,424 | ---- | M] () -- C:\Users\Conrad Bowen\Desktop\GoogleData-all-BU14-6-30.csv
[2014/06/30 15:07:37 | 003,427,104 | ---- | M] () -- C:\Users\Conrad Bowen\Desktop\GoogleData-MyContacts-BU14-6-30.csv
[2014/06/20 16:25:12 | 003,804,060 | ---- | M] () -- C:\Users\Conrad Bowen\Desktop\GoogleData-all-BU14-6-20.csv
[2014/06/08 20:24:48 | 000,083,448 | ---- | M] () -- C:\Users\Conrad Bowen\Desktop\ExportTest.bcm
[2014/05/25 00:14:07 | 000,001,062 | ---- | M] () -- C:\Users\Conrad Bowen\Desktop\cc_20140525_001339.reg
[2014/05/18 11:04:44 | 000,238,125 | ---- | M] () -- C:\Users\Conrad Bowen\Desktop\FollowTheProphet.pdf
[2014/05/14 06:10:49 | 000,003,770 | ---- | M] () -- C:\Users\Conrad Bowen\Desktop\cc_20140514_061035.reg
[2014/05/12 16:25:37 | 000,001,283 | ---- | M] () -- C:\Users\Public\Desktop\HP LaserJet Pro MFP M127-M128 – Help & Learn Center.lnk
[2014/05/12 16:23:29 | 000,000,196 | ---- | M] () -- C:\windows\SysNative\AddPort.ini
[2014/05/12 07:26:10 | 000,063,704 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mwac.sys
[2014/05/12 07:25:56 | 000,025,816 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2014/04/29 14:08:38 | 015,300,608 | ---- | M] () -- C:\Users\Conrad Bowen\Desktop\B+2013-12 (QuickBooks2011 Acct Transfer Apr 29,2014 02 07 PM).QBX
[2014/04/01 12:23:13 | 000,000,090 | ---- | M] () -- C:\windows\QBChanUtil_Trigger.ini
[2014/03/31 20:48:02 | 003,491,563 | ---- | M] () -- C:\Users\Conrad Bowen\Desktop\Blake.jpg
[2014/03/31 20:47:48 | 000,297,744 | ---- | M] () -- C:\Users\Conrad Bowen\Desktop\LOGO2.jpeg
[2014/03/31 20:45:50 | 000,545,682 | ---- | M] () -- C:\Users\Conrad Bowen\Desktop\LOGO1.jpeg
[2014/03/26 09:46:48 | 000,059,032 | ---- | M] () -- C:\Users\Conrad Bowen\Desktop\cc_20140326_094634.reg
[2014/03/10 20:09:04 | 000,013,264 | ---- | M] () -- C:\Users\Conrad Bowen\Desktop\ConradampPaula39sCards-YouTube_kaywa.me_Mt8bl.pdf
[2014/03/03 15:51:24 | 000,361,826 | ---- | M] () -- C:\Users\Conrad Bowen\Desktop\res_cma_report_78376.pdf
[2014/03/03 13:31:19 | 000,000,267 | ---- | M] () -- C:\Users\Conrad Bowen\Desktop\Legal Description for this Parcel.URL
[2014/03/01 20:43:30 | 000,589,770 | ---- | M] () -- C:\Users\Conrad Bowen\Desktop\IStandAll.pdf
[2014/02/27 20:25:45 | 000,065,320 | ---- | M] () -- C:\Users\Conrad Bowen\Desktop\cc_20140227_192533.reg
[2014/02/26 19:23:42 | 000,919,498 | ---- | M] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2014/02/26 14:33:35 | 000,001,169 | ---- | M] () -- C:\Users\Conrad Bowen\Desktop\MP4 to MP3.lnk
[2014/02/22 11:49:39 | 000,004,012 | ---- | M] () -- C:\Users\Conrad Bowen\Desktop\cc_20140222_104917.reg
[2014/02/22 11:32:04 | 000,000,833 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/02/19 16:27:51 | 000,209,329 | ---- | M] () -- C:\Users\Conrad Bowen\Desktop\PriceChange-13-10-15.pdf
[2014/02/19 16:18:45 | 000,216,303 | ---- | M] () -- C:\Users\Conrad Bowen\Desktop\Bleiweiss-PriceChanges_page_001.png
[2014/02/17 18:46:07 | 000,560,314 | ---- | M] () -- C:\Users\Conrad Bowen\Desktop\Melinda-Ins.pdf
[2014/02/15 17:10:32 | 000,013,277 | ---- | M] () -- C:\Users\Conrad Bowen\Desktop\ConradampPaulaBowen12-Cardgiftpacks-YouTube_kaywa.me_115XH.pdf
[2014/02/15 17:05:51 | 000,013,280 | ---- | M] () -- C:\Users\Conrad Bowen\Desktop\ConradBowenDelivers500GiftCard-YouTube_kaywa.me_EKkM0.pdf
[2014/02/15 11:47:48 | 000,000,426 | ---- | M] () -- C:\AVScanner.ini
[2014/02/05 20:02:24 | 000,003,654 | ---- | M] () -- C:\Users\Conrad Bowen\Desktop\cc_20140205_190209.reg
[2014/01/29 17:33:34 | 000,056,989 | ---- | M] () -- C:\Users\Conrad Bowen\Desktop\ArtistsCall_UConn.pdf
[2014/01/15 18:42:40 | 000,608,032 | ---- | M] (McAfee, Inc.) -- C:\SecurityScanner.dll
[2014/01/09 10:56:54 | 000,009,584 | ---- | M] () -- C:\windows\SysWow64\ractrlkeyhook.dll
[2014/01/03 15:35:42 | 000,000,990 | ---- | M] () -- C:\Users\Conrad Bowen\Desktop\cc_20140103_143526.reg
[2013/12/07 23:19:13 | 000,001,280 | ---- | M] () -- C:\Users\Conrad Bowen\Desktop\Clear Clip Board.lnk
[2013/12/05 14:46:33 | 000,000,355 | ---- | M] () -- C:\Users\Conrad Bowen\Homegroup - Shortcut.lnk
[2013/12/04 16:39:26 | 000,643,968 | ---- | M] () -- C:\Users\Conrad Bowen\Documents\LtCttnwd-Inside.pdf
[2013/11/27 11:46:20 | 000,271,360 | ---- | M] () -- C:\Users\Conrad Bowen\Desktop\Outlook backup.pst
[2013/11/27 00:54:34 | 000,000,720 | ---- | M] () -- C:\Users\Conrad Bowen\Desktop\Libraries - Shortcut.lnk
[2013/11/19 23:20:53 | 000,016,284 | ---- | M] () -- C:\windows\SysWow64\ieuinit.inf
[2013/11/19 23:20:50 | 000,016,284 | ---- | M] () -- C:\windows\SysNative\ieuinit.inf
[2013/11/13 16:41:29 | 000,093,600 | ---- | M] (BitDefender LLC) -- C:\windows\SysNative\drivers\BdfNdisf6.sys
[2013/11/04 16:47:36 | 000,082,824 | ---- | M] (BitDefender SRL) -- C:\windows\SysNative\drivers\bdsandbox.sys
[2013/11/04 16:47:10 | 000,084,848 | ---- | M] (BitDefender SRL) -- C:\windows\SysNative\BDSandBoxUISkin.dll
[2013/11/04 16:47:08 | 000,074,512 | ---- | M] (BitDefender SRL) -- C:\windows\SysWow64\bdsandboxuiskin32.dll
[2013/11/04 16:46:57 | 000,034,384 | ---- | M] (BitDefender SRL) -- C:\windows\SysNative\BDSandBoxUH.dll
[2013/10/23 06:57:36 | 000,548,644 | ---- | M] () -- C:\Users\Conrad Bowen\Desktop\EquityLogo-Blue.tif
[2013/10/03 13:22:00 | 001,483,290 | ---- | M] () -- C:\Users\Conrad Bowen\Desktop\ExportFile-2.csv
[2013/10/01 15:18:18 | 001,483,258 | ---- | M] () -- C:\Users\Conrad Bowen\Desktop\ExportFile-1.csv
[2013/09/24 16:18:45 | 001,478,581 | ---- | M] () -- C:\Users\Conrad Bowen\Desktop\ExportFile.csv
[2013/09/24 15:55:04 | 040,012,147 | ---- | M] () -- C:\Users\Conrad Bowen\Desktop\ExportFile.bcm
[2013/09/19 22:45:56 | 000,000,017 | ---- | M] () -- C:\Users\Conrad Bowen\AppData\Local\resmon.resmoncfg
[2013/09/19 17:16:07 | 001,397,496 | ---- | M] () -- C:\Users\Conrad Bowen\Desktop\Vivian Bergenthal Art of Play.jpg
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014/09/10 13:13:25 | 013,727,048 | ---- | C] () -- C:\Users\Conrad Bowen\Desktop\winzip121.exe
[2014/09/10 13:13:24 | 001,397,496 | ---- | C] () -- C:\Users\Conrad Bowen\Desktop\Vivian Bergenthal Art of Play.jpg
[2014/09/10 13:13:24 | 000,361,826 | ---- | C] () -- C:\Users\Conrad Bowen\Desktop\res_cma_report_78376.pdf
[2014/09/10 13:13:24 | 000,209,329 | ---- | C] () -- C:\Users\Conrad Bowen\Desktop\PriceChange-13-10-15.pdf
[2014/09/10 13:13:24 | 000,000,927 | ---- | C] () -- C:\Users\Conrad Bowen\Desktop\Windows Mobile Device Center.lnk
[2014/09/10 13:13:23 | 000,560,314 | ---- | C] () -- C:\Users\Conrad Bowen\Desktop\Melinda-Ins.pdf
[2014/09/10 13:13:23 | 000,297,744 | ---- | C] () -- C:\Users\Conrad Bowen\Desktop\LOGO2.jpeg
[2014/09/10 13:13:23 | 000,271,360 | ---- | C] () -- C:\Users\Conrad Bowen\Desktop\Outlook backup.pst
[2014/09/10 13:13:23 | 000,016,329 | ---- | C] () -- C:\Users\Conrad Bowen\Desktop\michael kindon sig.PNG
[2014/09/10 13:13:23 | 000,015,941 | ---- | C] () -- C:\Users\Conrad Bowen\Desktop\Michael Kingdon.PNG
[2014/09/10 13:13:23 | 000,002,272 | ---- | C] () -- C:\Users\Conrad Bowen\Desktop\norton.PNG
[2014/09/10 13:13:23 | 000,001,169 | ---- | C] () -- C:\Users\Conrad Bowen\Desktop\MP4 to MP3.lnk
[2014/09/10 13:13:23 | 000,001,085 | ---- | C] () -- C:\Users\Conrad Bowen\Desktop\Malwarebytes Anti-Malware.lnk
[2014/09/10 13:13:22 | 000,589,770 | ---- | C] () -- C:\Users\Conrad Bowen\Desktop\IStandAll.pdf
[2014/09/10 13:13:22 | 000,545,682 | ---- | C] () -- C:\Users\Conrad Bowen\Desktop\LOGO1.jpeg
[2014/09/10 13:13:22 | 000,000,720 | ---- | C] () -- C:\Users\Conrad Bowen\Desktop\Libraries - Shortcut.lnk
[2014/09/10 13:13:22 | 000,000,267 | ---- | C] () -- C:\Users\Conrad Bowen\Desktop\Legal Description for this Parcel.URL
[2014/09/10 13:13:21 | 003,427,104 | ---- | C] () -- C:\Users\Conrad Bowen\Desktop\GoogleData-MyContacts-BU14-6-30.csv
[2014/09/10 13:13:19 | 003,797,424 | ---- | C] () -- C:\Users\Conrad Bowen\Desktop\GoogleData-all-BU14-6-30.csv
[2014/09/10 13:13:17 | 003,804,060 | ---- | C] () -- C:\Users\Conrad Bowen\Desktop\GoogleData-all-BU14-6-20.csv
[2014/09/10 13:13:15 | 000,001,719 | ---- | C] () -- C:\Users\Conrad Bowen\Desktop\Google Drive.lnk
[2014/09/10 13:13:13 | 000,238,125 | ---- | C] () -- C:\Users\Conrad Bowen\Desktop\FollowTheProphet.pdf
[2014/09/10 13:13:11 | 001,478,581 | ---- | C] () -- C:\Users\Conrad Bowen\Desktop\ExportFile.csv
[2014/09/10 13:13:11 | 000,083,448 | ---- | C] () -- C:\Users\Conrad Bowen\Desktop\ExportTest.bcm
[2014/09/10 13:13:04 | 040,012,147 | ---- | C] () -- C:\Users\Conrad Bowen\Desktop\ExportFile.bcm
[2014/09/10 13:13:03 | 001,483,290 | ---- | C] () -- C:\Users\Conrad Bowen\Desktop\ExportFile-2.csv
[2014/09/10 13:13:02 | 001,483,258 | ---- | C] () -- C:\Users\Conrad Bowen\Desktop\ExportFile-1.csv
[2014/09/10 13:13:02 | 000,548,644 | ---- | C] () -- C:\Users\Conrad Bowen\Desktop\EquityLogo-Blue.tif
[2014/09/10 13:13:01 | 000,013,280 | ---- | C] () -- C:\Users\Conrad Bowen\Desktop\ConradBowenDelivers500GiftCard-YouTube_kaywa.me_EKkM0.pdf
[2014/09/10 13:13:01 | 000,013,277 | ---- | C] () -- C:\Users\Conrad Bowen\Desktop\ConradampPaulaBowen12-Cardgiftpacks-YouTube_kaywa.me_115XH.pdf
[2014/09/10 13:13:01 | 000,013,264 | ---- | C] () -- C:\Users\Conrad Bowen\Desktop\ConradampPaula39sCards-YouTube_kaywa.me_Mt8bl.pdf
[2014/09/10 13:13:01 | 000,003,654 | ---- | C] () -- C:\Users\Conrad Bowen\Desktop\cc_20140205_190209.reg
[2014/09/10 13:13:01 | 000,001,280 | ---- | C] () -- C:\Users\Conrad Bowen\Desktop\Clear Clip Board.lnk
[2014/09/10 13:13:01 | 000,001,069 | ---- | C] () -- C:\Users\Conrad Bowen\Desktop\Dropbox.lnk
[2014/09/10 13:13:01 | 000,000,990 | ---- | C] () -- C:\Users\Conrad Bowen\Desktop\cc_20140103_143526.reg
[2014/09/10 13:13:00 | 000,216,303 | ---- | C] () -- C:\Users\Conrad Bowen\Desktop\Bleiweiss-PriceChanges_page_001.png
[2014/09/10 13:13:00 | 000,053,619 | ---- | C] () -- C:\Users\Conrad Bowen\Desktop\Carlson - Pre-qualification-5.pdf
[2014/09/10 13:12:59 | 003,491,563 | ---- | C] () -- C:\Users\Conrad Bowen\Desktop\Blake.jpg
[2014/09/10 13:12:58 | 000,056,989 | ---- | C] () -- C:\Users\Conrad Bowen\Desktop\ArtistsCall_UConn.pdf
[2014/08/19 17:13:34 | 000,000,103 | ---- | C] () -- C:\windows\SysWow64\hptrace.ini
[2014/08/19 17:13:26 | 000,013,438 | ---- | C] () -- C:\windows\hpbins01.dat.temp
[2014/08/19 17:13:26 | 000,001,380 | ---- | C] () -- C:\windows\hpbmdl01.dat.temp
[2014/08/19 17:12:08 | 000,013,438 | ---- | C] () -- C:\windows\hpbins01.dat
[2014/08/19 17:11:55 | 000,038,421 | ---- | C] () -- C:\windows\hplj3380.his
[2014/08/19 17:11:55 | 000,003,778 | ---- | C] () -- C:\windows\hplj3380.ini
[2014/08/13 12:09:07 | 000,000,409 | ---- | C] () -- C:\windows\SysNative\checkdnsid.xml
[2014/07/31 11:51:42 | 000,000,000 | ---- | C] () -- C:\Users\Conrad Bowen\Documents\HPLJM127_128_Fax_Port
[2014/07/23 07:58:48 | 015,344,640 | ---- | C] () -- C:\Users\Conrad Bowen\Desktop\B+2013-12 (Portable).QBM
[2014/07/22 16:18:06 | 000,000,000 | -H-- | C] () -- C:\Users\Conrad Bowen\Documents\Default.rdp
[2014/07/16 06:32:24 | 000,000,385 | ---- | C] () -- C:\windows\SysNative\user_gensett.xml
[2014/07/15 15:57:31 | 000,642,321 | ---- | C] () -- C:\ProgramData\1405460457.bdinstall.bin
[2014/07/15 15:54:22 | 000,000,684 | -H-- | C] () -- C:\bdr-cf01
[2014/07/15 15:53:45 | 000,002,137 | ---- | C] () -- C:\Users\Public\Desktop\Bitdefender Total Security 2015.lnk
[2014/07/15 15:53:43 | 000,000,000 | -H-- | C] () -- C:\windows\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf
[2014/07/15 15:50:36 | 003,271,472 | -H-- | C] () -- C:\bdr-bz01
[2014/07/15 15:50:36 | 000,009,216 | -H-- | C] () -- C:\bdr-ld01.mbr
[2014/07/15 15:50:35 | 049,563,064 | -H-- | C] () -- C:\bdr-im01.gz
[2014/07/15 15:50:34 | 000,253,404 | -H-- | C] () -- C:\bdr-ld01
[2014/06/05 20:20:34 | 000,001,069 | ---- | C] () -- C:\Users\Conrad Bowen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2014/05/25 10:17:10 | 000,000,426 | ---- | C] () -- C:\AVScanner.ini
[2014/05/25 00:13:44 | 000,001,062 | ---- | C] () -- C:\Users\Conrad Bowen\Desktop\cc_20140525_001339.reg
[2014/05/14 06:10:41 | 000,003,770 | ---- | C] () -- C:\Users\Conrad Bowen\Desktop\cc_20140514_061035.reg
[2014/05/12 16:25:37 | 000,001,283 | ---- | C] () -- C:\Users\Public\Desktop\HP LaserJet Pro MFP M127-M128 – Help & Learn Center.lnk
[2014/05/12 16:23:29 | 000,000,196 | ---- | C] () -- C:\windows\SysNative\AddPort.ini
[2014/05/12 15:51:04 | 000,409,600 | ---- | C] () -- C:\windows\SysWow64\hpcc3140.DLL
[2014/04/29 14:08:31 | 015,300,608 | ---- | C] () -- C:\Users\Conrad Bowen\Desktop\B+2013-12 (QuickBooks2011 Acct Transfer Apr 29,2014 02 07 PM).QBX
[2014/03/27 19:33:08 | 000,271,360 | ---- | C] () -- C:\Users\Conrad Bowen\Documents\Outlook backup.pst
[2014/03/26 09:46:42 | 000,059,032 | ---- | C] () -- C:\Users\Conrad Bowen\Desktop\cc_20140326_094634.reg
[2014/02/27 20:25:40 | 000,065,320 | ---- | C] () -- C:\Users\Conrad Bowen\Desktop\cc_20140227_192533.reg
[2014/02/27 15:05:30 | 000,000,604 | ---- | C] () -- C:\windows\tasks\G2MUpdateTask-S-1-5-21-4154370108-1394326414-2424723564-1000.job
[2014/02/22 11:49:35 | 000,004,012 | ---- | C] () -- C:\Users\Conrad Bowen\Desktop\cc_20140222_104917.reg
[2014/02/10 23:00:45 | 000,002,080 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ImageReady CS.lnk
[2014/02/10 23:00:45 | 000,002,073 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS.lnk
[2014/01/09 10:56:54 | 000,009,584 | ---- | C] () -- C:\windows\SysWow64\ractrlkeyhook.dll
[2013/12/05 14:46:33 | 000,000,355 | ---- | C] () -- C:\Users\Conrad Bowen\Homegroup - Shortcut.lnk
[2013/12/04 15:54:52 | 000,643,968 | ---- | C] () -- C:\Users\Conrad Bowen\Documents\LtCttnwd-Inside.pdf
[2013/11/19 23:20:53 | 000,016,284 | ---- | C] () -- C:\windows\SysWow64\ieuinit.inf
[2013/11/19 23:20:50 | 000,016,284 | ---- | C] () -- C:\windows\SysNative\ieuinit.inf
[2013/10/03 14:58:24 | 000,007,549 | ---- | C] () -- C:\windows\SysNative\dopdf7.ctm
[2013/10/01 16:30:10 | 000,000,833 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/09/19 22:45:56 | 000,000,017 | ---- | C] () -- C:\Users\Conrad Bowen\AppData\Local\resmon.resmoncfg
[2013/06/18 12:37:06 | 000,000,355 | ---- | C] () -- C:\Users\Conrad Bowen\Computer - Shortcut.lnk
[2011/03/30 15:04:42 | 000,015,984 | ---- | C] () -- C:\Users\Conrad Bowen\AppData\Roaming\CCList.csv.19570434.xml
[2011/03/24 20:55:50 | 000,004,370 | ---- | C] () -- C:\Users\Conrad Bowen\AppData\Roaming\BrideListOriginalExpandedCSV.csv.47653859.xml
[2011/03/24 14:55:01 | 000,025,247 | ---- | C] () -- C:\Users\Conrad Bowen\AppData\Roaming\Comma Separated Values (Windows).ADR
[2011/03/23 18:32:18 | 000,000,286 | ---- | C] () -- C:\Users\Conrad Bowen\AppData\Roaming\Contact.35243964.xml
[2011/03/13 19:56:10 | 000,038,441 | ---- | C] () -- C:\Users\Conrad Bowen\AppData\Roaming\Comma Separated Values (DOS).ADR
[2011/03/01 21:36:14 | 000,002,239 | ---- | C] () -- C:\Users\Conrad Bowen\AppData\Roaming\BCMMappings.xml
[2010/09/23 11:54:30 | 000,008,428 | ---- | C] () -- C:\Users\Conrad Bowen\AppData\Roaming\UserTile.png
[2010/09/21 21:26:46 | 000,000,070 | ---- | C] () -- C:\Users\Conrad Bowen\AppData\Roaming\wklnhst.dat
========== ZeroAccess Check ==========
[2009/07/13 22:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/06/24 20:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/06/24 19:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 19:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 06:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 19:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2014/07/15 16:12:15 | 000,000,000 | ---D | M] -- C:\Users\Conrad Bowen\AppData\Roaming\Bitdefender
[2014/09/10 13:06:13 | 000,000,000 | ---D | M] -- C:\Users\Conrad Bowen\AppData\Roaming\Dropbox
[2014/02/26 19:07:48 | 000,000,000 | ---D | M] -- C:\Users\Conrad Bowen\AppData\Roaming\Free Download Manager
[2014/06/10 16:08:44 | 000,000,000 | ---D | M] -- C:\Users\Conrad Bowen\AppData\Roaming\GoContactSyncMOD
[2011/08/27 13:09:27 | 000,000,000 | ---D | M] -- C:\Users\Conrad Bowen\AppData\Roaming\Nitro PDF
[2012/04/19 12:11:14 | 000,000,000 | ---D | M] -- C:\Users\Conrad Bowen\AppData\Roaming\PDF Pro 10
[2011/09/30 14:49:24 | 000,000,000 | ---D | M] -- C:\Users\Conrad Bowen\AppData\Roaming\PrimoPDF
[2014/07/15 15:40:57 | 000,000,000 | ---D | M] -- C:\Users\Conrad Bowen\AppData\Roaming\QuickScan
[2013/10/03 14:58:31 | 000,000,000 | ---D | M] -- C:\Users\Conrad Bowen\AppData\Roaming\Softland
[2012/12/06 17:22:00 | 000,000,000 | ---D | M] -- C:\Users\Conrad Bowen\AppData\Roaming\Template
[2011/05/16 08:41:50 | 000,000,000 | ---D | M] -- C:\Users\Conrad Bowen\AppData\Roaming\Toshiba
[2010/09/21 14:27:19 | 000,000,000 | ---D | M] -- C:\Users\Conrad Bowen\AppData\Roaming\WinBatch
[2010/11/16 20:02:44 | 000,000,000 | ---D | M] -- C:\Users\Conrad Bowen\AppData\Roaming\Windows Live Writer
========== Purity Check ==========
========== Custom Scans ==========
========== Base Services ==========
SRV:64bit: - [2009/07/13 19:40:01 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:64bit: - [2013/02/26 23:47:10 | 000,070,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:64bit: - [2009/07/13 19:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:64bit: - [2010/11/20 07:27:23 | 000,849,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:64bit: - [2010/11/20 07:25:45 | 000,705,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:64bit: - [2014/04/11 20:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:64bit: - [2009/07/13 19:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2009/07/13 19:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:64bit: - [2012/07/04 16:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:64bit: - [2013/07/08 23:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV - [2013/07/08 22:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV:64bit: - [2010/11/20 07:27:24 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:64bit: - [2010/11/20 07:26:04 | 000,317,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2010/11/20 06:18:30 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2011/03/03 00:24:16 | 000,183,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:64bit: - [2009/07/13 19:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:64bit: - [2009/07/13 19:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2009/07/13 19:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:64bit: - [2009/07/13 19:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:64bit: - [2010/11/20 07:26:39 | 000,501,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:64bit: - [2009/07/13 19:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:64bit: - [2009/07/13 19:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:64bit: - [2009/07/13 19:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:64bit: - [2009/07/13 19:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV - [2009/07/13 19:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV:64bit: - [2012/10/03 11:44:21 | 000,303,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:64bit: - [2009/07/13 19:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:64bit: - [2011/05/24 05:42:55 | 000,404,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:64bit: - [2012/02/11 00:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:64bit: - [2014/04/11 20:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV:64bit: - [2009/07/13 19:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:64bit: - [2010/11/20 07:27:24 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:64bit: - [2010/11/20 07:27:24 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:64bit: - [2010/11/20 07:27:25 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:64bit: - [2014/04/11 20:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:64bit: - [2009/07/13 19:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:64bit: - [2010/11/20 07:27:26 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:64bit: - [2010/11/20 07:27:25 | 000,370,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2010/11/20 06:21:19 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:64bit: - [2010/11/20 07:27:25 | 001,110,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:64bit: - [2010/11/20 07:27:26 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2010/11/20 06:21:28 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:64bit: - [2009/07/13 19:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:64bit: - [2012/04/30 23:40:20 | 000,209,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:64bit: - [2010/11/20 07:25:27 | 001,600,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:64bit: - [2010/11/20 07:25:42 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv)
SRV:64bit: - [2010/11/20 07:25:42 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2010/11/20 07:27:25 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:64bit: - [2013/05/26 23:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010/11/20 07:27:28 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog)
SRV:64bit: - [2010/11/20 07:26:59 | 000,828,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:64bit: - [2010/11/20 07:27:28 | 000,580,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:64bit: - [2010/11/20 07:24:58 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2010/11/20 06:17:22 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysWow64\msiexec.exe -- (msiserver)
SRV:64bit: - [2009/07/13 19:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:64bit: - [2014/05/14 10:23:46 | 002,477,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:64bit: - [2010/11/20 07:26:07 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:64bit: - [2009/07/13 19:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:64bit: - [2010/11/20 07:27:28 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)
< %SYSTEMDRIVE%\*.exe >
< dir "%systemdrive%\*" /S /A:L /C >
Volume in drive C is TI105847W0F
Volume Serial Number is 7C0E-931B
Directory of C:\
07/13/2009 11:08 PM <JUNCTION> Documents and Settings [C:\Users]
0 File(s) 0 bytes
Directory of C:\ProgramData
07/13/2009 11:08 PM <JUNCTION> Application Data [C:\ProgramData]
07/13/2009 11:08 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
07/13/2009 11:08 PM <JUNCTION> Documents [C:\Users\Public\Documents]
07/13/2009 11:08 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
07/13/2009 11:08 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/13/2009 11:08 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users
07/13/2009 11:08 PM <SYMLINKD> All Users [C:\ProgramData]
07/13/2009 11:08 PM <JUNCTION> Default User [C:\Users\Default]
0 File(s) 0 bytes
Directory of C:\Users\All Users
07/13/2009 11:08 PM <JUNCTION> Application Data [C:\ProgramData]
07/13/2009 11:08 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
07/13/2009 11:08 PM <JUNCTION> Documents [C:\Users\Public\Documents]
07/13/2009 11:08 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
07/13/2009 11:08 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/13/2009 11:08 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Conrad Bowen
09/21/2010 02:26 PM <JUNCTION> Application Data [C:\Users\Conrad Bowen\AppData\Roaming]
09/21/2010 02:26 PM <JUNCTION> Cookies [C:\Users\Conrad Bowen\AppData\Roaming\Microsoft\Windows\Cookies]
09/21/2010 02:26 PM <JUNCTION> Local Settings [C:\Users\Conrad Bowen\AppData\Local]
09/21/2010 02:26 PM <JUNCTION> My Documents [C:\Users\Conrad Bowen\Documents]
09/21/2010 02:26 PM <JUNCTION> NetHood [C:\Users\Conrad Bowen\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
09/21/2010 02:26 PM <JUNCTION> PrintHood [C:\Users\Conrad Bowen\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
09/21/2010 02:26 PM <JUNCTION> Recent [C:\Users\Conrad Bowen\AppData\Roaming\Microsoft\Windows\Recent]
09/21/2010 02:26 PM <JUNCTION> SendTo [C:\Users\Conrad Bowen\AppData\Roaming\Microsoft\Windows\SendTo]
09/21/2010 02:26 PM <JUNCTION> Start Menu [C:\Users\Conrad Bowen\AppData\Roaming\Microsoft\Windows\Start Menu]
09/21/2010 02:26 PM <JUNCTION> Templates [C:\Users\Conrad Bowen\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Conrad Bowen\AppData\Local
09/21/2010 02:26 PM <JUNCTION> Application Data [C:\Users\Conrad Bowen\AppData\Local]
09/21/2010 02:26 PM <JUNCTION> History [C:\Users\Conrad Bowen\AppData\Local\Microsoft\Windows\History]
09/21/2010 02:26 PM <JUNCTION> Temporary Internet Files [C:\Users\Conrad Bowen\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Conrad Bowen\Documents
09/21/2010 02:26 PM <JUNCTION> My Music [C:\Users\Conrad Bowen\Music]
09/21/2010 02:26 PM <JUNCTION> My Pictures [C:\Users\Conrad Bowen\Pictures]
09/21/2010 02:26 PM <JUNCTION> My Videos [C:\Users\Conrad Bowen\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Default
07/13/2009 11:08 PM <JUNCTION> Application Data [C:\Users\Default\AppData\Roaming]
07/13/2009 11:08 PM <JUNCTION> Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies]
07/13/2009 11:08 PM <JUNCTION> Local Settings [C:\Users\Default\AppData\Local]
07/13/2009 11:08 PM <JUNCTION> My Documents [C:\Users\Default\Documents]
07/13/2009 11:08 PM <JUNCTION> NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
07/13/2009 11:08 PM <JUNCTION> PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
07/13/2009 11:08 PM <JUNCTION> Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
07/13/2009 11:08 PM <JUNCTION> SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
07/13/2009 11:08 PM <JUNCTION> Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
07/13/2009 11:08 PM <JUNCTION> Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default\AppData\Local
07/13/2009 11:08 PM <JUNCTION> Application Data [C:\Users\Default\AppData\Local]
07/13/2009 11:08 PM <JUNCTION> History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
07/13/2009 11:08 PM <JUNCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Default\Documents
07/13/2009 11:08 PM <JUNCTION> My Music [C:\Users\Default\Music]
07/13/2009 11:08 PM <JUNCTION> My Pictures [C:\Users\Default\Pictures]
07/13/2009 11:08 PM <JUNCTION> My Videos [C:\Users\Default\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Public\Documents
07/13/2009 11:08 PM <JUNCTION> My Music [C:\Users\Public\Music]
07/13/2009 11:08 PM <JUNCTION> My Pictures [C:\Users\Public\Pictures]
07/13/2009 11:08 PM <JUNCTION> My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Total Files Listed:
0 File(s) 0 bytes
50 Dir(s) 149,559,476,224 bytes free
< MD5 for: EXPLORER.EXE >
[2011/02/25 23:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/02/25 00:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 00:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 00:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 06:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/02/24 23:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/24 23:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/20 07:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
< MD5 for: RPCSS.DLL >
[2010/11/20 07:27:24 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=5C627D1B1138676C0A7AB2C2C190D123 -- C:\windows\SysNative\rpcss.dll
[2010/11/20 07:27:24 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=5C627D1B1138676C0A7AB2C2C190D123 -- C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7601.17514_none_c7f0e16b547f887d\rpcss.dll
< MD5 for: SERVICES >
[2009/06/10 15:00:26 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\services
< MD5 for: SERVICES.CFG >
[2014/05/08 07:48:48 | 000,560,495 | ---- | M] () MD5=12A7DDA9C7CA1AAA2C6F36BB1E24528B -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Services\Services.cfg
[2012/09/23 20:43:36 | 000,603,848 | R--- | M] () MD5=81B120EAEE296F0E54F66C16C5A21367 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744BA0000000010\11.0.0\services.cfg
< MD5 for: SERVICES.CSS >
[2005/06/29 14:48:58 | 000,014,339 | ---- | M] () MD5=9D415BDEF74ADF7B0CD791E40A911A38 -- C:\Program Files (x86)\Intuit\QuickBooks 2011\Components\Services\services.css
< MD5 for: SERVICES.EXE >
[2009/07/13 19:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\windows\SysNative\services.exe
[2009/07/13 19:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
< MD5 for: SERVICES.EXE.MUI >
[2009/07/13 20:25:40 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\windows\SysNative\en-US\services.exe.mui
[2009/07/13 20:25:40 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_c5f238be3fa63468\services.exe.mui
< MD5 for: SERVICES.LNK >
[2009/07/13 22:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/13 22:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
< MD5 for: SERVICES.MOF >
[2009/06/10 14:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\windows\SysNative\wbem\services.mof
[2009/06/10 14:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.mof
< MD5 for: SERVICES.MSC >
[2009/07/13 20:23:30 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\windows\SysNative\en-US\services.msc
[2009/06/10 14:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\windows\SysNative\services.msc
[2009/07/13 20:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\en-US\services.msc
[2009/06/10 15:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\services.msc
[2009/07/13 20:23:30 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_003408aa160fce5b\services.msc
[2009/06/10 14:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_2b58d44b5f6beb8a\services.msc
[2009/07/13 20:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a4156d265db25d25\services.msc
[2009/06/10 15:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc
< MD5 for: SERVICES.PTXML >
[2009/07/13 14:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\windows\SysNative\wdi\perftrack\Services.ptxml
[2009/07/13 14:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\Services.ptxml
< MD5 for: SVCHOST.EXE >
[2014/05/12 07:24:30 | 000,750,392 | ---- | M] (MalwareBytes) MD5=09882E8EDD1144E6EF1AF6D1F98305EE -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\svchost.exe
[2009/07/13 19:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 19:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/13 19:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\windows\SysNative\svchost.exe
[2009/07/13 19:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: USERINIT.EXE >
[2010/11/20 06:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 06:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/20 07:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\windows\SysNative\userinit.exe
[2010/11/20 07:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2014/05/12 07:24:30 | 000,750,392 | ---- | M] (MalwareBytes) MD5=09882E8EDD1144E6EF1AF6D1F98305EE -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe
[2010/11/20 07:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2014/03/04 05:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014/03/04 03:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\windows\SysNative\winlogon.exe
[2014/03/04 03:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
< c:\windows\system32\*.dll /lockedfiles >
< c:\windows\system32\drivers\*.sys /lockedfiles >
< %systemroot%\*. /mp /s >
< End of report >
Extras:
OTL Extras logfile created on: 9/10/2014 1:50:41 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Conrad Bowen\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17239)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.87 Gb Total Physical Memory | 0.26 Gb Available Physical Memory | 14.08% Memory free
3.74 Gb Paging File | 1.03 Gb Available in Paging File | 27.45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 222.47 Gb Total Space | 138.61 Gb Free Space | 62.30% Space Free | Partition Type: NTFS
Computer Name: CBSLAPTOP | User Name: Conrad Bowen | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 360 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-4154370108-1394326414-2424723564-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\SysWow64\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\SysWow64\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07A773E3-A399-436E-BE99-4C76AE276CB9}" = rport=138 | protocol=17 | dir=out | app=system |
"{0C1A590D-D0B5-4D19-B2AE-D3C03D051CDF}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{1327DBA0-E6F9-4DB0-B47C-9F44B05804CB}" = rport=445 | protocol=6 | dir=out | app=system |
"{1CC367F6-C10A-4DD6-84AC-74C434D69DEB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{295AF235-8BCE-4085-BA72-E6C81E44C091}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{330C3A17-3934-4A2D-8135-A679BFCF7E28}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{34D217B7-AD0F-4772-B088-D7E8E3626A22}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3A298309-D7CF-4BF8-A8BF-3112DE906947}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3CFB893D-26A4-42A8-A850-C49079E4EB7F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4119700C-1BCF-4F3C-B058-7AD1B242E75B}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{452761D7-EE31-48E4-931D-F4546A6B7820}" = lport=2869 | protocol=6 | dir=in | app=system |
"{532B0F24-32E9-4EAE-92F4-DD7726654AF6}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{54028550-E376-4022-A46B-EFB270A004A7}" = rport=10243 | protocol=6 | dir=out | app=system |
"{5E507DE9-685C-4421-87FE-3661424F6D47}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{606D71A8-B629-4581-BE58-4150164C045C}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{62A4BA89-FC14-4C36-BFF5-C6625870269F}" = lport=138 | protocol=17 | dir=in | app=system |
"{7B7D3674-C70D-442E-B5B1-65E4EACA2938}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7B9FB602-5F12-47B4-B65D-8876FC743C48}" = lport=2869 | protocol=6 | dir=in | app=system |
"{80EB5587-29A8-4B3D-B0A2-70E353F72648}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{8477F0C0-0170-44B7-9B6C-901AD134827A}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{867F19D5-E4E0-4D76-BA0D-9D63DD88BC6A}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{97EF7C2F-7746-41B5-953C-B8133CFBCE26}" = lport=10243 | protocol=6 | dir=in | app=system |
"{9A33213F-E95B-4F1F-B2D1-D0DBD08BB279}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{A043C063-44C0-4283-8DB2-7CB5A29CB952}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{A5233232-A368-4180-9397-3A6ED25B0A11}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{A92B15A7-7D9F-4674-A884-DB9F75C6944B}" = lport=445 | protocol=6 | dir=in | app=system |
"{AA2023F6-4646-4995-8782-2400345D9C15}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{AA606833-D6AB-4703-8CB8-8095A9EDED6A}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AFD89163-482A-4D2C-AF11-FC14C40031AE}" = rport=139 | protocol=6 | dir=out | app=system |
"{B08AE8B6-FA19-4C89-8F1A-7BA551B4BD66}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{B0E2ACC2-2004-40D6-9612-3A884B83E73D}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{BB354453-144F-43FD-A5F2-F45DE780FC43}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{CA5E0ABC-D134-4764-8474-35E75C7909FA}" = lport=137 | protocol=17 | dir=in | app=system |
"{D179B4E2-6896-4650-A906-81F602C59988}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{D242A148-A217-42B8-9A87-8F31EDFD521A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D38457C8-C3FE-4151-8DE7-8D41A333434D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{E7C551D4-6880-464A-9814-37DE69531D8F}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{F5F30226-C059-45BF-8B2D-A580AC82E1AE}" = rport=137 | protocol=17 | dir=out | app=system |
"{F9E41180-CF84-4C27-91E8-D567A6576834}" = lport=139 | protocol=6 | dir=in | app=system |
"{FBBD5DF0-96DB-4102-A94E-BDDC7F1E7C86}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00354A4D-F21C-4742-8796-15B6388D739D}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{0B062990-A6E9-4C74-B63D-A82F260D3264}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{0F32C2F0-6871-4010-A678-A6B76717ED63}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{19F247F8-7751-4292-99E4-3796C4C764A4}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{1BC21DDB-191D-4980-BF4D-108BA4CA1B99}" = dir=in | app=c:\program files (x86)\hp\hp laserjet pro mfp m127-m128\bin\hpnetworkcommunicatorcom.exe |
"{28E9285D-BA28-4484-B0BE-CE572818FCC0}" = protocol=58 | dir=in | [email protected],-28545 |
"{3837C2AD-113B-4B6F-B1BD-3AE225D966EE}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{46896F6C-E6B7-4A3B-B111-59A3ED1014CB}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{564356E0-BAF1-4599-A297-2B2FB573ED3D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{581C5857-AC9C-4628-9003-921FC2A1CF1C}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{61BD5ACD-C2D5-40DB-9173-19A80BE9A9E4}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{671D608F-FD6F-4529-9455-184255F54A9B}" = protocol=6 | dir=in | app=c:\users\conrad bowen\appdata\roaming\dropbox\bin\dropbox.exe |
"{6A2BF287-5916-40FE-8D85-BBBBE6631A51}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{70D25843-F804-40A3-BB69-C4BD7DE60AC3}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{764BA1CA-B5B4-4E8F-9D95-48CC1DC66666}" = protocol=6 | dir=in | app=c:\program files (x86)\hp\csiinstaller\3b050369-8d19-413d-9dec-84ff278472eb\installer\hpbcsiinstaller.exe |
"{76664BE4-29CF-4ABD-92E6-50B35C2EE603}" = protocol=17 | dir=in | app=c:\program files\canon\imageprografstatusmonitor\cnwida.exe |
"{770E74F4-DEDC-4CB4-8C38-4B25375FFAC3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7BBDC01E-BFE8-47F5-A816-9039CF1E50B1}" = protocol=1 | dir=out | [email protected],-28544 |
"{7C3536C1-29E3-4AC6-BF56-3DF3C010BD71}" = protocol=17 | dir=in | app=c:\program files (x86)\hp\csiinstaller\3b050369-8d19-413d-9dec-84ff278472eb\installer\hpbcsiinstaller.exe |
"{7D1625D2-5554-4FCE-A69E-C16E08CFB0BC}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{8150641C-AF23-40AE-9952-B1F17A2AE4E5}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{863C7FF8-3415-4AD3-BF58-B46CAD66B4C9}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{87573E5E-4A5C-4C87-AAE6-8ED33FDA0F60}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{8B7D5C5F-ECBF-4503-BD64-AC3F3732AF2C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{8BC9B67D-7D94-4439-BF4B-4B1958A3533B}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{94CC9643-7C41-4AA2-A26F-292BC41E7EC3}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{9DC1D7FB-197F-445A-A60C-AFA58694549C}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{A074D917-3EBC-4D58-954A-7A554D7F7F2F}" = protocol=58 | dir=out | [email protected],-28546 |
"{A2637A57-F18D-4CB9-8C4F-A98E1157C9CA}" = protocol=6 | dir=in | app=c:\program files\canon\imageprografstatusmonitor\cnwida.exe |
"{A4B04BDC-658E-43E7-8538-E355570DC512}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{A9070BBD-7EDC-4109-A82A-C11F4C6002BC}" = dir=in | app=c:\program files\hp\hp laserjet pro mfp m127-m128\bin\hpnetworkcommunicatorcom.exe |
"{B289ECE7-235E-4196-A366-B2EA55501C17}" = dir=in | app=c:\program files\hp\hp laserjet pro mfp m127-m128\bin\sendafax.exe |
"{B73A4B5D-EE08-445D-91DC-D27CD4131FA5}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{BA81DB7B-AD5A-4DB3-8740-B89FEA83A903}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BA8AFDC5-0752-4421-9A5E-09E2541E0DF2}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{BC927C32-5918-4809-991B-3A217DFE1FE3}" = protocol=1 | dir=in | [email protected],-28543 |
"{CF22C2A8-33A7-4868-90F2-B695CE1AE5DB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D7C82CEC-3946-4A7D-A161-0FE90EAB3407}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DA35E6D0-922A-4619-85F9-AC9CF23FEA49}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{DAD16D3C-299A-40B5-982B-DF8728C9C175}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DD0A19E9-D513-47CB-A35C-777C7AC5137E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DDAB3094-79A5-42AB-A709-CE710D51E138}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DF008CB5-9EDC-4B5B-BE8D-E8576E1FD9C2}" = protocol=6 | dir=in | app=c:\program files\canon\imageprografstatusmonitor\cnwism.exe |
"{DF0B9268-73CB-4721-8C2D-4FD00B179500}" = dir=in | app=c:\program files (x86)\hp\hp laserjet pro mfp m127-m128\bin\faxapplications.exe |
"{E8CEAA6E-0223-449D-BEC8-7A405E2AE1C6}" = protocol=17 | dir=in | app=c:\program files\canon\imageprografstatusmonitor\cnwism.exe |
"{E8DD5518-41FA-432A-A4EA-02034471D64C}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{EC8C0B0B-8C3F-4DE7-AD34-18CB1FF1B71F}" = dir=in | app=c:\program files\hp\hp laserjet pro mfp m127-m128\bin\faxprinterutility.exe |
"{F0BDBDC7-8701-415C-88F8-893266EA5429}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{F22A3F70-3DB2-43A0-9AA8-2398E6A82F51}" = protocol=6 | dir=out | app=system |
"{F2393239-7721-4E7C-97A2-9497D03477A3}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{F650CC98-7C14-4AC4-94C1-EE59199528D3}" = protocol=17 | dir=in | app=c:\users\conrad bowen\appdata\roaming\dropbox\bin\dropbox.exe |
"{F9AF25AE-8B10-4868-88DD-36E78C81F110}" = dir=in | app=c:\program files (x86)\hp\hp laserjet pro mfp m127-m128\bin\ewsproxy.exe |
"{FC53A5A9-61B2-4E51-AFEE-D5025D2AFF68}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{FEA4F643-6C10-4315-A35F-5596A70CAF4D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"TCP Query User{B81F409E-CB76-4C17-AA9B-AE8F63A7A63F}C:\users\conrad bowen\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\conrad bowen\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{4572DAD1-CE6E-4AE5-B1A1-6FCF2C576BD0}C:\users\conrad bowen\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\conrad bowen\appdata\roaming\dropbox\bin\dropbox.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{1AAF3A3B-7B32-4DDF-8ABB-438DAEB46EEC}" = Windows Live Family Safety
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{30994599-9734-455F-B51D-7E5E987AFA2A}_is1" = Dynamic Auto-Painter x64 PRO version 3.0.2
"{30E20E5D-5E4E-4874-A35A-952DB3582C29}" = HP Unified IO
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile Device Center
"{65072E52-F51B-4280-9DA6-EA5F1EE72C3A}" = HP LaserJet Pro MFP M127-M128 Fax Driver
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}" = Microsoft SQL Server Native Client
"{A0E99122-25C1-4CA4-9063-499A2A814EB6}" = TOSHIBA ReelTime
"{B636C9B9-A3F2-4DCE-ADCC-72E095018385}" = Microsoft SQL Server VSS Writer
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C14518AF-1A0F-4D39-8011-69BAA01CD380}" = TOSHIBA Bulletin Board
"{C5835004-643A-4EB6-A280-706F9F62F985}" = HP LaserJet Pro MFP M127-M128 Fax
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{FBBC4667-2521-4E78-B1BD-8706F774549B}" = Best Buy pc app
"{FD868C71-6CCF-42E2-B90D-0504AB0036FE}" = 64 Bit HP CIO Components Installer
"Bitdefender" = Bitdefender Total Security 2015
"CCleaner" = CCleaner
"doPDF 7 printer_is1" = doPDF 7.3 printer
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{073B89C3-BA88-41B5-965F-B35A88EAE838}" = TOSHIBA Supervisor Password
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{11E0AC7D-6822-4F67-865F-EE1C13D28C38}" = QuickBooks Pro 2011
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{16CA4BD4-27ED-4DA0-9190-48F69D8AAC25}" = Google Apps Migration For Microsoft Outlook® 3.0.19.44
"{178F0383-A2F1-427C-9881-6EACB8728C76}" = hppLaserJetService
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D5B189-DBDD-4E57-A84B-58C7700E9BB0}" = hppM125LaserJetService
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1B87C40B-A60B-4EF3-9A68-706CF4B69978}" = TOSHIBA Assist
"{1D70AABC-CB59-4700-A708-EA56D1CA07B0}" = QuickBooks
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{257EC58E-03FD-472B-A9B6-93F23A3C4CB0}" = Scan
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java 6 Update 17
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)
"{2C886751-51BD-4A8C-B33A-B4C513AB5B9A}" = HPLJUTM127_128
"{2E92FFC5-4082-40BF-9CA7-0E5D16C811CE}" = Google Apps Sync™ for Microsoft Outlook® 3.5.370.990
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{2F518061-89DB-4AF0-9A7A-2BF73B60E6F0}" = HP LJ M127128 Scan HP Scan
"{30DD7187-F392-4D83-8AED-D9A2DC64EF15}" = HPLJUTCore
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{3b050369-8d19-413d-9dec-84ff278472eb}" = HP LaserJet Pro MFP M127-M128
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5AF550B4-BB67-4E7E-82F1-2C4300279050}" = ToshibaRegistration
"{5E4DD8C2-A906-4F1B-94B6-4F6A51D625B2}" = HPLJDXPHelper
"{612631AC-0D84-4116-9D8A-D2D63467B7BF}" = HP LaserJet Pro MFP M127-M128 HP Device Toolbox
"{62022DCB-BA92-4EC2-AE03-9B946E4DBF12}" = hpbDSService
"{63E949F6-03BC-5C40-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 CRT.Policy (x86) WinSXS MSM
"{6470E292-3B55-41DC-B5EB-91C34C5ACB5D}" = hpStatusAlerts
"{66392B7C-C522-450D-97B7-B3E41E170C3B}" = imagePROGRAF Status Monitor
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68B7C6D9-1DF2-54C1-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 MFC.Policy (x86) WinSXS MSM
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6DEF11C0-35FF-4160-A543-FDD336C4DAE5}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E9CEA3B-EBD1-439C-A01D-830CB39613C6}" = TOSHIBA Hardware Setup
"{8FB53850-246A-3507-8ADE-0060093FFEA6}" = Visual Studio Tools for the Office system 3.0 Runtime
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_PROR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_PROR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_PROR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_PROR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}_PROR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}_PROR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_PROR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92374A19-CD4A-498F-92CB-26473EF31FB3}" = hpStatusAlertsM127-M128
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}" = TOSHIBA Application Installer
"{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}" = TOSHIBA Media Controller
"{98CB24AD-52FB-DB5F-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 CRT (x86) WinSXS MSM
"{9BAE13A2-E7AF-D6C3-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 MFC (x86) WinSXS MSM
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A484CDF7-6B53-4191-95D8-17C6259A965B}" = HP Product FWUpdater
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.07)
"{AC7E7905-8C59-4806-A96D-30936A2B1FC5}" = Citrix Online Launcher
"{B1CB7E99-4685-45CB-867E-2FB58EDA0A39}" = HP Unified IO
"{B32C4059-6E7A-41EF-AD20-56DF1872B923}" = Business Contact Manager for Outlook 2007 SP2
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{B5409C23-DE0C-4B48-8C8A-50AE38694955}" = HPLJProMFPM127M128
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C403A67A-2C78-478C-A88A-BB27FC90B13F}" = Canon iPF8000 Print Plug-In for Photoshop CS5 x64
"{C63E7C60-25EB-11D3-8EDA-00A0C911E8E5}" = Microsoft Outlook Personal Folders Backup
"{C6640705-7479-4EE5-BC86-879F05F65E74}" = Google Drive
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B8}" = WinZip 12.1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DD23CAA4-8872-4B95-B263-EA46FD82CF19}" = LaserAIO
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E69992ED-A7F6-406C-9280-1C156417BC49}" = TOSHIBA Quality Application
"{EAECD0D7-F27D-4F13-8312-A9C0B5C5F1B7}" = LJDXPHelperUI
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EF292659-1504-4F78-A737-471E50D8E0A1}" = HPDXP
"{EFB21DE7-8C19-4A88-BB28-A766E16493BC}" = Adobe Photoshop CS
"{F08687B3-BB9A-4CBC-AE6B-BDF4B642E7BA}" = hpbM128DSService
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Graphics Media Accelerator Driver
"{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}" = TOSHIBA Media Controller Plug-in
"{FAE97B40-E8E2-4B52-9A9E-219C3CCC0107}" = HP LaserJet Pro MFP M127-M128 Fax
"{FBBC4667-2521-4E78-B1BD-8706F774549B}" = Best Buy pc app
"{FC279721-37A6-4777-AFD8-7A56681EBA14}" = PDF Pro 10
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe Flash Player ActiveX" = Adobe Flash Player 15 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin
"Business Contact Manager" = Business Contact Manager for Outlook 2007 SP2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"hp LaserJet-all-in-one" = hp LaserJet-all-in-one
"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"InstallShield_{A0E99122-25C1-4CA4-9063-499A2A814EB6}" = TOSHIBA ReelTime
"InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}" = TOSHIBA Bulletin Board
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.2.1012
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Microsoft Visual Studio 2005 Tools for Office Runtime
"Mozilla Firefox 31.0 (x86 en-US)" = Mozilla Firefox 31.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"PROR" = Microsoft Office Professional 2007
"WinLiveSuite" = Windows Live Essentials
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-4154370108-1394326414-2424723564-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"GoToMeeting" = GoToMeeting 6.4.0.1555
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 9/4/2014 6:00:07 PM | Computer Name = CBsLaptop | Source = QuickBooks | ID = 4
Description = An unexpected error has occured in "QuickBooks": Returning NULL QBWinInstance
Hand
Error - 9/4/2014 6:00:07 PM | Computer Name = CBsLaptop | Source = QuickBooks | ID = 4
Description = An unexpected error has occured in "QuickBooks": Returning NULL QBWinInstance
Hand
Error - 9/4/2014 6:00:07 PM | Computer Name = CBsLaptop | Source = QuickBooks | ID = 4
Description = An unexpected error has occured in "QuickBooks": Returning NULL QBWinInstance
Hand
Error - 9/5/2014 3:42:06 PM | Computer Name = CBsLaptop | Source = MsiInstaller | ID = 1024
Description =
Error - 9/8/2014 11:00:39 AM | Computer Name = CBsLaptop | Source = MsiInstaller | ID = 1024
Description =
Error - 9/8/2014 5:35:44 PM | Computer Name = CBsLaptop | Source = Application Error | ID = 1000
Description = Faulting application name: spoolsv.exe, version: 6.1.7601.17777, time
stamp: 0x4f35fc1d Faulting module name: hpzjcd01.dll, version: 8.2.16.0, time stamp:
0x515df290 Exception code: 0xc0000005 Fault offset: 0x0000000000019f9b Faulting process
id: 0x670 Faulting application start time: 0x01cfcb7552e56d0b Faulting application
path: C:\windows\System32\spoolsv.exe Faulting module path: C:\windows\System32\hpzjcd01.dll
Report
Id: 15f8fd01-37a0-11e4-9669-00266c5a3206
Error - 9/8/2014 6:00:02 PM | Computer Name = CBsLaptop | Source = Windows Backup | ID = 4103
Description =
Error - 9/9/2014 11:43:57 AM | Computer Name = CBsLaptop | Source = MsiInstaller | ID = 1024
Description =
Error - 9/10/2014 2:00:36 AM | Computer Name = CBsLaptop | Source = MsiInstaller | ID = 1024
Description =
Error - 9/10/2014 3:06:26 PM | Computer Name = CBsLaptop | Source = MsiInstaller | ID = 1024
Description =
[ OSession Events ]
Error - 5/15/2012 7:17:35 AM | Computer Name = CBsLaptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 59
seconds with 0 seconds of active time. This session ended with a crash.
Error - 7/9/2012 10:09:05 PM | Computer Name = CBsLaptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 153
seconds with 0 seconds of active time. This session ended with a crash.
Error - 9/21/2012 10:20:24 PM | Computer Name = CBsLaptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 13794
seconds with 2340 seconds of active time. This session ended with a crash.
Error - 11/15/2012 12:37:47 AM | Computer Name = CBsLaptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 1316
seconds with 780 seconds of active time. This session ended with a crash.
Error - 1/24/2013 7:04:22 PM | Computer Name = CBsLaptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 5
seconds with 0 seconds of active time. This session ended with a crash.
Error - 5/9/2013 6:42:11 PM | Computer Name = CBsLaptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 7
seconds with 0 seconds of active time. This session ended with a crash.
Error - 8/10/2013 1:13:54 AM | Computer Name = CBsLaptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 55787
seconds with 5940 seconds of active time. This session ended with a crash.
Error - 9/20/2013 7:12:04 PM | Computer Name = CBsLaptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 14538
seconds with 600 seconds of active time. This session ended with a crash.
Error - 11/19/2013 5:31:13 PM | Computer Name = CBsLaptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 14797
seconds with 4320 seconds of active time. This session ended with a crash.
Error - 12/12/2013 1:13:52 PM | Computer Name = CBsLaptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 36
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 8/30/2014 10:59:01 PM | Computer Name = CBsLaptop | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the VSSERV service.
Error - 9/5/2014 12:17:29 AM | Computer Name = CBsLaptop | Source = Service Control Manager | ID = 7043
Description = The Windows Update service did not shut down properly after receiving
a preshutdown control.
Error - 9/5/2014 12:18:01 AM | Computer Name = CBsLaptop | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the VSSERV service.
Error - 9/5/2014 3:13:56 PM | Computer Name = CBsLaptop | Source = Service Control Manager | ID = 7022
Description = The Bitdefender Virus Shield service hung on starting.
Error - 9/8/2014 10:57:57 AM | Computer Name = CBsLaptop | Source = Service Control Manager | ID = 7022
Description = The Bitdefender Virus Shield service hung on starting.
Error - 9/8/2014 5:36:15 PM | Computer Name = CBsLaptop | Source = Service Control Manager | ID = 7031
Description = The Print Spooler service terminated unexpectedly. It has done this
1 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.
Error - 9/9/2014 11:32:49 AM | Computer Name = CBsLaptop | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the VSSERV service.
Error - 9/9/2014 10:46:46 PM | Computer Name = CBsLaptop | Source = Service Control Manager | ID = 7034
Description = The HP LaserJet Service service terminated unexpectedly. It has done
this 1 time(s).
Error - 9/10/2014 2:03:04 AM | Computer Name = CBsLaptop | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the VSSERV service.
Error - 9/10/2014 3:04:13 PM | Computer Name = CBsLaptop | Source = Service Control Manager | ID = 7022
Description = The Bitdefender Virus Shield service hung on starting.
< End of report >
The computer is really slow turning on now.