Thank You for your help
here is the contents of otl.txt
OTL logfile created on: 8/21/2014 7:11:38 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\User\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17239)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.80 Gb Total Physical Memory | 1.92 Gb Available Physical Memory | 50.57% Memory free
7.61 Gb Paging File | 5.09 Gb Available in Paging File | 66.89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 456.78 Gb Total Space | 313.76 Gb Free Space | 68.69% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Drive E: | 7.40 Gb Total Space | 6.83 Gb Free Space | 92.28% Space Free | Partition Type: FAT32
Drive G: | 931.49 Gb Total Space | 205.02 Gb Free Space | 22.01% Space Free | Partition Type: NTFS
Computer Name: USER-PC | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/08/21 18:51:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\User\Downloads\OTL (1).exe
PRC - [2014/08/07 08:52:52 | 000,438,616 | ---- | M] (Garmin Ltd or its subsidiaries) -- C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
PRC - [2014/07/31 15:49:52 | 000,265,040 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\n360.exe
PRC - [2014/05/12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
PRC - [2014/05/12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2014/05/12 07:24:34 | 006,970,168 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
PRC - [2011/01/27 16:13:50 | 000,226,624 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
PRC - [2011/01/27 16:13:40 | 000,673,088 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
PRC - [2010/11/20 07:17:36 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schtasks.exe
PRC - [2009/11/21 09:52:16 | 002,454,840 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
PRC - [2009/10/28 13:15:10 | 000,304,496 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
PRC - [2009/10/02 15:26:12 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2009/10/02 15:26:10 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2009/09/30 21:34:22 | 002,314,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2009/09/30 21:33:08 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2009/07/29 18:42:06 | 000,705,880 | ---- | M] (TOSHIBA Corporation.) -- C:\Program Files\TOSHIBA\HDMICtrlMan\HCMSoundChanger.exe
PRC - [2009/07/28 22:26:42 | 000,062,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
PRC - [2009/03/10 20:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2009/02/04 21:26:38 | 000,128,232 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2008/09/16 12:03:18 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
========== Modules (No Company Name) ==========
MOD - [2014/08/15 19:39:15 | 000,774,144 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\4d2ee13655653e64c6b91238e6b351df\System.Runtime.Remoting.ni.dll
MOD - [2014/08/15 19:38:51 | 012,436,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\434e3a5de2f98ed740aac2b24c6d0890\System.Windows.Forms.ni.dll
MOD - [2014/08/15 19:38:45 | 001,593,344 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\bce52f0521c930a2e305badb3ea07128\System.Drawing.ni.dll
MOD - [2014/08/15 19:38:40 | 005,464,064 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\abca6deea510151b5d8e51bdabd17bea\System.Xml.ni.dll
MOD - [2014/08/15 19:38:37 | 000,978,432 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bce5e2af0775efc3c91ba62d5d26fb39\System.Configuration.ni.dll
MOD - [2014/08/15 19:38:26 | 003,348,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\4aa535ef604745958a236cfbbbbf6297\WindowsBase.ni.dll
MOD - [2014/08/15 19:38:23 | 007,989,760 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\2ee90c95adb50b0e75b814fcb9d87f8e\System.ni.dll
MOD - [2014/08/15 19:38:16 | 011,499,520 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\f8be9e33457f57805b4068f90099e428\mscorlib.ni.dll
MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/01/27 16:13:40 | 000,673,088 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
========== Services (SafeList) ==========
SRV:64bit: - [2014/07/25 08:00:25 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/05/27 00:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010/07/19 18:08:30 | 001,429,776 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2010/07/19 17:48:36 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2010/07/19 17:46:54 | 000,838,928 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2010/04/06 14:53:14 | 000,258,928 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV:64bit: - [2010/02/05 17:53:08 | 000,824,688 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV:64bit: - [2010/02/05 17:44:48 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2009/11/06 00:05:28 | 000,489,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2009/10/21 11:30:36 | 000,531,520 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\ThpSrv.exe -- (Thpsrv)
SRV:64bit: - [2009/07/28 18:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV - [2014/08/07 08:52:52 | 000,438,616 | ---- | M] (Garmin Ltd or its subsidiaries) [Auto | Running] -- C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe -- (Garmin Core Update Service)
SRV - [2014/07/31 15:49:52 | 000,265,040 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\N360.exe -- (N360)
SRV - [2014/07/08 22:20:52 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/05/12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014/05/12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2014/03/20 17:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2011/02/11 13:45:52 | 000,054,136 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2011/01/27 16:13:50 | 000,226,624 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe -- (MotoHelper)
SRV - [2010/10/22 13:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010/05/30 11:24:12 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/10/27 22:12:14 | 000,252,784 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe -- (cfWiMAXService)
SRV - [2009/10/02 15:26:12 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2009/09/30 21:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009/09/30 21:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/03/10 20:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2008/09/16 12:03:18 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor7.0)
SRV - [2007/05/31 10:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 10:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2014/08/21 19:01:38 | 000,122,584 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2014/05/12 07:26:10 | 000,063,704 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:64bit: - [2014/05/12 07:25:56 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2014/03/03 23:18:12 | 001,148,120 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1505000.013\symefa64.sys -- (SymEFA)
DRV:64bit: - [2014/02/17 20:32:41 | 000,593,112 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1505000.013\symnets.sys -- (SymNetS)
DRV:64bit: - [2014/02/12 20:59:49 | 000,875,736 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\N360x64\1505000.013\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2014/01/22 09:52:10 | 000,206,080 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2014/01/22 09:52:10 | 000,108,800 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2013/12/04 03:05:52 | 000,177,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2013/09/26 21:45:56 | 000,264,280 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1505000.013\ironx64.sys -- (SymIRON)
DRV:64bit: - [2013/09/25 21:50:25 | 000,162,392 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1505000.013\ccsetx64.sys -- (ccSet_N360)
DRV:64bit: - [2013/09/09 21:47:26 | 000,493,656 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1505000.013\symds64.sys -- (SymDS)
DRV:64bit: - [2013/09/09 20:49:49 | 000,036,952 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1505000.013\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2013/02/11 23:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/08/21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/05/17 16:44:46 | 000,044,480 | ---- | M] (http://libusb-win32.sourceforge.net) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\libusb0.sys -- (libusb0)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/12/03 14:03:26 | 000,021,504 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motccgp.sys -- (motccgp)
DRV:64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/07/28 11:46:18 | 007,821,312 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2010/07/07 18:18:58 | 000,051,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2010/04/01 14:44:06 | 000,026,624 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Motousbnet.sys -- (Motousbnet)
DRV:64bit: - [2010/01/25 19:57:54 | 000,010,240 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motusbdevice.sys -- (motusbdevice)
DRV:64bit: - [2010/01/13 08:37:18 | 007,675,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64)
DRV:64bit: - [2009/12/18 11:38:54 | 008,038,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/12/17 19:09:20 | 000,036,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WDKMD.sys -- (wdkmd)
DRV:64bit: - [2009/11/27 17:47:56 | 000,067,072 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2009/11/27 05:15:12 | 000,244,736 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2009/10/26 14:39:44 | 000,151,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/10/15 22:11:26 | 000,307,760 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/10/02 14:58:58 | 000,537,112 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/09/17 14:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/09/01 13:14:06 | 000,222,720 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009/07/30 23:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009/07/24 17:57:08 | 000,482,384 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tos_sps64.sys -- (tos_sps64)
DRV:64bit: - [2009/07/14 17:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 19:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/07/13 19:00:24 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\acpials.sys -- (acpials)
DRV:64bit: - [2009/07/09 06:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/07/07 10:51:42 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FwLnk.sys -- (FwLnk)
DRV:64bit: - [2009/06/29 18:16:20 | 000,014,784 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Thpevm.sys -- (Thpevm)
DRV:64bit: - [2009/06/29 12:25:22 | 000,034,880 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\thpdrv.sys -- (Thpdrv)
DRV:64bit: - [2009/06/22 19:06:38 | 000,035,008 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:64bit: - [2009/06/19 21:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)
DRV:64bit: - [2009/06/10 15:35:46 | 000,427,008 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL8187Se.sys -- (RTL8187Se)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/01/29 17:18:12 | 000,009,216 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motccgpfl.sys -- (motccgpfl)
DRV:64bit: - [2009/01/29 17:11:38 | 000,006,144 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motfilt.sys -- (BTCFilterService)
DRV:64bit: - [2008/05/06 17:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2007/11/02 15:52:02 | 000,008,576 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motswch.sys -- (MotoSwitchService)
DRV - [2014/06/27 16:54:56 | 000,525,016 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140815.001\IDSviA64.sys -- (IDSVia64)
DRV - [2014/06/27 11:20:31 | 002,099,288 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140816.002\ex64.sys -- (NAVEX15)
DRV - [2014/06/27 11:20:31 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140816.002\eng64.sys -- (NAVENG)
DRV - [2014/06/11 21:07:19 | 000,486,192 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2014/06/11 21:07:19 | 000,142,128 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2014/05/09 20:07:23 | 001,530,160 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140801.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2009/09/01 13:14:06 | 000,222,720 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {B7CAB0D1-34D0-441A-BD6F-2436605CB520}
IE:64bit: - HKLM\..\SearchScopes\{B7CAB0D1-34D0-441A-BD6F-2436605CB520}: "URL" = http://www.google.co...ng}&rlz=1I7TSNA
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {A9008EF1-D724-4E52-B061-22700DCAD677}
IE - HKLM\..\SearchScopes\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}: "URL" = http://search.mywebs...or={searchTerms}
IE - HKLM\..\SearchScopes\{A9008EF1-D724-4E52-B061-22700DCAD677}: "URL" = http://www.google.co...ng}&rlz=1I7TSNA
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-447802036-2442592229-764857793-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=TSNA&bmod=TSNA
IE - HKU\S-1-5-21-447802036-2442592229-764857793-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-447802036-2442592229-764857793-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co...=TSNA&bmod=TSNA
IE - HKU\S-1-5-21-447802036-2442592229-764857793-1000\..\SearchScopes,DefaultScope = {64163704-445E-4ED2-AFA0-22F498976531}
IE - HKU\S-1-5-21-447802036-2442592229-764857793-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IESR02
IE - HKU\S-1-5-21-447802036-2442592229-764857793-1000\..\SearchScopes\{64163704-445E-4ED2-AFA0-22F498976531}: "URL" = http://www.google.co...1I7TSNA_enUS494
IE - HKU\S-1-5-21-447802036-2442592229-764857793-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-447802036-2442592229-764857793-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;192.168.*.*
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.7
FF - prefs.js..extensions.enabledItems: [email protected]:1.6.0.19192
FF - prefs.js..extensions.enabledItems: [email protected]:4.11.7.244
FF - prefs.js..extensions.enabledItems: [email protected]:4.51
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:12.2.0.5 - 1
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.65.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.65.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.2.72: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.2.72: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.2.72: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\Firefox [2011/06/01 20:57:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2011/06/03 03:00:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\TelevisionFanatic\bar\1.bin
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Meeting Center\Modules\Firefox [2012/03/05 10:34:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/04/17 20:00:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ [2014/08/19 19:03:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2013/12/04 07:08:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014/06/11 21:25:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.25\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/12/05 19:37:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.25\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/07/18 18:30:28 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014/06/11 21:25:12 | 000,000,000 | ---D | M]
[2011/01/10 20:59:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Extensions
[2014/08/19 18:57:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\gbihnx4f.default\extensions
[2011/11/19 13:20:17 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\gbihnx4f.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2014/07/18 18:30:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2014/06/11 21:25:12 | 000,000,000 | ---D | M] (HP Smart Web Printing) -- C:\PROGRAM FILES (X86)\HP\DIGITAL IMAGING\SMART WEB PRINTING\MOZILLAADDON3
[2012/03/05 10:34:30 | 000,000,000 | ---D | M] (Meeting Center) -- C:\PROGRAM FILES (X86)\MEETING CENTER\MODULES\FIREFOX
[2013/12/04 07:08:51 | 000,000,000 | ---D | M] (Norton Vulnerability Protection) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF
File not found (No name found) -- C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GBIHNX4F.DEFAULT\EXTENSIONS\[email protected]
[2011/04/15 07:20:18 | 001,034,544 | ---- | M] (BitComet) -- C:\Program Files (x86)\mozilla firefox\plugins\npBitCometAgent.dll
========== Chrome ==========
CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.google.com
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java Platform SE 6 U30 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: BitCometAgent (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npBitCometAgent.dll
CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Bing Bar (Enabled) = C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll
CHR - plugin: MindSpark Toolbar Platform Plugin Stub (Enabled) = C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\NP64Stub.dll
CHR - plugin: Windows Live® Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: Norton Identity Safe = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif\1.0.5_0\
CHR - Extension: Norton Security Toolbar = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2014.7.6.17_0\
CHR - Extension: Google Wallet = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.5.0.19\coieplg.dll (Symantec Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll (Microsoft Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O2 - BHO: (no name) - MRI_DISABLED - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.5.0.19\coieplg.dll (Symantec Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-447802036-2442592229-764857793-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [] File not found
O4:64bit: - HKLM..\Run: [HDMICtrlMan] C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe (TOSHIBA Corporation.)
O4:64bit: - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4:64bit: - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [ThpSrv] C:\windows\SysNative\thpsrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TWebCamera] C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-447802036-2442592229-764857793-1000..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray File not found
O4 - HKU\S-1-5-21-447802036-2442592229-764857793-1000..\Run: [GarminExpressTrayApp] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe (Garmin Ltd or its subsidiaries)
O4 - HKU\S-1-5-21-447802036-2442592229-764857793-1000..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup File not found
O4 - HKU\S-1-5-21-447802036-2442592229-764857793-1000..\Run: [Magellan CmTray] C:\Program Files (x86)\Content Manager\CmTray.exe File not found
O4 - HKU\S-1-5-21-447802036-2442592229-764857793-1000..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy Software Installer.lnk = File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy Software Installer.lnk = File not found
O4 - Startup: C:\Users\Reese\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy Software Installer.lnk = File not found
O4 - Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verizon Wireless Software Utility Application for Android – Samsung.lnk = C:\Users\User\AppData\Roaming\VERIZON\UA_ar\UA.exe (SAMSUNG Electornics Co., Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-447802036-2442592229-764857793-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O9 - Extra Button: @C:\windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20614.www2.h...hpdetect119.cab (GMNRev Class)
O16 - DPF: Garmin Communicator Plug-In https://static.garmi...inAxControl.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 205.152.37.23
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{35ADA84F-1ABB-4FD9-880B-6E37B4B9639F}: DhcpNameServer = 192.168.0.1 205.152.37.23
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F0222AA7-F160-410A-B23E-BA00F8B97DC5}: DhcpNameServer = 192.168.0.1 205.152.37.23
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd.dll) - File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{0a5f369b-955b-11e3-ba77-00266c6a4c19}\Shell - "" = AutoRun
O33 - MountPoints2\{0a5f369b-955b-11e3-ba77-00266c6a4c19}\Shell\AutoRun\command - "" = E:\VZW_Software_upgrade_assistant.exe
O33 - MountPoints2\{6bc87f44-9b6b-11df-8cfd-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{6bc87f44-9b6b-11df-8cfd-806e6f6e6963}\Shell\AutoRun\command - "" = E:\setup.exe -a
O33 - MountPoints2\{73ec9501-8e12-11e2-9b24-00266c6a4c19}\Shell - "" = AutoRun
O33 - MountPoints2\{73ec9501-8e12-11e2-9b24-00266c6a4c19}\Shell\AutoRun\command - "" = E:\setup.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014/08/21 18:47:41 | 002,620,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wucltux.dll
[2014/08/21 18:47:41 | 000,058,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuauclt.exe
[2014/08/21 18:47:41 | 000,044,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wups2.dll
[2014/08/21 18:47:28 | 000,198,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuwebv.dll
[2014/08/21 18:47:28 | 000,179,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuwebv.dll
[2014/08/21 18:47:28 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuapp.exe
[2014/08/21 18:47:28 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuapp.exe
[2014/08/19 18:38:03 | 000,122,584 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/08/19 18:37:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/08/19 18:37:49 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbamchameleon.sys
[2014/08/19 18:37:49 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mwac.sys
[2014/08/19 18:37:49 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2014/08/19 18:37:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/08/19 18:37:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/08/17 11:17:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Codebox
[2014/08/17 11:17:37 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Bitmeter2
[2014/08/17 11:17:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Bitmeter2
[2014/08/17 11:17:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitMeter
[2014/08/17 10:24:50 | 000,000,000 | -HSD | C] -- C:\Users\User\AppData\Local\EmieUserList
[2014/08/17 10:24:50 | 000,000,000 | -HSD | C] -- C:\Users\User\AppData\Local\EmieSiteList
[2014/08/17 09:44:39 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\NPE
[2014/08/17 09:35:11 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\LogMeIn Rescue Applet
[2014/08/12 21:58:35 | 000,171,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\infocardapi.dll
[2014/08/12 21:58:35 | 000,099,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\infocardapi.dll
[2014/08/12 21:58:34 | 001,389,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\icardagt.exe
[2014/08/12 21:58:34 | 000,619,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\icardagt.exe
[2014/08/12 21:58:34 | 000,008,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\icardres.dll
[2014/08/12 21:58:34 | 000,008,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\icardres.dll
[2014/08/12 21:58:20 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\TsWpfWrp.exe
[2014/08/12 21:58:20 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TsWpfWrp.exe
[2014/08/12 15:34:18 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDYAK.DLL
[2014/08/12 15:34:18 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDYAK.DLL
[2014/08/12 15:34:18 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDTAT.DLL
[2014/08/12 15:34:18 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDTAT.DLL
[2014/08/12 15:34:18 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDRU1.DLL
[2014/08/12 15:34:18 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDBASH.DLL
[2014/08/12 15:34:18 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDRU1.DLL
[2014/08/12 15:34:18 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDRU.DLL
[2014/08/12 15:34:18 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDRU.DLL
[2014/08/12 15:34:18 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDBASH.DLL
[2014/08/12 15:34:09 | 003,241,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msi.dll
[2014/08/12 15:34:09 | 001,941,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\authui.dll
[2014/08/12 15:34:09 | 001,805,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\authui.dll
[2014/08/12 15:34:09 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msihnd.dll
[2014/08/12 15:34:09 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msihnd.dll
[2014/08/12 15:34:09 | 000,112,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\consent.exe
[2014/08/12 15:34:05 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\gdi32.dll
[2014/08/12 15:34:00 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript9diag.dll
[2014/08/12 15:34:00 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\JavaScriptCollectionAgent.dll
[2014/08/12 15:34:00 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2014/08/12 15:34:00 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/08/12 15:34:00 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieetwproxystub.dll
[2014/08/12 15:34:00 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwproxystub.dll
[2014/08/12 15:34:00 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2014/08/12 15:33:58 | 002,001,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2014/08/12 15:33:58 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2014/08/12 15:33:58 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollector.exe
[2014/08/12 15:33:58 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2014/08/12 15:33:58 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2014/08/12 15:33:58 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollectorres.dll
[2014/08/12 15:33:57 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2014/08/12 15:33:57 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2014/08/12 15:33:57 | 000,438,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2014/08/12 15:33:56 | 002,087,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2014/08/12 15:33:56 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2014/08/12 15:33:55 | 001,068,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmlmedia.dll
[2014/08/12 15:33:55 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2014/08/12 15:33:55 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2014/08/12 15:33:55 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2014/08/12 15:33:55 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MshtmlDac.dll
[2014/08/12 15:33:54 | 000,598,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2014/08/12 15:33:54 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2014/08/12 15:33:53 | 005,824,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2014/08/12 15:33:53 | 001,249,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmlmedia.dll
[2014/08/12 15:33:53 | 000,758,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9diag.dll
[2014/08/12 15:33:53 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2014/08/12 15:33:53 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2014/08/12 15:33:52 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2014/08/12 15:33:52 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2014/08/12 15:33:52 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2014/08/12 15:33:52 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MshtmlDac.dll
[2014/08/12 15:33:51 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MsSpellCheckingFacility.exe
[2014/08/12 15:30:36 | 001,216,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rpcrt4.dll
[2014/08/12 15:30:35 | 000,529,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aepdu.dll
[2014/08/12 15:30:35 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aeinv.dll
[2014/08/07 20:31:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Ant
[2014/08/07 17:26:36 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2014/08/03 11:09:46 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Macromedia
[2014/07/28 21:02:23 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\Birmingham Zoo 7-16-2014
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014/08/21 19:01:38 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/08/21 18:56:48 | 000,018,736 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/08/21 18:56:48 | 000,018,736 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/08/21 18:50:12 | 000,000,000 | ---- | M] () -- C:\Users\User\Documents\otl.htm
[2014/08/21 18:47:56 | 002,981,962 | ---- | M] () -- C:\windows\SysNative\drivers\N360x64\1505000.013\Cat.DB
[2014/08/21 18:21:05 | 000,000,894 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/08/21 18:20:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2014/08/21 17:20:00 | 000,000,890 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/08/19 19:19:35 | 000,803,910 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2014/08/19 19:19:35 | 000,678,186 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2014/08/19 19:19:35 | 000,127,734 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2014/08/19 18:59:23 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2014/08/19 18:59:12 | 3062,980,608 | -HS- | M] () -- C:\hiberfil.sys
[2014/08/19 18:37:52 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/08/19 18:16:13 | 000,422,232 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2014/08/17 11:17:58 | 000,001,163 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bitmeter2.lnk
[2014/08/16 08:44:02 | 000,002,330 | ---- | M] () -- C:\Users\Public\Desktop\Norton 360.lnk
[2014/08/16 08:42:24 | 000,042,291 | ---- | M] () -- C:\windows\SysNative\drivers\N360x64\1505000.013\VT20140731.006
[2014/08/15 20:53:30 | 000,002,194 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/08/07 21:01:55 | 000,001,899 | ---- | M] () -- C:\Users\Public\Desktop\Garmin Express.lnk
[2014/08/06 21:44:24 | 000,864,835 | ---- | M] () -- C:\Users\User\Documents\Forerunner310XT_QuickReleaseInstructions_Multilingual_.pdf
[2014/08/06 21:44:10 | 000,706,672 | ---- | M] () -- C:\Users\User\Documents\Forerunner310XT_OM_EN.pdf
[2014/08/06 21:06:41 | 000,529,920 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\aepdu.dll
[2014/08/06 21:01:34 | 000,424,448 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\aeinv.dll
[2014/08/03 12:17:24 | 000,354,616 | ---- | M] () -- C:\Users\User\Documents\White Chili Recipe.pdf
[2014/08/03 12:14:40 | 000,369,820 | ---- | M] () -- C:\Users\User\Documents\Baked Couscous with Summer Squash.pdf
[2014/08/03 11:59:42 | 000,333,739 | ---- | M] () -- C:\Users\User\Documents\Chicken Club Wraps (Prin...pdf
[2014/07/31 15:49:37 | 000,000,172 | ---- | M] () -- C:\windows\SysNative\drivers\N360x64\1505000.013\isolate.ini
[2014/07/25 09:01:41 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollectorres.dll
[2014/07/25 08:30:30 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2014/07/25 08:28:35 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieetwproxystub.dll
[2014/07/25 08:28:27 | 000,548,352 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2014/07/25 08:25:45 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\MshtmlDac.dll
[2014/07/25 08:10:00 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2014/07/25 08:03:50 | 000,598,016 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2014/07/25 08:00:51 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2014/07/25 08:00:25 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollector.exe
[2014/07/25 07:59:28 | 000,758,272 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript9diag.dll
[2014/07/25 07:47:25 | 000,940,032 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\MsSpellCheckingFacility.exe
[2014/07/25 07:40:12 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2014/07/25 07:34:49 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2014/07/25 07:33:08 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieetwproxystub.dll
[2014/07/25 07:30:32 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\MshtmlDac.dll
[2014/07/25 07:28:15 | 005,824,512 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2014/07/25 07:28:05 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\JavaScriptCollectionAgent.dll
[2014/07/25 07:19:18 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2014/07/25 07:17:33 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2014/07/25 07:17:26 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2014/07/25 07:12:35 | 000,438,784 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2014/07/25 07:10:53 | 000,292,864 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2014/07/25 07:10:15 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2014/07/25 07:08:47 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\jscript9diag.dll
[2014/07/25 06:47:50 | 000,631,808 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2014/07/25 06:43:16 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/07/25 06:42:31 | 000,692,736 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2014/07/25 06:39:29 | 002,087,936 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2014/07/25 06:39:25 | 001,249,280 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmlmedia.dll
[2014/07/25 06:36:30 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2014/07/25 06:34:04 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2014/07/25 06:07:49 | 002,001,920 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2014/07/25 06:07:10 | 001,068,032 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmlmedia.dll
[2014/07/25 05:17:47 | 000,846,336 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2014/07/25 05:09:19 | 000,704,512 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2014/07/23 00:13:10 | 000,030,068 | ---- | M] () -- C:\windows\SysNative\drivers\N360x64\1505000.013\symvtcer.dat
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014/08/21 18:50:07 | 000,000,000 | ---- | C] () -- C:\Users\User\Documents\otl.htm
[2014/08/19 18:37:52 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/08/17 11:17:58 | 000,001,163 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bitmeter2.lnk
[2014/08/07 21:01:55 | 000,001,899 | ---- | C] () -- C:\Users\Public\Desktop\Garmin Express.lnk
[2014/08/06 21:44:24 | 000,864,835 | ---- | C] () -- C:\Users\User\Documents\Forerunner310XT_QuickReleaseInstructions_Multilingual_.pdf
[2014/08/06 21:44:04 | 000,706,672 | ---- | C] () -- C:\Users\User\Documents\Forerunner310XT_OM_EN.pdf
[2014/08/03 12:17:23 | 000,354,616 | ---- | C] () -- C:\Users\User\Documents\White Chili Recipe.pdf
[2014/08/03 12:14:39 | 000,369,820 | ---- | C] () -- C:\Users\User\Documents\Baked Couscous with Summer Squash.pdf
[2014/08/03 11:59:41 | 000,333,739 | ---- | C] () -- C:\Users\User\Documents\Chicken Club Wraps (Prin...pdf
[2014/06/11 21:21:28 | 000,221,282 | ---- | C] () -- C:\windows\hpoins19.dat
[2014/06/11 21:21:28 | 000,013,898 | ---- | C] () -- C:\windows\hpomdl19.dat
[2013/09/07 17:09:12 | 000,000,101 | ---- | C] () -- C:\windows\ka.ini
[2011/01/30 11:46:41 | 000,002,675 | ---- | C] () -- C:\Users\User\AppData\Roaming\SAS7_000.DAT
[2010/12/30 22:11:58 | 000,001,057 | ---- | C] () -- C:\Users\User\AppData\Roaming\vso_ts_preview.xml
========== ZeroAccess Check ==========
[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/06/24 21:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/06/24 20:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 07:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2014/08/18 08:28:14 | 000,000,000 | ---D | M] -- C:\Users\Reese\AppData\Roaming\BitMeter2
[2013/09/09 18:07:14 | 000,000,000 | ---D | M] -- C:\Users\Reese\AppData\Roaming\Toshiba
[2010/10/01 00:00:12 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Alibre Design
[2011/08/17 12:50:44 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Amazon
[2014/02/26 11:14:03 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Audacity
[2011/10/12 10:01:07 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\BitComet
[2014/08/17 13:01:25 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Bitmeter2
[2014/08/07 21:02:38 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\GARMIN
[2013/10/16 17:34:27 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Helios
[2012/03/05 10:34:46 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Meeting Center
[2013/10/13 11:05:06 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Optical Signatures Code
[2014/07/18 18:31:42 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Oracle
[2014/08/03 12:17:25 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\PrimoPDF
[2013/10/13 10:31:17 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Sandia
[2011/10/19 20:16:56 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\SciTech Publishing
[2010/05/31 09:40:36 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Toshiba
[2014/02/26 10:55:35 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Vso
[2010/11/12 18:29:54 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\WaveMetrics
[2010/05/28 20:48:11 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\WinBatch
========== Purity Check ==========
========== Custom Scans ==========
========== Base Services ==========
SRV:64bit: - [2009/07/13 20:40:01 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:64bit: - [2013/02/27 00:47:10 | 000,070,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:64bit: - [2009/07/13 20:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:64bit: - [2010/11/20 08:27:23 | 000,849,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:64bit: - [2010/11/20 08:25:45 | 000,705,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:64bit: - [2014/04/11 21:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:64bit: - [2009/07/13 20:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2009/07/13 20:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:64bit: - [2012/07/04 17:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:64bit: - [2013/07/09 00:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV - [2013/07/08 23:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV:64bit: - [2010/11/20 08:27:24 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:64bit: - [2010/11/20 08:26:04 | 000,317,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2010/11/20 07:18:30 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2011/03/03 01:24:16 | 000,183,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:64bit: - [2009/07/13 20:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:64bit: - [2009/07/13 20:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2009/07/13 20:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:64bit: - [2009/07/13 20:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:64bit: - [2010/11/20 08:26:39 | 000,501,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:64bit: - [2009/07/13 20:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:64bit: - [2009/07/13 20:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:64bit: - [2009/07/13 20:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:64bit: - [2009/07/13 20:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV - [2009/07/13 20:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV:64bit: - [2012/10/03 12:44:21 | 000,303,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:64bit: - [2009/07/13 20:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:64bit: - [2011/05/24 06:42:55 | 000,404,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:64bit: - [2012/02/11 01:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:64bit: - [2014/04/11 21:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV:64bit: - [2009/07/13 20:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:64bit: - [2010/11/20 08:27:24 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:64bit: - [2010/11/20 08:27:24 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:64bit: - [2010/11/20 08:27:25 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:64bit: - [2014/04/11 21:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:64bit: - [2009/07/13 20:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:64bit: - [2010/11/20 08:27:26 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:64bit: - [2010/11/20 08:27:25 | 000,370,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2010/11/20 07:21:19 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:64bit: - [2010/11/20 08:27:25 | 001,110,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:64bit: - [2010/11/20 08:27:26 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2010/11/20 07:21:28 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:64bit: - [2009/07/13 20:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:64bit: - [2012/05/01 00:40:20 | 000,209,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:64bit: - [2010/11/20 08:25:27 | 001,600,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:64bit: - [2010/11/20 08:25:42 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv)
SRV:64bit: - [2010/11/20 08:25:42 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2010/11/20 08:27:25 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:64bit: - [2013/05/27 00:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010/11/20 08:27:28 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog)
SRV:64bit: - [2010/11/20 08:26:59 | 000,828,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:64bit: - [2010/11/20 08:27:28 | 000,580,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:64bit: - [2010/11/20 08:24:58 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2010/11/20 07:17:22 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysWow64\msiexec.exe -- (msiserver)
SRV:64bit: - [2009/07/13 20:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:64bit: - [2014/05/14 11:23:46 | 002,477,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:64bit: - [2010/11/20 08:26:07 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:64bit: - [2009/07/13 20:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:64bit: - [2010/11/20 08:27:28 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)
< MD5 for: RPCSS.DLL >
[2010/11/20 08:27:24 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=5C627D1B1138676C0A7AB2C2C190D123 -- C:\windows\SysNative\rpcss.dll
[2010/11/20 08:27:24 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=5C627D1B1138676C0A7AB2C2C190D123 -- C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7601.17514_none_c7f0e16b547f887d\rpcss.dll
[2009/07/13 20:41:53 | 000,509,440 | ---- | M] (Microsoft Corporation) MD5=7266972E86890E2B30C0C322E906B027 -- C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7600.16385_none_c5bfcda3579104e3\rpcss.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 222 bytes -> C:\ProgramData\TEMP:F35A93AD
< End of report >
here is the contents of Extras.txt
TL Extras logfile created on: 8/21/2014 7:11:38 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\User\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17239)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.80 Gb Total Physical Memory | 1.92 Gb Available Physical Memory | 50.57% Memory free
7.61 Gb Paging File | 5.09 Gb Available in Paging File | 66.89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 456.78 Gb Total Space | 313.76 Gb Free Space | 68.69% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Drive E: | 7.40 Gb Total Space | 6.83 Gb Free Space | 92.28% Space Free | Partition Type: FAT32
Drive G: | 931.49 Gb Total Space | 205.02 Gb Free Space | 22.01% Space Free | Partition Type: NTFS
Computer Name: USER-PC | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-447802036-2442592229-764857793-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A828B43-1C80-414F-8BE6-DC192F2EDE60}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{16174ED0-E246-4A28-9808-88EEF48D5B44}" = lport=2869 | protocol=6 | dir=in | app=system |
"{18FE68C0-5A75-4974-AE1A-DDB3295EDA20}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{1D59DB7A-D7AC-4E12-916B-03339E36AEF3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{20FB4BF0-B4C7-45D9-9FFA-09DEE783CFEC}" = lport=2869 | protocol=6 | dir=in | app=system |
"{229092D8-BEC8-4CDB-B495-0BDD2D243A0F}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{289F00D7-9A08-41A1-BD0F-F17C9168525D}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{2DADB7D9-8E7B-4F29-BC0A-79D1EC6B4EFE}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{2E35C84C-2182-4F89-A140-543E62B50999}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{3A1F19CE-F546-453B-A813-DF95AAA122B6}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{508E8991-6583-4AD4-BB88-514E4E996927}" = rport=10243 | protocol=6 | dir=out | app=system |
"{598AAC18-B6F9-4E85-958E-A80023B6C66F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5C094D16-C3A7-489D-9BDF-537EDB1F39D1}" = lport=138 | protocol=17 | dir=in | app=system |
"{68AF4CC9-91BA-4506-BC18-1686E70BA814}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{69ADC990-1782-4689-BA15-C2DB9B13B589}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{857E3C3C-7570-4CF4-9362-0836D8A3C13F}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{89C1E4EE-1C25-47E5-9877-FE340A393984}" = rport=137 | protocol=17 | dir=out | app=system |
"{9521E7D9-EADE-431C-93B8-D67A2BEAE4FF}" = lport=10243 | protocol=6 | dir=in | app=system |
"{96C275E0-BB68-4058-9946-DA922BC0109E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{981599FA-13E9-40C4-94CA-5179C5F0DCA2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BA309B86-937F-4169-83A5-062DEF1414A3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C55B0ACC-3861-4C51-9710-EB95C7BAB67D}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{C8085CDA-84E4-4F2A-9720-6977CE2F95AC}" = rport=139 | protocol=6 | dir=out | app=system |
"{CE5E3BAD-A992-4295-B60C-C1C5928CDF95}" = lport=445 | protocol=6 | dir=in | app=system |
"{D5273AEA-6817-4B96-AF60-C536FFAE171F}" = lport=139 | protocol=6 | dir=in | app=system |
"{DACCF5F7-A2EC-4D73-B39F-85D402DC52CF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DD0DE543-D938-4378-BCEC-E286663D31A5}" = rport=138 | protocol=17 | dir=out | app=system |
"{DD0EB022-F579-4A3D-9FA4-D543ECD3D727}" = rport=445 | protocol=6 | dir=out | app=system |
"{E8CB7480-D232-4139-A065-D8809AAF07D6}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{F1B38163-A2E0-4CFE-9461-CA3AD370E353}" = lport=137 | protocol=17 | dir=in | app=system |
"{F37A6A32-3442-48FA-9F80-21C142F6FD98}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F3B9FC74-35A1-43EB-9F3F-49B37D83FD07}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F7DADAC0-73CF-4BDD-B7BE-36BB0BFF7C66}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{024B30FA-C361-4E65-B013-7A6CCAFB03B7}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqnrs08.exe |
"{0367836C-B65B-49D9-80AF-2CA2929B2A9D}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{0543F66A-A00B-47FF-B9F4-7D2E616E23F9}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0A0B9FFC-3604-48F0-B5DE-A4F3AEA371A7}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{0E85228C-9DCC-4E66-9FF1-69ECCD846F37}" = protocol=58 | dir=in | [email protected],-28545 |
"{139A4557-2F5E-4FAA-BC72-6F5C0FA67563}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{1636F725-AA57-4FBD-852F-32602DC436F4}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{19E96060-5FB2-45BA-9244-E7A765C28E51}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{1F5763D7-66B9-4C3B-A540-89FE99AB52FD}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{25B006AF-7A9E-42AC-AD1B-D8801F3EB1BC}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{2FBBB30C-107F-457A-9659-7EBB845C13F9}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd dx\powerdvd.exe |
"{3001509C-A7E7-4AA7-BDC4-419DE0EDCCBC}" = protocol=6 | dir=in | app=c:\program files\hp\hp officejet 6500 e710n-z\bin\hpnetworkcommunicator.exe |
"{30C0D628-3AE8-4CB5-BCA4-D9208B2992AA}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{35E5D4B4-6943-4BFF-9ED2-FB90499775BC}" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"{360D61DF-9758-4BDA-96AB-7D188C1DDF5F}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{3AF6E64D-A74E-4C24-AA6A-ECD5F41A4E9E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3B08694D-D7AB-4DC3-87A7-637A2CB6D2DA}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{453DF98D-1D0C-4622-804C-41B14A8D1221}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{47E10A6A-7E40-4FCF-9CD2-BDD7ABB8E1B5}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe |
"{48A1085E-8CF9-4660-AFEE-C0256BE4E028}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{55A380FD-E5DE-4D39-81BD-2BA2E12DDDC4}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{55CC497C-6179-4118-BFDD-FFAFF9412A84}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{58C7D23B-00F1-48BF-8E89-8D51D4A0FF8A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{59461989-85ED-48DB-B413-C1AC7DFF70A1}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe |
"{595BC8A3-5830-4226-981C-6CF2EC246A82}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{5AAB4E5D-9109-47FF-98FE-50EBDADAC58B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{5B312D5F-2CBF-4AB5-B0D3-EF6F7BFECFBE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe |
"{6065C977-AD69-4DEA-BAFD-9A9F552959CD}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{608320D5-12F5-433C-89C1-9BD9C5CDD8B6}" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"{614E0258-B125-45CC-89B8-CDBE4B51A2B0}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{62C5090E-8D14-4806-93D6-D80883109423}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{68864342-12B7-46F1-9475-17BE65EF45A9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6A2F12ED-27F0-4A6E-B3EE-F87D0A7F4972}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{730D29BD-CE64-4C0B-9B0F-37E9D011AD9A}" = protocol=1 | dir=out | [email protected],-28544 |
"{7324BE71-8633-46B1-8DB4-656037FB7194}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{753AD351-8538-485F-A481-47E311C4EAFE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{757E44B3-71FC-401B-9B32-EC112A72BCB3}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe |
"{78B96666-C4A0-41FB-A133-45B8BB541BE7}" = protocol=17 | dir=in | app=c:\program files\hp\hp officejet 6500 e710n-z\bin\devicesetup.exe |
"{7AA7ED6C-BA4C-4F3A-B5AF-8AB9550513E1}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{7B5F0052-E3BA-442A-86D6-093493AD63A1}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{7E4359F7-377F-407A-B73C-3520F73A8186}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{81BF7BFA-8530-4DA1-807A-A85F42B6E0E1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{81E6CE4D-6DCF-40DD-AB48-8DE4B3E68599}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{857E9064-F8C6-4BFA-A983-EE8875DDF730}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{95BC25B8-BB25-48EC-8251-8C62930911A9}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{9671DCEB-8070-46E9-9C2F-814C14B22EC3}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{9855D355-C133-43E4-BED3-CEF871001C88}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{99E256E0-720B-44F7-9B5E-B5B4299FC55E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{9B6BF860-3523-4CDF-8E6D-3B944F8825B4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9F0AD042-D5E1-421F-8692-526061974784}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9F86EE34-34AC-488E-AD30-D86121E2699F}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{A2573CE6-4A19-49A9-B25D-DFC7AC4D497A}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{A50B50AC-E29E-497D-BE62-AE44C4AF46C6}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe |
"{A5BC5303-7DEC-4EF1-8CF3-DE930B62A035}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{A65C7729-ADF8-4951-9984-57D8801A2DE4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A9C95F74-602F-4E81-8CC7-D851C72D3E70}" = protocol=6 | dir=in | app=c:\program files\hp\hp officejet 6500 e710n-z\bin\devicesetup.exe |
"{AEB505CF-A07A-4603-AD90-09A27577158D}" = protocol=1 | dir=in | [email protected],-28543 |
"{B6972564-B1EF-454D-8A61-68BCC96F20E4}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{BA243450-6AD4-4B84-82B3-76E18BE84B22}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{BDC05899-4761-4D26-A352-D2CEBC0AC7F1}" = protocol=6 | dir=out | app=system |
"{C0AA09F4-7B0B-4B80-84C1-7B0BA09D4BA3}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd dx\pdvddxsrv.exe |
"{C326C348-5DDF-44BE-8039-89440F27D27D}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C84AD441-8295-4EAF-B46E-9F2B14E6CBBB}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{CCB0371E-8705-46DB-A365-EE3FF2097199}" = protocol=6 | dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{CD7DCBF5-6660-4D23-A602-0C291488A223}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe |
"{D1B2C787-241A-42DC-B42D-ADB352D4EA01}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{D278BAD8-2F87-47AC-B1D7-E2C00B8BE50B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe |
"{D2F8FDEB-F55F-4599-88B2-F03677FC81FD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D4418510-EBB6-419E-A8DB-F076072EEF2C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DD3FAEBA-83DE-43E8-9782-2911017F1B92}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{DE1BB76E-8CDA-4C74-BDD1-02F8F0C0A3EC}" = protocol=58 | dir=out | [email protected],-28546 |
"{DEAAEFD9-ADC9-4008-92CE-868B10CD83EF}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E21C35DB-1F3E-48B2-B014-35F1F920BDF0}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{E3D92751-693C-4E01-B308-EB25FEF2635C}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{E70751DD-A66F-4D00-A5D7-B330A6DD12AD}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{F3F271E4-5BD9-4633-A541-FBBAA9BB4E69}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe |
"{F646723C-59E7-41A6-B41B-00D9EB135977}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{F669E382-1087-4CD4-9AB8-25AB553E5ADF}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe |
"{FC56676B-3E29-46B1-BFAA-9096B904278D}" = protocol=17 | dir=in | app=c:\program files\hp\hp officejet 6500 e710n-z\bin\hpnetworkcommunicator.exe |
"TCP Query User{DD21896C-D410-4745-AABE-EF2EFD9DB0D0}C:\users\user\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe" = protocol=6 | dir=in | app=c:\users\user\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe |
"TCP Query User{E3EDBC13-AE2B-410D-80F3-D4CDADF51B89}C:\program files (x86)\intel corporation\intel wireless display\widiapp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\intel corporation\intel wireless display\widiapp.exe |
"UDP Query User{3FBD4CAF-A508-4640-9850-B23F0D784C0B}C:\program files (x86)\intel corporation\intel wireless display\widiapp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\intel corporation\intel wireless display\widiapp.exe |
"UDP Query User{906A7AA5-8D6B-48AB-AA25-CA702AF89A58}C:\users\user\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe" = protocol=17 | dir=in | app=c:\users\user\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{23170F69-40C1-2702-0925-000001000000}" = 7-Zip 9.25 (x64 edition)
"{26F41FA3-3170-446B-A3A2-83F5FA26E6CD}" = Intel® Wireless Display
"{2D2820A1-F214-4B7A-912E-A87E5608CF10}" = Motorola Mobile Drivers Installation 5.0.0
"{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}" = Apple Mobile Device Support
"{37A08B0D-1168-49E3-B2BD-933B83F36E92}" = ANT Drivers Installer x64
"{4327107B-E95E-415C-9194-458FCED6BF12}" = Intel® PROSet/Wireless WiFi Software
"{4A5A427F-BA39-4BF0-9A47-7777FBE60C9F}" = Visual C++ Runtime for Dragon NaturallySpeaking 64bit (x64)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5BCC94A1-DEF1-4AB4-8046-BC13048E929A}" = TOSHIBA ReelTime
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile Device Center
"{63DA1F6A-2E65-4367-99B9-9E39FADEC446}" = HDMI Control Manager
"{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64
"{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}" = MobileMe Control Panel
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{70BF6489-4E33-4AFE-90B6-9A8120E6EEA5}" = HP Officejet 6500 E710n-z Product Improvement Study
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{92DBCA36-9B41-4DD1-941A-AED149DD37F0}" = Windows Mobile Device Center Driver Update
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{94A90C69-71C1-470A-88F5-AA47ECC96B40}" = TOSHIBA HDD Protection
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}" = TOSHIBA PC Health Monitor
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{B61ED343-0B14-4241-999C-490CB1A20DA4}" = HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{BF09A017-54F4-46BC-AF54-F6DA0D7486D3}" = HP Officejet 6500 E710n-z Basic Device Software
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240C7}" = WinZip 16.0
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}" = iTunes
"{EAFB2AD8-D92B-464C-8D97-B9CB94703C4A}" = iCloud
"{F64684A0-754B-4637-B7F9-6E8DAA8CD5CD}" = TOSHIBA Bulletin Board
"{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"{FBBC4667-2521-4E78-B1BD-8706F774549B}" = Best Buy Software Installer
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"98157A226B40B173301B0F53C8E98C47805D5152" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0)
"D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2" = Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1)
"F9D2A789F9CFF8CEC36B544F53877C80F1F73C46" = Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201)
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"Pioneer 4.2.0.66 (x64, VS2008)" = Pioneer 4.2.0.66 (x64, VS2008)
"ProInst" = Intel PROSet Wireless
"Shop for HP Supplies" = Shop for HP Supplies
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{008D69EB-70FF-46AB-9C75-924620DF191A}" = TOSHIBA Speech System SR Engine(U.S.) Version1.0
"{041E914E-7B73-4E8B-967F-B7FFC527FF80}" = Verizon Wireless Software Utility Application for Android - Samsung
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{104066F4-5897-4067-85D3-4C88B67CCF75}" = AIO_Scan
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{187DA2A3-9687-4740-BD77-5ABB15BCDA8D}" = Garmin Express
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1B87C40B-A60B-4EF3-9A68-706CF4B69978}" = TOSHIBA Assist
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{2289494D-48E6-40F0-ABE1-24F1FD5A84E5}" = Garmin Express Tray
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F03217065FF}" = Java 7 Update 65
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C22981C-5C14-4176-B0E8-C2BE71174C41}" = HP Product Detection
"{3C4BCD2A-8D3C-4663-9449-AB7B3AFD096F}" = Elevated Installer
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker
"{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}" = Garmin USB Drivers
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{3FBF6F99-8EC6-41B4-8527-0A32241B5496}" = TOSHIBA Speech System TTS Engine(U.S.) Version1.0
"{41773726-92D0-4265-A0F8-DD980CA1AEC4}" = TOSHIBA Wireless Display Update Package
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}" = Google Earth Plug-in
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{4F7177E9-2B54-48B4-AAFD-03FA1F87A542}" = Bing Bar Platform
"{5653EDEC-7F32-4BAA-82CA-0503AE696E6F}" = Alibre Design
"{5AF550B4-BB67-4E7E-82F1-2C4300279050}" = ToshibaRegistration
"{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application
"{63DA1F6A-2E65-4367-99B9-9E39FADEC446}" = HDMI Control Manager
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{65AB08A4-56A4-4362-A9E7-F0A8D8901F80}" = WModem Driver Installer
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{68A35043-C55A-4237-88C9-37EE1C63ED71}" = Microsoft Visual J# 2.0 Redistributable Package
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{85AF94EC-55DE-452A-8FD7-C34E598B3F1F}" = Adobe Premiere Elements 7.0 Templates
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8A519969-3D04-4424-A3F9-E3299DCB2005}" = Windows Mobile Update KB958639
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_SMALLBUSINESSR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}_SMALLBUSINESSR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_SMALLBUSINESSR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_SMALLBUSINESSR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_SMALLBUSINESSR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91120000-00CA-0000-0000-0000000FF1CE}" = Microsoft Office Small Business 2007
"{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{94CAC2F1-C856-47F4-AF24-65A1E75AEDB9}" = MotoHelper MergeModules
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{96312C46-E17A-4598-B1C6-C21C288840B5}" = Meeting Center
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}" = TOSHIBA Application Installer
"{97486FBE-A3FC-4783-8D55-EA37E9D171CC}" = HP Update
"{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}" = TOSHIBA Media Controller
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F53AC20-2D32-4341-9DA1-29DD40E2199E}" = TextPad 7
"{9F6B13E2-B93F-4203-9BD4-5DC18C9F9DEB}" = AIO_CDB_Software
"{A208044D-A88B-4ACF-AE95-E4F213E6EDC0}" = TOSHIBA Supervisor Password
"{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}" = Roxio Roxio Burn
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.3
"{AC76BA86-7AD7-5760-0000-900000000003}" = Japanese Fonts Support For Adobe Reader 9
"{AE1EC58E-B2AC-4959-A4C2-C38202A25239}" = Garmin WebUpdater
"{AFBBF30D-ADA9-4313-464E-14458B6BE034}" = PhotoshopdotcomInspirationBrowser
"{AFE499B5-FCC4-45E6-A1A5-3C51AE0E539B}" = Mobipocket Creator 4.2
"{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Burn
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{b43ffffb-1adc-4bcb-b277-7844ebff94da}" = Garmin Express
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B95B1BA9-F887-4B3C-8D3A-CCD4C4675120}" = Microsoft Default Manager
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{CA6BCA2F-EDEB-408F-850B-31404BE16A61}" = I.R.I.S. OCR
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CB6075D9-F912-40AE-BEA6-E590DA24F16B}" = Adobe Photoshop Elements 7.0
"{CCF6F57B-F6B4-4508-BF45-63AAC9DE416A}" = Quicken 2010
"{ce085a78-074e-4823-8dc1-8a721b94b76d}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
"{D0387727-C89D-4774-B643-B9333EAA09DE}" = TOSHIBA Hardware Setup
"{D386A925-7B67-4332-9948-3011658642ED}" = TPV
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{D564B5E2-CCB5-4A5C-B35E-2FC30BBC9336}" = Adobe Premiere Elements 7.0
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.1.9.347
"{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}" = AnswerWorks 5.0 English Runtime
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{DDA98443-1DB0-475D-BFB2-528AEC7C6AB6}" = WinOSC 6.5
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E487EE7D-EAAA-4E2A-9116-E3B477D8A74F}" = TOSHIBA USB Sleep and Charge Utility
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E69992ED-A7F6-406C-9280-1C156417BC49}" = TOSHIBA Quality Application
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{EE033C1F-443E-41EC-A0E2-559B539A4E4D}" = TOSHIBA Speech System Applications
"{EFBC0CB1-AFFD-4E74-ACEF-42099F1D49C3}" = HP Officejet 6500 E710n-z Help
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3529665-D75E-4D6D-98F0-745C78C68E9B}" = TOSHIBA ConfigFree
"{F6234880-85BE-4DCB-8A45-1FF85A1A8552}" = SmartSound Quicktracks for Premiere Elements
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{FA4C2D53-205F-4245-9717-F3761154824D}" = Safari
"{FB0C267C-8B4F-4867-8161-A6A3B66D42C1}" = Marketsplash Shortcuts
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 14 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin
"Adobe Photoshop Elements 7" = Adobe Photoshop Elements 7.0
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.12
"Auburn University" = Auburn University Screen Saver
"Audacity_is1" = Audacity 2.0.5
"Best Buy Software Installer" = Best Buy Software Installer
"BitMeter" = BitMeter
"Cubit" = CUBIT 13.0 CUBIT
"Dreamship Tales" = Dreamship Tales
"ExtractNow_is1" = ExtractNow
"Google Chrome" = Google Chrome
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Photo Creations" = HP Photo Creations
"Igor Pro" = Igor Pro
"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"InstallShield_{5BCC94A1-DEF1-4AB4-8046-BC13048E929A}" = TOSHIBA ReelTime
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{63DA1F6A-2E65-4367-99B9-9E39FADEC446}" = HDMI Control Manager
"InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"InstallShield_{F6234880-85BE-4DCB-8A45-1FF85A1A8552}" = SmartSound Quicktracks for Premiere Elements
"InstallShield_{F64684A0-754B-4637-B7F9-6E8DAA8CD5CD}" = TOSHIBA Bulletin Board
"InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"JumpStart Advanced Kindergarten" = JumpStart Advanced Kindergarten
"Ken Ward's Zipper_is1" = Ken Ward's Zipper 1.4000
"LADSPA_plugins-win_is1" = LADSPA_plugins-win-0.4.15
"LAME_is1" = LAME v3.99.3 (for Windows)
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.2.1012
"MatlabR2010a" = MATLAB Student R2010a
"Microsoft Visual J# 2.0 Redistributable Package" = Microsoft Visual J# 2.0 Redistributable Package
"MotoHelper" = MotoHelper 2.0.45 Driver 5.0.0
"Mozilla Firefox (3.6.25)" = Mozilla Firefox (3.6.25)
"N360" = Norton 360
"PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1" = Adobe Photoshop.com Inspiration Browser
"Pioneer 3.4.4.162" = Pioneer 3.4.4.162
"Pioneer Overview" = Pioneer Overview
"PremElem70" = Adobe Premiere Elements 7.0
"PremElem70Templates" = Adobe Premiere Elements 7.0 Templates
"PrimoPDF" = PrimoPDF -- brought to you by Nitro PDF Software
"Reader Rabbit Learn To Read With Phonics" = Reader Rabbit Learn To Read With Phonics
"RealPlayer 15.0" = RealPlayer
"SMALLBUSINESSR" = Microsoft Office Small Business 2007
"Where in the World Is Carmen Sandiego? Treasures of Knowledge" = Where in the World Is Carmen Sandiego? Treasures of Knowledge
"WinLiveSuite_Wave3" = Windows Live Essentials
"Yahoo! Companion" = Yahoo! Toolbar
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-447802036-2442592229-764857793-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Ask Toolbar Updater
"Amazon Kindle" = Amazon Kindle
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 8/17/2014 1:41:00 AM | Computer Name = User-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "C:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "C:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
"version" in element "assemblyIdentity" is invalid.
Error - 8/17/2014 11:26:05 AM | Computer Name = User-PC | Source = Application Error | ID = 1000
Description = Faulting application name: UA.exe, version: 1.0.0.1, time stamp: 0x52df3e99
Faulting
module name: MSVCR90.dll, version: 9.0.30729.6161, time stamp: 0x4dace5b9 Exception
code: 0xc0000005 Fault offset: 0x00056b1d Faulting process id: 0x1468 Faulting application
start time: 0x01cfba2f7f189f74 Faulting application path: C:\Users\User\AppData\Roaming\VERIZON\UA_ar\UA.exe
Faulting
module path: C:\windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll
Report
Id: cd4b179b-2622-11e4-ba95-00266c6a4c19
Error - 8/18/2014 9:20:28 AM | Computer Name = User-PC | Source = Best Buy Software Installer | ID = 0
Description = Timestamp: 8/18/2014 1:20:27 PM Message: Unable to check for updates.
Exception: The remote name could not be resolved: 'pcimage.bestbuy.com' Stack Trace:
at System.Net.WebClient.DownloadDataInternal(Uri address, WebRequest& request)
at System.Net.WebClient.DownloadString(Uri address) at BestBuy.PCImage.Common.SetupInstaller.CheckForUpdates()
Category:
General Priority: -1 EventId: 0 Severity: Error Title: Machine: USER-PC Application Domain:
Best Buy Software Installer.exe Process Id: 4540 Process Name: C:\Program Files\Best
Buy Software Installer\Best Buy Software Installer.exe Win32 Thread Id: 3704 Thread
Name: Extended Properties:
Error - 8/18/2014 9:20:28 AM | Computer Name = User-PC | Source = Best Buy Software Installer | ID = 0
Description =
Error - 8/19/2014 7:18:37 PM | Computer Name = User-PC | Source = Application Error | ID = 1000
Description = Faulting application name: UA.exe, version: 1.0.0.1, time stamp: 0x52df3e99
Faulting
module name: MSVCR90.dll, version: 9.0.30729.6161, time stamp: 0x4dace5b9 Exception
code: 0xc0000005 Fault offset: 0x00056b1d Faulting process id: 0x13d0 Faulting application
start time: 0x01cfbc03cbecedba Faulting application path: C:\Users\User\AppData\Roaming\VERIZON\UA_ar\UA.exe
Faulting
module path: C:\windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll
Report
Id: 256e7681-27f7-11e4-b78a-0023146493d4
Error - 8/19/2014 8:01:44 PM | Computer Name = User-PC | Source = Application Error | ID = 1000
Description = Faulting application name: UA.exe, version: 1.0.0.1, time stamp: 0x52df3e99
Faulting
module name: MSVCR90.dll, version: 9.0.30729.6161, time stamp: 0x4dace5b9 Exception
code: 0xc0000005 Fault offset: 0x00056b1d Faulting process id: 0x1090 Faulting application
start time: 0x01cfbc09db0e245a Faulting application path: C:\Users\User\AppData\Roaming\VERIZON\UA_ar\UA.exe
Faulting
module path: C:\windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll
Report
Id: 2b5dd773-27fd-11e4-a58d-0023146493d4
Error - 8/19/2014 8:26:53 PM | Computer Name = User-PC | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "C:\Program Files (x86)\Windows
Live\Photo Gallery\MovieMaker.Exe".Error in manifest or policy file "C:\Program
Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" on line 8. Component identity
found in manifest does not match the identity of the component requested. Reference
is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definition
is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Please use
sxstrace.exe for detailed diagnosis.
Error - 8/19/2014 8:26:54 PM | Computer Name = User-PC | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "C:\Program Files (x86)\Windows
Live\Photo Gallery\MovieMaker.Exe".Error in manifest or policy file "C:\Program
Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" on line 8. Component identity
found in manifest does not match the identity of the component requested. Reference
is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definition
is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Please use
sxstrace.exe for detailed diagnosis.
Error - 8/19/2014 8:26:54 PM | Computer Name = User-PC | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "C:\Program Files (x86)\Windows
Live\Photo Gallery\MovieMaker.Exe".Error in manifest or policy file "C:\Program
Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" on line 8. Component identity
found in manifest does not match the identity of the component requested. Reference
is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definition
is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Please use
sxstrace.exe for detailed diagnosis.
Error - 8/19/2014 10:35:20 PM | Computer Name = User-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "C:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "C:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
"version" in element "assemblyIdentity" is invalid.
[ System Events ]
Error - 8/6/2014 10:12:58 PM | Computer Name = User-PC | Source = Schannel | ID = 36887
Description = The following fatal alert was received: 47.
Error - 8/6/2014 10:13:02 PM | Computer Name = User-PC | Source = Schannel | ID = 36887
Description = The following fatal alert was received: 47.
Error - 8/6/2014 10:13:15 PM | Computer Name = User-PC | Source = Schannel | ID = 36887
Description = The following fatal alert was received: 47.
Error - 8/6/2014 10:13:15 PM | Computer Name = User-PC | Source = Schannel | ID = 36887
Description = The following fatal alert was received: 47.
Error - 8/6/2014 10:13:15 PM | Computer Name = User-PC | Source = Schannel | ID = 36887
Description = The following fatal alert was received: 47.
Error - 8/6/2014 10:13:18 PM | Computer Name = User-PC | Source = Schannel | ID = 36887
Description = The following fatal alert was received: 47.
Error - 8/6/2014 10:14:21 PM | Computer Name = User-PC | Source = Schannel | ID = 36887
Description = The following fatal alert was received: 47.
Error - 8/6/2014 10:14:21 PM | Computer Name = User-PC | Source = Schannel | ID = 36887
Description = The following fatal alert was received: 47.
Error - 8/7/2014 10:01:38 PM | Computer Name = User-PC | Source = Service Control Manager | ID = 7031
Description = The Garmin Core Update Service service terminated unexpectedly. It
has done this 1 time(s). The following corrective action will be taken in 60000
milliseconds: Restart the service.
Error - 8/18/2014 9:18:13 AM | Computer Name = User-PC | Source = DCOM | ID = 10010
Description =
< End of report >