SAFE.Heur.418c and Trojan-PSW.BAT.[bleep]er malware/virus

I seem to have been infected with malware/virus and cannot seem to get rid of it. I have scanned my system using Norton’s Antivirus Ver.21.6.0.32 and CCleaner v4.13.46593 (64 bit) and they keep recurring, I believe I picked up the virus from a Kroger gift card post on Facebook.

Any assistance would be greatly appreciated.

Dave

OTL log attached:

OTL logfile created on: 10/27/2014 9:02:52 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dave\Documents
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17358)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.80 Gb Total Physical Memory | 1.50 Gb Available Physical Memory | 39.42% Memory free
7.61 Gb Paging File | 4.34 Gb Available in Paging File | 57.12% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283.34 Gb Total Space | 197.33 Gb Free Space | 69.64% Space Free | Partition Type: NTFS

Computer Name: WALKER-LAPTOP | User Name: Dave | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found -- C:\Users\Dave\My Documents\OTL.exe
PRC - [2014/10/27 19:48:10 | 000,524,016 | ---- | M] () -- C:\Program Files (x86)\AdvanceElite\bin\utilAdvanceElite.exe
PRC - [2014/10/27 18:07:26 | 000,123,632 | ---- | M] () -- C:\ProgramData\d2446020-ddff-402b-b064-199d2ce66b2b\maintainer.exe
PRC - [2014/10/27 14:46:29 | 000,098,544 | ---- | M] () -- C:\Program Files (x86)\AdvanceElite\bin\AdvanceElite.BrowserAdapter.exe
PRC - [2014/10/27 11:53:48 | 001,649,904 | ---- | M] () -- C:\Program Files (x86)\AdvanceElite\bin\AdvanceElite.BOASHelper.exe
PRC - [2014/10/27 11:53:46 | 001,791,216 | ---- | M] () -- C:\Program Files (x86)\AdvanceElite\bin\AdvanceElite.BOAS.exe
PRC - [2014/10/27 11:53:46 | 001,786,608 | ---- | M] () -- C:\Program Files (x86)\AdvanceElite\bin\AdvanceElite.BOASPRT.exe
PRC - [2014/10/26 15:09:33 | 000,523,504 | ---- | M] () -- C:\Program Files (x86)\AdvanceElite\updateAdvanceElite.exe
PRC - [2014/10/21 16:39:18 | 001,611,584 | ---- | M] (Spigot, Inc.) -- C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
PRC - [2014/10/21 16:34:22 | 000,990,584 | ---- | M] (Spigot, Inc.) -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
PRC - [2014/09/21 05:59:37 | 000,262,968 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton AntiVirus\Norton AntiVirus\Engine\21.6.0.32\nav.exe
PRC - [2014/09/12 05:43:06 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014/08/25 20:47:23 | 002,640,408 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
PRC - [2014/08/11 11:16:55 | 001,820,184 | ---- | M] (AVG Secure Search) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
PRC - [2014/08/11 11:16:54 | 000,159,768 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
PRC - [2014/08/07 08:52:52 | 000,438,616 | ---- | M] (Garmin Ltd or its subsidiaries) -- C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
PRC - [2014/07/02 15:07:26 | 003,431,712 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe
PRC - [2014/06/03 13:44:20 | 000,173,792 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
PRC - [2014/05/21 11:34:38 | 000,049,464 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe
PRC - [2014/03/26 18:41:12 | 001,723,760 | ---- | M] (NDS Technologies) -- C:\Users\Dave\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe
PRC - [2014/03/26 18:41:08 | 001,523,560 | ---- | M] () -- C:\Users\Dave\AppData\Local\DIRECTV Player\NDSPCShowServer.exe
PRC - [2014/03/11 23:36:06 | 000,247,968 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
PRC - [2013/09/24 09:25:25 | 000,049,008 | ---- | M] (CenturyLink Inc) -- C:\Program Files (x86)\CenturyLink\Desktop\CenturyLinkTouchPointAgent.exe
PRC - [2013/03/21 14:24:12 | 000,222,368 | ---- | M] () -- C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe
PRC - [2011/08/09 17:56:40 | 000,417,112 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCTray.exe
PRC - [2011/08/09 17:38:38 | 000,328,536 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe
PRC - [2010/03/17 17:37:16 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/03/17 17:34:12 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2009/12/29 17:35:38 | 000,140,520 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2009/12/23 18:39:04 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2009/12/23 18:39:02 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2009/10/15 04:10:28 | 000,498,160 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2009/06/24 17:21:38 | 000,409,744 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
PRC - [2009/06/09 10:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2009/05/21 09:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
PRC - [2009/05/21 09:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe

========== Modules (No Company Name) ==========

MOD - [2014/10/27 14:46:29 | 000,098,544 | ---- | M] () -- C:\Program Files (x86)\AdvanceElite\bin\AdvanceElite.BrowserAdapter.exe
MOD - [2014/10/27 11:53:48 | 001,649,904 | ---- | M] () -- C:\Program Files (x86)\AdvanceElite\bin\AdvanceElite.BOASHelper.exe
MOD - [2014/10/27 11:53:46 | 001,791,216 | ---- | M] () -- C:\Program Files (x86)\AdvanceElite\bin\AdvanceElite.BOAS.exe
MOD - [2014/10/27 11:53:46 | 001,786,608 | ---- | M] () -- C:\Program Files (x86)\AdvanceElite\bin\AdvanceElite.BOASPRT.exe
MOD - [2014/10/22 21:17:40 | 001,051,136 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\99cdfef98595ed91f14936cf52a49c54\System.Management.ni.dll
MOD - [2014/10/21 19:42:52 | 001,840,640 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\75670ab8fe2a25bf165fafcc25be270e\System.Web.Services.ni.dll
MOD - [2014/10/21 19:42:41 | 000,774,144 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b3011370dcbf33751d3b9dce8091c6c6\System.Runtime.Remoting.ni.dll
MOD - [2014/10/21 19:42:10 | 000,310,784 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\91eb4f41130c65ef17f0fee1d3ab48fb\System.Runtime.Serialization.Formatters.Soap.ni.dll
MOD - [2014/10/21 19:42:09 | 012,435,968 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1453d9e9a4989833ef3db4b22549ba1a\System.Windows.Forms.ni.dll
MOD - [2014/10/21 19:42:02 | 001,593,344 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\836e10dfd0811b303553216f5cb092ef\System.Drawing.ni.dll
MOD - [2014/10/21 19:41:55 | 005,467,648 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49908aa93a23c84847b1f8b1b667860\System.Xml.ni.dll
MOD - [2014/10/21 19:41:51 | 000,978,432 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\237d509a79aeef6e4635b09450d98f2a\System.Configuration.ni.dll
MOD - [2014/10/21 19:41:35 | 003,348,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d97a5aa0eb7697aca7c6e90ae471af2b\WindowsBase.ni.dll
MOD - [2014/10/21 19:41:28 | 007,991,808 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\908ba9e296e92b4e14bdc2437edac603\System.ni.dll
MOD - [2014/09/12 15:46:25 | 011,497,984 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll
MOD - [2014/08/25 20:47:23 | 002,640,408 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
MOD - [2014/08/11 11:16:55 | 000,519,704 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\log4cplusU.dll
MOD - [2014/06/04 15:17:12 | 000,892,288 | ---- | M] () -- C:\Program Files (x86)\IObit\Smart Defrag 3\webres.dll
MOD - [2014/03/26 18:42:08 | 000,091,976 | ---- | M] () -- C:\Users\Dave\AppData\Local\DIRECTV Player\z.dll
MOD - [2014/03/26 18:42:00 | 000,338,784 | ---- | M] () -- C:\Users\Dave\AppData\Local\DIRECTV Player\ndsLogStore.dll
MOD - [2014/03/26 18:41:58 | 001,403,224 | ---- | M] () -- C:\Users\Dave\AppData\Local\DIRECTV Player\libxml2-2.dll
MOD - [2014/03/26 18:41:48 | 000,043,880 | ---- | M] () -- C:\Users\Dave\AppData\Local\DIRECTV Player\libgstvideo-0.10.dll
MOD - [2014/03/26 18:41:46 | 000,689,000 | ---- | M] () -- C:\Users\Dave\AppData\Local\DIRECTV Player\libgstreamer-0.10.dll
MOD - [2014/03/26 18:41:44 | 000,060,272 | ---- | M] () -- C:\Users\Dave\AppData\Local\DIRECTV Player\libgstinterfaces-0.10.dll
MOD - [2014/03/26 18:41:36 | 000,205,672 | ---- | M] () -- C:\Users\Dave\AppData\Local\DIRECTV Player\libgstbase-0.10.dll
MOD - [2014/03/26 18:41:24 | 007,730,016 | ---- | M] () -- C:\Users\Dave\AppData\Local\DIRECTV Player\gsttspplugin.dll
MOD - [2014/03/26 18:41:10 | 005,979,488 | ---- | M] () -- C:\Users\Dave\AppData\Local\DIRECTV Player\PCShowServer.dll
MOD - [2014/03/26 18:41:08 | 001,523,560 | ---- | M] () -- C:\Users\Dave\AppData\Local\DIRECTV Player\NDSPCShowServer.exe
MOD - [2014/03/26 18:41:02 | 003,261,280 | ---- | M] () -- C:\Users\Dave\AppData\Local\DIRECTV Player\DrmSingleton.dll
MOD - [2014/03/26 18:41:02 | 002,229,096 | ---- | M] () -- C:\Users\Dave\AppData\Local\DIRECTV Player\DiscoveryManager.dll
MOD - [2013/09/05 01:14:10 | 004,300,456 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2011/11/02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009/10/15 04:10:28 | 000,498,160 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe

========== Services (SafeList) ==========

SRV:64bit: - [2014/09/18 21:25:49 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010/03/17 17:29:08 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2010/03/17 17:27:52 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\WINDOWS\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\stacsv64.exe -- (STacSV)
SRV:64bit: - [2010/02/03 02:13:10 | 000,048,128 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE -- (wltrysvc)
SRV:64bit: - [2009/07/09 19:48:34 | 001,044,648 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\SysNative\dldtcoms.exe -- (dldt_device)
SRV:64bit: - [2009/06/09 10:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2014/10/27 19:48:10 | 000,524,016 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\AdvanceElite\bin\utilAdvanceElite.exe -- (Util AdvanceElite)
SRV - [2014/10/27 18:07:26 | 000,123,632 | ---- | M] () [Auto | Running] -- C:\ProgramData\d2446020-ddff-402b-b064-199d2ce66b2b\maintainer.exe -- (MaintainerSvc1.20.7247763)
SRV - [2014/10/26 15:09:33 | 000,523,504 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\AdvanceElite\updateAdvanceElite.exe -- (Update AdvanceElite)
SRV - [2014/10/21 16:34:22 | 000,990,584 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2014/09/24 17:38:24 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/09/21 05:59:37 | 000,262,968 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton AntiVirus\Norton AntiVirus\Engine\21.6.0.32\NAV.exe -- (NAV)
SRV - [2014/09/12 05:43:06 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/08/11 11:16:55 | 001,820,184 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe -- (vToolbarUpdater18.1.9)
SRV - [2014/08/07 08:52:52 | 000,438,616 | ---- | M] (Garmin Ltd or its subsidiaries) [Auto | Running] -- C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe -- (Garmin Core Update Service)
SRV - [2014/06/03 13:44:20 | 000,173,792 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe -- (BingDesktopUpdate)
SRV - [2014/05/21 11:34:38 | 000,049,464 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe -- (HPSupportSolutionsFrameworkService)
SRV - [2014/03/20 18:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2014/03/11 23:36:06 | 000,247,968 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE -- (BBUpdate)
SRV - [2014/03/11 23:36:06 | 000,193,696 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE -- (BBSvc)
SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/03/21 14:24:12 | 000,222,368 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe -- (Updater Service for AMZN)
SRV - [2011/08/09 17:38:38 | 000,328,536 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe -- (AdvancedSystemCareService)
SRV - [2010/10/12 13:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/07/15 05:50:12 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2010/03/17 17:37:16 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/03/17 17:34:12 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/03/17 17:29:08 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\AESTSr64.exe -- (AESTFilters)
SRV - [2010/03/17 17:27:52 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\STacSV64.exe -- (STacSV)
SRV - [2009/12/23 18:39:04 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2009/09/20 11:55:20 | 001,037,824 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2009/05/21 09:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2014/10/26 10:31:44 | 000,048,784 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\{b0c7827f-c845-429a-833b-c2a798fc4fc3}Gw64.sys -- ({b0c7827f-c845-429a-833b-c2a798fc4fc3}Gw64)
DRV:64bit: - [2014/10/23 12:30:34 | 000,048,784 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\{f5d136d7-adc2-4c84-85b2-e564334ab0bc}Gw64.sys -- ({f5d136d7-adc2-4c84-85b2-e564334ab0bc}Gw64)
DRV:64bit: - [2014/10/19 18:48:51 | 000,177,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2014/08/25 22:26:58 | 000,593,112 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\NAVx64\1506000.020\symnets.sys -- (SymNetS)
DRV:64bit: - [2014/08/25 22:26:57 | 001,148,120 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\NAVx64\1506000.020\symefa64.sys -- (SymEFA)
DRV:64bit: - [2014/08/25 22:20:22 | 000,876,248 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\WINDOWS\SysNative\drivers\NAVx64\1506000.020\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2014/08/25 22:20:22 | 000,037,592 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\NAVx64\1506000.020\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2014/08/11 11:16:55 | 000,050,976 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2014/08/06 15:48:16 | 000,266,968 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\NAVx64\1506000.020\ironx64.sys -- (SymIRON)
DRV:64bit: - [2014/06/04 15:17:14 | 000,021,184 | ---- | M] (IObit) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV:64bit: - [2014/01/07 08:42:08 | 000,076,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2013/09/25 22:50:25 | 000,162,392 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\NAVx64\1506000.020\ccsetx64.sys -- (ccSet_NAV)
DRV:64bit: - [2013/09/09 22:47:26 | 000,493,656 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\NAVx64\1506000.020\symds64.sys -- (SymDS)
DRV:64bit: - [2012/08/23 10:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 10:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/10 23:28:18 | 012,311,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/08/02 18:38:56 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/03/17 17:44:44 | 000,301,104 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/03/17 17:41:48 | 000,325,152 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/03/17 17:33:06 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2010/03/17 17:29:52 | 000,232,480 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/03/17 17:27:14 | 000,505,856 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010/02/26 20:32:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010/02/03 10:38:30 | 000,271,872 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/02/03 02:13:08 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)
DRV:64bit: - [2010/02/03 02:13:08 | 000,020,984 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\bcmvwl64.sys -- (BcmVWL)
DRV:64bit: - [2010/02/03 02:13:06 | 003,058,168 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/12/17 11:42:08 | 000,538,136 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/09 04:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/06/15 14:06:42 | 000,172,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2009/06/10 16:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2006/11/01 12:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2014/10/21 16:43:22 | 000,633,560 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton AntiVirus\Norton AntiVirus\NortonData\21.1.0.18\Definitions\IPSDefs\20141027.001\IDSviA64.sys -- (IDSVia64)
DRV - [2014/10/19 05:35:45 | 002,137,304 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton AntiVirus\Norton AntiVirus\NortonData\21.1.0.18\Definitions\VirusDefs\20141027.001\ex64.sys -- (NAVEX15)
DRV - [2014/10/19 05:35:45 | 000,487,216 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2014/10/19 05:35:45 | 000,142,640 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2014/10/19 05:35:45 | 000,129,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton AntiVirus\Norton AntiVirus\NortonData\21.1.0.18\Definitions\VirusDefs\20141027.001\eng64.sys -- (NAVENG)
DRV - [2014/10/16 23:06:56 | 001,587,416 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton AntiVirus\Norton AntiVirus\NortonData\21.1.0.18\Definitions\BASHDefs\20141024.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.bkmks.com/
IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1001\..\URLSearchHook: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\10.0\iobitappsToolbarIE.dll (Spigot, Inc.)
IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1001\..\SearchScopes,DefaultScope = {C9D7933B-9638-4D0A-911E-3F5426231A97}
IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE11SR
IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1001\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...sa&d=2013-01-19 16:42:07&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1001\..\SearchScopes\{9C596A39-04D5-4858-82E6-7B2D669F4F23}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1001\..\SearchScopes\{C9D7933B-9638-4D0A-911E-3F5426231A97}: "URL" = https://search.yahoo...&p={searchTerms}
IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1001\..\SearchScopes\9705932A03C64A7D8783A9093E45DAF9: "URL" = http://search.yahoo....&p={searchTerms}
IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://astromenda.co...r=1237709631=
IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 13 B5 8E B1 73 E0 CC 01 [binary data]
IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1003\..\URLSearchHook: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\10.0\iobitappsToolbarIE.dll (Spigot, Inc.)
IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1003\..\SearchScopes,DefaultScope = {2E00D31D-D171-423D-836D-1A4D7EA7F1A9}
IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IESR02
IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1003\..\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}: "URL" = https://search.yahoo...&p={searchTerms}
IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1003\..\SearchScopes\{7E031750-8AD7-4ED2-ACB1-E3303FCB5B98}: "URL" = http://astromenda.co...r=1237709631=
IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1003\..\SearchScopes\{868B13F7-31D3-4DFE-B9B7-27AE84181A5C}: "URL" = http://search.yahoo....&p={searchTerms}
IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1003\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...sa&d=2013-01-19 16:42:07&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 90 FF CF 62 D3 CA CF 01 [binary data]
IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1005\..\URLSearchHook: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\10.0\iobitappsToolbarIE.dll (Spigot, Inc.)
IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1005\..\SearchScopes,DefaultScope = {7CE215D8-9305-4040-A2FD-86F745F4E380}
IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE11SR
IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1005\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1005\..\SearchScopes\{7CE215D8-9305-4040-A2FD-86F745F4E380}: "URL" = http://search.yahoo....&p={searchTerms}
IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1005\..\SearchScopes\{C036F0DA-8CC2-4251-96F9-FCB7D24FC9EE}: "URL" = http://search.yahoo....&p={searchTerms}
IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll File not found
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.67.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\5\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@nds.com/PlayerPlugin: C:\Users\Dave\AppData\Local\DIRECTV Player\npPlayerPlugin.dll (DIRECTV)
FF - HKCU\Software\MozillaPlugins\NDS.com/PlayerPlugin: C:\Users\Dave\AppData\Local\DIRECTV Player\npPlayerPlugin.dll (DIRECTV)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\17.3.0.49
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.1.0.18\IPSFF [2014/10/19 18:49:11 | 000,000,000 | ---D | M]

[2014/02/09 21:24:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dave\AppData\Roaming\Mozilla\Extensions

========== Chrome ==========

CHR - default_search_provider: Yahoo (Enabled)
CHR - default_search_provider: search_url = http://search.yahoo....&p={searchTerms}
CHR - default_search_provider: suggest_url = http://ff.search.yah...nd={searchTerms},
CHR - homepage: https://www.bkmks.com/
CHR - plugin: Error reading preferences file
CHR - Extension: McAfee Security Scan+ = C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh\3.8.141.12_0\
CHR - Extension: Ebay Shopping Assistant by Spigot = C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj\1.1_0\
CHR - Extension: Domain Error Assistant = C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\
CHR - Extension: Slick Savings = C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0\
CHR - Extension: AVG Security Toolbar = C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\18.1.0.443_0\
CHR - Extension: Google Wallet = C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Amazon 1Button App for Chrome = C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\4.2014.411.0_0\
CHR - Extension: Amazon Shopping Assistant by Spigot = C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_0\
CHR - Extension: AdvanceElite = C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkbbmldjcnhopjhpifcocnmkooiadpbb\1.0.1_0\

O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\WINDOWS\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (IObit Apps Toolbar) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\10.0\iobitappsToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (AdvanceElite) - {3b2cb4c8-72ab-4b25-8fa1-219b36a60bed} - C:\Program Files (x86)\AdvanceElite\AdvanceElitebho.dll (AdvanceElite)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Norton AntiVirus\Engine\21.6.0.32\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (CenturyLink Toolbar) - {83453B9B-B889-4659-9144-20F081542BDC} - C:\Program Files (x86)\centurytoolbar\centurytoolbarDx.dll ()
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll (AVG Secure Search)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (AlxHelper Class) - {F443A627-5009-4323-9C1D-7FD598D0D712} - C:\Program Files (x86)\Amazon Browser Bar\AmazonBrowserBar.3.0.dll (Amazon.com)
O3:64bit: - HKLM\..\Toolbar: (IObit Apps Toolbar) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\10.0\iobitappsToolbarIE64.dll (Spigot, Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (IObit Apps Toolbar) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\10.0\iobitappsToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (CenturyLink Toolbar) - {83453B9B-B889-4659-9144-20F081542BDC} - C:\Program Files (x86)\centurytoolbar\centurytoolbarDx.dll ()
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll (AVG Secure Search)
O3 - HKLM\..\Toolbar: (Amazon Browser Bar) - {EA582743-9076-4178-9AA6-7393FDF4D5CE} - C:\Program Files (x86)\Amazon Browser Bar\AmazonBrowserBar.3.0.dll (Amazon.com)
O3 - HKU\S-1-5-21-1191499748-3630827782-3512929281-1001\..\Toolbar\WebBrowser: (no name) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - No CLSID value found.
O3 - HKU\S-1-5-21-1191499748-3630827782-3512929281-1001\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-1191499748-3630827782-3512929281-1003\..\Toolbar\WebBrowser: (no name) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - No CLSID value found.
O3 - HKU\S-1-5-21-1191499748-3630827782-3512929281-1003\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-1191499748-3630827782-3512929281-1005\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE (Dell Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\windows\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BingDesktop] C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe (Microsoft Corp.)
O4 - HKLM..\Run: [CenturyLinkTouchPointAgent] C:\Program Files (x86)\CenturyLink\Desktop\CenturyLinkTouchPointAgent.exe (CenturyLink Inc)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey File not found
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKU\.DEFAULT..\Run: [GarminExpressTrayApp] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe (Garmin Ltd or its subsidiaries)
O4 - HKU\S-1-5-18..\Run: [GarminExpressTrayApp] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe (Garmin Ltd or its subsidiaries)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1191499748-3630827782-3512929281-1001..\Run: [Advanced SystemCare 4] C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCTray.exe (IObit)
O4 - HKU\S-1-5-21-1191499748-3630827782-3512929281-1001..\Run: [GarminExpressTrayApp] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe (Garmin Ltd or its subsidiaries)
O4 - HKU\S-1-5-21-1191499748-3630827782-3512929281-1001..\Run: [PCShowServer] C:\Users\Dave\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe (NDS Technologies)
O4 - HKU\S-1-5-21-1191499748-3630827782-3512929281-1003..\Run: [BRS] C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe -runBRS File not found
O4 - HKU\S-1-5-21-1191499748-3630827782-3512929281-1003..\Run: [Driver Support] C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe (PC Drivers Headquarters)
O4 - HKU\S-1-5-21-1191499748-3630827782-3512929281-1003..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent File not found
O4 - HKU\S-1-5-21-1191499748-3630827782-3512929281-1003..\Run: [GarminExpressTrayApp] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe (Garmin Ltd or its subsidiaries)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O4 - Startup: C:\Users\Steph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found
O4 - Startup: C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O4 - Startup: C:\Users\Teresa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.67.2)
O16 - DPF: {B3E32D88-8E7F-468F-B0E2-3A300FD4A82C} http://myitlab.pears...ces/ax/stub.cab (Enlite 2.x Simulation Engine Installer)
O16 - DPF: {CAFEEFAC-0017-0000-0067-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_67)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_67)
O16 - DPF: Garmin Communicator Plug-In https://static.garmi...xControl_32.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 205.171.2.226
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{174EFE9D-D621-4776-BDEF-F92415824A35}: DhcpNameServer = 192.168.0.1 205.171.2.226
O18:64bit: - Protocol\Handler\cozi - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\PFW: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/10/27 20:59:06 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Dave\Documents\OTL.exe
[2014/10/27 20:19:26 | 000,000,000 | ---D | C] -- C:\ProgramData\d2446020-ddff-402b-b064-199d2ce66b2b
[2014/10/26 15:07:20 | 000,048,784 | ---- | C] (StdLib) -- C:\windows\SysNative\drivers\{b0c7827f-c845-429a-833b-c2a798fc4fc3}Gw64.sys
[2014/10/23 20:29:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit Apps Toolbar
[2014/10/23 20:29:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Application Updater
[2014/10/23 20:26:03 | 000,048,784 | ---- | C] (StdLib) -- C:\windows\SysNative\drivers\{f5d136d7-adc2-4c84-85b2-e564334ab0bc}Gw64.sys
[2014/10/22 21:10:13 | 000,000,000 | ---D | C] -- C:\ProgramData\UAB
[2014/10/22 21:08:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Support
[2014/10/22 21:07:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Driver Support
[2014/10/22 21:07:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Driver Support
[2014/10/22 21:05:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WSE_Astromenda
[2014/10/22 21:04:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
[2014/10/22 21:04:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RCP
[2014/10/21 19:56:36 | 000,593,112 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NAVx64\1506000.020\symnets.sys
[2014/10/21 19:56:36 | 000,023,568 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NAVx64\1506000.020\symelam.sys
[2014/10/21 19:56:35 | 001,148,120 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NAVx64\1506000.020\symefa64.sys
[2014/10/21 19:56:35 | 000,876,248 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NAVx64\1506000.020\srtsp64.sys
[2014/10/21 19:56:35 | 000,493,656 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NAVx64\1506000.020\symds64.sys
[2014/10/21 19:56:35 | 000,266,968 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NAVx64\1506000.020\ironx64.sys
[2014/10/21 19:56:35 | 000,162,392 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NAVx64\1506000.020\ccsetx64.sys
[2014/10/21 19:56:35 | 000,037,592 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NAVx64\1506000.020\srtspx64.sys
[2014/10/21 19:56:15 | 000,000,000 | ---D | C] -- C:\windows\SysNative\drivers\NAVx64\1506000.020
[2014/10/19 21:33:16 | 000,000,000 | ---D | C] -- C:\Users\Dave\AppData\Local\CrashDumps
[2014/10/19 21:32:13 | 000,000,000 | ---D | C] -- C:\Users\Dave\Documents\MLB Ballpark Empire Hack
[2014/10/19 20:44:19 | 000,000,000 | ---D | C] -- C:\Users\Dave\AppData\Roaming\PCHC
[2014/10/19 18:55:09 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieetwproxystub.dll
[2014/10/19 18:55:09 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2014/10/19 18:55:08 | 000,710,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2014/10/19 18:55:08 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript9diag.dll
[2014/10/19 18:55:08 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\JavaScriptCollectionAgent.dll
[2014/10/19 18:55:08 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2014/10/19 18:55:08 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/10/19 18:55:08 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwproxystub.dll
[2014/10/19 18:55:08 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2014/10/19 18:55:06 | 002,017,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2014/10/19 18:55:06 | 000,446,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2014/10/19 18:55:06 | 000,440,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2014/10/19 18:55:06 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollector.exe
[2014/10/19 18:55:06 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2014/10/19 18:55:06 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollectorres.dll
[2014/10/19 18:55:05 | 000,731,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2014/10/19 18:55:04 | 002,108,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2014/10/19 18:55:04 | 001,068,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmlmedia.dll
[2014/10/19 18:55:04 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2014/10/19 18:55:03 | 000,678,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2014/10/19 18:55:03 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2014/10/19 18:55:03 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2014/10/19 18:55:03 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MshtmlDac.dll
[2014/10/19 18:55:01 | 000,595,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2014/10/19 18:55:01 | 000,289,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2014/10/19 18:55:00 | 001,249,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmlmedia.dll
[2014/10/19 18:55:00 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2014/10/19 18:54:59 | 005,829,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2014/10/19 18:54:59 | 000,775,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2014/10/19 18:54:59 | 000,758,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9diag.dll
[2014/10/19 18:54:59 | 000,547,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2014/10/19 18:54:59 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2014/10/19 18:54:58 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2014/10/19 18:54:58 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MshtmlDac.dll
[2014/10/19 18:54:57 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MsSpellCheckingFacility.exe
[2014/10/19 18:52:36 | 001,943,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dfshim.dll
[2014/10/19 18:52:36 | 001,131,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dfshim.dll
[2014/10/19 18:52:36 | 000,156,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mscorier.dll
[2014/10/19 18:52:36 | 000,156,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mscorier.dll
[2014/10/19 18:52:35 | 000,081,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mscories.dll
[2014/10/19 18:52:35 | 000,073,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mscories.dll
[2014/10/19 18:52:27 | 000,507,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aepdu.dll
[2014/10/19 18:52:27 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\generaltel.dll
[2014/10/19 18:52:24 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aeinv.dll
[2014/10/19 18:49:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\centurytoolbar
[2014/10/19 18:48:51 | 000,177,752 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\SYMEVENT64x86.SYS
[2014/10/19 18:48:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2014/10/19 18:47:34 | 003,241,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msi.dll
[2014/10/19 18:47:23 | 004,922,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mstscax.dll
[2014/10/19 18:47:23 | 001,050,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mstsc.exe
[2014/10/19 18:47:23 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\aaclient.dll
[2014/10/19 18:47:23 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tsgqec.dll
[2014/10/19 18:47:23 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tsgqec.dll
[2014/10/19 18:47:22 | 001,125,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mstsc.exe
[2014/10/19 18:47:22 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aaclient.dll
[2014/10/19 18:47:21 | 005,780,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mstscax.dll
[2014/10/19 18:47:21 | 003,179,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcorets.dll
[2014/10/19 18:46:58 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rastls.dll
[2014/10/19 18:46:45 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winlogon.exe
[2014/10/19 18:46:45 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winsta.dll
[2014/10/19 18:46:45 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcorekmts.dll
[2014/10/19 18:43:15 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\packager.dll
[2014/10/19 18:43:15 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\packager.dll
[2014/10/19 18:09:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CenturyLink
[2014/10/19 16:35:08 | 000,000,000 | ---D | C] -- C:\Users\Dave\AppData\Local\AskPartnerNetwork
[2014/10/19 16:35:04 | 000,000,000 | ---D | C] -- C:\ProgramData\AskPartnerNetwork
[2014/10/19 16:35:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AskPartnerNetwork
[2014/10/19 16:34:44 | 000,000,000 | ---D | C] -- C:\ProgramData\APN
[2014/10/17 18:46:17 | 000,000,000 | ---D | C] -- C:\NPE
[2014/10/17 18:42:13 | 000,000,000 | ---D | C] -- C:\Users\Dave\AppData\Local\NPE
[2014/10/17 17:10:02 | 000,000,000 | ---D | C] -- C:\Users\Dave\AppData\Local\IsolatedStorage
[2014/10/17 17:09:34 | 000,000,000 | ---D | C] -- C:\Program Files\Earth Networks
[2014/10/17 17:09:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AdvanceElite
[2014/10/17 17:09:16 | 000,000,000 | ---D | C] -- C:\ProgramData\{FA77A43D-F6ED-4924-87B5-517C061388C6}
[2014/10/17 13:25:39 | 000,000,000 | ---D | C] -- C:\Users\Dave\Documents\ADDA Mechanical Drafter Certification Exam Revie Guide
[2014/10/17 13:11:42 | 000,000,000 | ---D | C] -- C:\Users\Dave\Documents\Desktop Images
[2014/10/16 19:47:18 | 000,372,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rastls.dll
[2014/10/04 16:48:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2014/10/04 16:18:34 | 000,000,000 | ---D | C] -- C:\windows\SysNative\drivers\NAVx64
[2014/10/04 16:18:32 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus
[2014/10/04 16:18:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton AntiVirus
[2014/10/04 16:18:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2014/10/04 16:18:28 | 000,000,000 | ---D | C] -- C:\Users\Dave\Documents\Symantec
[2014/10/04 16:18:28 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2014/10/04 16:18:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2014/10/04 15:57:00 | 000,000,000 | ---D | C] -- C:\ProgramData\CenturyLink
[2014/10/04 15:56:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Qwest
[2014/10/04 15:56:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CenturyLink
[2014/10/02 10:45:59 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qdvd.dll
[2014/10/02 10:45:59 | 000,371,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qdvd.dll

========== Files - Modified Within 30 Days ==========

[2014/10/27 21:09:56 | 000,022,704 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/10/27 21:09:56 | 000,022,704 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/10/27 21:07:00 | 000,000,296 | ---- | M] () -- C:\windows\tasks\UpdaterEX.job
[2014/10/27 21:05:00 | 000,000,296 | ---- | M] () -- C:\windows\tasks\WSE_Astromenda.job
[2014/10/27 21:02:00 | 000,000,898 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/10/27 20:59:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dave\Documents\OTL.exe
[2014/10/27 20:38:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2014/10/27 19:47:23 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2014/10/27 19:46:47 | 000,000,894 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/10/27 19:46:00 | 000,000,350 | ---- | M] () -- C:\windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
[2014/10/27 19:45:20 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2014/10/27 19:45:00 | 3062,902,784 | -HS- | M] () -- C:\hiberfil.sys
[2014/10/26 10:31:44 | 000,048,784 | ---- | M] (StdLib) -- C:\windows\SysNative\drivers\{b0c7827f-c845-429a-833b-c2a798fc4fc3}Gw64.sys
[2014/10/23 12:30:34 | 000,048,784 | ---- | M] (StdLib) -- C:\windows\SysNative\drivers\{f5d136d7-adc2-4c84-85b2-e564334ab0bc}Gw64.sys
[2014/10/22 21:08:22 | 000,002,263 | ---- | M] () -- C:\Users\Public\Desktop\Driver Support.lnk
[2014/10/22 21:04:36 | 000,000,947 | ---- | M] () -- C:\Users\Public\Desktop\RegClean Pro.lnk
[2014/10/22 20:59:17 | 002,948,932 | ---- | M] () -- C:\windows\SysNative\drivers\NAVx64\1506000.020\Cat.DB
[2014/10/22 20:58:31 | 000,002,614 | ---- | M] () -- C:\Users\Public\Desktop\Norton AntiVirus.lnk
[2014/10/21 19:30:28 | 000,409,576 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2014/10/19 21:27:59 | 000,458,934 | ---- | M] () -- C:\Users\Dave\Documents\MLB BALLPARK EMPIRE HACK TOOL.rar
[2014/10/19 20:37:40 | 000,000,146 | ---- | M] () -- C:\Users\Dave\Desktop\CenturyLink PC Services.url
[2014/10/19 18:48:51 | 000,177,752 | ---- | M] (Symantec Corporation) -- C:\windows\SysNative\drivers\SYMEVENT64x86.SYS
[2014/10/19 18:48:51 | 000,008,222 | ---- | M] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.CAT
[2014/10/19 18:48:51 | 000,000,854 | ---- | M] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.INF
[2014/10/14 12:44:28 | 000,048,844 | ---- | M] () -- C:\windows\SysNative\drivers\NAVx64\1506000.020\VT20141014.006
[2014/10/10 21:18:18 | 000,003,288 | ---- | M] () -- C:\bootsqm.dat
[2014/10/09 22:05:59 | 000,276,480 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\generaltel.dll
[2014/10/09 22:05:42 | 000,507,392 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\aepdu.dll
[2014/10/09 22:00:38 | 000,424,448 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\aeinv.dll

========== Files Created - No Company Name ==========

[2014/10/27 19:47:22 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/10/22 21:08:22 | 000,002,263 | ---- | C] () -- C:\Users\Public\Desktop\Driver Support.lnk
[2014/10/22 21:07:45 | 000,000,296 | ---- | C] () -- C:\windows\tasks\UpdaterEX.job
[2014/10/22 21:07:13 | 000,000,296 | ---- | C] () -- C:\windows\tasks\WSE_Astromenda.job
[2014/10/22 21:04:36 | 000,000,947 | ---- | C] () -- C:\Users\Public\Desktop\RegClean Pro.lnk
[2014/10/22 20:55:16 | 002,948,932 | ---- | C] () -- C:\windows\SysNative\drivers\NAVx64\1506000.020\Cat.DB
[2014/10/21 19:58:20 | 000,048,844 | ---- | C] () -- C:\windows\SysNative\drivers\NAVx64\1506000.020\VT20141014.006
[2014/10/21 19:56:36 | 000,009,939 | R--- | C] () -- C:\windows\SysNative\drivers\NAVx64\1506000.020\symelam64.cat
[2014/10/21 19:56:36 | 000,008,192 | ---- | C] () -- C:\windows\SysNative\drivers\NAVx64\1506000.020\symnet64.cat
[2014/10/21 19:56:36 | 000,001,440 | ---- | C] () -- C:\windows\SysNative\drivers\NAVx64\1506000.020\symnet.inf
[2014/10/21 19:56:36 | 000,001,098 | R--- | C] () -- C:\windows\SysNative\drivers\NAVx64\1506000.020\symelam.inf
[2014/10/21 19:56:35 | 000,008,202 | R--- | C] () -- C:\windows\SysNative\drivers\NAVx64\1506000.020\ccsetx64.cat
[2014/10/21 19:56:35 | 000,008,194 | ---- | C] () -- C:\windows\SysNative\drivers\NAVx64\1506000.020\symefa64.cat
[2014/10/21 19:56:35 | 000,008,188 | R--- | C] () -- C:\windows\SysNative\drivers\NAVx64\1506000.020\symds64.cat
[2014/10/21 19:56:35 | 000,008,188 | ---- | C] () -- C:\windows\SysNative\drivers\NAVx64\1506000.020\srtspx64.cat
[2014/10/21 19:56:35 | 000,008,184 | ---- | C] () -- C:\windows\SysNative\drivers\NAVx64\1506000.020\srtsp64.cat
[2014/10/21 19:56:35 | 000,008,184 | ---- | C] () -- C:\windows\SysNative\drivers\NAVx64\1506000.020\iron.cat
[2014/10/21 19:56:35 | 000,003,433 | ---- | C] () -- C:\windows\SysNative\drivers\NAVx64\1506000.020\symefa.inf
[2014/10/21 19:56:35 | 000,002,852 | R--- | C] () -- C:\windows\SysNative\drivers\NAVx64\1506000.020\symds.inf
[2014/10/21 19:56:35 | 000,001,437 | ---- | C] () -- C:\windows\SysNative\drivers\NAVx64\1506000.020\srtsp64.inf
[2014/10/21 19:56:35 | 000,001,420 | ---- | C] () -- C:\windows\SysNative\drivers\NAVx64\1506000.020\srtspx64.inf
[2014/10/21 19:56:35 | 000,000,855 | R--- | C] () -- C:\windows\SysNative\drivers\NAVx64\1506000.020\ccsetx64.inf
[2014/10/21 19:56:35 | 000,000,767 | ---- | C] () -- C:\windows\SysNative\drivers\NAVx64\1506000.020\iron.inf
[2014/10/21 19:56:15 | 000,000,172 | ---- | C] () -- C:\windows\SysNative\drivers\NAVx64\1506000.020\isolate.ini
[2014/10/19 21:27:59 | 000,458,934 | ---- | C] () -- C:\Users\Dave\Documents\MLB BALLPARK EMPIRE HACK TOOL.rar
[2014/10/19 20:37:40 | 000,000,146 | ---- | C] () -- C:\Users\Dave\Desktop\CenturyLink PC Services.url
[2014/10/19 18:48:51 | 000,008,222 | ---- | C] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.CAT
[2014/10/19 18:48:51 | 000,000,854 | ---- | C] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.INF
[2014/10/19 18:48:50 | 000,002,614 | ---- | C] () -- C:\Users\Public\Desktop\Norton AntiVirus.lnk
[2014/10/10 21:18:18 | 000,003,288 | ---- | C] () -- C:\bootsqm.dat
[2014/01/28 22:56:38 | 000,775,124 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2013/08/02 20:09:35 | 000,362,029 | ---- | C] () -- C:\windows\SysWow64\sqlite3.dll
[2013/03/19 23:59:34 | 000,077,650 | ---- | C] () -- C:\windows\hpqins05.dat
[2013/03/19 22:04:44 | 000,221,544 | ---- | C] () -- C:\windows\hpoins19.dat
[2013/03/19 22:04:44 | 000,013,898 | ---- | C] () -- C:\windows\hpomdl19.dat
[2012/02/18 12:07:58 | 000,000,065 | ---- | C] () -- C:\Users\Dave\AppData\Roaming\StvInventor_3D.ini
[2011/12/16 14:19:38 | 000,115,004 | ---- | C] () -- C:\Users\Dave\Bowl Pool 2011 Tally Sheet.pdf
[2011/12/10 11:03:01 | 000,025,463 | ---- | C] () -- C:\Users\Dave\Bowl Pool 2011-Pick Sheet.pdf

========== ZeroAccess Check ==========

[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\WINDOWS\SysNative\shell32.dll -- [2014/06/24 22:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/06/24 21:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\WINDOWS\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\WINDOWS\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >

OTL Extras logfile created on: 10/27/2014 9:02:52 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dave\Documents
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17358)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.80 Gb Total Physical Memory | 1.50 Gb Available Physical Memory | 39.42% Memory free
7.61 Gb Paging File | 4.34 Gb Available in Paging File | 57.12% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283.34 Gb Total Space | 197.33 Gb Free Space | 69.64% Space Free | Partition Type: NTFS

Computer Name: WALKER-LAPTOP | User Name: Dave | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-1191499748-3630827782-3512929281-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AutoUpdateDisableNotify" = 0
"FirewallDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\CA Personal Firewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{006DC5ED-478B-40F2-9987-BAB9A5338B4A}" = rport=137 | protocol=17 | dir=out | app=system |
"{163FF1A3-235D-424C-8605-2F5B78C5F167}" = rport=445 | protocol=6 | dir=out | app=system |
"{2029505C-2AF6-4521-B03F-721575D7F832}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{203C88E0-B59A-434E-A43D-42966F88757D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{25C9B354-8D99-4F4D-B7D3-E00C1FD48B84}" = lport=445 | protocol=6 | dir=in | app=system |
"{39A5223F-9FF4-4073-B319-9DFA191A0255}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{485C48CA-F77B-4196-A303-0F99F9A0119C}" = lport=139 | protocol=6 | dir=in | app=system |
"{5D83CD2E-7C03-469E-9E58-F3966E47430E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{60F9C472-A6F1-4129-B110-5F1E6FA6256B}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6134BC38-2D82-4F32-9128-1FE4E764BC1D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{647DEFE0-BEEC-46E3-8FD1-B6724C9734AC}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{698098BD-2A73-46C0-A457-E171C48865FD}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7026E24D-DB5C-4C63-904B-550CAC8F8E19}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{7BABBFA2-B091-4652-8437-34B34CA3E543}" = lport=137 | protocol=17 | dir=in | app=system |
"{8930D8CC-E59C-4E8E-A780-C58E3400191C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B8478A2D-980C-4495-A2E5-704DD547773F}" = lport=10243 | protocol=6 | dir=in | app=system |
"{B91F2A13-26B9-472A-88C6-C77AA542B59B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BA30B924-5EE4-4900-95C7-5E27EED492C3}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{BBFCEB8A-E6D4-4189-91E4-CA47F9BF3722}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{BC72CC65-2AE5-490C-9664-BB61734B5433}" = rport=139 | protocol=6 | dir=out | app=system |
"{C75F754F-DEF0-47CA-99CB-3DC4466EC507}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D125E8E0-75EC-4D72-9AFD-92E213E4AE53}" = lport=138 | protocol=17 | dir=in | app=system |
"{D5AC1939-C711-4E76-B8D0-8E45972B2B30}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E4EAD83F-578C-4894-A502-1471D7D6C790}" = rport=10243 | protocol=6 | dir=out | app=system |
"{E698333C-3749-4568-AC89-EDFECD6DABAB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FA663870-670D-4C21-B16D-8798E123B78C}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{FC9A09AA-43AA-400E-8701-47C011B7DF86}" = rport=138 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0002E07E-CF8C-44FA-BB82-462625B06244}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe |
"{00223E96-280F-42FA-B7E0-5026E700FA4B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe |
"{21F78D90-6591-4074-87C6-EE448C526DD0}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{26A5EF71-BE68-4300-A64E-2F9F5557F722}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{2EC3025E-230F-490B-81D5-366AE2418330}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{308C3967-D999-4530-B0B3-62040661A26C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{325FDC7A-CC54-430E-B8EF-1519CE0EF0EA}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{38BE50B9-70E0-4808-8242-11A5E32FADB7}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{3A14C0E9-1159-46C0-88AB-63735B5EE9DF}" = protocol=58 | dir=out | [email protected],-28546 |
"{3B9924F4-F16F-4CB4-89F8-9F59A12447CE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{429D8FE0-5A68-4630-BE64-0ED29B417FCA}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe |
"{4E6545B6-A99A-4C58-9D72-704E3A715005}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd dx\powerdvd.exe |
"{519F1A97-6117-48FD-9B9F-D15DF84646C4}" = protocol=17 | dir=in | app=c:\windows\system32\dldtcoms.exe |
"{535EFE5A-233A-4F92-ACDC-1F0BAA809D54}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{58B06CDA-BED1-41D7-9905-F16765E74B55}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd dx\pdvddxsrv.exe |
"{59278FD6-F43E-4738-B829-996598F626D0}" = protocol=6 | dir=in | app=c:\windows\system32\dldtcoms.exe |
"{592BFBE7-9441-4448-9343-18E61009F60D}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{609E161E-CE1B-41F7-99D9-6C51A12EED59}" = protocol=1 | dir=in | [email protected],-28543 |
"{616243F0-D2C6-46C4-9155-E98A4929D881}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{62F40166-C942-422B-96BC-1D264F3489D7}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{6C7F8F99-DAF4-4DA5-A954-9A2650B89EDE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{6EFFB75E-68AC-49E8-AAF2-BCB6F71038C6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{784209E6-A3FA-46B4-8B2F-F82AC43C296B}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{7B3E209A-65A9-4E89-8096-C18F6BDA23C9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{83CBF090-18E5-4944-AA9A-1D197C89FD12}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{8613C311-AFC1-4DC2-A9FE-9FC81B172C2C}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{8EAB4E2B-6C8D-4F15-B3C6-7D6FA2F7562F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{94DE7EB6-7CF1-4EE1-A008-FCDDBED557B6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{96EF6FF3-E5D4-475F-97CF-9A2C8FEC075F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{9A0B1089-F8A0-49B7-870D-9417987D3C51}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqnrs08.exe |
"{9E56198C-EC5D-47B7-BC5B-5B3323D008B5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A043659D-7832-4099-B094-FA19E468C1B6}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{A0C1DD46-6700-491B-8E31-25C0BF019698}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A6F1E277-538E-4D7B-B2A0-98E12DD3C41D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{A8A93D35-208B-4A09-A0F5-485C5D19EA8C}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{AA972C3E-2EBD-44EE-8BDB-3A89F4830286}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B03B5988-78C0-400B-A80D-CD6AA7B2ECF9}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{BB0A69C9-FE36-4DDB-94BB-10E9DA4C386E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BF69DC93-FF62-4254-9DC7-B3ECFC73DF77}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{BFB16413-70B7-49EE-9210-C7AB802F50AB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe |
"{C14EBA27-872A-47F7-83AB-C8D2E2C55974}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe |
"{C234B9E6-4EBE-4F76-A04F-20C274DA8003}" = protocol=58 | dir=in | [email protected],-28545 |
"{C352586F-255C-40AC-8DCB-B8AA3F9378C5}" = protocol=6 | dir=out | app=system |
"{C4F32E78-A078-4A8B-A9C7-4E73DDBFFD64}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{C8AD3D9C-57AF-4DB1-8597-47D1BCE0A3CB}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{D0118D7F-84FE-48C5-849A-90008280CCC3}" = protocol=1 | dir=out | [email protected],-28544 |
"{D77BDDD3-C55E-4C4B-B754-525BDA4B4398}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D9AA9987-ACB1-4F4A-B380-749B9A67782A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E369F4B3-C2D4-4747-B5E6-8170C8949721}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{E7EA138A-81E2-4E00-9D18-908A67CFEC4F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{F27FE860-1768-46BD-9AB3-36A98BE88A7A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{F6F92C34-822C-4977-BBBA-3325FAC3F8EC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe |
"TCP Query User{146A3A24-CCAC-490E-9E73-FD9DEF695FB1}C:\users\dave\appdata\local\directv player\ndspcshowserver.exe" = protocol=6 | dir=in | app=c:\users\dave\appdata\local\directv player\ndspcshowserver.exe |
"TCP Query User{60D6D585-2136-4718-BC98-7EC7F07D9BFF}C:\users\dave\appdata\local\directv player\ndspcshowserver.exe" = protocol=6 | dir=in | app=c:\users\dave\appdata\local\directv player\ndspcshowserver.exe |
"UDP Query User{934F4531-FDBC-4CBF-9927-E36576E06169}C:\users\dave\appdata\local\directv player\ndspcshowserver.exe" = protocol=17 | dir=in | app=c:\users\dave\appdata\local\directv player\ndspcshowserver.exe |
"UDP Query User{CDEC1E8C-099F-446F-9E40-95034B05D3BD}C:\users\dave\appdata\local\directv player\ndspcshowserver.exe" = protocol=17 | dir=in | app=c:\users\dave\appdata\local\directv player\ndspcshowserver.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{237D687E-9E50-4A30-B810-262764CC491B}" = Garmin Communicator Plugin x64
"{37A08B0D-1168-49E3-B2BD-933B83F36E92}" = ANT Drivers Installer x64
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{5E11C972-1E76-45FE-8F92-14E0D1140B1B}" = iTunes
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B61ED343-0B14-4241-999C-490CB1A20DA4}" = HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B
"{C73A3942-84C8-4597-9F9B-EE227DCBA758}" = Dell Dock
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"98157A226B40B173301B0F53C8E98C47805D5152" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0)
"AdvanceElite" = AdvanceElite
"Amazon Browser Bar" = Amazon Browser Bar
"CCleaner" = CCleaner
"D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2" = Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1)
"DW WLAN Card Utility" = DW WLAN Card Utility
"F9D2A789F9CFF8CEC36B544F53877C80F1F73C46" = Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201)
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"Shop for HP Supplies" = Shop for HP Supplies
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Totalcmd64" = Total Commander 64-bit (Remove or Repair)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{104066F4-5897-4067-85D3-4C88B67CCF75}" = AIO_Scan
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{187DA2A3-9687-4740-BD77-5ABB15BCDA8D}" = Garmin Express
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1D601240-1E3C-11DE-8C30-0800200C9A66}" = Walmart Photo Manager
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{2289494D-48E6-40F0-ABE1-24F1FD5A84E5}" = Garmin Express Tray
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F03217067FF}" = Java 7 Update 67
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2DA5F129-11AC-4F11-8188-B2F07EAAC20A}" = Cozi
"{2E87F4AB-99BF-421C-AF7B-365A9C08549A}" = F300
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{3365E735-48A6-4194-9988-CE59AC5AE503}" = Bing Bar
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C4BCD2A-8D3C-4663-9449-AB7B3AFD096F}" = Elevated Installer
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker
"{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}" = Garmin USB Drivers
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}" = Banctec Service Agreement
"{43CA6533-3E0C-4B89-A99F-631242F3CCF3}" = IObit Apps Toolbar v10.0
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{597FB4A5-DD86-4316-A410-7E8074CC2CCE}" = Driver Support
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{647BB978-2876-487B-9B0E-FDB73F0EA4A2}" = Garmin Communicator Plugin
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX
"{68C5BF13-93DA-4185-AA07-0451CF8542CD}" = Medical Assisting Exam Review
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-dell" = WildTangent Games App (Dell Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71828142-5A24-4BD0-97E7-976DA08CE6CF}" = The Sims™ 3 High-End Loft Stuff
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}" = Bing Desktop
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{9F6B13E2-B93F-4203-9BD4-5DC18C9F9DEB}" = AIO_CDB_Software
"{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}" = Roxio Burn
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.09)
"{AE1EC58E-B2AC-4959-A4C2-C38202A25239}" = Garmin WebUpdater
"{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Burn
"{b43ffffb-1adc-4bcb-b277-7844ebff94da}" = Garmin Express
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C96FF998-45BD-411E-9253-B7F2660FE280}" = CenturyLink Installer
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{ce085a78-074e-4823-8dc1-8a721b94b76d}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
"{D2F04839-0AD0-4F06-A6B5-6DFF05E27B67}" = HP Support Solutions Framework
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{dbaba6a3-366e-43a7-8f4e-b0a868c06ab3}" = DIRECTV Player
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Graphics Media Accelerator Driver
"{F47C37A4-7189-430A-B81D-739FF8A7A554}" = Consumer In-Home Service Agreement
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"Adobe Flash Player ActiveX" = Adobe Flash Player 15 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 15 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Advanced SystemCare 4_is1" = Advanced SystemCare 4
"Amazon Browser Settings" = Amazon Browser Settings
"AVG Secure Search" = AVG Security Toolbar
"centurytoolbar" = CenturyLink Toolbar
"Dell Dock" = Dell Dock
"Dell Webcam Central" = Dell Webcam Central
"Google Chrome" = Google Chrome
"GoToAssist" = GoToAssist 8.0.0.514
"IrfanView" = IrfanView (remove only)
"NAV" = Norton AntiVirus
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"Origin" = Origin
"RegClean-Pro_is1" = RegClean-Pro
"Smart Defrag 3_is1" = Smart Defrag 3
"WildTangent dell Master Uninstall" = WildTangent Games
"WildTangent wildgames Master Uninstall" = WildTangent Games
"WinLiveSuite_Wave3" = Windows Live Essentials
"WSE_Astromenda" = WSE_Astromenda
"WTA-00db7973-e90f-4542-8f21-c0c3eb60b973" = The Cross Formula
"WTA-07c3731f-30b7-426a-b08a-3ce5f75bb33c" = Cooking Academy 3: Recipe for Success
"WTA-0b744828-afe7-4061-87d7-e3373f6fd5dd" = Time to Hurry: Nicole's Story
"WTA-26563187-41fc-42e3-8a59-4f26efe0693d" = Delicious: Emily's True Love Premium Edition
"WTA-2f3ec5cd-3d1e-4773-88a9-af5c573ba6ac" = Titanic's Keys to the Past
"WTA-357dd6ad-0e39-4927-b7f4-df6f28c23434" = Elizabeth Find, MD - Diagnosis Mystery
"WTA-4b9ac9d4-62cc-4046-b87c-a6d501e43913" = Inspector Magnusson - Murder on the Titanic
"WTA-55b70fb0-aafa-4e85-a9be-af74ed0485de" = Gardenscapes: Mansion Makeover
"WTA-59b049f1-e4e5-46c4-8daa-d282854112d2" = Elizabeth Find MD Diagnosis Mystery: Season 2
"WTA-5a912ae6-3c8e-4bf0-ab2d-6e7adcceb760" = Family Vacation: California
"WTA-61c92774-c3d1-426e-b2ed-d42694eb2722" = Vampire Saga 3: Break Out
"WTA-62e3dc21-913a-495e-af00-1a2922f6edb7" = The Price is Right
"WTA-63848029-c7ec-48f6-b05d-c6f17f78c254" = Once Upon a Farm
"WTA-6484fb44-aec1-44c6-ad4e-98f5620d2c8c" = Theatre of the Absurd Collector's Edition
"WTA-64d1471f-eb12-4c34-aaa0-e1668e9960b2" = Memory Clinic
"WTA-678f525a-19fd-472f-9638-4f68b69f29aa" = The Adventures of Aladdin and the Magic Skull
"WTA-69ad0be5-a90a-409f-8241-0a7f48efd94b" = Cases of Stolen Beauty
"WTA-6a9c029a-ac1d-464e-9251-5adf807c5a6b" = Live Novels Jane Austin's Pride and Prejudice
"WTA-71b29657-57ef-4704-805c-8971acd2911c" = Delicious: Emily's Childhood Memories Premium Edition
"WTA-76506a85-c025-462c-b59e-020c3043c65c" = Vacation Quest - The Hawaiian Islands
"WTA-76d47a3d-c5ab-4595-8125-2d91699e03f4" = Criminal Minds
"WTA-7e2e29c5-44db-44d8-a7e5-40c5400d16d4" = Delicious Emily's Holiday Season
"WTA-864dcabd-737a-4c90-a5f2-904bb1f68536" = Gardenscapes
"WTA-8a287477-db78-49db-b426-ed7be0b31fed" = Special Enquiry Detail: Engaged to Kill
"WTA-8a383341-5d3d-47ec-8dae-12a2b5fd3431" = Weird Park: Broken Tune
"WTA-9dfde5ac-db84-4168-be52-311e895b928f" = Delicious - Emily's Taste of Fame
"WTA-a6099e8a-f738-4ae9-9543-2378745a07cc" = The Game of Life®
"WTA-af2aea3c-47b8-4000-a07a-232acc9986b8" = The Lost Cases of Sherlock Holmes 2
"WTA-b068083a-0a2a-4394-89f8-f4811284ca45" = Ghost Whisperer
"WTA-b5a7bdf8-fdb9-436f-848e-b3f9aaf145dc" = House, MD
"WTA-b6a6093a-2a6f-44ca-90da-c673bdceb930" = Bejeweled 3
"WTA-c08d2cb3-313e-4d75-a8b4-1f93ae8c4254" = Cooking Dash 3: Thrills and Spills
"WTA-c1472201-2ddb-47e7-9593-af5bb90a8b27" = Women's Murder Club - Twice in a Blue Moon
"WTA-c9b5be85-9fb8-432d-9496-566cdf4b8388" = Atlantic Journey: The Lost Brother
"WTA-ce3c0866-12ce-48e3-afb2-b5c46d2b8716" = Gardenscapes 2 Collector's Edition
"WTA-dc799447-5345-4e7c-8ed6-c0834d6340ea" = Delicious - Emily's Tea Garden
"WTA-de339965-d379-4ae0-b16c-04cfb2609716" = Dr. Wise - Medical Mysteries
"WTA-e2d8c639-7467-4f42-8f91-021d33a7bc04" = Delicious - Emily's Wonder Wedding Premium Edition
"WTA-e4072aa1-0da2-4b0e-b307-78730a7a20d0" = Virtual Families 2
"WTA-eb29dd1d-3727-48ca-ba77-0e95e34fddea" = Super Collapse Puzzle Gallery 3
"WTA-ec6ad64d-8974-421e-b099-733855b297e6" = Double Play - The Family Feud Bundle
"WTA-f7218cff-56a5-4ffd-897e-eb66ca8d55ee" = Girls With Secrets
"WTA-f9e9f72f-957f-489b-9535-a576c317a3d2" = Cooking Academy 2 - World Cuisine
"WTA-fb80f833-a178-4456-a928-4ee569d7e713" = Vacation Quest™ - Australia

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1191499748-3630827782-3512929281-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UpdaterEX" = Extended Update

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 10/22/2014 9:00:32 PM | Computer Name = Walker-Laptop | Source = Application Error | ID = 1000
Description = Faulting application name: chrome.exe, version: 37.0.2062.124, time
stamp: 0x5420d868 Faulting module name: chrome.dll, version: 37.0.2062.124, time
stamp: 0x5420d5a6 Exception code: 0x80000003 Fault offset: 0x004f49a4 Faulting process
id: 0x708 Faulting application start time: 0x01cfee5cbf1451fd Faulting application
path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Faulting module
path: C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\chrome.dll
Report
Id: fcca625e-5a4f-11e4-83df-a14e17c98d1f

Error - 10/22/2014 9:09:10 PM | Computer Name = Walker-Laptop | Source = Application Error | ID = 1000
Description = Faulting application name: chrome.exe, version: 37.0.2062.124, time
stamp: 0x5420d868 Faulting module name: chrome.dll, version: 37.0.2062.124, time
stamp: 0x5420d5a6 Exception code: 0x80000003 Fault offset: 0x004f49a4 Faulting process
id: 0x1af0 Faulting application start time: 0x01cfee5df2945e7d Faulting application
path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Faulting module
path: C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\chrome.dll
Report
Id: 31824322-5a51-11e4-83df-a14e17c98d1f

Error - 10/22/2014 9:09:47 PM | Computer Name = Walker-Laptop | Source = Application Error | ID = 1000
Description = Faulting application name: chrome.exe, version: 37.0.2062.124, time
stamp: 0x5420d868 Faulting module name: chrome.dll, version: 37.0.2062.124, time
stamp: 0x5420d5a6 Exception code: 0x80000003 Fault offset: 0x004f49a4 Faulting process
id: 0x1548 Faulting application start time: 0x01cfee5e0914e094 Faulting application
path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Faulting module
path: C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\chrome.dll
Report
Id: 472303df-5a51-11e4-83df-a14e17c98d1f

Error - 10/22/2014 9:11:40 PM | Computer Name = Walker-Laptop | Source = Application Error | ID = 1000
Description = Faulting application name: chrome.exe, version: 37.0.2062.124, time
stamp: 0x5420d868 Faulting module name: chrome.dll, version: 37.0.2062.124, time
stamp: 0x5420d5a6 Exception code: 0x80000003 Fault offset: 0x004f49a4 Faulting process
id: 0x1fc8 Faulting application start time: 0x01cfee5e4c08307c Faulting application
path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Faulting module
path: C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\chrome.dll
Report
Id: 8a92a7f0-5a51-11e4-83df-a14e17c98d1f

Error - 10/23/2014 8:25:00 PM | Computer Name = Walker-Laptop | Source = Application Error | ID = 1000
Error - 10/23/2014 8:26:54 PM | Computer Name = Walker-Laptop | Source = Application
Error | ID = 1000

Description = Faulting application name: chrome.exe, version: 37.0.2062.124, time stamp: 0x5420d868
Faulting module name: chrome.dll, version: 37.0.2062.124, time stamp: 0x5420d5a6
Exception code: 0x80000003
Fault offset: 0x004f49a4
Faulting process id: 0x1a00
Faulting application start time: 0x01cfef2135ad8c1a
Faulting application path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Faulting module path: C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\chrome.dll
Report Id: 744a81f6-5b14-11e4-83a3-e0844d684762
Error - 10/24/2014 4:01:56 PM | Computer Name = Walker-Laptop | Source = Application
Error | ID = 1000

Description = Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17344, time stamp: 0x541b6f63
Faulting module name: AdvanceElitebho.dll, version: 1.0.0.3, time stamp: 0x5447b6ee
Exception code: 0xc0000005
Fault offset: 0x00003421
Faulting process id: 0x18c8
Faulting application start time: 0x01cfefc54036fa25
Faulting application path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Faulting module path: C:\Program Files (x86)\AdvanceElite\AdvanceElitebho.dll
Report Id: 9a7c8217-5bb8-11e4-83f2-e9bde6715061
Error - 10/26/2014 3:05:20 PM | Computer Name = Walker-Laptop | Source = Application
Error | ID = 1000

Error - 10/26/2014 3:06:15 PM | Computer Name = Walker-Laptop | Source = Application Error | ID = 1000
Description = Faulting application name: chrome.exe, version: 37.0.2062.124, time
stamp: 0x5420d868 Faulting module name: chrome.dll, version: 37.0.2062.124, time
stamp: 0x5420d5a6 Exception code: 0x80000003 Fault offset: 0x004f49a4 Faulting process
id: 0x1a74 Faulting application start time: 0x01cff14fe7d3eedf Faulting application
path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Faulting module
path: C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\chrome.dll
Report
Id: 27f60deb-5d43-11e4-aa13-dcb26268b960

Error - 10/27/2014 8:10:45 PM | Computer Name = Walker-Laptop | Source = Application Error | ID = 1000
Description = Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17344,
time stamp: 0x541b6f63 Faulting module name: AdvanceElitebho.dll, version: 1.0.0.3,
time stamp: 0x5447b6ee Exception code: 0xc0000005 Fault offset: 0x00003421 Faulting
process id: 0x4e40 Faulting application start time: 0x01cff2439b744f0b Faulting application
path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Faulting module path:
C:\Program Files (x86)\AdvanceElite\AdvanceElitebho.dll Report Id: dc846fe0-5e36-11e4-843d-e07df232ab60

Error - 10/27/2014 8:54:49 PM | Computer Name = Walker-Laptop | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\Program Files (x86)\Cozi
Express\CoziExpress.exe".Error in manifest or policy file "" on line . A component
version required by the application conflicts with another component version already
active. Conflicting components are:. Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error - 10/27/2014 8:54:50 PM | Computer Name = Walker-Laptop | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\Program Files (x86)\Cozi
Express\CoziExpress.exe".Error in manifest or policy file "" on line . A component
version required by the application conflicts with another component version already
active. Conflicting components are:. Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

[ System Events ]
Error - 10/27/2014 8:51:14 PM | Computer Name = Walker-Laptop | Source = DCOM | ID = 10016
Description =

Error - 10/27/2014 8:55:12 PM | Computer Name = Walker-Laptop | Source = DCOM | ID = 10016
Description =

Error - 10/27/2014 8:57:57 PM | Computer Name = Walker-Laptop | Source = DCOM | ID = 10016
Description =

Error - 10/27/2014 8:59:01 PM | Computer Name = Walker-Laptop | Source = DCOM | ID = 10016
Description =

Error - 10/27/2014 9:10:59 PM | Computer Name = Walker-Laptop | Source = DCOM | ID = 10016
Description =

Error - 10/27/2014 9:14:24 PM | Computer Name = Walker-Laptop | Source = DCOM | ID = 10016
Description =

Error - 10/27/2014 9:17:58 PM | Computer Name = Walker-Laptop | Source = DCOM | ID = 10016
Description =

Error - 10/27/2014 9:18:11 PM | Computer Name = Walker-Laptop | Source = DCOM | ID = 10016
Description =

Error - 10/27/2014 9:18:15 PM | Computer Name = Walker-Laptop | Source = DCOM | ID = 10016
Description =

Error - 10/27/2014 9:20:29 PM | Computer Name = Walker-Laptop | Source = DCOM | ID = 10016
Description =

< End of report >

SAFE.Heur.418c and Trojan-PSW.BAT.[bleep]er malware/virus

#1
walkerdt

Posted 27 October 2014 - 07:46 PM

Advertisements

#2
CompCav

Posted 27 October 2014 - 08:03 PM

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us

SAFE.Heur.418c and Trojan-PSW.BAT.[bleep]er malware/virus

#1 walkerdt Posted 27 October 2014 - 07:46 PM

Advertisements

#2 CompCav Posted 27 October 2014 - 08:03 PM

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us

Sign In

#1
walkerdt

Posted 27 October 2014 - 07:46 PM

#2
CompCav

Posted 27 October 2014 - 08:03 PM