Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

SAFE.Heur.418c and Trojan-PSW.BAT.[bleep]er malware/virus


  • This topic is locked This topic is locked

#1
walkerdt

walkerdt

    Member

  • Member
  • PipPip
  • 23 posts

I seem to have been infected with malware/virus and cannot seem to get rid of it. I have scanned my system using Norton’s Antivirus Ver.21.6.0.32 and CCleaner v4.13.46593 (64 bit)  and they keep recurring, I believe I picked up the virus from a Kroger gift card post on Facebook.

 

Any assistance would be greatly appreciated.

 

Dave

 

OTL log attached:

 

OTL logfile created on: 10/27/2014 9:02:52 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Dave\Documents
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17358)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.80 Gb Total Physical Memory | 1.50 Gb Available Physical Memory | 39.42% Memory free
7.61 Gb Paging File | 4.34 Gb Available in Paging File | 57.12% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283.34 Gb Total Space | 197.33 Gb Free Space | 69.64% Space Free | Partition Type: NTFS
 
Computer Name: WALKER-LAPTOP | User Name: Dave | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - File not found -- C:\Users\Dave\My Documents\OTL.exe
PRC - [2014/10/27 19:48:10 | 000,524,016 | ---- | M] () -- C:\Program Files (x86)\AdvanceElite\bin\utilAdvanceElite.exe
PRC - [2014/10/27 18:07:26 | 000,123,632 | ---- | M] () -- C:\ProgramData\d2446020-ddff-402b-b064-199d2ce66b2b\maintainer.exe
PRC - [2014/10/27 14:46:29 | 000,098,544 | ---- | M] () -- C:\Program Files (x86)\AdvanceElite\bin\AdvanceElite.BrowserAdapter.exe
PRC - [2014/10/27 11:53:48 | 001,649,904 | ---- | M] () -- C:\Program Files (x86)\AdvanceElite\bin\AdvanceElite.BOASHelper.exe
PRC - [2014/10/27 11:53:46 | 001,791,216 | ---- | M] () -- C:\Program Files (x86)\AdvanceElite\bin\AdvanceElite.BOAS.exe
PRC - [2014/10/27 11:53:46 | 001,786,608 | ---- | M] () -- C:\Program Files (x86)\AdvanceElite\bin\AdvanceElite.BOASPRT.exe
PRC - [2014/10/26 15:09:33 | 000,523,504 | ---- | M] () -- C:\Program Files (x86)\AdvanceElite\updateAdvanceElite.exe
PRC - [2014/10/21 16:39:18 | 001,611,584 | ---- | M] (Spigot, Inc.) -- C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
PRC - [2014/10/21 16:34:22 | 000,990,584 | ---- | M] (Spigot, Inc.) -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
PRC - [2014/09/21 05:59:37 | 000,262,968 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton AntiVirus\Norton AntiVirus\Engine\21.6.0.32\nav.exe
PRC - [2014/09/12 05:43:06 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014/08/25 20:47:23 | 002,640,408 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
PRC - [2014/08/11 11:16:55 | 001,820,184 | ---- | M] (AVG Secure Search) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
PRC - [2014/08/11 11:16:54 | 000,159,768 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
PRC - [2014/08/07 08:52:52 | 000,438,616 | ---- | M] (Garmin Ltd or its subsidiaries) -- C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
PRC - [2014/07/02 15:07:26 | 003,431,712 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe
PRC - [2014/06/03 13:44:20 | 000,173,792 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
PRC - [2014/05/21 11:34:38 | 000,049,464 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe
PRC - [2014/03/26 18:41:12 | 001,723,760 | ---- | M] (NDS Technologies) -- C:\Users\Dave\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe
PRC - [2014/03/26 18:41:08 | 001,523,560 | ---- | M] () -- C:\Users\Dave\AppData\Local\DIRECTV Player\NDSPCShowServer.exe
PRC - [2014/03/11 23:36:06 | 000,247,968 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
PRC - [2013/09/24 09:25:25 | 000,049,008 | ---- | M] (CenturyLink Inc) -- C:\Program Files (x86)\CenturyLink\Desktop\CenturyLinkTouchPointAgent.exe
PRC - [2013/03/21 14:24:12 | 000,222,368 | ---- | M] () -- C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe
PRC - [2011/08/09 17:56:40 | 000,417,112 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCTray.exe
PRC - [2011/08/09 17:38:38 | 000,328,536 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe
PRC - [2010/03/17 17:37:16 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/03/17 17:34:12 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2009/12/29 17:35:38 | 000,140,520 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2009/12/23 18:39:04 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2009/12/23 18:39:02 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2009/10/15 04:10:28 | 000,498,160 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2009/06/24 17:21:38 | 000,409,744 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
PRC - [2009/06/09 10:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2009/05/21 09:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
PRC - [2009/05/21 09:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/10/27 14:46:29 | 000,098,544 | ---- | M] () -- C:\Program Files (x86)\AdvanceElite\bin\AdvanceElite.BrowserAdapter.exe
MOD - [2014/10/27 11:53:48 | 001,649,904 | ---- | M] () -- C:\Program Files (x86)\AdvanceElite\bin\AdvanceElite.BOASHelper.exe
MOD - [2014/10/27 11:53:46 | 001,791,216 | ---- | M] () -- C:\Program Files (x86)\AdvanceElite\bin\AdvanceElite.BOAS.exe
MOD - [2014/10/27 11:53:46 | 001,786,608 | ---- | M] () -- C:\Program Files (x86)\AdvanceElite\bin\AdvanceElite.BOASPRT.exe
MOD - [2014/10/22 21:17:40 | 001,051,136 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\99cdfef98595ed91f14936cf52a49c54\System.Management.ni.dll
MOD - [2014/10/21 19:42:52 | 001,840,640 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\75670ab8fe2a25bf165fafcc25be270e\System.Web.Services.ni.dll
MOD - [2014/10/21 19:42:41 | 000,774,144 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b3011370dcbf33751d3b9dce8091c6c6\System.Runtime.Remoting.ni.dll
MOD - [2014/10/21 19:42:10 | 000,310,784 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\91eb4f41130c65ef17f0fee1d3ab48fb\System.Runtime.Serialization.Formatters.Soap.ni.dll
MOD - [2014/10/21 19:42:09 | 012,435,968 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1453d9e9a4989833ef3db4b22549ba1a\System.Windows.Forms.ni.dll
MOD - [2014/10/21 19:42:02 | 001,593,344 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\836e10dfd0811b303553216f5cb092ef\System.Drawing.ni.dll
MOD - [2014/10/21 19:41:55 | 005,467,648 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49908aa93a23c84847b1f8b1b667860\System.Xml.ni.dll
MOD - [2014/10/21 19:41:51 | 000,978,432 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\237d509a79aeef6e4635b09450d98f2a\System.Configuration.ni.dll
MOD - [2014/10/21 19:41:35 | 003,348,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d97a5aa0eb7697aca7c6e90ae471af2b\WindowsBase.ni.dll
MOD - [2014/10/21 19:41:28 | 007,991,808 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\908ba9e296e92b4e14bdc2437edac603\System.ni.dll
MOD - [2014/09/12 15:46:25 | 011,497,984 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll
MOD - [2014/08/25 20:47:23 | 002,640,408 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
MOD - [2014/08/11 11:16:55 | 000,519,704 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\log4cplusU.dll
MOD - [2014/06/04 15:17:12 | 000,892,288 | ---- | M] () -- C:\Program Files (x86)\IObit\Smart Defrag 3\webres.dll
MOD - [2014/03/26 18:42:08 | 000,091,976 | ---- | M] () -- C:\Users\Dave\AppData\Local\DIRECTV Player\z.dll
MOD - [2014/03/26 18:42:00 | 000,338,784 | ---- | M] () -- C:\Users\Dave\AppData\Local\DIRECTV Player\ndsLogStore.dll
MOD - [2014/03/26 18:41:58 | 001,403,224 | ---- | M] () -- C:\Users\Dave\AppData\Local\DIRECTV Player\libxml2-2.dll
MOD - [2014/03/26 18:41:48 | 000,043,880 | ---- | M] () -- C:\Users\Dave\AppData\Local\DIRECTV Player\libgstvideo-0.10.dll
MOD - [2014/03/26 18:41:46 | 000,689,000 | ---- | M] () -- C:\Users\Dave\AppData\Local\DIRECTV Player\libgstreamer-0.10.dll
MOD - [2014/03/26 18:41:44 | 000,060,272 | ---- | M] () -- C:\Users\Dave\AppData\Local\DIRECTV Player\libgstinterfaces-0.10.dll
MOD - [2014/03/26 18:41:36 | 000,205,672 | ---- | M] () -- C:\Users\Dave\AppData\Local\DIRECTV Player\libgstbase-0.10.dll
MOD - [2014/03/26 18:41:24 | 007,730,016 | ---- | M] () -- C:\Users\Dave\AppData\Local\DIRECTV Player\gsttspplugin.dll
MOD - [2014/03/26 18:41:10 | 005,979,488 | ---- | M] () -- C:\Users\Dave\AppData\Local\DIRECTV Player\PCShowServer.dll
MOD - [2014/03/26 18:41:08 | 001,523,560 | ---- | M] () -- C:\Users\Dave\AppData\Local\DIRECTV Player\NDSPCShowServer.exe
MOD - [2014/03/26 18:41:02 | 003,261,280 | ---- | M] () -- C:\Users\Dave\AppData\Local\DIRECTV Player\DrmSingleton.dll
MOD - [2014/03/26 18:41:02 | 002,229,096 | ---- | M] () -- C:\Users\Dave\AppData\Local\DIRECTV Player\DiscoveryManager.dll
MOD - [2013/09/05 01:14:10 | 004,300,456 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2011/11/02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009/10/15 04:10:28 | 000,498,160 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/09/18 21:25:49 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010/03/17 17:29:08 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2010/03/17 17:27:52 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\WINDOWS\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\stacsv64.exe -- (STacSV)
SRV:64bit: - [2010/02/03 02:13:10 | 000,048,128 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE -- (wltrysvc)
SRV:64bit: - [2009/07/09 19:48:34 | 001,044,648 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\SysNative\dldtcoms.exe -- (dldt_device)
SRV:64bit: - [2009/06/09 10:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2014/10/27 19:48:10 | 000,524,016 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\AdvanceElite\bin\utilAdvanceElite.exe -- (Util AdvanceElite)
SRV - [2014/10/27 18:07:26 | 000,123,632 | ---- | M] () [Auto | Running] -- C:\ProgramData\d2446020-ddff-402b-b064-199d2ce66b2b\maintainer.exe -- (MaintainerSvc1.20.7247763)
SRV - [2014/10/26 15:09:33 | 000,523,504 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\AdvanceElite\updateAdvanceElite.exe -- (Update AdvanceElite)
SRV - [2014/10/21 16:34:22 | 000,990,584 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2014/09/24 17:38:24 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/09/21 05:59:37 | 000,262,968 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton AntiVirus\Norton AntiVirus\Engine\21.6.0.32\NAV.exe -- (NAV)
SRV - [2014/09/12 05:43:06 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/08/11 11:16:55 | 001,820,184 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe -- (vToolbarUpdater18.1.9)
SRV - [2014/08/07 08:52:52 | 000,438,616 | ---- | M] (Garmin Ltd or its subsidiaries) [Auto | Running] -- C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe -- (Garmin Core Update Service)
SRV - [2014/06/03 13:44:20 | 000,173,792 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe -- (BingDesktopUpdate)
SRV - [2014/05/21 11:34:38 | 000,049,464 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe -- (HPSupportSolutionsFrameworkService)
SRV - [2014/03/20 18:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2014/03/11 23:36:06 | 000,247,968 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE -- (BBUpdate)
SRV - [2014/03/11 23:36:06 | 000,193,696 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE -- (BBSvc)
SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/03/21 14:24:12 | 000,222,368 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe -- (Updater Service for AMZN)
SRV - [2011/08/09 17:38:38 | 000,328,536 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe -- (AdvancedSystemCareService)
SRV - [2010/10/12 13:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/07/15 05:50:12 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2010/03/17 17:37:16 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/03/17 17:34:12 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/03/17 17:29:08 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\AESTSr64.exe -- (AESTFilters)
SRV - [2010/03/17 17:27:52 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\STacSV64.exe -- (STacSV)
SRV - [2009/12/23 18:39:04 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2009/09/20 11:55:20 | 001,037,824 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2009/05/21 09:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/10/26 10:31:44 | 000,048,784 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\{b0c7827f-c845-429a-833b-c2a798fc4fc3}Gw64.sys -- ({b0c7827f-c845-429a-833b-c2a798fc4fc3}Gw64)
DRV:64bit: - [2014/10/23 12:30:34 | 000,048,784 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\{f5d136d7-adc2-4c84-85b2-e564334ab0bc}Gw64.sys -- ({f5d136d7-adc2-4c84-85b2-e564334ab0bc}Gw64)
DRV:64bit: - [2014/10/19 18:48:51 | 000,177,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2014/08/25 22:26:58 | 000,593,112 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\NAVx64\1506000.020\symnets.sys -- (SymNetS)
DRV:64bit: - [2014/08/25 22:26:57 | 001,148,120 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\NAVx64\1506000.020\symefa64.sys -- (SymEFA)
DRV:64bit: - [2014/08/25 22:20:22 | 000,876,248 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\WINDOWS\SysNative\drivers\NAVx64\1506000.020\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2014/08/25 22:20:22 | 000,037,592 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\NAVx64\1506000.020\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2014/08/11 11:16:55 | 000,050,976 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2014/08/06 15:48:16 | 000,266,968 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\NAVx64\1506000.020\ironx64.sys -- (SymIRON)
DRV:64bit: - [2014/06/04 15:17:14 | 000,021,184 | ---- | M] (IObit) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV:64bit: - [2014/01/07 08:42:08 | 000,076,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2013/09/25 22:50:25 | 000,162,392 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\NAVx64\1506000.020\ccsetx64.sys -- (ccSet_NAV)
DRV:64bit: - [2013/09/09 22:47:26 | 000,493,656 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\NAVx64\1506000.020\symds64.sys -- (SymDS)
DRV:64bit: - [2012/08/23 10:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 10:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/10 23:28:18 | 012,311,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/08/02 18:38:56 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/03/17 17:44:44 | 000,301,104 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/03/17 17:41:48 | 000,325,152 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/03/17 17:33:06 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2010/03/17 17:29:52 | 000,232,480 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/03/17 17:27:14 | 000,505,856 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010/02/26 20:32:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010/02/03 10:38:30 | 000,271,872 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/02/03 02:13:08 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)
DRV:64bit: - [2010/02/03 02:13:08 | 000,020,984 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\bcmvwl64.sys -- (BcmVWL)
DRV:64bit: - [2010/02/03 02:13:06 | 003,058,168 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/12/17 11:42:08 | 000,538,136 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/09 04:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/06/15 14:06:42 | 000,172,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2009/06/10 16:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2006/11/01 12:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2014/10/21 16:43:22 | 000,633,560 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton AntiVirus\Norton AntiVirus\NortonData\21.1.0.18\Definitions\IPSDefs\20141027.001\IDSviA64.sys -- (IDSVia64)
DRV - [2014/10/19 05:35:45 | 002,137,304 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton AntiVirus\Norton AntiVirus\NortonData\21.1.0.18\Definitions\VirusDefs\20141027.001\ex64.sys -- (NAVEX15)
DRV - [2014/10/19 05:35:45 | 000,487,216 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2014/10/19 05:35:45 | 000,142,640 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2014/10/19 05:35:45 | 000,129,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton AntiVirus\Norton AntiVirus\NortonData\21.1.0.18\Definitions\VirusDefs\20141027.001\eng64.sys -- (NAVENG)
DRV - [2014/10/16 23:06:56 | 001,587,416 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton AntiVirus\Norton AntiVirus\NortonData\21.1.0.18\Definitions\BASHDefs\20141024.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.bkmks.com/
IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1001\..\URLSearchHook: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\10.0\iobitappsToolbarIE.dll (Spigot, Inc.)
IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1001\..\SearchScopes,DefaultScope = {C9D7933B-9638-4D0A-911E-3F5426231A97}
IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE11SR
IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1001\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...sa&d=2013-01-19 16:42:07&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1001\..\SearchScopes\{9C596A39-04D5-4858-82E6-7B2D669F4F23}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1001\..\SearchScopes\{C9D7933B-9638-4D0A-911E-3F5426231A97}: "URL" = https://search.yahoo...&p={searchTerms}
IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1001\..\SearchScopes\9705932A03C64A7D8783A9093E45DAF9: "URL" = http://search.yahoo....&p={searchTerms}
IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://astromenda.co...r=1237709631=
IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 13 B5 8E B1 73 E0 CC 01  [binary data]
IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1003\..\URLSearchHook: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\10.0\iobitappsToolbarIE.dll (Spigot, Inc.)
IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1003\..\SearchScopes,DefaultScope = {2E00D31D-D171-423D-836D-1A4D7EA7F1A9}
IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IESR02
IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1003\..\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}: "URL" = https://search.yahoo...&p={searchTerms}
IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1003\..\SearchScopes\{7E031750-8AD7-4ED2-ACB1-E3303FCB5B98}: "URL" = http://astromenda.co...r=1237709631=
IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1003\..\SearchScopes\{868B13F7-31D3-4DFE-B9B7-27AE84181A5C}: "URL" = http://search.yahoo....&p={searchTerms}
IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1003\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...sa&d=2013-01-19 16:42:07&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 90 FF CF 62 D3 CA CF 01  [binary data]
IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1005\..\URLSearchHook: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\10.0\iobitappsToolbarIE.dll (Spigot, Inc.)
IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1005\..\SearchScopes,DefaultScope = {7CE215D8-9305-4040-A2FD-86F745F4E380}
IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE11SR
IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1005\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1005\..\SearchScopes\{7CE215D8-9305-4040-A2FD-86F745F4E380}: "URL" = http://search.yahoo....&p={searchTerms}
IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1005\..\SearchScopes\{C036F0DA-8CC2-4251-96F9-FCB7D24FC9EE}: "URL" = http://search.yahoo....&p={searchTerms}
IE - HKU\S-1-5-21-1191499748-3630827782-3512929281-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll File not found
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.67.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\5\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@nds.com/PlayerPlugin: C:\Users\Dave\AppData\Local\DIRECTV Player\npPlayerPlugin.dll (DIRECTV)
FF - HKCU\Software\MozillaPlugins\NDS.com/PlayerPlugin: C:\Users\Dave\AppData\Local\DIRECTV Player\npPlayerPlugin.dll (DIRECTV)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\ProgramData\AVG Secure Search\FireFoxExt\17.3.0.49
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.1.0.18\IPSFF [2014/10/19 18:49:11 | 000,000,000 | ---D | M]
 
[2014/02/09 21:24:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dave\AppData\Roaming\Mozilla\Extensions
 
========== Chrome  ==========
 
CHR - default_search_provider: Yahoo (Enabled)
CHR - default_search_provider: search_url = http://search.yahoo....&p={searchTerms}
CHR - default_search_provider: suggest_url = http://ff.search.yah...nd={searchTerms},
CHR - homepage: https://www.bkmks.com/
CHR - plugin: Error reading preferences file
CHR - Extension: McAfee Security Scan+ = C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh\3.8.141.12_0\
CHR - Extension: Ebay Shopping Assistant by Spigot = C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj\1.1_0\
CHR - Extension: Domain Error Assistant = C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\
CHR - Extension: Slick Savings = C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0\
CHR - Extension: AVG Security Toolbar = C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\18.1.0.443_0\
CHR - Extension: Google Wallet = C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Amazon 1Button App for Chrome = C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\4.2014.411.0_0\
CHR - Extension: Amazon Shopping Assistant by Spigot = C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_0\
CHR - Extension: AdvanceElite = C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkbbmldjcnhopjhpifcocnmkooiadpbb\1.0.1_0\
 
O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\WINDOWS\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (IObit Apps Toolbar) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\10.0\iobitappsToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (AdvanceElite) - {3b2cb4c8-72ab-4b25-8fa1-219b36a60bed} - C:\Program Files (x86)\AdvanceElite\AdvanceElitebho.dll (AdvanceElite)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Norton AntiVirus\Engine\21.6.0.32\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (CenturyLink Toolbar) - {83453B9B-B889-4659-9144-20F081542BDC} - C:\Program Files (x86)\centurytoolbar\centurytoolbarDx.dll ()
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll (AVG Secure Search)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (AlxHelper Class) - {F443A627-5009-4323-9C1D-7FD598D0D712} - C:\Program Files (x86)\Amazon Browser Bar\AmazonBrowserBar.3.0.dll (Amazon.com)
O3:64bit: - HKLM\..\Toolbar: (IObit Apps Toolbar) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\10.0\iobitappsToolbarIE64.dll (Spigot, Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (IObit Apps Toolbar) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\10.0\iobitappsToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (CenturyLink Toolbar) - {83453B9B-B889-4659-9144-20F081542BDC} - C:\Program Files (x86)\centurytoolbar\centurytoolbarDx.dll ()
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll (AVG Secure Search)
O3 - HKLM\..\Toolbar: (Amazon Browser Bar) - {EA582743-9076-4178-9AA6-7393FDF4D5CE} - C:\Program Files (x86)\Amazon Browser Bar\AmazonBrowserBar.3.0.dll (Amazon.com)
O3 - HKU\S-1-5-21-1191499748-3630827782-3512929281-1001\..\Toolbar\WebBrowser: (no name) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - No CLSID value found.
O3 - HKU\S-1-5-21-1191499748-3630827782-3512929281-1001\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-1191499748-3630827782-3512929281-1003\..\Toolbar\WebBrowser: (no name) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - No CLSID value found.
O3 - HKU\S-1-5-21-1191499748-3630827782-3512929281-1003\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-1191499748-3630827782-3512929281-1005\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE (Dell Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\windows\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BingDesktop] C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe (Microsoft Corp.)
O4 - HKLM..\Run: [CenturyLinkTouchPointAgent] C:\Program Files (x86)\CenturyLink\Desktop\CenturyLinkTouchPointAgent.exe (CenturyLink Inc)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey File not found
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKU\.DEFAULT..\Run: [GarminExpressTrayApp] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe (Garmin Ltd or its subsidiaries)
O4 - HKU\S-1-5-18..\Run: [GarminExpressTrayApp] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe (Garmin Ltd or its subsidiaries)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1191499748-3630827782-3512929281-1001..\Run: [Advanced SystemCare 4] C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCTray.exe (IObit)
O4 - HKU\S-1-5-21-1191499748-3630827782-3512929281-1001..\Run: [GarminExpressTrayApp] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe (Garmin Ltd or its subsidiaries)
O4 - HKU\S-1-5-21-1191499748-3630827782-3512929281-1001..\Run: [PCShowServer] C:\Users\Dave\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe (NDS Technologies)
O4 - HKU\S-1-5-21-1191499748-3630827782-3512929281-1003..\Run: [BRS] C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe -runBRS File not found
O4 - HKU\S-1-5-21-1191499748-3630827782-3512929281-1003..\Run: [Driver Support] C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe (PC Drivers Headquarters)
O4 - HKU\S-1-5-21-1191499748-3630827782-3512929281-1003..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent File not found
O4 - HKU\S-1-5-21-1191499748-3630827782-3512929281-1003..\Run: [GarminExpressTrayApp] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe (Garmin Ltd or its subsidiaries)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk =  File not found
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk =  File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk =  File not found
O4 - Startup: C:\Users\Steph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk =  File not found
O4 - Startup: C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk =  File not found
O4 - Startup: C:\Users\Teresa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk =  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.67.2)
O16 - DPF: {B3E32D88-8E7F-468F-B0E2-3A300FD4A82C} http://myitlab.pears...ces/ax/stub.cab (Enlite 2.x Simulation Engine Installer)
O16 - DPF: {CAFEEFAC-0017-0000-0067-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_67)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_67)
O16 - DPF: Garmin Communicator Plug-In https://static.garmi...xControl_32.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 205.171.2.226
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{174EFE9D-D621-4776-BDEF-F92415824A35}: DhcpNameServer = 192.168.0.1 205.171.2.226
O18:64bit: - Protocol\Handler\cozi - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll) -  File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\PFW: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/10/27 20:59:06 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Dave\Documents\OTL.exe
[2014/10/27 20:19:26 | 000,000,000 | ---D | C] -- C:\ProgramData\d2446020-ddff-402b-b064-199d2ce66b2b
[2014/10/26 15:07:20 | 000,048,784 | ---- | C] (StdLib) -- C:\windows\SysNative\drivers\{b0c7827f-c845-429a-833b-c2a798fc4fc3}Gw64.sys
[2014/10/23 20:29:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit Apps Toolbar
[2014/10/23 20:29:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Application Updater
[2014/10/23 20:26:03 | 000,048,784 | ---- | C] (StdLib) -- C:\windows\SysNative\drivers\{f5d136d7-adc2-4c84-85b2-e564334ab0bc}Gw64.sys
[2014/10/22 21:10:13 | 000,000,000 | ---D | C] -- C:\ProgramData\UAB
[2014/10/22 21:08:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Support
[2014/10/22 21:07:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Driver Support
[2014/10/22 21:07:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Driver Support
[2014/10/22 21:05:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WSE_Astromenda
[2014/10/22 21:04:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
[2014/10/22 21:04:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RCP
[2014/10/21 19:56:36 | 000,593,112 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NAVx64\1506000.020\symnets.sys
[2014/10/21 19:56:36 | 000,023,568 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NAVx64\1506000.020\symelam.sys
[2014/10/21 19:56:35 | 001,148,120 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NAVx64\1506000.020\symefa64.sys
[2014/10/21 19:56:35 | 000,876,248 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NAVx64\1506000.020\srtsp64.sys
[2014/10/21 19:56:35 | 000,493,656 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NAVx64\1506000.020\symds64.sys
[2014/10/21 19:56:35 | 000,266,968 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NAVx64\1506000.020\ironx64.sys
[2014/10/21 19:56:35 | 000,162,392 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NAVx64\1506000.020\ccsetx64.sys
[2014/10/21 19:56:35 | 000,037,592 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NAVx64\1506000.020\srtspx64.sys
[2014/10/21 19:56:15 | 000,000,000 | ---D | C] -- C:\windows\SysNative\drivers\NAVx64\1506000.020
[2014/10/19 21:33:16 | 000,000,000 | ---D | C] -- C:\Users\Dave\AppData\Local\CrashDumps
[2014/10/19 21:32:13 | 000,000,000 | ---D | C] -- C:\Users\Dave\Documents\MLB Ballpark Empire Hack
[2014/10/19 20:44:19 | 000,000,000 | ---D | C] -- C:\Users\Dave\AppData\Roaming\PCHC
[2014/10/19 18:55:09 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieetwproxystub.dll
[2014/10/19 18:55:09 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2014/10/19 18:55:08 | 000,710,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2014/10/19 18:55:08 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript9diag.dll
[2014/10/19 18:55:08 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\JavaScriptCollectionAgent.dll
[2014/10/19 18:55:08 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2014/10/19 18:55:08 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/10/19 18:55:08 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwproxystub.dll
[2014/10/19 18:55:08 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2014/10/19 18:55:06 | 002,017,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2014/10/19 18:55:06 | 000,446,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2014/10/19 18:55:06 | 000,440,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2014/10/19 18:55:06 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollector.exe
[2014/10/19 18:55:06 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2014/10/19 18:55:06 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollectorres.dll
[2014/10/19 18:55:05 | 000,731,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2014/10/19 18:55:04 | 002,108,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2014/10/19 18:55:04 | 001,068,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmlmedia.dll
[2014/10/19 18:55:04 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2014/10/19 18:55:03 | 000,678,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2014/10/19 18:55:03 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2014/10/19 18:55:03 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2014/10/19 18:55:03 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MshtmlDac.dll
[2014/10/19 18:55:01 | 000,595,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2014/10/19 18:55:01 | 000,289,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2014/10/19 18:55:00 | 001,249,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmlmedia.dll
[2014/10/19 18:55:00 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2014/10/19 18:54:59 | 005,829,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2014/10/19 18:54:59 | 000,775,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2014/10/19 18:54:59 | 000,758,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9diag.dll
[2014/10/19 18:54:59 | 000,547,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2014/10/19 18:54:59 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2014/10/19 18:54:58 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2014/10/19 18:54:58 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MshtmlDac.dll
[2014/10/19 18:54:57 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MsSpellCheckingFacility.exe
[2014/10/19 18:52:36 | 001,943,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dfshim.dll
[2014/10/19 18:52:36 | 001,131,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dfshim.dll
[2014/10/19 18:52:36 | 000,156,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mscorier.dll
[2014/10/19 18:52:36 | 000,156,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mscorier.dll
[2014/10/19 18:52:35 | 000,081,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mscories.dll
[2014/10/19 18:52:35 | 000,073,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mscories.dll
[2014/10/19 18:52:27 | 000,507,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aepdu.dll
[2014/10/19 18:52:27 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\generaltel.dll
[2014/10/19 18:52:24 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aeinv.dll
[2014/10/19 18:49:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\centurytoolbar
[2014/10/19 18:48:51 | 000,177,752 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\SYMEVENT64x86.SYS
[2014/10/19 18:48:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2014/10/19 18:47:34 | 003,241,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msi.dll
[2014/10/19 18:47:23 | 004,922,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mstscax.dll
[2014/10/19 18:47:23 | 001,050,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mstsc.exe
[2014/10/19 18:47:23 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\aaclient.dll
[2014/10/19 18:47:23 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tsgqec.dll
[2014/10/19 18:47:23 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tsgqec.dll
[2014/10/19 18:47:22 | 001,125,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mstsc.exe
[2014/10/19 18:47:22 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aaclient.dll
[2014/10/19 18:47:21 | 005,780,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mstscax.dll
[2014/10/19 18:47:21 | 003,179,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcorets.dll
[2014/10/19 18:46:58 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rastls.dll
[2014/10/19 18:46:45 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winlogon.exe
[2014/10/19 18:46:45 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winsta.dll
[2014/10/19 18:46:45 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcorekmts.dll
[2014/10/19 18:43:15 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\packager.dll
[2014/10/19 18:43:15 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\packager.dll
[2014/10/19 18:09:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CenturyLink
[2014/10/19 16:35:08 | 000,000,000 | ---D | C] -- C:\Users\Dave\AppData\Local\AskPartnerNetwork
[2014/10/19 16:35:04 | 000,000,000 | ---D | C] -- C:\ProgramData\AskPartnerNetwork
[2014/10/19 16:35:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AskPartnerNetwork
[2014/10/19 16:34:44 | 000,000,000 | ---D | C] -- C:\ProgramData\APN
[2014/10/17 18:46:17 | 000,000,000 | ---D | C] -- C:\NPE
[2014/10/17 18:42:13 | 000,000,000 | ---D | C] -- C:\Users\Dave\AppData\Local\NPE
[2014/10/17 17:10:02 | 000,000,000 | ---D | C] -- C:\Users\Dave\AppData\Local\IsolatedStorage
[2014/10/17 17:09:34 | 000,000,000 | ---D | C] -- C:\Program Files\Earth Networks
[2014/10/17 17:09:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AdvanceElite
[2014/10/17 17:09:16 | 000,000,000 | ---D | C] -- C:\ProgramData\{FA77A43D-F6ED-4924-87B5-517C061388C6}
[2014/10/17 13:25:39 | 000,000,000 | ---D | C] -- C:\Users\Dave\Documents\ADDA Mechanical Drafter Certification Exam Revie Guide
[2014/10/17 13:11:42 | 000,000,000 | ---D | C] -- C:\Users\Dave\Documents\Desktop Images
[2014/10/16 19:47:18 | 000,372,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rastls.dll
[2014/10/04 16:48:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2014/10/04 16:18:34 | 000,000,000 | ---D | C] -- C:\windows\SysNative\drivers\NAVx64
[2014/10/04 16:18:32 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus
[2014/10/04 16:18:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton AntiVirus
[2014/10/04 16:18:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2014/10/04 16:18:28 | 000,000,000 | ---D | C] -- C:\Users\Dave\Documents\Symantec
[2014/10/04 16:18:28 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2014/10/04 16:18:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2014/10/04 15:57:00 | 000,000,000 | ---D | C] -- C:\ProgramData\CenturyLink
[2014/10/04 15:56:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Qwest
[2014/10/04 15:56:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CenturyLink
[2014/10/02 10:45:59 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qdvd.dll
[2014/10/02 10:45:59 | 000,371,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qdvd.dll
 
========== Files - Modified Within 30 Days ==========
 
[2014/10/27 21:09:56 | 000,022,704 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/10/27 21:09:56 | 000,022,704 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/10/27 21:07:00 | 000,000,296 | ---- | M] () -- C:\windows\tasks\UpdaterEX.job
[2014/10/27 21:05:00 | 000,000,296 | ---- | M] () -- C:\windows\tasks\WSE_Astromenda.job
[2014/10/27 21:02:00 | 000,000,898 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/10/27 20:59:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dave\Documents\OTL.exe
[2014/10/27 20:38:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2014/10/27 19:47:23 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2014/10/27 19:46:47 | 000,000,894 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/10/27 19:46:00 | 000,000,350 | ---- | M] () -- C:\windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
[2014/10/27 19:45:20 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2014/10/27 19:45:00 | 3062,902,784 | -HS- | M] () -- C:\hiberfil.sys
[2014/10/26 10:31:44 | 000,048,784 | ---- | M] (StdLib) -- C:\windows\SysNative\drivers\{b0c7827f-c845-429a-833b-c2a798fc4fc3}Gw64.sys
[2014/10/23 12:30:34 | 000,048,784 | ---- | M] (StdLib) -- C:\windows\SysNative\drivers\{f5d136d7-adc2-4c84-85b2-e564334ab0bc}Gw64.sys
[2014/10/22 21:08:22 | 000,002,263 | ---- | M] () -- C:\Users\Public\Desktop\Driver Support.lnk
[2014/10/22 21:04:36 | 000,000,947 | ---- | M] () -- C:\Users\Public\Desktop\RegClean Pro.lnk
[2014/10/22 20:59:17 | 002,948,932 | ---- | M] () -- C:\windows\SysNative\drivers\NAVx64\1506000.020\Cat.DB
[2014/10/22 20:58:31 | 000,002,614 | ---- | M] () -- C:\Users\Public\Desktop\Norton AntiVirus.lnk
[2014/10/21 19:30:28 | 000,409,576 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2014/10/19 21:27:59 | 000,458,934 | ---- | M] () -- C:\Users\Dave\Documents\MLB BALLPARK EMPIRE HACK TOOL.rar
[2014/10/19 20:37:40 | 000,000,146 | ---- | M] () -- C:\Users\Dave\Desktop\CenturyLink PC Services.url
[2014/10/19 18:48:51 | 000,177,752 | ---- | M] (Symantec Corporation) -- C:\windows\SysNative\drivers\SYMEVENT64x86.SYS
[2014/10/19 18:48:51 | 000,008,222 | ---- | M] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.CAT
[2014/10/19 18:48:51 | 000,000,854 | ---- | M] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.INF
[2014/10/14 12:44:28 | 000,048,844 | ---- | M] () -- C:\windows\SysNative\drivers\NAVx64\1506000.020\VT20141014.006
[2014/10/10 21:18:18 | 000,003,288 | ---- | M] () -- C:\bootsqm.dat
[2014/10/09 22:05:59 | 000,276,480 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\generaltel.dll
[2014/10/09 22:05:42 | 000,507,392 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\aepdu.dll
[2014/10/09 22:00:38 | 000,424,448 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\aeinv.dll
 
========== Files Created - No Company Name ==========
 
[2014/10/27 19:47:22 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/10/22 21:08:22 | 000,002,263 | ---- | C] () -- C:\Users\Public\Desktop\Driver Support.lnk
[2014/10/22 21:07:45 | 000,000,296 | ---- | C] () -- C:\windows\tasks\UpdaterEX.job
[2014/10/22 21:07:13 | 000,000,296 | ---- | C] () -- C:\windows\tasks\WSE_Astromenda.job
[2014/10/22 21:04:36 | 000,000,947 | ---- | C] () -- C:\Users\Public\Desktop\RegClean Pro.lnk
[2014/10/22 20:55:16 | 002,948,932 | ---- | C] () -- C:\windows\SysNative\drivers\NAVx64\1506000.020\Cat.DB
[2014/10/21 19:58:20 | 000,048,844 | ---- | C] () -- C:\windows\SysNative\drivers\NAVx64\1506000.020\VT20141014.006
[2014/10/21 19:56:36 | 000,009,939 | R--- | C] () -- C:\windows\SysNative\drivers\NAVx64\1506000.020\symelam64.cat
[2014/10/21 19:56:36 | 000,008,192 | ---- | C] () -- C:\windows\SysNative\drivers\NAVx64\1506000.020\symnet64.cat
[2014/10/21 19:56:36 | 000,001,440 | ---- | C] () -- C:\windows\SysNative\drivers\NAVx64\1506000.020\symnet.inf
[2014/10/21 19:56:36 | 000,001,098 | R--- | C] () -- C:\windows\SysNative\drivers\NAVx64\1506000.020\symelam.inf
[2014/10/21 19:56:35 | 000,008,202 | R--- | C] () -- C:\windows\SysNative\drivers\NAVx64\1506000.020\ccsetx64.cat
[2014/10/21 19:56:35 | 000,008,194 | ---- | C] () -- C:\windows\SysNative\drivers\NAVx64\1506000.020\symefa64.cat
[2014/10/21 19:56:35 | 000,008,188 | R--- | C] () -- C:\windows\SysNative\drivers\NAVx64\1506000.020\symds64.cat
[2014/10/21 19:56:35 | 000,008,188 | ---- | C] () -- C:\windows\SysNative\drivers\NAVx64\1506000.020\srtspx64.cat
[2014/10/21 19:56:35 | 000,008,184 | ---- | C] () -- C:\windows\SysNative\drivers\NAVx64\1506000.020\srtsp64.cat
[2014/10/21 19:56:35 | 000,008,184 | ---- | C] () -- C:\windows\SysNative\drivers\NAVx64\1506000.020\iron.cat
[2014/10/21 19:56:35 | 000,003,433 | ---- | C] () -- C:\windows\SysNative\drivers\NAVx64\1506000.020\symefa.inf
[2014/10/21 19:56:35 | 000,002,852 | R--- | C] () -- C:\windows\SysNative\drivers\NAVx64\1506000.020\symds.inf
[2014/10/21 19:56:35 | 000,001,437 | ---- | C] () -- C:\windows\SysNative\drivers\NAVx64\1506000.020\srtsp64.inf
[2014/10/21 19:56:35 | 000,001,420 | ---- | C] () -- C:\windows\SysNative\drivers\NAVx64\1506000.020\srtspx64.inf
[2014/10/21 19:56:35 | 000,000,855 | R--- | C] () -- C:\windows\SysNative\drivers\NAVx64\1506000.020\ccsetx64.inf
[2014/10/21 19:56:35 | 000,000,767 | ---- | C] () -- C:\windows\SysNative\drivers\NAVx64\1506000.020\iron.inf
[2014/10/21 19:56:15 | 000,000,172 | ---- | C] () -- C:\windows\SysNative\drivers\NAVx64\1506000.020\isolate.ini
[2014/10/19 21:27:59 | 000,458,934 | ---- | C] () -- C:\Users\Dave\Documents\MLB BALLPARK EMPIRE HACK TOOL.rar
[2014/10/19 20:37:40 | 000,000,146 | ---- | C] () -- C:\Users\Dave\Desktop\CenturyLink PC Services.url
[2014/10/19 18:48:51 | 000,008,222 | ---- | C] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.CAT
[2014/10/19 18:48:51 | 000,000,854 | ---- | C] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.INF
[2014/10/19 18:48:50 | 000,002,614 | ---- | C] () -- C:\Users\Public\Desktop\Norton AntiVirus.lnk
[2014/10/10 21:18:18 | 000,003,288 | ---- | C] () -- C:\bootsqm.dat
[2014/01/28 22:56:38 | 000,775,124 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2013/08/02 20:09:35 | 000,362,029 | ---- | C] () -- C:\windows\SysWow64\sqlite3.dll
[2013/03/19 23:59:34 | 000,077,650 | ---- | C] () -- C:\windows\hpqins05.dat
[2013/03/19 22:04:44 | 000,221,544 | ---- | C] () -- C:\windows\hpoins19.dat
[2013/03/19 22:04:44 | 000,013,898 | ---- | C] () -- C:\windows\hpomdl19.dat
[2012/02/18 12:07:58 | 000,000,065 | ---- | C] () -- C:\Users\Dave\AppData\Roaming\StvInventor_3D.ini
[2011/12/16 14:19:38 | 000,115,004 | ---- | C] () -- C:\Users\Dave\Bowl Pool 2011 Tally Sheet.pdf
[2011/12/10 11:03:01 | 000,025,463 | ---- | C] () -- C:\Users\Dave\Bowl Pool 2011-Pick Sheet.pdf
 
========== ZeroAccess Check ==========
 
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\WINDOWS\SysNative\shell32.dll -- [2014/06/24 22:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/06/24 21:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\WINDOWS\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\WINDOWS\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >

 

 

 

OTL Extras logfile created on: 10/27/2014 9:02:52 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Dave\Documents
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17358)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.80 Gb Total Physical Memory | 1.50 Gb Available Physical Memory | 39.42% Memory free
7.61 Gb Paging File | 4.34 Gb Available in Paging File | 57.12% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283.34 Gb Total Space | 197.33 Gb Free Space | 69.64% Space Free | Partition Type: NTFS
 
Computer Name: WALKER-LAPTOP | User Name: Dave | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
 
[HKEY_USERS\S-1-5-21-1191499748-3630827782-3512929281-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AutoUpdateDisableNotify" = 0
"FirewallDisableNotify" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\CA Personal Firewall]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{006DC5ED-478B-40F2-9987-BAB9A5338B4A}" = rport=137 | protocol=17 | dir=out | app=system |
"{163FF1A3-235D-424C-8605-2F5B78C5F167}" = rport=445 | protocol=6 | dir=out | app=system |
"{2029505C-2AF6-4521-B03F-721575D7F832}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{203C88E0-B59A-434E-A43D-42966F88757D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{25C9B354-8D99-4F4D-B7D3-E00C1FD48B84}" = lport=445 | protocol=6 | dir=in | app=system |
"{39A5223F-9FF4-4073-B319-9DFA191A0255}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{485C48CA-F77B-4196-A303-0F99F9A0119C}" = lport=139 | protocol=6 | dir=in | app=system |
"{5D83CD2E-7C03-469E-9E58-F3966E47430E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{60F9C472-A6F1-4129-B110-5F1E6FA6256B}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6134BC38-2D82-4F32-9128-1FE4E764BC1D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{647DEFE0-BEEC-46E3-8FD1-B6724C9734AC}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{698098BD-2A73-46C0-A457-E171C48865FD}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7026E24D-DB5C-4C63-904B-550CAC8F8E19}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{7BABBFA2-B091-4652-8437-34B34CA3E543}" = lport=137 | protocol=17 | dir=in | app=system |
"{8930D8CC-E59C-4E8E-A780-C58E3400191C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B8478A2D-980C-4495-A2E5-704DD547773F}" = lport=10243 | protocol=6 | dir=in | app=system |
"{B91F2A13-26B9-472A-88C6-C77AA542B59B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BA30B924-5EE4-4900-95C7-5E27EED492C3}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{BBFCEB8A-E6D4-4189-91E4-CA47F9BF3722}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{BC72CC65-2AE5-490C-9664-BB61734B5433}" = rport=139 | protocol=6 | dir=out | app=system |
"{C75F754F-DEF0-47CA-99CB-3DC4466EC507}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D125E8E0-75EC-4D72-9AFD-92E213E4AE53}" = lport=138 | protocol=17 | dir=in | app=system |
"{D5AC1939-C711-4E76-B8D0-8E45972B2B30}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E4EAD83F-578C-4894-A502-1471D7D6C790}" = rport=10243 | protocol=6 | dir=out | app=system |
"{E698333C-3749-4568-AC89-EDFECD6DABAB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FA663870-670D-4C21-B16D-8798E123B78C}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{FC9A09AA-43AA-400E-8701-47C011B7DF86}" = rport=138 | protocol=17 | dir=out | app=system |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0002E07E-CF8C-44FA-BB82-462625B06244}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe |
"{00223E96-280F-42FA-B7E0-5026E700FA4B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe |
"{21F78D90-6591-4074-87C6-EE448C526DD0}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{26A5EF71-BE68-4300-A64E-2F9F5557F722}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{2EC3025E-230F-490B-81D5-366AE2418330}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{308C3967-D999-4530-B0B3-62040661A26C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{325FDC7A-CC54-430E-B8EF-1519CE0EF0EA}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{38BE50B9-70E0-4808-8242-11A5E32FADB7}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{3A14C0E9-1159-46C0-88AB-63735B5EE9DF}" = protocol=58 | dir=out | [email protected],-28546 |
"{3B9924F4-F16F-4CB4-89F8-9F59A12447CE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{429D8FE0-5A68-4630-BE64-0ED29B417FCA}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe |
"{4E6545B6-A99A-4C58-9D72-704E3A715005}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd dx\powerdvd.exe |
"{519F1A97-6117-48FD-9B9F-D15DF84646C4}" = protocol=17 | dir=in | app=c:\windows\system32\dldtcoms.exe |
"{535EFE5A-233A-4F92-ACDC-1F0BAA809D54}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{58B06CDA-BED1-41D7-9905-F16765E74B55}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd dx\pdvddxsrv.exe |
"{59278FD6-F43E-4738-B829-996598F626D0}" = protocol=6 | dir=in | app=c:\windows\system32\dldtcoms.exe |
"{592BFBE7-9441-4448-9343-18E61009F60D}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{609E161E-CE1B-41F7-99D9-6C51A12EED59}" = protocol=1 | dir=in | [email protected],-28543 |
"{616243F0-D2C6-46C4-9155-E98A4929D881}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{62F40166-C942-422B-96BC-1D264F3489D7}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{6C7F8F99-DAF4-4DA5-A954-9A2650B89EDE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{6EFFB75E-68AC-49E8-AAF2-BCB6F71038C6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{784209E6-A3FA-46B4-8B2F-F82AC43C296B}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{7B3E209A-65A9-4E89-8096-C18F6BDA23C9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{83CBF090-18E5-4944-AA9A-1D197C89FD12}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{8613C311-AFC1-4DC2-A9FE-9FC81B172C2C}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{8EAB4E2B-6C8D-4F15-B3C6-7D6FA2F7562F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{94DE7EB6-7CF1-4EE1-A008-FCDDBED557B6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{96EF6FF3-E5D4-475F-97CF-9A2C8FEC075F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{9A0B1089-F8A0-49B7-870D-9417987D3C51}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqnrs08.exe |
"{9E56198C-EC5D-47B7-BC5B-5B3323D008B5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A043659D-7832-4099-B094-FA19E468C1B6}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{A0C1DD46-6700-491B-8E31-25C0BF019698}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A6F1E277-538E-4D7B-B2A0-98E12DD3C41D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{A8A93D35-208B-4A09-A0F5-485C5D19EA8C}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{AA972C3E-2EBD-44EE-8BDB-3A89F4830286}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B03B5988-78C0-400B-A80D-CD6AA7B2ECF9}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{BB0A69C9-FE36-4DDB-94BB-10E9DA4C386E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BF69DC93-FF62-4254-9DC7-B3ECFC73DF77}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{BFB16413-70B7-49EE-9210-C7AB802F50AB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe |
"{C14EBA27-872A-47F7-83AB-C8D2E2C55974}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe |
"{C234B9E6-4EBE-4F76-A04F-20C274DA8003}" = protocol=58 | dir=in | [email protected],-28545 |
"{C352586F-255C-40AC-8DCB-B8AA3F9378C5}" = protocol=6 | dir=out | app=system |
"{C4F32E78-A078-4A8B-A9C7-4E73DDBFFD64}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{C8AD3D9C-57AF-4DB1-8597-47D1BCE0A3CB}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{D0118D7F-84FE-48C5-849A-90008280CCC3}" = protocol=1 | dir=out | [email protected],-28544 |
"{D77BDDD3-C55E-4C4B-B754-525BDA4B4398}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D9AA9987-ACB1-4F4A-B380-749B9A67782A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E369F4B3-C2D4-4747-B5E6-8170C8949721}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{E7EA138A-81E2-4E00-9D18-908A67CFEC4F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{F27FE860-1768-46BD-9AB3-36A98BE88A7A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{F6F92C34-822C-4977-BBBA-3325FAC3F8EC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe |
"TCP Query User{146A3A24-CCAC-490E-9E73-FD9DEF695FB1}C:\users\dave\appdata\local\directv player\ndspcshowserver.exe" = protocol=6 | dir=in | app=c:\users\dave\appdata\local\directv player\ndspcshowserver.exe |
"TCP Query User{60D6D585-2136-4718-BC98-7EC7F07D9BFF}C:\users\dave\appdata\local\directv player\ndspcshowserver.exe" = protocol=6 | dir=in | app=c:\users\dave\appdata\local\directv player\ndspcshowserver.exe |
"UDP Query User{934F4531-FDBC-4CBF-9927-E36576E06169}C:\users\dave\appdata\local\directv player\ndspcshowserver.exe" = protocol=17 | dir=in | app=c:\users\dave\appdata\local\directv player\ndspcshowserver.exe |
"UDP Query User{CDEC1E8C-099F-446F-9E40-95034B05D3BD}C:\users\dave\appdata\local\directv player\ndspcshowserver.exe" = protocol=17 | dir=in | app=c:\users\dave\appdata\local\directv player\ndspcshowserver.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{237D687E-9E50-4A30-B810-262764CC491B}" = Garmin Communicator Plugin x64
"{37A08B0D-1168-49E3-B2BD-933B83F36E92}" = ANT Drivers Installer x64
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{5E11C972-1E76-45FE-8F92-14E0D1140B1B}" = iTunes
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B61ED343-0B14-4241-999C-490CB1A20DA4}" = HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B
"{C73A3942-84C8-4597-9F9B-EE227DCBA758}" = Dell Dock
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"98157A226B40B173301B0F53C8E98C47805D5152" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0)
"AdvanceElite" = AdvanceElite
"Amazon Browser Bar" = Amazon Browser Bar
"CCleaner" = CCleaner
"D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2" = Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1)
"DW WLAN Card Utility" = DW WLAN Card Utility
"F9D2A789F9CFF8CEC36B544F53877C80F1F73C46" = Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201)
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"Shop for HP Supplies" = Shop for HP Supplies
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Totalcmd64" = Total Commander 64-bit (Remove or Repair)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{104066F4-5897-4067-85D3-4C88B67CCF75}" = AIO_Scan
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{187DA2A3-9687-4740-BD77-5ABB15BCDA8D}" = Garmin Express
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{1D601240-1E3C-11DE-8C30-0800200C9A66}" = Walmart Photo Manager
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{2289494D-48E6-40F0-ABE1-24F1FD5A84E5}" = Garmin Express Tray
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F03217067FF}" = Java 7 Update 67
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2DA5F129-11AC-4F11-8188-B2F07EAAC20A}" = Cozi
"{2E87F4AB-99BF-421C-AF7B-365A9C08549A}" = F300
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{3365E735-48A6-4194-9988-CE59AC5AE503}" = Bing Bar
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C4BCD2A-8D3C-4663-9449-AB7B3AFD096F}" = Elevated Installer
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker
"{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}" = Garmin USB Drivers
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}" = Banctec Service Agreement
"{43CA6533-3E0C-4B89-A99F-631242F3CCF3}" = IObit Apps Toolbar v10.0
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{597FB4A5-DD86-4316-A410-7E8074CC2CCE}" = Driver Support
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{647BB978-2876-487B-9B0E-FDB73F0EA4A2}" = Garmin Communicator Plugin
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX
"{68C5BF13-93DA-4185-AA07-0451CF8542CD}" = Medical Assisting Exam Review
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-dell" = WildTangent Games App (Dell Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71828142-5A24-4BD0-97E7-976DA08CE6CF}" = The Sims™ 3 High-End Loft Stuff
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}" = Bing Desktop
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{9F6B13E2-B93F-4203-9BD4-5DC18C9F9DEB}" = AIO_CDB_Software
"{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}" = Roxio Burn
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.09)
"{AE1EC58E-B2AC-4959-A4C2-C38202A25239}" = Garmin WebUpdater
"{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Burn
"{b43ffffb-1adc-4bcb-b277-7844ebff94da}" = Garmin Express
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C96FF998-45BD-411E-9253-B7F2660FE280}" = CenturyLink Installer
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{ce085a78-074e-4823-8dc1-8a721b94b76d}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
"{D2F04839-0AD0-4F06-A6B5-6DFF05E27B67}" = HP Support Solutions Framework
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{dbaba6a3-366e-43a7-8f4e-b0a868c06ab3}" = DIRECTV Player
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Graphics Media Accelerator Driver
"{F47C37A4-7189-430A-B81D-739FF8A7A554}" = Consumer In-Home Service Agreement
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"Adobe Flash Player ActiveX" = Adobe Flash Player 15 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 15 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Advanced SystemCare 4_is1" = Advanced SystemCare 4
"Amazon Browser Settings" = Amazon Browser Settings
"AVG Secure Search" = AVG Security Toolbar
"centurytoolbar" = CenturyLink Toolbar
"Dell Dock" = Dell Dock
"Dell Webcam Central" = Dell Webcam Central
"Google Chrome" = Google Chrome
"GoToAssist" = GoToAssist 8.0.0.514
"IrfanView" = IrfanView (remove only)
"NAV" = Norton AntiVirus
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"Origin" = Origin
"RegClean-Pro_is1" = RegClean-Pro
"Smart Defrag 3_is1" = Smart Defrag 3
"WildTangent dell Master Uninstall" = WildTangent Games
"WildTangent wildgames Master Uninstall" = WildTangent Games
"WinLiveSuite_Wave3" = Windows Live Essentials
"WSE_Astromenda" = WSE_Astromenda
"WTA-00db7973-e90f-4542-8f21-c0c3eb60b973" = The Cross Formula
"WTA-07c3731f-30b7-426a-b08a-3ce5f75bb33c" = Cooking Academy 3: Recipe for Success
"WTA-0b744828-afe7-4061-87d7-e3373f6fd5dd" = Time to Hurry: Nicole's Story
"WTA-26563187-41fc-42e3-8a59-4f26efe0693d" = Delicious: Emily's True Love Premium Edition
"WTA-2f3ec5cd-3d1e-4773-88a9-af5c573ba6ac" = Titanic's Keys to the Past
"WTA-357dd6ad-0e39-4927-b7f4-df6f28c23434" = Elizabeth Find, MD - Diagnosis Mystery
"WTA-4b9ac9d4-62cc-4046-b87c-a6d501e43913" = Inspector Magnusson - Murder on the Titanic
"WTA-55b70fb0-aafa-4e85-a9be-af74ed0485de" = Gardenscapes: Mansion Makeover
"WTA-59b049f1-e4e5-46c4-8daa-d282854112d2" = Elizabeth Find MD Diagnosis Mystery: Season 2
"WTA-5a912ae6-3c8e-4bf0-ab2d-6e7adcceb760" = Family Vacation: California
"WTA-61c92774-c3d1-426e-b2ed-d42694eb2722" = Vampire Saga 3: Break Out
"WTA-62e3dc21-913a-495e-af00-1a2922f6edb7" = The Price is Right
"WTA-63848029-c7ec-48f6-b05d-c6f17f78c254" = Once Upon a Farm
"WTA-6484fb44-aec1-44c6-ad4e-98f5620d2c8c" = Theatre of the Absurd Collector's Edition
"WTA-64d1471f-eb12-4c34-aaa0-e1668e9960b2" = Memory Clinic
"WTA-678f525a-19fd-472f-9638-4f68b69f29aa" = The Adventures of Aladdin and the Magic Skull
"WTA-69ad0be5-a90a-409f-8241-0a7f48efd94b" = Cases of Stolen Beauty
"WTA-6a9c029a-ac1d-464e-9251-5adf807c5a6b" = Live Novels Jane Austin's Pride and Prejudice
"WTA-71b29657-57ef-4704-805c-8971acd2911c" = Delicious: Emily's Childhood Memories Premium Edition
"WTA-76506a85-c025-462c-b59e-020c3043c65c" = Vacation Quest - The Hawaiian Islands
"WTA-76d47a3d-c5ab-4595-8125-2d91699e03f4" = Criminal Minds
"WTA-7e2e29c5-44db-44d8-a7e5-40c5400d16d4" = Delicious Emily's Holiday Season
"WTA-864dcabd-737a-4c90-a5f2-904bb1f68536" = Gardenscapes
"WTA-8a287477-db78-49db-b426-ed7be0b31fed" = Special Enquiry Detail: Engaged to Kill
"WTA-8a383341-5d3d-47ec-8dae-12a2b5fd3431" = Weird Park: Broken Tune
"WTA-9dfde5ac-db84-4168-be52-311e895b928f" = Delicious - Emily's Taste of Fame
"WTA-a6099e8a-f738-4ae9-9543-2378745a07cc" = The Game of Life®
"WTA-af2aea3c-47b8-4000-a07a-232acc9986b8" = The Lost Cases of Sherlock Holmes 2
"WTA-b068083a-0a2a-4394-89f8-f4811284ca45" = Ghost Whisperer
"WTA-b5a7bdf8-fdb9-436f-848e-b3f9aaf145dc" = House, MD
"WTA-b6a6093a-2a6f-44ca-90da-c673bdceb930" = Bejeweled 3
"WTA-c08d2cb3-313e-4d75-a8b4-1f93ae8c4254" = Cooking Dash 3: Thrills and Spills
"WTA-c1472201-2ddb-47e7-9593-af5bb90a8b27" = Women's Murder Club - Twice in a Blue Moon
"WTA-c9b5be85-9fb8-432d-9496-566cdf4b8388" = Atlantic Journey: The Lost Brother
"WTA-ce3c0866-12ce-48e3-afb2-b5c46d2b8716" = Gardenscapes 2 Collector's Edition
"WTA-dc799447-5345-4e7c-8ed6-c0834d6340ea" = Delicious - Emily's Tea Garden
"WTA-de339965-d379-4ae0-b16c-04cfb2609716" = Dr. Wise - Medical Mysteries
"WTA-e2d8c639-7467-4f42-8f91-021d33a7bc04" = Delicious - Emily's Wonder Wedding Premium Edition
"WTA-e4072aa1-0da2-4b0e-b307-78730a7a20d0" = Virtual Families 2
"WTA-eb29dd1d-3727-48ca-ba77-0e95e34fddea" = Super Collapse Puzzle Gallery 3
"WTA-ec6ad64d-8974-421e-b099-733855b297e6" = Double Play - The Family Feud Bundle
"WTA-f7218cff-56a5-4ffd-897e-eb66ca8d55ee" = Girls With Secrets
"WTA-f9e9f72f-957f-489b-9535-a576c317a3d2" = Cooking Academy 2 - World Cuisine
"WTA-fb80f833-a178-4456-a928-4ee569d7e713" = Vacation Quest™ - Australia
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-1191499748-3630827782-3512929281-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UpdaterEX" = Extended Update
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 10/22/2014 9:00:32 PM | Computer Name = Walker-Laptop | Source = Application Error | ID = 1000
Description = Faulting application name: chrome.exe, version: 37.0.2062.124, time
 stamp: 0x5420d868  Faulting module name: chrome.dll, version: 37.0.2062.124, time
 stamp: 0x5420d5a6  Exception code: 0x80000003  Fault offset: 0x004f49a4  Faulting process
 id: 0x708  Faulting application start time: 0x01cfee5cbf1451fd  Faulting application
 path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe  Faulting module
 path: C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\chrome.dll
Report
 Id: fcca625e-5a4f-11e4-83df-a14e17c98d1f
 
Error - 10/22/2014 9:09:10 PM | Computer Name = Walker-Laptop | Source = Application Error | ID = 1000
Description = Faulting application name: chrome.exe, version: 37.0.2062.124, time
 stamp: 0x5420d868  Faulting module name: chrome.dll, version: 37.0.2062.124, time
 stamp: 0x5420d5a6  Exception code: 0x80000003  Fault offset: 0x004f49a4  Faulting process
 id: 0x1af0  Faulting application start time: 0x01cfee5df2945e7d  Faulting application
 path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe  Faulting module
 path: C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\chrome.dll
Report
 Id: 31824322-5a51-11e4-83df-a14e17c98d1f
 
Error - 10/22/2014 9:09:47 PM | Computer Name = Walker-Laptop | Source = Application Error | ID = 1000
Description = Faulting application name: chrome.exe, version: 37.0.2062.124, time
 stamp: 0x5420d868  Faulting module name: chrome.dll, version: 37.0.2062.124, time
 stamp: 0x5420d5a6  Exception code: 0x80000003  Fault offset: 0x004f49a4  Faulting process
 id: 0x1548  Faulting application start time: 0x01cfee5e0914e094  Faulting application
 path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe  Faulting module
 path: C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\chrome.dll
Report
 Id: 472303df-5a51-11e4-83df-a14e17c98d1f
 
Error - 10/22/2014 9:11:40 PM | Computer Name = Walker-Laptop | Source = Application Error | ID = 1000
Description = Faulting application name: chrome.exe, version: 37.0.2062.124, time
 stamp: 0x5420d868  Faulting module name: chrome.dll, version: 37.0.2062.124, time
 stamp: 0x5420d5a6  Exception code: 0x80000003  Fault offset: 0x004f49a4  Faulting process
 id: 0x1fc8  Faulting application start time: 0x01cfee5e4c08307c  Faulting application
 path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe  Faulting module
 path: C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\chrome.dll
Report
 Id: 8a92a7f0-5a51-11e4-83df-a14e17c98d1f
 
Error - 10/23/2014 8:25:00 PM | Computer Name = Walker-Laptop | Source = Application Error | ID = 1000
Error - 10/23/2014 8:26:54 PM | Computer Name = Walker-Laptop | Source = Application
 Error | ID = 1000
 
Description = Faulting application name: chrome.exe, version: 37.0.2062.124, time stamp: 0x5420d868
Faulting module name: chrome.dll, version: 37.0.2062.124, time stamp: 0x5420d5a6
Exception code: 0x80000003
Fault offset: 0x004f49a4
Faulting process id: 0x1a00
Faulting application start time: 0x01cfef2135ad8c1a
Faulting application path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Faulting module path: C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\chrome.dll
Report Id: 744a81f6-5b14-11e4-83a3-e0844d684762
Error - 10/24/2014 4:01:56 PM | Computer Name = Walker-Laptop | Source = Application
 Error | ID = 1000
 
Description = Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17344, time stamp: 0x541b6f63
Faulting module name: AdvanceElitebho.dll, version: 1.0.0.3, time stamp: 0x5447b6ee
Exception code: 0xc0000005
Fault offset: 0x00003421
Faulting process id: 0x18c8
Faulting application start time: 0x01cfefc54036fa25
Faulting application path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Faulting module path: C:\Program Files (x86)\AdvanceElite\AdvanceElitebho.dll
Report Id: 9a7c8217-5bb8-11e4-83f2-e9bde6715061
Error - 10/26/2014 3:05:20 PM | Computer Name = Walker-Laptop | Source = Application
 Error | ID = 1000
 
Error - 10/26/2014 3:06:15 PM | Computer Name = Walker-Laptop | Source = Application Error | ID = 1000
Description = Faulting application name: chrome.exe, version: 37.0.2062.124, time
 stamp: 0x5420d868  Faulting module name: chrome.dll, version: 37.0.2062.124, time
 stamp: 0x5420d5a6  Exception code: 0x80000003  Fault offset: 0x004f49a4  Faulting process
 id: 0x1a74  Faulting application start time: 0x01cff14fe7d3eedf  Faulting application
 path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe  Faulting module
 path: C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\chrome.dll
Report
 Id: 27f60deb-5d43-11e4-aa13-dcb26268b960
 
Error - 10/27/2014 8:10:45 PM | Computer Name = Walker-Laptop | Source = Application Error | ID = 1000
Description = Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17344,
 time stamp: 0x541b6f63  Faulting module name: AdvanceElitebho.dll, version: 1.0.0.3,
 time stamp: 0x5447b6ee  Exception code: 0xc0000005  Fault offset: 0x00003421  Faulting
 process id: 0x4e40  Faulting application start time: 0x01cff2439b744f0b  Faulting application
 path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE  Faulting module path:
 C:\Program Files (x86)\AdvanceElite\AdvanceElitebho.dll  Report Id: dc846fe0-5e36-11e4-843d-e07df232ab60
 
Error - 10/27/2014 8:54:49 PM | Computer Name = Walker-Laptop | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\Program Files (x86)\Cozi
 Express\CoziExpress.exe".Error in manifest or policy file "" on line .  A component
 version required by the application conflicts with another component version already
 active.  Conflicting components are:.  Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 10/27/2014 8:54:50 PM | Computer Name = Walker-Laptop | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\Program Files (x86)\Cozi
 Express\CoziExpress.exe".Error in manifest or policy file "" on line .  A component
 version required by the application conflicts with another component version already
 active.  Conflicting components are:.  Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
[ System Events ]
Error - 10/27/2014 8:51:14 PM | Computer Name = Walker-Laptop | Source = DCOM | ID = 10016
Description =
 
Error - 10/27/2014 8:55:12 PM | Computer Name = Walker-Laptop | Source = DCOM | ID = 10016
Description =
 
Error - 10/27/2014 8:57:57 PM | Computer Name = Walker-Laptop | Source = DCOM | ID = 10016
Description =
 
Error - 10/27/2014 8:59:01 PM | Computer Name = Walker-Laptop | Source = DCOM | ID = 10016
Description =
 
Error - 10/27/2014 9:10:59 PM | Computer Name = Walker-Laptop | Source = DCOM | ID = 10016
Description =
 
Error - 10/27/2014 9:14:24 PM | Computer Name = Walker-Laptop | Source = DCOM | ID = 10016
Description =
 
Error - 10/27/2014 9:17:58 PM | Computer Name = Walker-Laptop | Source = DCOM | ID = 10016
Description =
 
Error - 10/27/2014 9:18:11 PM | Computer Name = Walker-Laptop | Source = DCOM | ID = 10016
Description =
 
Error - 10/27/2014 9:18:15 PM | Computer Name = Walker-Laptop | Source = DCOM | ID = 10016
Description =
 
Error - 10/27/2014 9:20:29 PM | Computer Name = Walker-Laptop | Source = DCOM | ID = 10016
Description =
 
 
< End of report >
 

 


  • 0

Advertisements


#2
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
Duplicate post will be closed.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP