Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Babylon and deal caddy malware [Closed]

Started by Clmerm819 , Nov 29 2012 12:19 PM

  • This topic is locked This topic is locked

#1
Clmerm819
Posted 29 November 2012 - 12:19 PM

Clmerm819

    New Member

  • Member
  • Pip
  • 5 posts
I woke up to my browser changed, pop ups everywhere, hyperlinked words all over, and pages not loading correctly. I'm not completely computer savy but I have been reading some of the other forums on here on ways to fix this malware. I did the adw cleaner and I have the log for that. But now I'm stuck. The hyperlinks are as bad but are still there and the computer is still lagging. Also when I click to go to new windows it always ads a completely different tab to free converter. Please help lol thanks :help:
  • 0

Advertisements

#2
Essexboy
Posted 29 November 2012 - 12:21 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi could you post the AdwCleaner log please and then run the following programme

Download OTL to your Desktop
Secondary link
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.

    Posted Image
  • Select All Users
  • Under the Custom Scan box paste this in

    netsvcs
    BASESERVICES
    %SYSTEMDRIVE%\*.exe
    /md5start
    services.*
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    winsock.*
    /md5stop
    CREATERESTOREPOINT
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Post both logs

  • 0

#3
Clmerm819
Posted 29 November 2012 - 07:07 PM

Clmerm819

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
heres the AdwCleaner log
and Im running OTL now.
Thanks so much for your response.

# AdwCleaner v2.009 - Logfile created 11/29/2012 at 12:00:16
# Updated 24/11/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : MCKENNA - MCKENNA-HP
# Boot Mode : Normal
# Running from : C:\Users\MCKENNA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZNLFXFU1\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Program Files (x86)\BabylonToolbar
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\PricePeep
Folder Deleted : C:\Program Files (x86)\WiseConvert
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\Users\MCKENNA\AppData\Local\Conduit
Folder Deleted : C:\Users\MCKENNA\AppData\LocalLow\BabylonToolbar
Folder Deleted : C:\Users\MCKENNA\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\MCKENNA\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\MCKENNA\AppData\LocalLow\WiseConvert
Folder Deleted : C:\Users\MCKENNA\AppData\Roaming\Babylon

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Freecause
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\PricePeep
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\WiseConvert
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\BabylonToolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{71B1DF81-18D9-4E5B-9493-CAB02B6E9D8F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\b
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\FCTB000100709.FCTB000100709Pos
Key Deleted : HKLM\SOFTWARE\Classes\FCTB000100709.FCTB000100709Pos.1
Key Deleted : HKLM\SOFTWARE\Classes\FCTB000100709.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\FCTB000100709.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\FCTB000100709.JSOptionsImpl
Key Deleted : HKLM\SOFTWARE\Classes\FCTB000100709.JSOptionsImpl.1
Key Deleted : HKLM\SOFTWARE\Classes\FreeCauseURLSearchHook.FCToolbarURLSearchHook
Key Deleted : HKLM\SOFTWARE\Classes\FreeCauseURLSearchHook.FCToolbarURLSearchHook.1
Key Deleted : HKLM\SOFTWARE\Classes\PricePeep.PricePeepBho
Key Deleted : HKLM\SOFTWARE\Classes\PricePeep.PricePeepBho.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3196716
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\FCTB000100709
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{71B1DF81-18D9-4E5B-9493-CAB02B6E9D8F}
Key Deleted : HKLM\Software\WiseConvert
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{71B1DF81-18D9-4E5B-9493-CAB02B6E9D8F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\licjnkifamhpbaefhdpacpmihicfbomb
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CBA95168-77F0-45CA-A740-C07F81F7DCCC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DBB14C3C-7F40-4990-8DDE-BA156B95A8F1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PricePeep
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WiseConvert Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Google Chrome v23.0.1271.91

File : C:\Users\MCKENNA\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.13] : homepage = "hxxp://search.babylon.com/?affID=110803&tt=4812_2&babsrc=HP_ss&mntrId=065e4f75000[...]
Deleted [l.1641] : homepage = "hxxp://search.babylon.com/?affID=110803&tt=4812_2&babsrc=HP_ss&mntrId=065e4f75000000[...]

*************************

AdwCleaner[S1].txt - [6306 octets] - [29/11/2012 12:00:16]

########## EOF - C:\AdwCleaner[S1].txt - [6366 octets] ##########
  • 0

#4
Clmerm819
Posted 29 November 2012 - 07:19 PM

Clmerm819

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
OTL.txt log

OTL logfile created on: 11/29/2012 7:10:44 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\MCKENNA\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.91 Gb Total Physical Memory | 2.33 Gb Available Physical Memory | 59.72% Memory free
7.81 Gb Paging File | 5.74 Gb Available in Paging File | 73.53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 916.71 Gb Total Space | 864.45 Gb Free Space | 94.30% Space Free | Partition Type: NTFS
Drive D: | 14.71 Gb Total Space | 1.82 Gb Free Space | 12.38% Space Free | Partition Type: NTFS

Computer Name: MCKENNA-HP | User Name: MCKENNA | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/11/29 19:09:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\MCKENNA\Desktop\OTL.exe
PRC - [2012/11/26 13:12:42 | 003,569,512 | ---- | M] (Sendori) -- C:\Program Files (x86)\Sendori\sndappv2.exe
PRC - [2012/11/26 13:12:42 | 000,196,456 | ---- | M] (Sendori, Inc.) -- C:\Program Files (x86)\Sendori\SendoriUp.exe
PRC - [2012/11/26 13:12:42 | 000,118,632 | ---- | M] (Sendori, Inc.) -- C:\Program Files (x86)\Sendori\SendoriSvc.exe
PRC - [2012/11/26 13:12:42 | 000,082,792 | ---- | M] (Sendori, Inc.) -- C:\Program Files (x86)\Sendori\SendoriTray.exe
PRC - [2012/11/26 13:12:42 | 000,014,696 | ---- | M] (sendori) -- C:\Program Files (x86)\Sendori\Sendori.Service.exe
PRC - [2012/10/19 13:46:22 | 000,144,896 | ---- | M] (Motorola Mobility Inc.) -- C:\Program Files (x86)\Motorola Mobility\MotoCast\MotoCast.exe
PRC - [2012/10/19 13:46:00 | 000,240,056 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\MotoCast-thumbnailer.exe
PRC - [2012/10/02 12:45:22 | 000,120,728 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
PRC - [2012/10/02 12:41:02 | 000,694,168 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
PRC - [2012/09/07 20:36:46 | 000,087,992 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe
PRC - [2012/08/21 07:26:28 | 000,686,592 | ---- | M] () -- C:\Program Files (x86)\Free Online Converter\FreeOnlineConverterUpdt.exe
PRC - [2012/08/10 05:56:32 | 000,686,592 | ---- | M] () -- C:\Program Files (x86)\Cbox\CboxUpdater.exe
PRC - [2012/06/15 20:24:20 | 000,138,272 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Security Suite\Engine\6.4.0.9\ccsvchst.exe
PRC - [2011/10/01 00:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 00:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/09/11 01:59:33 | 000,240,288 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10q_ActiveX.exe
PRC - [2011/09/02 15:06:38 | 000,065,657 | ---- | M] (Motorola) -- C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
PRC - [2011/06/17 11:24:24 | 000,445,232 | ---- | M] (Portrait Displays, Inc) -- C:\Program Files (x86)\Hewlett-Packard\HP My Display TouchSmart Edition\OSDManager.exe
PRC - [2011/06/17 11:24:14 | 000,129,840 | ---- | M] (Portrait Displays, Inc.) -- C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
PRC - [2011/06/09 06:37:18 | 000,264,008 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
PRC - [2011/06/09 06:37:00 | 000,653,128 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
PRC - [2011/06/09 06:36:34 | 000,142,664 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
PRC - [2011/06/03 10:56:40 | 000,026,168 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe
PRC - [2011/06/03 10:53:40 | 000,022,072 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
PRC - [2011/05/30 11:32:38 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
PRC - [2011/05/05 17:40:52 | 001,128,952 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe
PRC - [2011/03/28 18:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2011/03/09 15:47:08 | 000,109,168 | ---- | M] (Portrait Displays, Inc.) -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
PRC - [2011/02/25 11:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/02/24 01:10:24 | 000,212,944 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
PRC - [2011/02/01 15:41:24 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2011/02/01 15:41:20 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/11/26 08:09:12 | 000,399,344 | ---- | M] (Roxio) -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
PRC - [2008/11/20 11:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
PRC - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe


========== Modules (No Company Name) ==========

MOD - [2012/11/29 12:05:18 | 000,160,256 | ---- | M] () -- C:\Users\MCKENNA\AppData\Local\Temp\ZumoLocalGateway.dll6994069611572645765.lib
MOD - [2012/11/29 12:05:15 | 000,314,368 | ---- | M] () -- C:\Users\MCKENNA\AppData\Local\Temp\WindowsFolderWatcher.dll7251972152967999517.lib
MOD - [2012/11/29 12:04:35 | 000,205,824 | ---- | M] () -- C:\Users\MCKENNA\AppData\Local\Temp\WindowsAPI.dll1006146390961984105.lib
MOD - [2012/11/28 11:30:19 | 000,077,624 | ---- | M] () -- C:\Users\MCKENNA\AppData\Local\dealcabby\ie\dealcabby_20121029030001.dll
MOD - [2012/11/17 03:25:08 | 001,072,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\59353156806745822ad61a40de8fb631\System.IdentityModel.ni.dll
MOD - [2012/11/17 03:25:06 | 018,058,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\a27582afda5c9a9258ed2cd787352773\System.ServiceModel.ni.dll
MOD - [2012/11/17 03:24:03 | 002,906,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ReachFramework\bc4a5d9898a6c903baafbecacf6010b3\ReachFramework.ni.dll
MOD - [2012/11/17 03:23:43 | 001,021,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\bb404633d24f5098f9d7f5f5a1d234c3\System.Runtime.DurableInstancing.ni.dll
MOD - [2012/11/17 03:23:42 | 000,143,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\0dd39ca15b3d56a03a31fbf671c80cfe\SMDiagnostics.ni.dll
MOD - [2012/11/17 03:23:41 | 002,647,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\0d2c8da8749c683b47f01101c9ea26d5\System.Runtime.Serialization.ni.dll
MOD - [2012/11/17 03:15:28 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\58f50a891bafb8fd7149e6eebc2b7b52\PresentationCore.ni.dll
MOD - [2012/11/17 03:15:21 | 003,858,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\05ebffcb5aac31412fea8c38cbac8df8\WindowsBase.ni.dll
MOD - [2012/11/17 03:08:58 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\caffbced23ee85b40b919ad4a122b7aa\System.Windows.Forms.ni.dll
MOD - [2012/11/17 03:08:52 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\752225ca2585aa8f1c46b489e172e920\System.Core.ni.dll
MOD - [2012/11/17 03:08:49 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\cb0c00757e89f0b1fe282913ed667212\System.Xml.ni.dll
MOD - [2012/11/17 03:08:49 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\9422d0c052186760a4645e10995487f5\System.Drawing.ni.dll
MOD - [2012/11/17 03:08:47 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\ed886fb71addf400705481dcf8de12da\System.Configuration.ni.dll
MOD - [2012/11/17 03:08:46 | 009,093,632 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\811a7bc79f8f0a5be8065292a320819e\System.ni.dll
MOD - [2012/11/17 03:08:41 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\16126cae96ea2422253ae06eeb672abc\mscorlib.ni.dll
MOD - [2012/10/30 20:56:15 | 000,509,440 | ---- | M] () -- C:\Users\MCKENNA\AppData\Local\Temp\sqlite-3.6.20-sqlitejdbc.dll
MOD - [2012/10/19 13:46:20 | 000,075,776 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstvideoscale.dll
MOD - [2012/10/19 13:46:20 | 000,061,952 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgsttypefindfunctions.dll
MOD - [2012/10/19 13:46:20 | 000,059,904 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstvideobox.dll
MOD - [2012/10/19 13:46:20 | 000,054,784 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstsmpte.dll
MOD - [2012/10/19 13:46:20 | 000,053,760 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstvorbis.dll
MOD - [2012/10/19 13:46:20 | 000,051,712 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstsubparse.dll
MOD - [2012/10/19 13:46:20 | 000,050,688 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstwavpack.dll
MOD - [2012/10/19 13:46:20 | 000,042,496 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstwavparse.dll
MOD - [2012/10/19 13:46:20 | 000,034,304 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstvolume.dll
MOD - [2012/10/19 13:46:20 | 000,032,768 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstvideocrop.dll
MOD - [2012/10/19 13:46:20 | 000,024,576 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstvideorate.dll
MOD - [2012/10/19 13:46:20 | 000,013,312 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgsty4menc.dll
MOD - [2012/10/19 13:46:18 | 000,531,968 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflumpeg4video.dll
MOD - [2012/10/19 13:46:18 | 000,363,008 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflumpeg2video.dll
MOD - [2012/10/19 13:46:18 | 000,276,480 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstisomp4.dll
MOD - [2012/10/19 13:46:18 | 000,207,872 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmatroska.dll
MOD - [2012/10/19 13:46:18 | 000,150,528 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmpegdemux.dll
MOD - [2012/10/19 13:46:18 | 000,132,608 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstogg.dll
MOD - [2012/10/19 13:46:18 | 000,119,296 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflumpegdemux.dll
MOD - [2012/10/19 13:46:18 | 000,075,776 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflv.dll
MOD - [2012/10/19 13:46:18 | 000,059,904 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstjpeg.dll
MOD - [2012/10/19 13:46:18 | 000,047,616 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmpegaudioparse.dll
MOD - [2012/10/19 13:46:18 | 000,039,936 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmpegtsmux.dll
MOD - [2012/10/19 13:46:18 | 000,037,888 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstgio.dll
MOD - [2012/10/19 13:46:18 | 000,035,840 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstinterleave.dll
MOD - [2012/10/19 13:46:18 | 000,035,328 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstreplaygain.dll
MOD - [2012/10/19 13:46:18 | 000,034,304 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstid3tag.dll
MOD - [2012/10/19 13:46:18 | 000,032,256 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstid3demux.dll
MOD - [2012/10/19 13:46:18 | 000,029,696 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstgdp.dll
MOD - [2012/10/19 13:46:18 | 000,029,184 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstpng.dll
MOD - [2012/10/19 13:46:18 | 000,025,088 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmultipart.dll
MOD - [2012/10/19 13:46:18 | 000,024,576 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmpegvideoparse.dll
MOD - [2012/10/19 13:46:18 | 000,020,480 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmultifile.dll
MOD - [2012/10/19 13:46:18 | 000,019,456 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstlevel.dll
MOD - [2012/10/19 13:46:18 | 000,015,360 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmulaw.dll
MOD - [2012/10/19 13:46:18 | 000,011,264 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstshift.dll
MOD - [2012/10/19 13:46:16 | 001,563,136 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflump3enc.dll
MOD - [2012/10/19 13:46:16 | 001,376,256 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflump3dec.dll
MOD - [2012/10/19 13:46:16 | 000,088,064 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflummssrc.dll
MOD - [2012/10/19 13:46:16 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflumch264enc.dll
MOD - [2012/10/19 13:46:16 | 000,033,280 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflumcaacenc.dll
MOD - [2012/10/19 13:46:14 | 002,009,600 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstfluh264dec.dll
MOD - [2012/10/19 13:46:14 | 001,694,208 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstfluaacdec.dll
MOD - [2012/10/19 13:46:14 | 000,122,880 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstfluasfdemux.dll
MOD - [2012/10/19 13:46:12 | 000,187,904 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstffmpegcolorspace.dll
MOD - [2012/10/19 13:46:12 | 000,073,216 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstdshowsrcwrapper.dll
MOD - [2012/10/19 13:46:12 | 000,069,120 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflac.dll
MOD - [2012/10/19 13:46:12 | 000,026,624 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstequalizer.dll
MOD - [2012/10/19 13:46:10 | 000,212,480 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstcoreelements.dll
MOD - [2012/10/19 13:46:10 | 000,123,904 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstavi.dll
MOD - [2012/10/19 13:46:10 | 000,091,136 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstdshowdecwrapper.dll
MOD - [2012/10/19 13:46:10 | 000,086,016 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstdecodebin2.dll
MOD - [2012/10/19 13:46:10 | 000,078,848 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstaudioconvert.dll
MOD - [2012/10/19 13:46:10 | 000,052,224 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstaudioresample.dll
MOD - [2012/10/19 13:46:10 | 000,032,256 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstautoconvert.dll
MOD - [2012/10/19 13:46:10 | 000,029,184 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstautodetect.dll
MOD - [2012/10/19 13:46:10 | 000,020,480 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstaudiorate.dll
MOD - [2012/10/19 13:46:10 | 000,020,480 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstamrnb.dll
MOD - [2012/10/19 13:46:10 | 000,019,456 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstauparse.dll
MOD - [2012/10/19 13:46:10 | 000,016,896 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstcutter.dll
MOD - [2012/10/19 13:46:10 | 000,015,360 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstapetag.dll
MOD - [2012/10/19 13:46:10 | 000,014,848 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstamrwbdec.dll
MOD - [2012/10/19 13:46:10 | 000,011,776 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstcoreindexers.dll
MOD - [2012/10/19 13:46:08 | 001,520,128 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libvorbisenc-2.dll
MOD - [2012/10/19 13:46:08 | 001,396,736 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libxml2-2.dll
MOD - [2012/10/19 13:46:08 | 000,196,608 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libwavpack-1.dll
MOD - [2012/10/19 13:46:08 | 000,085,504 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\z.dll
MOD - [2012/10/19 13:46:08 | 000,048,640 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstalpha.dll
MOD - [2012/10/19 13:46:08 | 000,038,400 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstaiff.dll
MOD - [2012/10/19 13:46:08 | 000,030,208 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstadder.dll
MOD - [2012/10/19 13:46:08 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstalaw.dll
MOD - [2012/10/19 13:46:08 | 000,017,920 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstalphacolor.dll
MOD - [2012/10/19 13:46:08 | 000,014,848 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstadpcmdec.dll
MOD - [2012/10/19 13:46:06 | 000,471,552 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\liborc-0.4-0.dll
MOD - [2012/10/19 13:46:06 | 000,190,976 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libpng14-14.dll
MOD - [2012/10/19 13:46:06 | 000,162,304 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libvorbis-0.dll
MOD - [2012/10/19 13:46:06 | 000,123,947 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libopencore-amrwb.0.1.1.dll
MOD - [2012/10/19 13:46:04 | 000,699,392 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstreamer-0.10.dll
MOD - [2012/10/19 13:46:04 | 000,276,992 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libjpeg-8.dll
MOD - [2012/10/19 13:46:04 | 000,253,440 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstbase-0.10.dll
MOD - [2012/10/19 13:46:04 | 000,248,352 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libopencore-amrnb.0.1.1.dll
MOD - [2012/10/19 13:46:04 | 000,133,120 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgsttag-0.10.dll
MOD - [2012/10/19 13:46:04 | 000,126,976 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstcontroller-0.10.dll
MOD - [2012/10/19 13:46:04 | 000,098,304 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstpbutils-0.10.dll
MOD - [2012/10/19 13:46:04 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstrtp-0.10.dll
MOD - [2012/10/19 13:46:04 | 000,053,760 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstinterfaces-0.10.dll
MOD - [2012/10/19 13:46:04 | 000,041,984 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstriff-0.10.dll
MOD - [2012/10/19 13:46:04 | 000,038,912 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstvideo-0.10.dll
MOD - [2012/10/19 13:46:04 | 000,023,552 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libogg-0.dll
MOD - [2012/10/19 13:46:04 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstdataprotocol-0.10.dll
MOD - [2012/10/19 13:46:02 | 000,109,568 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstaudio-0.10.dll
MOD - [2012/10/19 13:46:00 | 000,331,264 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libFLAC-8.dll
MOD - [2012/10/19 13:46:00 | 000,240,056 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\MotoCast-thumbnailer.exe
MOD - [2012/10/02 12:41:02 | 000,694,168 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
MOD - [2012/08/27 20:33:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/08/27 20:33:08 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/02/15 12:59:00 | 000,015,624 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP My Display TouchSmart Edition\ACPIDll.dll


========== Services (SafeList) ==========

SRV:64bit: - [2011/06/24 12:23:14 | 000,302,592 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2011/02/16 23:47:28 | 000,682,040 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe -- (HPAuto)
SRV:64bit: - [2010/10/11 03:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:64bit: - [2010/09/22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/13 19:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/03/03 04:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2012/11/26 13:12:42 | 003,569,512 | ---- | M] (Sendori) [Auto | Running] -- C:\Program Files (x86)\Sendori\sndappv2.exe -- (sndappv2)
SRV - [2012/11/26 13:12:42 | 000,118,632 | ---- | M] (Sendori, Inc.) [Auto | Running] -- C:\Program Files (x86)\Sendori\SendoriSvc.exe -- (Application Sendori)
SRV - [2012/11/26 13:12:42 | 000,014,696 | ---- | M] (sendori) [Auto | Running] -- C:\Program Files (x86)\Sendori\Sendori.Service.exe -- (Service Sendori)
SRV - [2012/10/02 12:45:22 | 000,120,728 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe -- (Motorola Device Manager)
SRV - [2012/09/07 20:36:46 | 000,087,992 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe -- (DeviceMonitorService)
SRV - [2012/08/21 07:26:28 | 000,686,592 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Free Online Converter\FreeOnlineConverterUpdt.exe -- (FreeOnlineConverterUpdt)
SRV - [2012/08/10 05:56:32 | 000,686,592 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Cbox\CboxUpdater.exe -- (CboxUpdater)
SRV - [2012/06/15 20:24:20 | 000,138,272 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Security Suite\Engine\6.4.0.9\ccSvcHst.exe -- (N360)
SRV - [2011/10/01 00:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 00:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/09/02 15:06:38 | 000,065,657 | ---- | M] (Motorola) [Auto | Running] -- C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe -- (PST Service)
SRV - [2011/06/21 16:57:34 | 000,085,560 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2011/06/17 11:24:14 | 000,129,840 | ---- | M] (Portrait Displays, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe -- (DTSRVC)
SRV - [2011/06/09 06:37:18 | 000,264,008 | ---- | M] (HP) [Auto | Running] -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe -- (FPLService)
SRV - [2011/06/03 10:53:40 | 000,022,072 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe -- (CalendarSynchService)
SRV - [2011/05/05 17:40:52 | 001,128,952 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2011/03/28 18:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2011/03/09 15:47:08 | 000,109,168 | ---- | M] (Portrait Displays, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe -- (PdiService)
SRV - [2011/03/07 17:43:30 | 002,375,168 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2011/03/01 22:23:36 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 11:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2011/02/24 01:10:24 | 000,212,944 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe -- (jhi_service)
SRV - [2011/02/01 15:41:24 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011/02/01 15:41:20 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/11/26 08:09:12 | 000,399,344 | ---- | M] (Roxio) [Auto | Running] -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe -- (RoxioNow Service)
SRV - [2010/10/12 11:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/06/01 16:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2010/03/18 15:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 15:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/10/01 10:27:24 | 000,175,736 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/09 12:42:54 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/07/05 20:17:58 | 000,737,952 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\N360x64\0604000.009\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2012/07/05 20:17:58 | 000,037,536 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0604000.009\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2012/06/06 22:43:38 | 000,167,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0604000.009\ccsetx64.sys -- (ccSet_N360)
DRV:64bit: - [2012/05/21 19:37:12 | 001,129,120 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0604000.009\symefa64.sys -- (SymEFA)
DRV:64bit: - [2012/03/01 00:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/11/16 21:38:00 | 000,405,624 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0604000.009\symnets.sys -- (SymNetS)
DRV:64bit: - [2011/11/16 21:17:50 | 000,190,072 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0604000.009\ironx64.sys -- (SymIRON)
DRV:64bit: - [2011/10/01 00:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011/10/01 00:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011/10/01 00:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011/10/01 00:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011/09/11 02:09:37 | 000,031,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pmxdrv.sys -- (pmxdrv)
DRV:64bit: - [2011/09/11 01:38:31 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/09/11 01:38:31 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/09/07 02:46:58 | 000,070,016 | ---- | M] (SCM Microsystems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\S3XXx64.sys -- (S3XXx64)
DRV:64bit: - [2011/08/16 00:51:40 | 000,451,192 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0604000.009\symds64.sys -- (SymDS)
DRV:64bit: - [2011/06/26 20:55:49 | 012,231,584 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/06/10 04:35:04 | 000,528,384 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2011/05/30 11:33:04 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2011/05/25 15:08:54 | 000,016,152 | ---- | M] (n/a) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NWWakeFilterV.sys -- (NWWakeFilterV)
DRV:64bit: - [2011/05/25 15:08:50 | 000,028,440 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NWVoltron.sys -- (NWVoltron)
DRV:64bit: - [2011/05/25 15:08:50 | 000,016,152 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidkmdf.sys -- (hidkmdf)
DRV:64bit: - [2011/05/04 18:44:00 | 000,338,536 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2011/04/22 04:17:04 | 000,471,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/04/21 18:46:54 | 001,360,960 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2011/04/21 06:07:22 | 000,399,944 | ---- | M] (Texas Instruments Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tixhci.sys -- (tixhci)
DRV:64bit: - [2011/04/21 06:07:22 | 000,131,656 | ---- | M] (Texas Instruments Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tihub3.sys -- (tihub3)
DRV:64bit: - [2010/11/20 21:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 21:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 21:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/06 02:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/10/19 18:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/07/13 06:57:08 | 000,069,736 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\itecir.sys -- (itecir)
DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/05/06 15:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV - [2012/11/29 18:28:35 | 002,084,000 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20121129.009\ex64.sys -- (NAVEX15)
DRV - [2012/11/29 18:28:35 | 000,126,112 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20121129.009\eng64.sys -- (NAVENG)
DRV - [2012/10/23 17:34:23 | 001,384,608 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20121106.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2012/10/01 10:48:47 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2012/10/01 10:48:47 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/09/28 11:33:38 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20121129.001\IDSviA64.sys -- (IDSVia64)
DRV - [2009/07/13 19:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{2BB9899B-6724-46A6-8A4E-D0786E4A356D}: "URL" = http://www.amazon.co...s={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPDTDF
IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPDTDF
IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{2BB9899B-6724-46A6-8A4E-D0786E4A356D}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPDTDF
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPDTDF
IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2740350965-3487376146-1944036550-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
IE - HKU\S-1-5-21-2740350965-3487376146-1944036550-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-2740350965-3487376146-1944036550-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-2740350965-3487376146-1944036550-1000\..\URLSearchHook: {6b556d31-eeee-de44-19f4-13e37eb9ba64} - C:\Program Files (x86)\BucksBee Loyalty Plugin - Softonic\Helper.dll ()
IE - HKU\S-1-5-21-2740350965-3487376146-1944036550-1000\..\SearchScopes,DefaultScope = {38C9F3F7-9EAF-488F-817E-0F68DA8FB45B}
IE - HKU\S-1-5-21-2740350965-3487376146-1944036550-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKU\S-1-5-21-2740350965-3487376146-1944036550-1000\..\SearchScopes\{28B79064-47DB-432A-8F16-84F7E8B9E0CA}: "URL" = http://search.condui...&ctid=CT3196716
IE - HKU\S-1-5-21-2740350965-3487376146-1944036550-1000\..\SearchScopes\{2BB9899B-6724-46A6-8A4E-D0786E4A356D}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKU\S-1-5-21-2740350965-3487376146-1944036550-1000\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPDTDF
IE - HKU\S-1-5-21-2740350965-3487376146-1944036550-1000\..\SearchScopes\{38C9F3F7-9EAF-488F-817E-0F68DA8FB45B}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKU\S-1-5-21-2740350965-3487376146-1944036550-1000\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPDTDF
IE - HKU\S-1-5-21-2740350965-3487376146-1944036550-1000\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKU\S-1-5-21-2740350965-3487376146-1944036550-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2740350965-3487376146-1944036550-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;192.168.*.*


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: c:\Program Files (x86)\Virtual Earth 3D\ [2011/09/11 01:52:56 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.3.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.3.1: C:\Program Files (x86)\Oracle\JavaFX 2.0 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: c:\Program Files (x86)\Virtual Earth 3D\ [2011/09/11 01:52:56 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\MCKENNA\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\MCKENNA\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\MCKENNA\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\IPSFFPlgn\ [2012/10/01 10:27:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\coFFPlgn\ [2012/11/29 12:03:19 | 000,000,000 | ---D | M]

[2012/11/28 11:30:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Bing (Enabled)
CHR - default_search_provider: search_url = http://www.bing.com/...q={searchTerms}
CHR - default_search_provider: suggest_url = http://api.bing.com/...uage={language}
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\MCKENNA\AppData\Local\Google\Chrome\Application\23.0.1271.91\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\MCKENNA\AppData\Local\Google\Chrome\Application\23.0.1271.91\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\MCKENNA\AppData\Local\Google\Chrome\Application\23.0.1271.91\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\MCKENNA\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Simple Pass 2011 (Enabled) = C:\Users\MCKENNA\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpgfhihjicjofdejkbjgnjlaglaciobe\1.0_0\npwebsitelogon.dll
CHR - plugin: Norton Confidential (Enabled) = C:\Users\MCKENNA\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\6.0.2_0\npcoplgn.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Google Update (Enabled) = C:\Users\MCKENNA\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\MCKENNA\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Google Search = C:\Users\MCKENNA\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Norton Identity Protection = C:\Users\MCKENNA\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.6.10_0\
CHR - Extension: Gmail = C:\Users\MCKENNA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2009/06/10 15:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll (HP)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (DealCabby) - {0B4A07CF-45EB-4B10-B6BB-35568A2F89BE} - C:\Users\MCKENNA\AppData\Local\dealcabby\ie\dealcabby_20121029030001.dll ()
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.8.3.8\bh\BabylonToolbar.dll File not found
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\6.4.0.9\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\6.4.0.9\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (BucksBee Loyalty Plugin - Softonic) - {829CBB8D-4FBC-2464-E9D7-D55180B193B4} - C:\Program Files (x86)\BucksBee Loyalty Plugin - Softonic\Toolbar.dll ()
O2 - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll (HP)
O2 - BHO: (Free Online Converter 1.0) - {A229BC5B-E7A2-447B-B015-1E7CA944978D} - C:\Program Files (x86)\FreeFrog\FreeFrog2.0.dll (Free Online Converter)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (PricePeep) - {FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} - C:\Program Files (x86)\PricePeep\pricepeep.dll File not found
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\6.4.0.9\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.8.3.8\BabylonToolbarTlbr.dll File not found
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O4:64bit: - HKLM..\Run: [BeatsOSDApp] C:\Program Files\IDT\WDM\beats64.exe (Hewlett-Packard )
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [DT HPO] C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe (Portrait Displays, Inc.)
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [Sendori Tray] C:\Program Files (x86)\Sendori\SendoriTray.exe (Sendori, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2740350965-3487376146-1944036550-1000..\Run: [Cbox] C:\Program Files (x86)\Cbox\Cbox.exe (Cbox)
O4 - HKU\S-1-5-21-2740350965-3487376146-1944036550-1000..\Run: [Facebook Update] C:\Users\MCKENNA\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-2740350965-3487376146-1944036550-1000..\Run: [MotoCast] C:\Program Files (x86)\Motorola Mobility\MotoCast\MotoLauncher.lnk ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: BucksBee Loyalty Plugin - Softonic Notifications - {829cbb8d-4fbc-2464-e9d7-d55180b193b4} - C:\Program Files (x86)\BucksBee Loyalty Plugin - Softonic\ribbon.hta ()
O9 - Extra 'Tools' menuitem : BucksBee Loyalty Plugin - Softonic Notifications - {a8e3281a-999a-ab24-9566-42314ed92b6e} - C:\Program Files (x86)\BucksBee Loyalty Plugin - Softonic\ribbon_menu.hta ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWow64\Sendori.dll (Sendori)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWow64\Sendori.dll (Sendori)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWow64\Sendori.dll (Sendori)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWow64\Sendori.dll (Sendori)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\SysWow64\Sendori.dll (Sendori)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2740350965-3487376146-1944036550-1000\..Trusted Domains: army.mil ([www.us] https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.3.1)
O16 - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_03)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{15E1D307-6C36-46FA-8855-B126560A8DED}: DhcpNameServer = 75.75.75.75 75.75.76.76 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{15E1D307-6C36-46FA-8855-B126560A8DED}: NameServer = 216.146.35.240,216.146.36.240,75.75.75.75,75.75.76.76,192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{754BDBFB-A71D-45BE-9F77-87ABE860AA8A}: DhcpNameServer = 75.75.75.75 75.75.76.76
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{006a5382-c640-11e1-be88-3860776818b7}\Shell - "" = AutoRun
O33 - MountPoints2\{006a5382-c640-11e1-be88-3860776818b7}\Shell\AutoRun\command - "" = F:\iStudio.exe
O33 - MountPoints2\{ed370997-33e1-11e2-8f78-3860776818b7}\Shell - "" = AutoRun
O33 - MountPoints2\{ed370997-33e1-11e2-8f78-3860776818b7}\Shell\AutoRun\command - "" = F:\MotoCastSetup.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/11/29 19:09:10 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\MCKENNA\Desktop\OTL.exe
[2012/11/29 11:01:23 | 000,000,000 | -H-D | C] -- C:\Users\MCKENNA\AppData\Local\Cbox
[2012/11/29 09:53:28 | 000,000,000 | ---D | C] -- C:\Users\MCKENNA\AppData\Roaming\PC Health Doc PDF Reader
[2012/11/28 21:01:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FreeFrog
[2012/11/28 21:00:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cbox
[2012/11/28 21:00:55 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
[2012/11/28 21:00:55 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2012/11/28 21:00:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services
[2012/11/28 21:00:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Online Converter
[2012/11/28 21:00:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free Online Converter
[2012/11/28 21:00:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cbox
[2012/11/28 21:00:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCHealthDocPDFReader
[2012/11/28 21:00:31 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Health Doc PDF Reader
[2012/11/28 21:00:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PCHealthDocPDFReader
[2012/11/28 21:00:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo!
[2012/11/28 21:00:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo! Companion
[2012/11/28 21:00:15 | 000,000,000 | ---D | C] -- C:\Users\MCKENNA\AppData\Roaming\Yahoo!
[2012/11/28 21:00:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yahoo!
[2012/11/28 11:30:34 | 000,000,000 | ---D | C] -- C:\Users\MCKENNA\AppData\Roaming\SumatraPDF
[2012/11/28 11:30:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012/11/28 11:30:25 | 000,321,384 | ---- | C] (Sendori) -- C:\Windows\SysWow64\Sendori.dll
[2012/11/28 11:30:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Sendori
[2012/11/28 11:30:20 | 000,000,000 | ---D | C] -- C:\Users\MCKENNA\AppData\Roaming\PDFReaderPackages
[2012/11/28 11:30:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sendori
[2012/11/28 11:30:14 | 000,000,000 | ---D | C] -- C:\Users\MCKENNA\AppData\Local\dealcabby
[2012/11/28 11:30:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDFReader
[2012/11/17 03:09:54 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2012/11/17 03:09:54 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
[2012/11/17 03:02:26 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/11/17 03:02:26 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/11/17 03:02:25 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/11/17 03:02:25 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/11/17 03:02:25 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/11/17 03:02:25 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/11/17 03:02:25 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/11/17 03:02:25 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/11/17 03:02:25 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/11/17 03:02:25 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/11/17 03:02:24 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/11/17 03:02:24 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/11/17 03:02:23 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/11/17 03:02:23 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/11/17 03:02:23 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/11/17 03:00:33 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2012/11/17 03:00:33 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2012/11/17 03:00:33 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2012/11/17 03:00:33 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2012/11/16 07:46:47 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2012/11/16 07:46:47 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2012/11/16 07:46:47 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2012/11/16 07:46:43 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2012/11/16 07:46:43 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2012/11/16 07:46:42 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll
[2012/11/16 07:46:42 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll
[2012/11/16 07:46:42 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2012/11/16 07:46:42 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2012/11/16 07:46:34 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll
[2012/11/16 07:46:34 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll
[2012/11/06 14:28:17 | 000,000,000 | ---D | C] -- C:\Users\MCKENNA\AppData\Roaming\Windows Live Writer
[2012/11/06 14:28:17 | 000,000,000 | ---D | C] -- C:\Users\MCKENNA\AppData\Local\Windows Live Writer
[2012/11/01 10:01:08 | 000,000,000 | ---D | C] -- C:\Users\MCKENNA\AppData\Local\{4ECAE6F2-736C-416A-81B5-28D084FFE352}
[2012/10/30 20:56:19 | 000,000,000 | ---D | C] -- C:\Users\MCKENNA\.gstreamer-0.10
[2012/10/30 20:55:57 | 000,000,000 | ---D | C] -- C:\Users\MCKENNA\AppData\Local\Motorola
[2012/10/30 20:55:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nero
[2012/10/30 20:55:49 | 000,000,000 | ---D | C] -- C:\Binaries
[2012/10/30 20:55:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2012/10/30 20:55:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Motorola Media Link
[2012/10/30 20:55:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Motorola
[2012/10/30 20:55:17 | 000,000,000 | ---D | C] -- C:\Temp
[2012/10/30 20:55:17 | 000,000,000 | ---D | C] -- C:\Users\MCKENNA\AppData\Roaming\Motorola Mobility
[2012/10/30 20:55:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MSSoap
[2012/10/30 20:55:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Motorola Mobility
[2012/10/30 20:54:41 | 000,000,000 | ---D | C] -- C:\Program Files\Motorola Inc
[2012/10/30 20:54:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Motorola Shared
[2012/10/30 20:54:31 | 000,000,000 | ---D | C] -- C:\Users\MCKENNA\AppData\Roaming\Motorola
[2012/10/30 20:54:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Motorola
[2012/10/30 20:54:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motorola Mobility
[2012/10/30 20:54:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012/10/30 20:54:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/10/30 20:53:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Oracle
[2012/10/30 20:53:33 | 000,637,848 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npdeployJava1.dll
[2012/10/30 20:53:33 | 000,567,696 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2012/10/30 20:53:33 | 000,224,136 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012/10/30 20:53:33 | 000,173,960 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012/10/30 20:53:33 | 000,173,960 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012/10/30 20:53:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012/10/30 20:52:22 | 000,000,000 | ---D | C] -- C:\Users\MCKENNA\AppData\Roaming\MotoCast

========== Files - Modified Within 30 Days ==========

[2012/11/29 19:09:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\MCKENNA\Desktop\OTL.exe
[2012/11/29 19:08:23 | 000,000,126 | ---- | M] () -- C:\Users\MCKENNA\Desktop\External link.url
[2012/11/29 18:29:00 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2740350965-3487376146-1944036550-1000UA.job
[2012/11/29 18:22:02 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2740350965-3487376146-1944036550-1000UA.job
[2012/11/29 12:22:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2740350965-3487376146-1944036550-1000Core.job
[2012/11/29 12:11:07 | 000,024,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/11/29 12:11:07 | 000,024,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/11/29 12:07:29 | 000,779,620 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/11/29 12:07:29 | 000,660,474 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/11/29 12:07:29 | 000,121,144 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/11/29 12:02:29 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForMCKENNA-HP$.job
[2012/11/29 12:02:29 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForMCKENNA.job
[2012/11/29 12:02:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/11/29 12:02:14 | 3145,969,664 | -HS- | M] () -- C:\hiberfil.sys
[2012/11/29 09:29:00 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2740350965-3487376146-1944036550-1000Core.job
[2012/11/28 21:01:20 | 000,000,046 | ---- | M] () -- C:\END
[2012/11/28 11:30:17 | 000,000,000 | ---- | M] () -- C:\extensions.sqlite
[2012/11/28 00:30:06 | 000,002,461 | ---- | M] () -- C:\Users\MCKENNA\Desktop\Google Chrome.lnk
[2012/11/26 13:12:42 | 000,321,384 | ---- | M] (Sendori) -- C:\Windows\SysWow64\Sendori.dll
[2012/11/21 18:40:48 | 000,223,450 | ---- | M] () -- C:\Users\MCKENNA\Documents\FA_511_2012-13_Verification_Worksheet_Fillable.pdf
[2012/11/17 03:32:45 | 000,275,712 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/11/02 14:55:40 | 000,567,373 | ---- | M] () -- C:\Users\MCKENNA\Documents\orders to ftcky 001.jpg
[2012/10/30 20:53:21 | 000,173,960 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012/10/30 20:53:21 | 000,173,960 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe

========== Files Created - No Company Name ==========

[2012/11/29 19:08:23 | 000,000,126 | ---- | C] () -- C:\Users\MCKENNA\Desktop\External link.url
[2012/11/28 21:01:10 | 000,000,046 | ---- | C] () -- C:\END
[2012/11/28 11:30:17 | 000,000,000 | ---- | C] () -- C:\extensions.sqlite
[2012/11/21 18:40:47 | 000,223,450 | ---- | C] () -- C:\Users\MCKENNA\Documents\FA_511_2012-13_Verification_Worksheet_Fillable.pdf
[2012/11/17 03:09:55 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012/11/17 03:00:32 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012/11/02 14:55:40 | 000,567,373 | ---- | C] () -- C:\Users\MCKENNA\Documents\orders to ftcky 001.jpg
[2011/09/11 02:10:30 | 000,002,792 | ---- | C] () -- C:\Program Files\HP SimplePass 2011
[2011/09/11 01:38:50 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/09/11 01:38:49 | 013,899,776 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011/09/11 01:38:49 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/09/11 01:38:49 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011/09/11 01:38:49 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011/06/21 01:07:00 | 000,007,736 | ---- | C] () -- C:\Windows\hpDSTRES.DLL
[2011/02/11 11:15:43 | 000,795,824 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

========== ZeroAccess Check ==========

[2009/07/13 22:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 23:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 22:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 19:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 21:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 19:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Custom Scans ==========

========== Base Services ==========
SRV:64bit: - [2009/07/13 19:40:01 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:64bit: - [2010/11/20 21:24:08 | 000,070,656 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:64bit: - [2009/07/13 19:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:64bit: - [2010/11/20 21:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:64bit: - [2010/11/20 21:24:00 | 000,705,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:64bit: - [2011/11/17 00:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:64bit: - [2009/07/13 19:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2009/07/13 19:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:64bit: - [2012/07/04 16:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:64bit: - [2012/06/01 23:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV - [2012/06/01 22:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV:64bit: - [2010/11/20 21:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:64bit: - [2010/11/20 21:24:00 | 000,317,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2010/11/20 21:24:09 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2011/09/11 01:37:07 | 000,183,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:64bit: - [2009/07/13 19:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:64bit: - [2009/07/13 19:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2009/07/13 19:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:64bit: - [2009/07/13 19:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:64bit: - [2010/11/20 21:23:48 | 000,501,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:64bit: - [2009/07/13 19:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:64bit: - [2009/07/13 19:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:64bit: - [2009/07/13 19:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:64bit: - [2009/07/13 19:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV - [2009/07/13 19:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV:64bit: - [2012/10/03 11:44:21 | 000,303,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:64bit: - [2009/07/13 19:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:64bit: - [2011/05/24 05:42:55 | 000,404,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:64bit: - [2012/02/11 00:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:64bit: - [2011/11/17 00:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV:64bit: - [2009/07/13 19:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:64bit: - [2010/11/20 21:24:17 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:64bit: - [2010/11/20 21:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:64bit: - [2010/11/20 21:24:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:64bit: - [2011/11/17 00:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:64bit: - [2009/07/13 19:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:64bit: - [2010/11/20 21:23:48 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:64bit: - [2010/11/20 21:23:55 | 000,370,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2010/11/20 21:24:03 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:64bit: - [2010/11/20 21:24:16 | 001,110,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:64bit: - [2010/11/20 21:24:32 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2010/11/20 21:24:00 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:64bit: - [2009/07/13 19:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:64bit: - [2012/04/30 23:40:20 | 000,209,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:64bit: - [2010/11/20 21:23:55 | 001,600,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:64bit: - [2010/11/20 21:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv)
SRV:64bit: - [2010/11/20 21:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2010/11/20 21:25:06 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:64bit: - [2009/07/13 19:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010/11/20 21:23:55 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog)
SRV:64bit: - [2010/11/20 21:24:28 | 000,828,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:64bit: - [2010/11/20 21:24:48 | 000,580,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:64bit: - [2010/11/20 21:24:15 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2010/11/20 21:24:28 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver)
SRV:64bit: - [2009/07/13 19:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:64bit: - [2012/06/02 16:19:43 | 002,428,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:64bit: - [2010/11/20 21:24:09 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:64bit: - [2009/07/13 19:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:64bit: - [2010/11/20 21:24:32 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2011/09/11 01:37:45 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/09/11 01:37:45 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/09/11 01:37:45 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/09/11 01:37:45 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 21:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/09/11 01:37:45 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/09/11 01:37:45 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/20 21:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: SERVICES >
[2009/06/10 15:00:26 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\services

< MD5 for: SERVICES.EXE >
[2009/07/13 19:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009/07/13 19:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SERVICES.EXE.MUI >
[2010/11/21 01:06:16 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\SysNative\en-US\services.exe.mui
[2010/11/21 01:06:16 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_c5f238be3fa63468\services.exe.mui

< MD5 for: SERVICES.LNK >
[2009/07/13 22:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/13 22:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk

< MD5 for: SERVICES.MOF >
[2009/06/10 14:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\SysNative\wbem\services.mof
[2009/06/10 14:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.mof

< MD5 for: SERVICES.MSC >
[2010/11/21 01:06:14 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\en-US\services.msc
[2009/06/10 14:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\services.msc
[2010/11/21 01:06:17 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\en-US\services.msc
[2009/06/10 15:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\services.msc
[2010/11/21 01:06:14 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_003408aa160fce5b\services.msc
[2009/06/10 14:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_2b58d44b5f6beb8a\services.msc
[2010/11/21 01:06:17 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a4156d265db25d25\services.msc
[2009/06/10 15:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc

< MD5 for: SERVICES.PTXML >
[2009/07/13 14:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\SysNative\wdi\perftrack\Services.ptxml
[2009/07/13 14:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\Services.ptxml

< MD5 for: SVCHOST.EXE >
[2009/07/13 19:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 19:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/13 19:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/13 19:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/20 21:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 21:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/20 21:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 21:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 21:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 21:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< End of report >
  • 0

#5
Clmerm819
Posted 29 November 2012 - 07:20 PM

Clmerm819

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
OTL Extras logfile created on: 11/29/2012 7:10:44 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\MCKENNA\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.91 Gb Total Physical Memory | 2.33 Gb Available Physical Memory | 59.72% Memory free
7.81 Gb Paging File | 5.74 Gb Available in Paging File | 73.53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 916.71 Gb Total Space | 864.45 Gb Free Space | 94.30% Space Free | Partition Type: NTFS
Drive D: | 14.71 Gb Total Space | 1.82 Gb Free Space | 12.38% Space Free | Partition Type: NTFS

Computer Name: MCKENNA-HP | User Name: MCKENNA | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2740350965-3487376146-1944036550-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0CACD94A-2502-4FCE-B158-2DFD9534F8FF}" = rport=137 | protocol=17 | dir=out | app=system |
"{212AE3C2-81A5-4C21-B5F1-5D461B94FA58}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{2CF6BDA6-3064-4350-B4F3-39C79AA05689}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{31FE6C6F-19F1-4A91-9211-1516DB633ED9}" = lport=2869 | protocol=6 | dir=in | app=system |
"{3608F22C-658C-4ADB-8B4E-FA10EA797139}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{55CE5568-3154-4F6E-A158-7469A20FE909}" = lport=445 | protocol=6 | dir=in | app=system |
"{5EB62A59-3991-4968-A7EC-722D543D7D3D}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{661F7E36-E3C0-4615-9974-C64643C771C6}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{68112239-5031-4C13-A3EF-B01897D67DF4}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{70359FD6-3EAD-4D0C-B0C4-30F593B52BAA}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{70DD2A77-21B7-4796-99A7-DA9896EC4D27}" = rport=139 | protocol=6 | dir=out | app=system |
"{72CC74CD-0E59-4F63-9E34-750F3BAEC4ED}" = rport=445 | protocol=6 | dir=out | app=system |
"{7A424334-BB3D-4B36-A612-0D78A003D0FC}" = lport=139 | protocol=6 | dir=in | app=system |
"{8DBC9146-739D-44E7-8815-654559C76D22}" = rport=10243 | protocol=6 | dir=out | app=system |
"{90BD61E7-211F-4298-BA3D-030AD79A6B7D}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{A6DFBAFA-2718-40BB-A829-8C9B00993D69}" = lport=10243 | protocol=6 | dir=in | app=system |
"{A95E4E47-ED6B-4BC3-97BA-2A0364299C28}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AB5FDEBC-4F2B-4060-BAD1-0029D8174012}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{ABB152E9-FD74-4627-9FFD-E43D4BF20E22}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B9CAE93A-C771-402B-B017-5C19949EFBF3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C4825BA6-E124-48C9-B356-9A0AFC0429CA}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CC222444-16ED-44BE-A701-DDC5F1E1F31A}" = lport=137 | protocol=17 | dir=in | app=system |
"{CDB4FAC6-81D7-448E-BCA8-A7145581C0F1}" = lport=138 | protocol=17 | dir=in | app=system |
"{DF5B5372-58A1-4DC8-9AFA-DAB8C5B54930}" = rport=138 | protocol=17 | dir=out | app=system |
"{F24035FF-AFFB-446E-97F9-54687307D18C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02E7C1A9-09C4-44E1-8D8B-4888BFE4E3EF}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{0A53573D-1EE3-4BFB-9BC5-19611A5622F4}" = protocol=17 | dir=in | app=c:\program files (x86)\roxio\roxionow player\rnowshell.exe |
"{30EFA3A3-54CE-4877-A756-B54702AF18AC}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\roxionow\rnow.exe |
"{330B047C-7105-4435-80C7-8DC4AA8428D4}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{34F4C4B7-FD20-4CA7-8A2E-F299E20C9040}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\photo\hptouchsmartphoto.exe |
"{3FCCDD6C-E2CE-4D87-B5CA-85598B37B8F3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{41EF54B2-2C46-4D86-8379-B1EA2C25C5D2}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{469AC5D3-DEFE-4C6A-A67D-713E8B9D87BE}" = dir=in | app=c:\program files (x86)\motorola mobility\motocast\bin\motocast-thumbnailer.exe |
"{484EEBB6-E2FF-4628-8152-019771E0162A}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\video\tsmagent.exe |
"{4BA69655-969D-4D7E-AD9E-9CDBD1EE2FC3}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\roxionow\rnow.exe |
"{528005B0-B9F7-437F-9BCE-7552E31E0F87}" = dir=in | app=c:\program files (x86)\motorola mobility\motocast\motocast.exe |
"{53A83330-C5E0-4117-A8CA-910CD5C5032F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{59CF3567-BBFE-4F6E-990A-E0B9BC091170}" = protocol=1 | dir=in | [email protected],-28543 |
"{61600C78-A421-4C94-9DC9-5F2E04592F59}" = protocol=1 | dir=out | [email protected],-28544 |
"{631A8701-FDFD-4861-8D7F-C99F14693749}" = dir=in | app=c:\program files (x86)\motorola media link\lite\mml.exe |
"{6430053C-6839-4962-8C68-A8D159328B44}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{68CAC483-BAF2-481D-82E1-2EA7BC4554D7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{695C44A2-FDD6-4FCD-9C86-AE7C26547033}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{734C01BF-1388-48BF-B3CD-093F3A19D34F}" = dir=out | app=c:\program files (x86)\motorola mobility\motocast\motocast.exe |
"{7EDE8602-68EA-4A80-BBA4-8A033BE4A051}" = protocol=6 | dir=out | app=c:\program files (x86)\hewlett-packard\remote graphics receiver\rgreceiver.exe |
"{7F34E588-672B-4914-B1F8-DAD464E5D3C7}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\video\hptouchsmartvideo.exe |
"{842E6B3C-68BF-43B0-9F3A-EF92EC3C8601}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\video\hptouchsmartmusic.exe |
"{868CDEB4-74E5-4EE4-A3F3-941962DF0BE4}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{90BD9852-E2FD-49B6-B4F6-91E366582DCB}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{934301FA-3B3D-45B2-96FA-4336326FD722}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{965E7982-3535-4554-A924-3A8A68076AB2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{991A327F-7C95-4A32-ADD6-4B78D12B5186}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\photo\photoagent.exe |
"{9AE53CCC-B564-4171-9274-B1E231D1C103}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{A0E77F7F-911E-43C0-AFF6-B39E1ED2FD1B}" = protocol=6 | dir=in | app=c:\program files (x86)\roxio\roxionow player\rnowshell.exe |
"{A2D38483-1BD0-479D-BA6E-F2A7E0E2A451}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A422F3A6-BA29-42A6-B897-8FD972ED6E24}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AFF6F00D-96D1-4850-8166-86584E2A679B}" = protocol=58 | dir=in | [email protected],-28545 |
"{B10C2605-6CA7-4B68-8DA1-23C1A1D68272}" = protocol=6 | dir=in | app=c:\program files (x86)\bucksbee loyalty plugin - softonic\troubleshooter.exe |
"{B27D4D9C-366A-4911-A6A1-87CCD07E176A}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\remote graphics receiver\rgreceiver.exe |
"{B437065D-240D-4B2A-A30D-66F2B5388B2C}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\video\hptouchsmartphoto.exe |
"{BBC9350B-6BDD-4552-9ADB-86C33D7EA1A1}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{C4D4212F-6DC5-4648-A060-BA37ECD5130C}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\video\kernel\clml\clmlsvc.exe |
"{C6B807C8-FE91-4AEB-95B8-DE4D6159A9E5}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{CB6365C8-6E52-4B0F-8E42-53C1F125EE06}" = protocol=6 | dir=out | app=system |
"{D30E43AB-A10F-41B4-B13A-02DCFA4AEDF4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D73C8B11-A071-4426-8B1D-9F5350D1BE9E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D7A9CD47-4EF7-4740-956B-653ECDD862B6}" = protocol=58 | dir=out | [email protected],-28546 |
"{D82141C1-04C9-4F14-A044-C80E0C478949}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{D84EC4BD-6052-4A7A-80B5-BEDEE22AF83C}" = protocol=17 | dir=in | app=c:\program files (x86)\bucksbee loyalty plugin - softonic\troubleshooter.exe |
"{DA1346B6-0358-483F-BEE9-BA32F7EC2513}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E3DD779F-4309-4DED-AE97-27E1D3FA0AE6}" = protocol=17 | dir=out | app=c:\program files (x86)\hewlett-packard\hp linkup\hp linkup viewer.exe |
"{E3F44065-C585-4879-B22D-4E7226BF27EC}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\hp linkup\hp linkup viewer.exe |
"{E414BB52-9F05-455C-8661-E64946FBDC3F}" = dir=in | app=c:\users\mckenna\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{F1E81999-753E-4A11-A0CA-3FEF00C8C01F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F67BB547-9FB1-4AA4-87A4-09C41C0700B8}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\music\hptouchsmartmusic.exe |
"{F855F6B7-E6F9-461E-8A0E-248AE6D06956}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{FFCC707E-C3AC-439A-B057-5E533A67D6A0}" = dir=out | app=c:\program files (x86)\motorola mobility\motocast\bin\motocast-thumbnailer.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{054EF02F-95D8-48F4-9EEB-2F9CE3072ED8}" = AuthenTec TrueAPI
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}" = HP Client Services
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4E7CCB76-687B-4C53-9A5E-08780AF3A551}" = Motorola Mobile Drivers Installation 5.9.0
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6ACE7F46-FACE-4125-AE86-672F4F2A6A28}" = Bing Maps 3D
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{D79A02E9-6713-4335-9668-AAC7474C0C0E}" = HP Vision Hardware Diagnostics
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00F15573-18BB-4FAD-A763-F29401609C2F}" = HP TouchSmart Canvas
"{00FF4EB6-6AAC-4E9D-A60A-8F388691BB27}" = HP SimplePass PE 2011
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP TouchSmart Webcam
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}" = SDK
"{0EDEB615-1A60-425E-8306-0E10519C7B55}" = RoxioNow Player
"{1111706F-666A-4037-7777-203328764D10}" = JavaFX 2.0.3
"{120262A6-7A4B-4889-AE85-F5E5688D3683}" = HP MovieStore
"{16FC3056-90C0-4757-8A68-64D8DA846ADA}" = Remote Graphics Receiver
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}" = Bing Bar
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F22808B-156F-44FB-B56B-9E8F8C8DC8F5}" = Motorola Device Software Update
"{1F4DDC90-5923-4E49-A4C7-F3CCC954DCA0}" = HP My Display TouchSmart Edition
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20714B53-FC73-4F9C-9687-49EB237D6FD7}" = HP TouchSmart RecipeBox
"{26A24AE4-039D-4CA4-87B4-2F83217003FF}" = Java™ 7 Update 3
"{28DB8373-C1BB-444F-A427-A55585A12ED7}" = Motorola Device Manager
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2B38E0FA-D8A5-4EBF-A018-E3C1C8E7A2E2}" = HP TouchSmart Calendar
"{2B720998-2E26-4DD6-8AC8-A1FCA4B58384}_is1" = HP TouchSmart Get Updated!
"{2F1EB600-5E67-4AAA-9D5F-84430CDA4E47}" = HP TouchSmart Rss
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP TouchSmart Video
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{378397D6-FD32-4092-A854-6A75CB7EDA46}" = MOTOROLA MEDIA LINK
"{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}" = Microsoft XNA Framework Redistributable 3.0
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3D171340-B528-42E0-92E4-BDA7AEEF6F32}_is1" = HP TouchSmart Spot
"{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D090F70-6F08-4B60-9357-A1DFD4458F09}" = Microsoft Mathematics
"{52727E8B-5F72-4795-8BEA-4E1FF4BFA0D9}" = HP TouchSmart Weather
"{5401CEE8-3C2D-4835-A802-213306537FF4}" = MotoCast
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5BFFDDEB-AFD7-499F-BB13-7A6EAD927CDA}_is1" = HP TouchSmart Bubble Wrap
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{692D3BE1-0BD9-4B4C-A974-CB2EAEA99304}" = HP TouchSmart Clock
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.1.0
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7561C05C-FE30-4D0E-9B8D-5218734E3986}" = HP TouchSmart Browser
"{75781594-73D9-4D7B-997F-14D41BF1514D}" = HP TouchSmart Twitter
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}" = HP Support Information
"{7FB00B6B-6843-97EC-EED6-78BD6D35370A}" = Zinio Reader 4
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{858FCB65-7C6D-4BA4-AD80-A3CB3744CE09}_is1" = HP TouchSmart Tutorials
"{86BAB08A-5E66-4C53-82E3-C1E91673C7CA}" = HP TouchSmart Notes
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8AE50893-3A87-4439-9A57-942ED43F7189}" = Facebook for HP TouchSmart
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}" = Dual Stream 802.11n Wireless LAN Card
"{8FF90DB8-6DED-44A3-B182-244FEC09012F}" = Microsoft Touch Pack for Windows 7
"{9008D736-35CA-40DB-A2BE-5F32D954E5AA}" = HP MovieStore
"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
"{912CED74-88D3-4C5B-ACB0-132318649765}" = PressReader
"{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP TouchSmart Music
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95140000-00AF-0409-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9EFD323B-6ADB-4B3A-9253-EA1A75E00F25}_is1" = HP TouchSmart Ben10 Comic Book Reader
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A393CDFF-BEB8-48EA-990D-2EB35B311D23}_is1" = HP TouchSmart Tap Tap Bear
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AE856388-AFAD-4753-81DF-D96B19D0A17C}" = HP Setup Manager
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{C01A86F5-56E7-101F-9BC9-E3F1025EB779}" = Intel® Identity Protection Technology 1.1.2.0
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C8EC351F-7A2A-4853-B24B-99EB6F77D8A4}" = HP TouchSmart
"{C9DCE03F-8CB7-4146-A99C-0612D75177EA}" = HP TouchSmart Photo
"{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226}" = HP Support Assistant
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0661463-50F7-4A1E-83CB-37CC590589AE}_is1" = HP TouchSmart Metric Converter
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D35B72B6-F0E4-462B-BDEB-E08032B3B681}" = HP Setup
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DB3147AB-4024-4773-8EC0-A1FE5B44933D}" = HP LinkUp
"{DCC90D9D-4F8D-4A06-9050-ADDB284FF9FA}" = Adobe Flash Player 10 ActiveX
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE77FE3F-A33D-499A-87AD-5FC406617B40}" = HP Update
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E9E34215-82EF-4909-BE2F-F581F0DC9062}" = DirectX for Managed Code Update (Summer 2004)
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F04BFADD-C8CA-4C86-8F20-B1D7F4F8C66C}" = HP TouchSmart Video
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F12C6162-10D4-444A-9182-05CC3DB2456E}" = HP TouchSmart eBay
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP TouchSmart Video
"{FBB0C095-4FF0-4AF6-8CD5-A80A390FB101}_is1" = HP TouchSmart Paint Blast
"{FCD6D60F-AF2B-49E3-ABC4-A4C96B56225D}" = Blio
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"BucksBee Loyalty Plugin - Softonic" = BucksBee Loyalty Plugin - Softonic
"Cbox" = Cbox
"DealCabby" = DealCabby
"Free Online Converter" = Free Online Converter
"Hondata K-Series ECU Editor_is1" = Hondata K-Series ECU Editor
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP TouchSmart Webcam
"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP TouchSmart Video
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP TouchSmart Music
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{C9DCE03F-8CB7-4146-A99C-0612D75177EA}" = HP TouchSmart Photo
"InstallShield_{F04BFADD-C8CA-4C86-8F20-B1D7F4F8C66C}" = HP TouchSmart Video
"InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP TouchSmart Video
"Kobo" = Kobo
"N360" = Norton Security Suite
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"PC Health Doc PDF Reader" = PC Health Doc PDF Reader
"PDF Complete" = PDF Complete Special Edition
"Sendori" = Sendori
"VIP Access SDK" = VIP Access SDK (1.0.1.4)
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"WTA-0062bcd6-86eb-4ee1-bbc2-4bc0b37934a6" = FATE
"WTA-1ed4c176-02b9-4aec-be0d-a22bbf59227d" = Polar Golfer
"WTA-2275957e-96f9-44b7-8360-5ec4adb0ebcc" = Bejeweled 3
"WTA-25f1fa4d-3444-4914-8ae9-0afcc3aff3cf" = Chuzzle Deluxe
"WTA-30690cb3-7c9d-4b4a-988c-589aefbbdebd" = Build-a-lot
"WTA-592ad51a-d91f-451b-84c2-ca28bba77750" = Cake Mania
"WTA-6a5be1ab-59ff-4f3a-bb08-fb22fde0723d" = Agatha Christie - Peril at End House
"WTA-6cb96b68-5390-4aad-9cc3-654059dec32c" = Jewel Quest: The Sleepless Star - Collector's Edition
"WTA-6f17e461-3e5f-41fa-88f0-0f31123d42dd" = Bounce Symphony
"WTA-7c6a701f-3b28-435c-977e-0f48e38a6991" = Polar Bowler
"WTA-7cd2f4e0-1b5b-4ab6-82e9-a2c62b3d4158" = Vacation Quest - The Hawaiian Islands
"WTA-7d51088c-b737-442c-beae-192b2c7b8552" = Plants vs. Zombies - Game of the Year
"WTA-8763ed98-84b5-4999-be60-eec293489302" = Mystery of Mortlake Mansion
"WTA-8fcba27f-9f7c-4b30-8774-9377a54266e4" = Slingo Deluxe
"WTA-96253bf9-6b7b-47bb-8e01-7480584342a3" = Namco All-Stars: PAC-MAN
"WTA-9ac7303c-6b8a-4d50-8237-50963288ab5a" = Governor of Poker 2 Premium Edition
"WTA-af0719b2-fe55-4959-860d-d2071817486f" = Zuma Deluxe
"WTA-cd5bc2fe-c400-4fe4-8cde-8f076f4ec137" = Virtual Villagers 5 - New Believers
"WTA-d0073e8f-0d1b-4415-9a0a-9d7c690c0166" = Penguins!
"WTA-e32c5f73-6485-4de9-81fb-cd38bd37ec20" = Azteca
"WTA-e9022f9f-7c6a-4b5b-b6ae-ba8f07578b54" = Airport Mania
"WTA-f0f747dd-57b0-4938-9a46-a79d44f4479d" = Farm Frenzy
"WTA-feffbfcb-e252-4b93-96ef-d9b2117f1bff" = Mah Jong Medley
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Software Update" = Yahoo! Software Update
"YTdetect" = Yahoo! Detect
"ZinioReader4" = Zinio Reader 4

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2740350965-3487376146-1944036550-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"PDF Reader" = PDF Reader
"PDF Reader Packages" = PDF Reader Packages

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 9/20/2012 12:12:30 PM | Computer Name = MCKENNA-HP | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16448,
time stamp: 0x4fecf1b7 Faulting module name: SeaNote.dll_unloaded, version: 0.0.0.0,
time stamp: 0x4d55f072 Exception code: 0xc0000005 Fault offset: 0x717c0fd0 Faulting
process id: 0x1fe4 Faulting application start time: 0x01cd974aba722b67 Faulting application
path: C:\Program Files (x86)\Internet Explorer\iexplore.exe Faulting module path:
SeaNote.dll Report Id: f9b3975d-033d-11e2-82df-3860776818b7

Error - 9/24/2012 5:21:11 PM | Computer Name = MCKENNA-HP | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16450,
time stamp: 0x503723f6 Faulting module name: unknown, version: 0.0.0.0, time stamp:
0x00000000 Exception code: 0xc0000005 Fault offset: 0x00000000 Faulting process id:
0x166c Faulting application start time: 0x01cd9a9a84f96b99 Faulting application path:
C:\Program Files (x86)\Internet Explorer\iexplore.exe Faulting module path: unknown
Report
Id: c3330c01-068d-11e2-b4a3-3860776818b7

Error - 9/24/2012 5:21:24 PM | Computer Name = MCKENNA-HP | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16450,
time stamp: 0x503723f6 Faulting module name: unknown, version: 0.0.0.0, time stamp:
0x00000000 Exception code: 0xc0000005 Fault offset: 0x00000000 Faulting process id:
0xd5c Faulting application start time: 0x01cd9a9a8874e9aa Faulting application path:
C:\Program Files (x86)\Internet Explorer\iexplore.exe Faulting module path: unknown
Report
Id: cadcede0-068d-11e2-b4a3-3860776818b7

Error - 9/24/2012 5:21:31 PM | Computer Name = MCKENNA-HP | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16450,
time stamp: 0x503723f6 Faulting module name: unknown, version: 0.0.0.0, time stamp:
0x00000000 Exception code: 0xc0000005 Fault offset: 0x00000000 Faulting process id:
0x1ef4 Faulting application start time: 0x01cd9a7903f41320 Faulting application path:
C:\Program Files (x86)\Internet Explorer\iexplore.exe Faulting module path: unknown
Report
Id: cf20bfa9-068d-11e2-b4a3-3860776818b7

Error - 9/25/2012 10:47:36 AM | Computer Name = MCKENNA-HP | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16450,
time stamp: 0x503723f6 Faulting module name: unknown, version: 0.0.0.0, time stamp:
0x00000000 Exception code: 0xc0000005 Fault offset: 0x00000000 Faulting process id:
0x1fdc Faulting application start time: 0x01cd9b2c81c53da5 Faulting application path:
C:\Program Files (x86)\Internet Explorer\iexplore.exe Faulting module path: unknown
Report
Id: f19904cd-071f-11e2-b4a3-3860776818b7

Error - 9/25/2012 8:36:43 PM | Computer Name = MCKENNA-HP | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16450,
time stamp: 0x503723f6 Faulting module name: ntdll.dll, version: 6.1.7601.17725,
time stamp: 0x4ec49b8f Exception code: 0xc0000374 Fault offset: 0x000ce6c3 Faulting
process id: 0x1218 Faulting application start time: 0x01cd9b33694b4c1f Faulting application
path: C:\Program Files (x86)\Internet Explorer\iexplore.exe Faulting module path:
C:\Windows\SysWOW64\ntdll.dll Report Id: 3dfc9156-0772-11e2-b4a3-3860776818b7

Error - 9/27/2012 10:27:58 AM | Computer Name = MCKENNA-HP | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16450,
time stamp: 0x503723f6 Faulting module name: unknown, version: 0.0.0.0, time stamp:
0x00000000 Exception code: 0xc0000005 Fault offset: 0x00000000 Faulting process id:
0x23ec Faulting application start time: 0x01cd9cbc4558810d Faulting application path:
C:\Program Files (x86)\Internet Explorer\iexplore.exe Faulting module path: unknown
Report
Id: 88373a30-08af-11e2-b4a3-3860776818b7

Error - 9/30/2012 9:28:54 PM | Computer Name = MCKENNA-HP | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16450,
time stamp: 0x503723f6 Faulting module name: unknown, version: 0.0.0.0, time stamp:
0x00000000 Exception code: 0x80000002 Fault offset: 0x76f1d7d8 Faulting process id:
0xb04 Faulting application start time: 0x01cd9f72a7de3921 Faulting application path:
C:\Program Files (x86)\Internet Explorer\iexplore.exe Faulting module path: unknown
Report
Id: 5c5b1354-0b67-11e2-b4a3-3860776818b7

Error - 10/1/2012 12:40:31 PM | Computer Name = MCKENNA-HP | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16450,
time stamp: 0x503723f6 Faulting module name: Flash10q.ocx, version: 10.3.181.14,
time stamp: 0x4dc3253e Exception code: 0xc0000005 Fault offset: 0x000d2c66 Faulting
process id: 0x15e0 Faulting application start time: 0x01cd9ff1fddac438 Faulting application
path: C:\Program Files (x86)\Internet Explorer\iexplore.exe Faulting module path:
C:\Windows\SysWOW64\Macromed\Flash\Flash10q.ocx Report Id: b6873b1e-0be6-11e2-b50f-3860776818b7

Error - 10/2/2012 1:45:07 PM | Computer Name = MCKENNA-HP | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16450,
time stamp: 0x503723f6 Faulting module name: ntdll.dll, version: 6.1.7601.17725,
time stamp: 0x4ec49b8f Exception code: 0xc0000005 Fault offset: 0x00033ab3 Faulting
process id: 0x1328 Faulting application start time: 0x01cda01d753e246c Faulting application
path: C:\Program Files (x86)\Internet Explorer\iexplore.exe Faulting module path:
C:\Windows\SysWOW64\ntdll.dll Report Id: e6e00396-0cb8-11e2-b993-3860776818b7

[ System Events ]
Error - 11/14/2012 10:08:33 PM | Computer Name = MCKENNA-HP | Source = SCardSvr | ID = 610
Description =

Error - 11/14/2012 10:08:33 PM | Computer Name = MCKENNA-HP | Source = SCardSvr | ID = 610
Description =

Error - 11/14/2012 10:08:56 PM | Computer Name = MCKENNA-HP | Source = SCardSvr | ID = 610
Description =

Error - 11/14/2012 10:08:56 PM | Computer Name = MCKENNA-HP | Source = SCardSvr | ID = 610
Description =

Error - 11/14/2012 10:08:56 PM | Computer Name = MCKENNA-HP | Source = SCardSvr | ID = 610
Description =

Error - 11/14/2012 10:09:05 PM | Computer Name = MCKENNA-HP | Source = SCardSvr | ID = 610
Description =

Error - 11/14/2012 10:09:05 PM | Computer Name = MCKENNA-HP | Source = SCardSvr | ID = 610
Description =

Error - 11/14/2012 10:09:05 PM | Computer Name = MCKENNA-HP | Source = SCardSvr | ID = 610
Description =

Error - 11/16/2012 9:41:03 AM | Computer Name = MCKENNA-HP | Source = EventLog | ID = 6008
Description = The previous system shutdown at 5:32:46 PM on ?11/?15/?2012 was unexpected.

Error - 11/21/2012 9:47:22 AM | Computer Name = MCKENNA-HP | Source = EventLog | ID = 6008
Description = The previous system shutdown at 6:36:39 AM on ?11/?21/?2012 was unexpected.


< End of report >
  • 0

#6
Essexboy
Posted 30 November 2012 - 07:02 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi a question, did you intentionally install Sendori ? If not then I would recommend that you uninstall it

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    Posted Image
:OTL
IE - HKU\S-1-5-21-2740350965-3487376146-1944036550-1000\..\SearchScopes\{28B79064-47DB-432A-8F16-84F7E8B9E0CA}: "URL" = http://search.condui...&ctid=CT3196716
O2 - BHO: (DealCabby) - {0B4A07CF-45EB-4B10-B6BB-35568A2F89BE} - C:\Users\MCKENNA\AppData\Local\dealcabby\ie\dealcabby_20121029030001.dll ()
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.8.3.8\bh\BabylonToolbar.dll File not found
O2 - BHO: (BucksBee Loyalty Plugin - Softonic) - {829CBB8D-4FBC-2464-E9D7-D55180B193B4} - C:\Program Files (x86)\BucksBee Loyalty Plugin - Softonic\Toolbar.dll ()
O2 - BHO: (PricePeep) - {FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} - C:\Program Files (x86)\PricePeep\pricepeep.dll File not found
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.8.3.8\BabylonToolbarTlbr.dll File not found
O9 - Extra Button: BucksBee Loyalty Plugin - Softonic Notifications - {829cbb8d-4fbc-2464-e9d7-d55180b193b4} - C:\Program Files (x86)\BucksBee Loyalty Plugin - Softonic\ribbon.hta ()
O9 - Extra 'Tools' menuitem : BucksBee Loyalty Plugin - Softonic Notifications - {a8e3281a-999a-ab24-9566-42314ed92b6e} - C:\Program Files (x86)\BucksBee Loyalty Plugin - Softonic\ribbon_menu.hta ()
[2012/11/28 11:30:14 | 000,000,000 | ---D | C] -- C:\Users\MCKENNA\AppData\Local\dealcabby

:Files
C:\Program Files (x86)\BabylonToolbar
C:\Program Files (x86)\BucksBee Loyalty Plugin - Softonic
C:\Program Files (x86)\PricePeep

:Commands
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

  • 0

#7
Clmerm819
Posted 30 November 2012 - 09:01 AM

Clmerm819

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
I have no idea what Sendori is so it is now uninstalled....
Here's the log.
OTL logfile created on: 11/30/2012 8:55:36 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\MCKENNA\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.91 Gb Total Physical Memory | 2.11 Gb Available Physical Memory | 54.09% Memory free
7.81 Gb Paging File | 5.88 Gb Available in Paging File | 75.24% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 916.71 Gb Total Space | 864.15 Gb Free Space | 94.27% Space Free | Partition Type: NTFS
Drive D: | 14.71 Gb Total Space | 1.82 Gb Free Space | 12.38% Space Free | Partition Type: NTFS

Computer Name: MCKENNA-HP | User Name: MCKENNA | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/11/29 19:09:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\MCKENNA\Desktop\OTL.exe
PRC - [2012/10/19 13:46:22 | 000,144,896 | ---- | M] (Motorola Mobility Inc.) -- C:\Program Files (x86)\Motorola Mobility\MotoCast\MotoCast.exe
PRC - [2012/10/19 13:46:00 | 000,240,056 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\MotoCast-thumbnailer.exe
PRC - [2012/10/02 12:45:22 | 000,120,728 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
PRC - [2012/10/02 12:41:02 | 000,694,168 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
PRC - [2012/09/07 20:36:46 | 000,087,992 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe
PRC - [2012/08/21 07:26:28 | 000,686,592 | ---- | M] () -- C:\Program Files (x86)\Free Online Converter\FreeOnlineConverterUpdt.exe
PRC - [2012/08/10 05:56:32 | 000,686,592 | ---- | M] () -- C:\Program Files (x86)\Cbox\CboxUpdater.exe
PRC - [2012/06/15 20:24:20 | 000,138,272 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Security Suite\Engine\6.4.0.9\ccsvchst.exe
PRC - [2011/10/01 00:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 00:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/09/11 01:59:33 | 000,240,288 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10q_ActiveX.exe
PRC - [2011/09/02 15:06:38 | 000,065,657 | ---- | M] (Motorola) -- C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
PRC - [2011/06/17 11:24:24 | 000,445,232 | ---- | M] (Portrait Displays, Inc) -- C:\Program Files (x86)\Hewlett-Packard\HP My Display TouchSmart Edition\OSDManager.exe
PRC - [2011/06/17 11:24:14 | 000,129,840 | ---- | M] (Portrait Displays, Inc.) -- C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
PRC - [2011/06/09 06:37:18 | 000,264,008 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
PRC - [2011/06/09 06:37:00 | 000,653,128 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
PRC - [2011/06/09 06:36:34 | 000,142,664 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
PRC - [2011/06/03 10:56:40 | 000,026,168 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe
PRC - [2011/06/03 10:53:40 | 000,022,072 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
PRC - [2011/05/30 11:32:38 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
PRC - [2011/05/05 17:40:52 | 001,128,952 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe
PRC - [2011/03/28 18:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2011/03/09 15:47:08 | 000,109,168 | ---- | M] (Portrait Displays, Inc.) -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
PRC - [2011/02/25 11:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/02/24 01:10:24 | 000,212,944 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
PRC - [2011/02/01 15:41:24 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2011/02/01 15:41:20 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/11/26 08:09:12 | 000,399,344 | ---- | M] (Roxio) -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
PRC - [2010/11/20 21:24:27 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2008/11/20 11:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
PRC - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe


========== Modules (No Company Name) ==========

MOD - [2012/11/30 08:54:25 | 000,160,256 | ---- | M] () -- C:\Users\MCKENNA\AppData\Local\Temp\ZumoLocalGateway.dll7077636006641476369.lib
MOD - [2012/11/30 08:54:20 | 000,314,368 | ---- | M] () -- C:\Users\MCKENNA\AppData\Local\Temp\WindowsFolderWatcher.dll1978593752869886073.lib
MOD - [2012/11/30 08:54:08 | 000,509,440 | ---- | M] () -- C:\Users\MCKENNA\AppData\Local\Temp\sqlite-3.6.20-sqlitejdbc.dll
MOD - [2012/11/30 08:54:03 | 000,205,824 | ---- | M] () -- C:\Users\MCKENNA\AppData\Local\Temp\WindowsAPI.dll431875296461534100.lib
MOD - [2012/11/17 03:25:08 | 001,072,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\59353156806745822ad61a40de8fb631\System.IdentityModel.ni.dll
MOD - [2012/11/17 03:25:06 | 018,058,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\a27582afda5c9a9258ed2cd787352773\System.ServiceModel.ni.dll
MOD - [2012/11/17 03:24:03 | 002,906,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ReachFramework\bc4a5d9898a6c903baafbecacf6010b3\ReachFramework.ni.dll
MOD - [2012/11/17 03:23:43 | 001,021,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\bb404633d24f5098f9d7f5f5a1d234c3\System.Runtime.DurableInstancing.ni.dll
MOD - [2012/11/17 03:23:42 | 000,143,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\0dd39ca15b3d56a03a31fbf671c80cfe\SMDiagnostics.ni.dll
MOD - [2012/11/17 03:23:41 | 002,647,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\0d2c8da8749c683b47f01101c9ea26d5\System.Runtime.Serialization.ni.dll
MOD - [2012/11/17 03:15:28 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\58f50a891bafb8fd7149e6eebc2b7b52\PresentationCore.ni.dll
MOD - [2012/11/17 03:15:21 | 003,858,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\05ebffcb5aac31412fea8c38cbac8df8\WindowsBase.ni.dll
MOD - [2012/11/17 03:08:58 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\caffbced23ee85b40b919ad4a122b7aa\System.Windows.Forms.ni.dll
MOD - [2012/11/17 03:08:52 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\752225ca2585aa8f1c46b489e172e920\System.Core.ni.dll
MOD - [2012/11/17 03:08:49 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\cb0c00757e89f0b1fe282913ed667212\System.Xml.ni.dll
MOD - [2012/11/17 03:08:49 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\9422d0c052186760a4645e10995487f5\System.Drawing.ni.dll
MOD - [2012/11/17 03:08:47 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\ed886fb71addf400705481dcf8de12da\System.Configuration.ni.dll
MOD - [2012/11/17 03:08:46 | 009,093,632 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\811a7bc79f8f0a5be8065292a320819e\System.ni.dll
MOD - [2012/11/17 03:08:41 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\16126cae96ea2422253ae06eeb672abc\mscorlib.ni.dll
MOD - [2012/10/19 13:46:20 | 000,075,776 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstvideoscale.dll
MOD - [2012/10/19 13:46:20 | 000,061,952 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgsttypefindfunctions.dll
MOD - [2012/10/19 13:46:20 | 000,059,904 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstvideobox.dll
MOD - [2012/10/19 13:46:20 | 000,054,784 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstsmpte.dll
MOD - [2012/10/19 13:46:20 | 000,053,760 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstvorbis.dll
MOD - [2012/10/19 13:46:20 | 000,051,712 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstsubparse.dll
MOD - [2012/10/19 13:46:20 | 000,050,688 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstwavpack.dll
MOD - [2012/10/19 13:46:20 | 000,042,496 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstwavparse.dll
MOD - [2012/10/19 13:46:20 | 000,034,304 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstvolume.dll
MOD - [2012/10/19 13:46:20 | 000,032,768 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstvideocrop.dll
MOD - [2012/10/19 13:46:20 | 000,024,576 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstvideorate.dll
MOD - [2012/10/19 13:46:20 | 000,013,312 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgsty4menc.dll
MOD - [2012/10/19 13:46:18 | 000,531,968 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflumpeg4video.dll
MOD - [2012/10/19 13:46:18 | 000,363,008 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflumpeg2video.dll
MOD - [2012/10/19 13:46:18 | 000,276,480 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstisomp4.dll
MOD - [2012/10/19 13:46:18 | 000,207,872 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmatroska.dll
MOD - [2012/10/19 13:46:18 | 000,150,528 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmpegdemux.dll
MOD - [2012/10/19 13:46:18 | 000,132,608 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstogg.dll
MOD - [2012/10/19 13:46:18 | 000,119,296 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflumpegdemux.dll
MOD - [2012/10/19 13:46:18 | 000,075,776 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflv.dll
MOD - [2012/10/19 13:46:18 | 000,059,904 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstjpeg.dll
MOD - [2012/10/19 13:46:18 | 000,047,616 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmpegaudioparse.dll
MOD - [2012/10/19 13:46:18 | 000,039,936 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmpegtsmux.dll
MOD - [2012/10/19 13:46:18 | 000,037,888 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstgio.dll
MOD - [2012/10/19 13:46:18 | 000,035,840 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstinterleave.dll
MOD - [2012/10/19 13:46:18 | 000,035,328 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstreplaygain.dll
MOD - [2012/10/19 13:46:18 | 000,034,304 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstid3tag.dll
MOD - [2012/10/19 13:46:18 | 000,032,256 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstid3demux.dll
MOD - [2012/10/19 13:46:18 | 000,029,696 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstgdp.dll
MOD - [2012/10/19 13:46:18 | 000,029,184 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstpng.dll
MOD - [2012/10/19 13:46:18 | 000,025,088 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmultipart.dll
MOD - [2012/10/19 13:46:18 | 000,024,576 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmpegvideoparse.dll
MOD - [2012/10/19 13:46:18 | 000,020,480 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmultifile.dll
MOD - [2012/10/19 13:46:18 | 000,019,456 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstlevel.dll
MOD - [2012/10/19 13:46:18 | 000,015,360 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmulaw.dll
MOD - [2012/10/19 13:46:18 | 000,011,264 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstshift.dll
MOD - [2012/10/19 13:46:16 | 001,563,136 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflump3enc.dll
MOD - [2012/10/19 13:46:16 | 001,376,256 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflump3dec.dll
MOD - [2012/10/19 13:46:16 | 000,088,064 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflummssrc.dll
MOD - [2012/10/19 13:46:16 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflumch264enc.dll
MOD - [2012/10/19 13:46:16 | 000,033,280 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflumcaacenc.dll
MOD - [2012/10/19 13:46:14 | 002,009,600 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstfluh264dec.dll
MOD - [2012/10/19 13:46:14 | 001,694,208 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstfluaacdec.dll
MOD - [2012/10/19 13:46:14 | 000,122,880 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstfluasfdemux.dll
MOD - [2012/10/19 13:46:12 | 000,187,904 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstffmpegcolorspace.dll
MOD - [2012/10/19 13:46:12 | 000,073,216 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstdshowsrcwrapper.dll
MOD - [2012/10/19 13:46:12 | 000,069,120 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflac.dll
MOD - [2012/10/19 13:46:12 | 000,026,624 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstequalizer.dll
MOD - [2012/10/19 13:46:10 | 000,212,480 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstcoreelements.dll
MOD - [2012/10/19 13:46:10 | 000,123,904 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstavi.dll
MOD - [2012/10/19 13:46:10 | 000,091,136 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstdshowdecwrapper.dll
MOD - [2012/10/19 13:46:10 | 000,086,016 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstdecodebin2.dll
MOD - [2012/10/19 13:46:10 | 000,078,848 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstaudioconvert.dll
MOD - [2012/10/19 13:46:10 | 000,052,224 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstaudioresample.dll
MOD - [2012/10/19 13:46:10 | 000,032,256 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstautoconvert.dll
MOD - [2012/10/19 13:46:10 | 000,029,184 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstautodetect.dll
MOD - [2012/10/19 13:46:10 | 000,020,480 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstaudiorate.dll
MOD - [2012/10/19 13:46:10 | 000,020,480 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstamrnb.dll
MOD - [2012/10/19 13:46:10 | 000,019,456 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstauparse.dll
MOD - [2012/10/19 13:46:10 | 000,016,896 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstcutter.dll
MOD - [2012/10/19 13:46:10 | 000,015,360 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstapetag.dll
MOD - [2012/10/19 13:46:10 | 000,014,848 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstamrwbdec.dll
MOD - [2012/10/19 13:46:10 | 000,011,776 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstcoreindexers.dll
MOD - [2012/10/19 13:46:08 | 001,520,128 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libvorbisenc-2.dll
MOD - [2012/10/19 13:46:08 | 001,396,736 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libxml2-2.dll
MOD - [2012/10/19 13:46:08 | 000,196,608 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libwavpack-1.dll
MOD - [2012/10/19 13:46:08 | 000,085,504 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\z.dll
MOD - [2012/10/19 13:46:08 | 000,048,640 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstalpha.dll
MOD - [2012/10/19 13:46:08 | 000,038,400 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstaiff.dll
MOD - [2012/10/19 13:46:08 | 000,030,208 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstadder.dll
MOD - [2012/10/19 13:46:08 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstalaw.dll
MOD - [2012/10/19 13:46:08 | 000,017,920 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstalphacolor.dll
MOD - [2012/10/19 13:46:08 | 000,014,848 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstadpcmdec.dll
MOD - [2012/10/19 13:46:06 | 000,471,552 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\liborc-0.4-0.dll
MOD - [2012/10/19 13:46:06 | 000,190,976 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libpng14-14.dll
MOD - [2012/10/19 13:46:06 | 000,162,304 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libvorbis-0.dll
MOD - [2012/10/19 13:46:06 | 000,123,947 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libopencore-amrwb.0.1.1.dll
MOD - [2012/10/19 13:46:04 | 000,699,392 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstreamer-0.10.dll
MOD - [2012/10/19 13:46:04 | 000,276,992 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libjpeg-8.dll
MOD - [2012/10/19 13:46:04 | 000,253,440 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstbase-0.10.dll
MOD - [2012/10/19 13:46:04 | 000,248,352 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libopencore-amrnb.0.1.1.dll
MOD - [2012/10/19 13:46:04 | 000,133,120 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgsttag-0.10.dll
MOD - [2012/10/19 13:46:04 | 000,126,976 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstcontroller-0.10.dll
MOD - [2012/10/19 13:46:04 | 000,098,304 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstpbutils-0.10.dll
MOD - [2012/10/19 13:46:04 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstrtp-0.10.dll
MOD - [2012/10/19 13:46:04 | 000,053,760 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstinterfaces-0.10.dll
MOD - [2012/10/19 13:46:04 | 000,041,984 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstriff-0.10.dll
MOD - [2012/10/19 13:46:04 | 000,038,912 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstvideo-0.10.dll
MOD - [2012/10/19 13:46:04 | 000,023,552 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libogg-0.dll
MOD - [2012/10/19 13:46:04 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstdataprotocol-0.10.dll
MOD - [2012/10/19 13:46:02 | 000,109,568 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstaudio-0.10.dll
MOD - [2012/10/19 13:46:00 | 000,331,264 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libFLAC-8.dll
MOD - [2012/10/19 13:46:00 | 000,240,056 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\MotoCast-thumbnailer.exe
MOD - [2012/10/02 12:41:02 | 000,694,168 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
MOD - [2012/08/27 20:33:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/08/27 20:33:08 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/02/15 12:59:00 | 000,015,624 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP My Display TouchSmart Edition\ACPIDll.dll


========== Services (SafeList) ==========

SRV:64bit: - [2011/06/24 12:23:14 | 000,302,592 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2011/02/16 23:47:28 | 000,682,040 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe -- (HPAuto)
SRV:64bit: - [2010/10/11 03:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:64bit: - [2010/09/22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/13 19:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/03/03 04:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2012/10/02 12:45:22 | 000,120,728 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe -- (Motorola Device Manager)
SRV - [2012/09/07 20:36:46 | 000,087,992 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe -- (DeviceMonitorService)
SRV - [2012/08/21 07:26:28 | 000,686,592 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Free Online Converter\FreeOnlineConverterUpdt.exe -- (FreeOnlineConverterUpdt)
SRV - [2012/08/10 05:56:32 | 000,686,592 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Cbox\CboxUpdater.exe -- (CboxUpdater)
SRV - [2012/06/15 20:24:20 | 000,138,272 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Security Suite\Engine\6.4.0.9\ccSvcHst.exe -- (N360)
SRV - [2011/10/01 00:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 00:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/09/02 15:06:38 | 000,065,657 | ---- | M] (Motorola) [Auto | Running] -- C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe -- (PST Service)
SRV - [2011/06/21 16:57:34 | 000,085,560 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2011/06/17 11:24:14 | 000,129,840 | ---- | M] (Portrait Displays, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe -- (DTSRVC)
SRV - [2011/06/09 06:37:18 | 000,264,008 | ---- | M] (HP) [Auto | Running] -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe -- (FPLService)
SRV - [2011/06/03 10:53:40 | 000,022,072 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe -- (CalendarSynchService)
SRV - [2011/05/05 17:40:52 | 001,128,952 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2011/03/28 18:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2011/03/09 15:47:08 | 000,109,168 | ---- | M] (Portrait Displays, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe -- (PdiService)
SRV - [2011/03/07 17:43:30 | 002,375,168 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2011/03/01 22:23:36 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 11:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2011/02/24 01:10:24 | 000,212,944 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe -- (jhi_service)
SRV - [2011/02/01 15:41:24 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011/02/01 15:41:20 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/11/26 08:09:12 | 000,399,344 | ---- | M] (Roxio) [Auto | Running] -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe -- (RoxioNow Service)
SRV - [2010/10/12 11:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/06/01 16:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2010/03/18 15:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 15:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/10/01 10:27:24 | 000,175,736 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/09 12:42:54 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/07/05 20:17:58 | 000,737,952 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\N360x64\0604000.009\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2012/07/05 20:17:58 | 000,037,536 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0604000.009\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2012/06/06 22:43:38 | 000,167,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0604000.009\ccsetx64.sys -- (ccSet_N360)
DRV:64bit: - [2012/05/21 19:37:12 | 001,129,120 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0604000.009\symefa64.sys -- (SymEFA)
DRV:64bit: - [2012/03/01 00:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/11/16 21:38:00 | 000,405,624 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0604000.009\symnets.sys -- (SymNetS)
DRV:64bit: - [2011/11/16 21:17:50 | 000,190,072 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0604000.009\ironx64.sys -- (SymIRON)
DRV:64bit: - [2011/10/01 00:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011/10/01 00:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011/10/01 00:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011/10/01 00:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011/09/11 02:09:37 | 000,031,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pmxdrv.sys -- (pmxdrv)
DRV:64bit: - [2011/09/11 01:38:31 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/09/11 01:38:31 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/09/07 02:46:58 | 000,070,016 | ---- | M] (SCM Microsystems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\S3XXx64.sys -- (S3XXx64)
DRV:64bit: - [2011/08/16 00:51:40 | 000,451,192 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0604000.009\symds64.sys -- (SymDS)
DRV:64bit: - [2011/06/26 20:55:49 | 012,231,584 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/06/10 04:35:04 | 000,528,384 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2011/05/30 11:33:04 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2011/05/25 15:08:54 | 000,016,152 | ---- | M] (n/a) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NWWakeFilterV.sys -- (NWWakeFilterV)
DRV:64bit: - [2011/05/25 15:08:50 | 000,028,440 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NWVoltron.sys -- (NWVoltron)
DRV:64bit: - [2011/05/25 15:08:50 | 000,016,152 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidkmdf.sys -- (hidkmdf)
DRV:64bit: - [2011/05/04 18:44:00 | 000,338,536 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2011/04/22 04:17:04 | 000,471,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/04/21 18:46:54 | 001,360,960 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2011/04/21 06:07:22 | 000,399,944 | ---- | M] (Texas Instruments Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tixhci.sys -- (tixhci)
DRV:64bit: - [2011/04/21 06:07:22 | 000,131,656 | ---- | M] (Texas Instruments Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tihub3.sys -- (tihub3)
DRV:64bit: - [2010/11/20 21:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 21:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 21:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/06 02:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/10/19 18:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/07/13 06:57:08 | 000,069,736 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\itecir.sys -- (itecir)
DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/05/06 15:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV - [2012/11/30 01:34:18 | 002,084,000 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20121129.023\ex64.sys -- (NAVEX15)
DRV - [2012/11/30 01:34:18 | 000,126,112 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20121129.023\eng64.sys -- (NAVENG)
DRV - [2012/10/23 17:34:23 | 001,384,608 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20121106.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2012/10/01 10:48:47 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2012/10/01 10:48:47 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/09/28 11:33:38 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20121129.001\IDSviA64.sys -- (IDSVia64)
DRV - [2009/07/13 19:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{2BB9899B-6724-46A6-8A4E-D0786E4A356D}: "URL" = http://www.amazon.co...s={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPDTDF
IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPDTDF
IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{2BB9899B-6724-46A6-8A4E-D0786E4A356D}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPDTDF
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPDTDF
IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\URLSearchHook: {6b556d31-eeee-de44-19f4-13e37eb9ba64} - SOFTWARE\Classes\CLSID\{6b556d31-eeee-de44-19f4-13e37eb9ba64}\InprocServer32 File not found
IE - HKCU\..\SearchScopes,DefaultScope = {38C9F3F7-9EAF-488F-817E-0F68DA8FB45B}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{2BB9899B-6724-46A6-8A4E-D0786E4A356D}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKCU\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPDTDF
IE - HKCU\..\SearchScopes\{38C9F3F7-9EAF-488F-817E-0F68DA8FB45B}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPDTDF
IE - HKCU\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;192.168.*.*


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: c:\Program Files (x86)\Virtual Earth 3D\ [2011/09/11 01:52:56 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.3.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.3.1: C:\Program Files (x86)\Oracle\JavaFX 2.0 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: c:\Program Files (x86)\Virtual Earth 3D\ [2011/09/11 01:52:56 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\MCKENNA\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\MCKENNA\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\MCKENNA\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\IPSFFPlgn\ [2012/10/01 10:27:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\coFFPlgn\ [2012/11/30 08:53:03 | 000,000,000 | ---D | M]

[2012/11/28 11:30:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Bing (Enabled)
CHR - default_search_provider: search_url = http://www.bing.com/...q={searchTerms}
CHR - default_search_provider: suggest_url = http://api.bing.com/...uage={language}
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\MCKENNA\AppData\Local\Google\Chrome\Application\23.0.1271.95\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\MCKENNA\AppData\Local\Google\Chrome\Application\23.0.1271.95\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\MCKENNA\AppData\Local\Google\Chrome\Application\23.0.1271.95\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\MCKENNA\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Simple Pass 2011 (Enabled) = C:\Users\MCKENNA\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpgfhihjicjofdejkbjgnjlaglaciobe\1.0_0\npwebsitelogon.dll
CHR - plugin: Norton Confidential (Enabled) = C:\Users\MCKENNA\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\6.0.2_0\npcoplgn.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Google Update (Enabled) = C:\Users\MCKENNA\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\MCKENNA\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Google Search = C:\Users\MCKENNA\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Norton Identity Protection = C:\Users\MCKENNA\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.6.10_0\
CHR - Extension: Gmail = C:\Users\MCKENNA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2012/11/30 08:48:56 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll (HP)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\6.4.0.9\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\6.4.0.9\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll (HP)
O2 - BHO: (Free Online Converter 1.0) - {A229BC5B-E7A2-447B-B015-1E7CA944978D} - C:\Program Files (x86)\FreeFrog\FreeFrog2.0.dll (Free Online Converter)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\6.4.0.9\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O4:64bit: - HKLM..\Run: [BeatsOSDApp] C:\Program Files\IDT\WDM\beats64.exe (Hewlett-Packard )
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [DT HPO] C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe (Portrait Displays, Inc.)
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKCU..\Run: [Cbox] C:\Program Files (x86)\Cbox\Cbox.exe (Cbox)
O4 - HKCU..\Run: [Facebook Update] C:\Users\MCKENNA\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [MotoCast] C:\Program Files (x86)\Motorola Mobility\MotoCast\MotoLauncher.lnk ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: army.mil ([www.us] https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.3.1)
O16 - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_03)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{15E1D307-6C36-46FA-8855-B126560A8DED}: DhcpNameServer = 75.75.75.75 75.75.76.76 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{754BDBFB-A71D-45BE-9F77-87ABE860AA8A}: DhcpNameServer = 75.75.75.75 75.75.76.76
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{006a5382-c640-11e1-be88-3860776818b7}\Shell - "" = AutoRun
O33 - MountPoints2\{006a5382-c640-11e1-be88-3860776818b7}\Shell\AutoRun\command - "" = F:\iStudio.exe
O33 - MountPoints2\{ed370997-33e1-11e2-8f78-3860776818b7}\Shell - "" = AutoRun
O33 - MountPoints2\{ed370997-33e1-11e2-8f78-3860776818b7}\Shell\AutoRun\command - "" = F:\MotoCastSetup.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/11/30 08:48:52 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/11/29 19:09:10 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\MCKENNA\Desktop\OTL.exe
[2012/11/29 11:01:23 | 000,000,000 | -H-D | C] -- C:\Users\MCKENNA\AppData\Local\Cbox
[2012/11/29 09:53:28 | 000,000,000 | ---D | C] -- C:\Users\MCKENNA\AppData\Roaming\PC Health Doc PDF Reader
[2012/11/28 21:01:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FreeFrog
[2012/11/28 21:00:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cbox
[2012/11/28 21:00:55 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
[2012/11/28 21:00:55 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2012/11/28 21:00:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services
[2012/11/28 21:00:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Online Converter
[2012/11/28 21:00:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free Online Converter
[2012/11/28 21:00:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cbox
[2012/11/28 21:00:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCHealthDocPDFReader
[2012/11/28 21:00:31 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Health Doc PDF Reader
[2012/11/28 21:00:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PCHealthDocPDFReader
[2012/11/28 21:00:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo!
[2012/11/28 21:00:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo! Companion
[2012/11/28 21:00:15 | 000,000,000 | ---D | C] -- C:\Users\MCKENNA\AppData\Roaming\Yahoo!
[2012/11/28 21:00:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yahoo!
[2012/11/28 11:30:34 | 000,000,000 | ---D | C] -- C:\Users\MCKENNA\AppData\Roaming\SumatraPDF
[2012/11/28 11:30:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012/11/28 11:30:20 | 000,000,000 | ---D | C] -- C:\Users\MCKENNA\AppData\Roaming\PDFReaderPackages
[2012/11/28 11:30:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDFReader
[2012/11/06 14:28:17 | 000,000,000 | ---D | C] -- C:\Users\MCKENNA\AppData\Roaming\Windows Live Writer
[2012/11/06 14:28:17 | 000,000,000 | ---D | C] -- C:\Users\MCKENNA\AppData\Local\Windows Live Writer
[2012/11/01 10:01:08 | 000,000,000 | ---D | C] -- C:\Users\MCKENNA\AppData\Local\{4ECAE6F2-736C-416A-81B5-28D084FFE352}

========== Files - Modified Within 30 Days ==========

[2012/11/30 08:58:54 | 000,779,620 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/11/30 08:58:54 | 000,660,474 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/11/30 08:58:54 | 000,121,144 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/11/30 08:52:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/11/30 08:52:06 | 3145,969,664 | -HS- | M] () -- C:\hiberfil.sys
[2012/11/30 08:51:31 | 000,024,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/11/30 08:51:30 | 000,024,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/11/30 08:48:56 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2012/11/30 08:29:00 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2740350965-3487376146-1944036550-1000UA.job
[2012/11/30 06:22:01 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2740350965-3487376146-1944036550-1000UA.job
[2012/11/29 20:30:32 | 000,002,461 | ---- | M] () -- C:\Users\MCKENNA\Desktop\Google Chrome.lnk
[2012/11/29 19:09:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\MCKENNA\Desktop\OTL.exe
[2012/11/29 12:22:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2740350965-3487376146-1944036550-1000Core.job
[2012/11/29 12:02:29 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForMCKENNA-HP$.job
[2012/11/29 12:02:29 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForMCKENNA.job
[2012/11/29 09:29:00 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2740350965-3487376146-1944036550-1000Core.job
[2012/11/28 21:01:20 | 000,000,046 | ---- | M] () -- C:\END
[2012/11/28 11:30:17 | 000,000,000 | ---- | M] () -- C:\extensions.sqlite
[2012/11/21 18:40:48 | 000,223,450 | ---- | M] () -- C:\Users\MCKENNA\Documents\FA_511_2012-13_Verification_Worksheet_Fillable.pdf
[2012/11/17 03:32:45 | 000,275,712 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/11/02 14:55:40 | 000,567,373 | ---- | M] () -- C:\Users\MCKENNA\Documents\orders to ftcky 001.jpg

========== Files Created - No Company Name ==========

[2012/11/28 21:01:10 | 000,000,046 | ---- | C] () -- C:\END
[2012/11/28 11:30:17 | 000,000,000 | ---- | C] () -- C:\extensions.sqlite
[2012/11/21 18:40:47 | 000,223,450 | ---- | C] () -- C:\Users\MCKENNA\Documents\FA_511_2012-13_Verification_Worksheet_Fillable.pdf
[2012/11/17 03:09:55 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012/11/17 03:00:32 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012/11/02 14:55:40 | 000,567,373 | ---- | C] () -- C:\Users\MCKENNA\Documents\orders to ftcky 001.jpg
[2011/09/11 02:10:30 | 000,002,792 | ---- | C] () -- C:\Program Files\HP SimplePass 2011
[2011/09/11 01:38:50 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/09/11 01:38:49 | 013,899,776 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011/09/11 01:38:49 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/09/11 01:38:49 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011/09/11 01:38:49 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011/06/21 01:07:00 | 000,007,736 | ---- | C] () -- C:\Windows\hpDSTRES.DLL
[2011/02/11 11:15:43 | 000,795,824 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

========== ZeroAccess Check ==========

[2009/07/13 22:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 23:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 22:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 19:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 21:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 19:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/04/08 15:07:29 | 000,000,000 | ---D | M] -- C:\Users\MCKENNA\AppData\Roaming\Blio
[2012/11/30 08:54:26 | 000,000,000 | ---D | M] -- C:\Users\MCKENNA\AppData\Roaming\MotoCast
[2012/10/30 20:54:39 | 000,000,000 | ---D | M] -- C:\Users\MCKENNA\AppData\Roaming\Motorola
[2012/10/30 20:55:17 | 000,000,000 | ---D | M] -- C:\Users\MCKENNA\AppData\Roaming\Motorola Mobility
[2012/11/29 09:53:47 | 000,000,000 | ---D | M] -- C:\Users\MCKENNA\AppData\Roaming\PC Health Doc PDF Reader
[2012/11/28 11:30:20 | 000,000,000 | ---D | M] -- C:\Users\MCKENNA\AppData\Roaming\PDFReaderPackages
[2012/11/29 12:00:19 | 000,000,000 | ---D | M] -- C:\Users\MCKENNA\AppData\Roaming\SoftGrid Client
[2012/11/28 11:30:35 | 000,000,000 | ---D | M] -- C:\Users\MCKENNA\AppData\Roaming\SumatraPDF
[2012/04/14 08:52:29 | 000,000,000 | ---D | M] -- C:\Users\MCKENNA\AppData\Roaming\TP
[2012/11/06 14:28:17 | 000,000,000 | ---D | M] -- C:\Users\MCKENNA\AppData\Roaming\Windows Live Writer

========== Purity Check ==========



< End of report >
  • 0

#8
Essexboy
Posted 30 November 2012 - 09:06 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Looks good, what problems are outstanding ?
  • 0

#9
Essexboy
Posted 03 December 2012 - 02:29 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP