Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Every Click Brings Up a new Ad!


  • Please log in to reply

#1
flyboy1565

flyboy1565

    Member

  • Member
  • PipPipPip
  • 403 posts
## i know this is a second topic but this my gmas, she is click happy


OTL logfile created on: 1/1/2014 7:02:19 PM - Run 5
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Sherrill\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.48 Gb Total Physical Memory | 1.67 Gb Available Physical Memory | 48.05% Memory free
6.95 Gb Paging File | 4.72 Gb Available in Paging File | 67.87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 441.65 Gb Total Space | 322.86 Gb Free Space | 73.10% Space Free | Partition Type: NTFS
Drive D: | 19.95 Gb Total Space | 2.16 Gb Free Space | 10.83% Space Free | Partition Type: NTFS
Drive E: | 3.96 Gb Total Space | 1.08 Gb Free Space | 27.23% Space Free | Partition Type: FAT32

Computer Name: SHERRILL-HP | User Name: Sherrill | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Modules (No Company Name) ==========

MOD - [2013/10/31 14:59:27 | 018,109,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\60608b811724b2711cb96817043c4dd8\System.ServiceModel.ni.dll
MOD - [2013/10/31 14:56:59 | 000,189,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Inpu#\17e7f8ef847e92778b1bdd3886c268c9\System.Windows.Input.Manipulations.ni.dll
MOD - [2013/10/31 14:56:40 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\46863d4abf7db3e009962abc8710c945\System.Runtime.Remoting.ni.dll
MOD - [2013/10/31 14:56:38 | 001,021,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\10ef07233e429503b5bc942aa6194fe8\System.Runtime.DurableInstancing.ni.dll
MOD - [2013/10/31 14:56:36 | 002,659,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\10519c5a16fab95707f40b55941647b5\System.Runtime.Serialization.ni.dll
MOD - [2013/10/31 14:56:33 | 000,393,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\f58dc6b661c4fb91c68945da9b701135\System.Xml.Linq.ni.dll
MOD - [2013/10/28 18:42:20 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll
MOD - [2013/10/28 18:41:16 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll
MOD - [2013/10/15 10:56:23 | 018,003,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\464a76a3fdc9ee7456cb4baaea3e503a\PresentationFramework.ni.dll
MOD - [2013/10/15 10:56:05 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b5b66869081b909d238fdea083cf3179\PresentationCore.ni.dll
MOD - [2013/10/15 10:56:00 | 013,199,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\e40d894a772b2cff5ffd5a84ef20d2d4\System.Windows.Forms.ni.dll
MOD - [2013/10/15 10:55:56 | 007,070,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\dac1208781fdd0b960afc12efff42944\System.Core.ni.dll
MOD - [2013/10/15 10:55:50 | 003,858,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\0b37b2bafc33ef52282b9d7b217cabaf\WindowsBase.ni.dll
MOD - [2013/10/15 10:55:47 | 001,014,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\71d887ce964fb69b7f03c4fe7a3f28ff\System.Configuration.ni.dll
MOD - [2013/10/03 16:15:57 | 000,099,408 | ---- | M] () -- C:\Program Files (x86)\Desk 365\mbdet.dll
MOD - [2013/10/03 16:15:57 | 000,073,296 | ---- | M] () -- C:\Program Files (x86)\Desk 365\libpopdlg.dll
MOD - [2013/10/03 16:15:56 | 000,181,840 | ---- | M] () -- C:\Program Files (x86)\Desk 365\libpng.dll
MOD - [2013/10/03 16:15:56 | 000,146,512 | ---- | M] () -- C:\Program Files (x86)\Desk 365\enotify.dll
MOD - [2013/10/03 16:15:54 | 000,232,016 | ---- | M] () -- C:\Program Files (x86)\Desk 365\edeskcmn.dll
MOD - [2013/10/03 14:03:34 | 002,869,720 | ---- | M] () -- c:\Program Files (x86)\Optimizer Pro\OptProCrash.dll
MOD - [2013/09/05 15:35:17 | 000,096,768 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\4b2e892995b8cdefb1e2cddb96f32736\UIAutomationProvider.ni.dll
MOD - [2013/09/05 15:34:44 | 000,143,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\af7d7a2e47e0ac57b4f0fe5e0c1cda9a\SMDiagnostics.ni.dll
MOD - [2013/09/05 13:55:11 | 001,801,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\4d277a8481c203a35c58bd277a2e71df\System.Xaml.ni.dll
MOD - [2013/09/05 13:07:54 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9a1bc983c28c695729b3e46acdc6933e\System.Management.ni.dll
MOD - [2013/08/26 09:03:11 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\764054efc88f51b54c8d7e44df26b671\System.Data.ni.dll
MOD - [2013/08/26 09:02:10 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
MOD - [2013/08/26 09:01:38 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
MOD - [2013/08/26 09:01:31 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
MOD - [2013/08/23 18:10:37 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\228b114c79c5d9024bdb4cc580e32c09\PresentationFramework.Aero.ni.dll
MOD - [2013/08/23 18:10:25 | 005,628,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\884bcbd22130ebeb1211bc7bcc3910c9\System.Xml.ni.dll
MOD - [2013/08/23 18:10:23 | 001,667,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\3a3fc0216674bdea0be809b305517c98\System.Drawing.ni.dll
MOD - [2013/08/23 18:10:19 | 009,099,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\de853615c8224ba5d9aa9b76276c6d98\System.ni.dll
MOD - [2013/07/27 13:33:32 | 000,196,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\cb5671235362c8e17b1a1f0b67bfc8d9\UIAutomationTypes.ni.dll
MOD - [2013/07/12 14:11:00 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013/07/10 19:16:05 | 014,416,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\cf58670896c5313b9b52f026f4455a5d\mscorlib.ni.dll
MOD - [2013/07/08 21:02:42 | 000,348,384 | ---- | M] () -- C:\Users\Sherrill\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsApp.exe
MOD - [2010/11/20 19:24:08 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/12/05 11:12:25 | 000,115,232 | ---- | M] (Webroot) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WRkrn.sys -- (WRkrn)
DRV:64bit: - [2013/09/27 09:53:06 | 000,134,944 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2013/06/26 18:21:50 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2013/06/26 18:21:48 | 000,028,840 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2013/06/26 18:21:46 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2013/06/26 18:21:44 | 000,767,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2012/06/12 20:27:22 | 000,878,184 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192ce.sys -- (RTL8192Ce)
DRV:64bit: - [2012/02/29 22:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/10/14 21:45:36 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/10/14 21:45:36 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/09/28 18:52:48 | 010,210,304 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/09/28 17:34:54 | 000,317,952 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/08/18 04:44:46 | 000,053,376 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2011/06/17 03:08:26 | 000,040,064 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2011/06/17 03:08:24 | 000,079,488 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2011/06/09 18:19:54 | 001,451,056 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/05/30 16:03:34 | 000,338,536 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2011/05/27 11:06:16 | 000,528,384 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2011/03/30 14:46:46 | 000,114,704 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011/01/26 21:35:26 | 000,425,064 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/11/20 19:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 19:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/20 19:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 19:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/07/28 09:13:50 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010/02/18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009/07/13 17:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 17:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 17:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 16:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 16:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/10 13:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 13:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 13:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 12:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 12:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/06/10 12:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 12:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 12:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 12:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2012/08/02 14:57:30 | 000,056,136 | ---- | M] (Exent Technologies Ltd.) [Kernel | Auto | Running] -- C:\Program Files (x86)\Free Ride Games\X5XSEx_Pr143.sys -- (X5XSEx_Pr143)
DRV - [2009/07/13 17:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Files/Folders - Created Within 30 Days ==========

[2013/12/19 12:15:55 | 000,000,000 | ---D | C] -- C:\Users\Sherrill\AppData\Roaming\Cartwheel
[2013/12/19 12:15:44 | 000,000,000 | ---D | C] -- C:\Users\Sherrill\AppData\Roaming\Cartwheel Qwiklinx Combo Installer
[2013/12/19 12:15:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Software Updater
[2013/12/19 11:43:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Meridian93
[2013/12/19 11:41:44 | 000,000,000 | ---D | C] -- C:\Users\Sherrill\AppData\Roaming\Meridian93
[2013/12/19 11:40:27 | 000,000,000 | ---D | C] -- C:\Users\Sherrill\AppData\Local\SearchProtect
[2013/12/17 06:31:37 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2013/12/17 06:31:35 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/12/17 06:31:35 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/12/17 06:31:34 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/12/17 06:31:34 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/12/17 06:31:34 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/12/17 06:31:34 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/12/17 06:31:33 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2013/12/17 06:31:33 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2013/12/17 06:31:32 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013/12/17 06:31:32 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2013/12/17 06:31:32 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2013/12/17 06:31:31 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013/12/17 06:31:28 | 001,995,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/12/17 06:31:28 | 001,928,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/12/17 06:31:24 | 005,769,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/12/13 19:35:20 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2013/12/13 19:35:19 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2013/12/13 19:35:19 | 011,410,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2013/12/13 19:35:17 | 014,631,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2013/12/13 19:34:27 | 000,028,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEUDINIT.EXE
[2013/12/13 19:30:55 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013/12/13 19:30:55 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013/12/13 19:30:50 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll
[2013/12/13 19:30:50 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013/12/13 19:30:50 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013/12/13 19:30:50 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/12/13 19:30:49 | 001,051,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013/12/13 19:30:49 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013/12/13 19:30:49 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013/12/13 19:30:49 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/12/13 19:30:49 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013/12/13 19:30:49 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013/12/13 19:30:49 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013/12/13 19:30:49 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/12/13 19:30:49 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013/12/13 19:30:49 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013/12/13 19:30:49 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/12/13 19:30:49 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2013/12/13 19:30:49 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/12/13 19:30:49 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013/12/13 19:30:48 | 000,610,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/12/13 19:30:48 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013/12/13 19:30:48 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013/12/13 19:30:48 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/12/13 19:30:48 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013/12/13 19:30:48 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/12/13 19:30:48 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013/12/13 19:30:48 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2013/12/13 19:30:48 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013/12/13 19:30:48 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2013/12/13 19:30:48 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013/12/13 19:30:48 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013/12/13 19:30:47 | 000,942,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll
[2013/12/13 19:30:47 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013/12/13 19:30:47 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/12/13 19:30:46 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013/12/13 19:30:46 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013/12/13 19:30:46 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013/12/13 19:30:46 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013/12/13 19:30:46 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013/12/13 19:30:46 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/12/13 19:30:46 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013/12/13 19:30:46 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013/12/13 19:30:46 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013/12/13 19:30:46 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2013/12/13 19:30:46 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013/12/13 19:30:45 | 001,228,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013/12/13 19:30:45 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/12/13 19:30:45 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013/12/13 19:30:45 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/12/13 19:30:45 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/12/13 19:30:45 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013/12/13 19:30:45 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013/12/13 19:30:45 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013/12/13 19:30:45 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/12/13 19:30:45 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013/12/13 19:30:45 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013/12/13 19:30:44 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/12/13 19:30:44 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013/12/13 19:30:44 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013/12/13 19:30:44 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2013/12/13 19:30:44 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013/12/13 19:30:44 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013/12/13 19:30:44 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013/12/13 14:21:21 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013/12/13 14:21:21 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013/12/13 14:21:19 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msieftp.dll
[2013/12/13 14:21:19 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msieftp.dll
[2013/12/13 14:21:15 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2013/12/13 14:20:40 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys
[2013/12/13 14:20:40 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys
[2013/12/13 14:20:13 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshom.ocx
[2013/12/13 14:20:13 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshom.ocx
[2013/12/13 14:20:12 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrrun.dll
[2013/12/13 14:20:12 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrrun.dll
[2013/12/13 14:20:12 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscript.exe
[2013/12/13 14:20:11 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cscript.exe
[2012/11/15 10:12:03 | 009,842,040 | ---- | C] (Webroot Software, Inc.) -- C:\Program Files (x86)\Common Files\wruninstall.exe

========== Files - Modified Within 30 Days ==========

[2014/01/01 19:03:55 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/01 19:03:55 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/01 18:59:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/01/01 18:52:48 | 000,001,924 | ---- | M] () -- C:\Windows\tasks\SuperLyrics-1-chromeinstaller.job
[2014/01/01 18:52:47 | 000,001,308 | ---- | M] () -- C:\Windows\tasks\SuperLyrics-1-updater.job
[2014/01/01 18:52:47 | 000,001,212 | ---- | M] () -- C:\Windows\tasks\SuperLyrics-1-codedownloader.job
[2014/01/01 18:52:45 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\SuperLyrics-1-enabler.job
[2014/01/01 18:52:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/01 18:52:18 | 2800,803,840 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/01 17:30:22 | 000,000,482 | ---- | M] () -- C:\Windows\tasks\Arcadesafari.job
[2013/12/21 14:36:15 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForSherrill.job
[2013/12/19 12:15:25 | 000,001,116 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SoftwareUpdater.lnk
[2013/12/16 19:40:24 | 000,779,724 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/12/16 19:40:24 | 000,660,770 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/12/16 19:40:24 | 000,121,408 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/12/16 19:32:45 | 000,275,936 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/12/13 19:30:55 | 000,940,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013/12/13 19:30:55 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013/12/13 19:30:50 | 000,645,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll
[2013/12/13 19:30:50 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013/12/13 19:30:50 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013/12/13 19:30:50 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/12/13 19:30:49 | 001,051,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013/12/13 19:30:49 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013/12/13 19:30:49 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013/12/13 19:30:49 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/12/13 19:30:49 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013/12/13 19:30:49 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013/12/13 19:30:49 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013/12/13 19:30:49 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/12/13 19:30:49 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013/12/13 19:30:49 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013/12/13 19:30:49 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/12/13 19:30:49 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2013/12/13 19:30:49 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/12/13 19:30:49 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013/12/13 19:30:49 | 000,016,284 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/12/13 19:30:48 | 000,610,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/12/13 19:30:48 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013/12/13 19:30:48 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013/12/13 19:30:48 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/12/13 19:30:48 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013/12/13 19:30:48 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/12/13 19:30:48 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013/12/13 19:30:48 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2013/12/13 19:30:48 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013/12/13 19:30:48 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2013/12/13 19:30:48 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013/12/13 19:30:48 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013/12/13 19:30:47 | 000,942,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll
[2013/12/13 19:30:47 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013/12/13 19:30:47 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/12/13 19:30:46 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013/12/13 19:30:46 | 000,453,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013/12/13 19:30:46 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013/12/13 19:30:46 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013/12/13 19:30:46 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013/12/13 19:30:46 | 000,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013/12/13 19:30:46 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/12/13 19:30:46 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013/12/13 19:30:46 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013/12/13 19:30:46 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013/12/13 19:30:46 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2013/12/13 19:30:46 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013/12/13 19:30:45 | 001,228,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013/12/13 19:30:45 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/12/13 19:30:45 | 000,548,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/12/13 19:30:45 | 000,235,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/12/13 19:30:45 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013/12/13 19:30:45 | 000,143,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013/12/13 19:30:45 | 000,101,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013/12/13 19:30:45 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/12/13 19:30:45 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013/12/13 19:30:45 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013/12/13 19:30:45 | 000,016,284 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013/12/13 19:30:44 | 000,774,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/12/13 19:30:44 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013/12/13 19:30:44 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013/12/13 19:30:44 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2013/12/13 19:30:44 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013/12/13 19:30:44 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013/12/13 19:30:44 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013/12/13 14:00:58 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/12/13 14:00:58 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/12/13 13:56:38 | 000,000,258 | RHS- | M] () -- C:\Users\Sherrill\ntuser.pol
[2013/12/05 11:12:25 | 000,154,312 | ---- | M] (Webroot) -- C:\Windows\SysWow64\WRusr.dll
[2013/12/05 11:12:25 | 000,115,232 | ---- | M] (Webroot) -- C:\Windows\SysNative\drivers\WRkrn.sys
[2013/12/05 11:12:25 | 000,104,872 | ---- | M] (Webroot) -- C:\Windows\SysNative\WRusr.dll

========== Files Created - No Company Name ==========

[2013/12/13 19:30:49 | 000,016,284 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/12/13 19:30:45 | 000,016,284 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013/11/06 15:42:12 | 000,005,360 | ---- | C] () -- C:\Windows\SysWow64\AdpeakProxy.ini
[2013/11/06 15:32:48 | 000,002,312 | ---- | C] () -- C:\Windows\SysWow64\AdpeakProxyOff.ini
[2013/10/03 16:13:28 | 000,000,258 | RHS- | C] () -- C:\Users\Sherrill\ntuser.pol
[2013/04/01 19:32:01 | 000,000,053 | ---- | C] () -- C:\Users\Sherrill\AppData\Roaming\mbam.context.scan
[2013/02/04 19:30:35 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat
[2012/06/13 19:09:28 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini

========== ZeroAccess Check ==========

[2009/07/13 20:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 18:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 17:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 17:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 19:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 17:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Alternate Data Streams ==========

@Alternate Data Stream - 388 bytes -> C:\ProgramData\Temp:390B30B4
@Alternate Data Stream - 189 bytes -> C:\ProgramData\Temp:B8791731
@Alternate Data Stream - 185 bytes -> C:\ProgramData\Temp:F9689B72
@Alternate Data Stream - 166 bytes -> C:\ProgramData\Temp:4B6A9FDA
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:D346F792

< End of report >


OTL Extras logfile created on: 1/1/2014 7:02:19 PM - Run 5
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Sherrill\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.48 Gb Total Physical Memory | 1.67 Gb Available Physical Memory | 48.05% Memory free
6.95 Gb Paging File | 4.72 Gb Available in Paging File | 67.87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 441.65 Gb Total Space | 322.86 Gb Free Space | 73.10% Space Free | Partition Type: NTFS
Drive D: | 19.95 Gb Total Space | 2.16 Gb Free Space | 10.83% Space Free | Partition Type: NTFS
Drive E: | 3.96 Gb Total Space | 1.08 Gb Free Space | 27.23% Space Free | Partition Type: FAT32

Computer Name: SHERRILL-HP | User Name: Sherrill | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = internetshortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- C:\Program Files\Hewlett-Packard\HP Application Assistant\HPAA.exe %1 (Hewlett Packard Company)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- C:\Program Files\Hewlett-Packard\HP Application Assistant\HPAA.exe %1 (Hewlett Packard Company)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"FirewallOverride" = 0
"AntivirusOverride" = 0
"UacDisableNotify" = 0
"AntiSpywareDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0E1B1D6E-9BD3-4FB7-A8D9-7F0282566ADE}" = lport=445 | protocol=6 | dir=in | app=system |
"{1DAE7564-DDA5-40CA-A182-14A6057A0497}" = rport=10243 | protocol=6 | dir=out | app=system |
"{1DB24CE8-E50D-470F-BA2A-67CE48F604CC}" = lport=137 | protocol=17 | dir=in | app=system |
"{407A9F60-62E7-4419-BC37-D17860B2FF03}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4A3D5940-A4D7-4B9F-B2BE-A684A6AC61D9}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4C5C12D8-5738-4B84-A261-D4546C70ABA2}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{4F23537F-176B-4D1C-A68A-83F4DBE92A7F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{526BEB68-795D-4B35-AF51-FBD2D00FF415}" = lport=139 | protocol=6 | dir=in | app=system |
"{593093FA-3CD6-47A7-9C59-3AA77119A083}" = lport=10243 | protocol=6 | dir=in | app=system |
"{746A0CEF-1A4F-4177-AFB6-FD72A8188952}" = lport=2869 | protocol=6 | dir=in | app=system |
"{81EBFF29-A615-4622-9F75-F5B0D0D205D4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8A68B49D-EF76-4F97-934C-C5795BF6A5C1}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8FC5D0E3-2A5B-4A56-ADA3-7C7DEE5B4139}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9BFF2891-911F-46C2-982F-8553A9A2302D}" = rport=445 | protocol=6 | dir=out | app=system |
"{9C152CDE-5413-4B4C-B8EE-ECB3A0656758}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{9FAE7712-724A-4A59-8CFD-27508153D4CF}" = lport=138 | protocol=17 | dir=in | app=system |
"{BAFBB10E-880B-4806-AE10-9BB04FE60A85}" = rport=138 | protocol=17 | dir=out | app=system |
"{BD842E93-0640-4F95-A1D3-67D5E9834202}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C36C1BC0-8481-47DE-933E-C73A6E6C05A9}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D2DFD080-41CA-4129-B1E5-78118F14F16A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D6C5555B-4F2F-4419-93BA-CD63F7D68170}" = rport=139 | protocol=6 | dir=out | app=system |
"{D9C84C76-AC43-498C-A3C3-7616CA7242FC}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{E2D33BCC-D59F-467C-A460-42B405850544}" = rport=137 | protocol=17 | dir=out | app=system |
"{E6672E67-5D73-4760-9703-D1E63332CD81}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F4C45D93-47F6-4784-AD4A-2F5315A73D90}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F77CFD0A-A9B6-4448-B8A1-7FA5479E4D7B}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02E74210-E1A6-487C-8417-188D59D9BF32}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe |
"{06C33540-2F66-4F70-8EBA-49BD9B136527}" = protocol=6 | dir=in | app=c:\users\sherrill\appdata\local\crossloop\tvnserver.exe |
"{111B79AA-B511-4655-B3BB-03F1627F8A1D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{132B8C5F-EC48-41A8-9BEA-D217EE0FF05E}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2178671D-8834-432A-A006-3CEB79AA9262}" = protocol=1 | dir=out | [email protected],-28544 |
"{24BA6BBD-F7AE-468E-91A2-D593CCFAD98C}" = protocol=58 | dir=out | [email protected],-28546 |
"{2AC5F636-C845-4460-8EA3-6694DA2210D0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{307E7DC6-3FE4-4787-884E-55A29CBF151F}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\indivdrm.exe |
"{5266BABE-891A-4439-ACF6-495A6C0E578A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{53CB7EE7-0387-4FAD-82AA-86639D27EF41}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{6747330C-7085-412F-86A0-0292C1F01614}" = protocol=6 | dir=out | app=system |
"{67A536F3-F1E6-4BFD-8AE6-E697F4F08A37}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{67B81028-C0E9-408A-A2C6-3D2D9AE71BE0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{72D11655-39F0-4D69-A19D-54B0DDF75587}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\indivdrm.exe |
"{7988778C-60AB-474D-967B-017FF3174204}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{7E9D770F-7CAE-482B-9A02-DEA33587BA7F}" = protocol=6 | dir=in | app=c:\programdata\esafe\egdpsvc.exe |
"{80AD3358-0D06-42B6-A610-F9B042139F19}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe |
"{83AB4232-AC69-4B41-9808-93C96C74A9A3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{88693430-D199-413A-9F3A-2C2127C00F71}" = protocol=17 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{967198CE-FB62-4A0B-98C5-1FF61066B80A}" = dir=in | app=c:\program files\hp\hp officejet 6600\bin\devicesetup.exe |
"{9C46A236-B749-45C9-9B48-CEEEE629BBC7}" = protocol=6 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{A3358E30-E090-4067-A117-A450147788A9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A77EFCED-0305-4918-BCA9-210D5FF372E1}" = protocol=6 | dir=in | app=c:\users\sherrill\appdata\local\crossloop\vncviewer.exe |
"{A9FDA4AF-D60A-4DF9-90BE-9E4A1843364F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AF66DDF2-FA61-4016-BBA7-9F7FDEFA8165}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{B47C2FD1-D357-4DAB-8BA7-753809179689}" = protocol=17 | dir=in | app=c:\users\sherrill\appdata\local\crossloop\tvnserver.exe |
"{B5CBF9C2-E416-4176-8A02-6CFF7C91C1F6}" = protocol=17 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{B61154C9-33C7-4457-9F18-52D2C8D67671}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B8E6D5B6-8FCB-41CC-BCC6-AD3ABA306069}" = protocol=58 | dir=in | [email protected],-28545 |
"{C6FAFDE1-990C-454E-A81B-B0FD0B261503}" = protocol=6 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{C72E5DB7-D47C-49E5-9FA6-919857544D08}" = dir=in | app=c:\program files\hp\hp officejet 6600\bin\hpnetworkcommunicator.exe |
"{CD147B07-488A-4490-AE77-80D60B55FE11}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D37322CE-74DD-46D2-A71E-782F2C83E146}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{D6AB902E-BD79-45DC-896B-E6E2D81C364C}" = protocol=17 | dir=in | app=c:\users\sherrill\appdata\local\crossloop\vncviewer.exe |
"{D6C6D8CA-91E5-4B3E-8879-A6D2DD078EF1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DA554770-690C-4F1F-8DC3-8986836EC849}" = dir=in | app=c:\program files (x86)\hewlett-packard\hp support framework\resources\hpwarrantycheck\hpwarrantychecker.exe |
"{DF044ABE-8E76-4C1D-AAA3-9653D109C756}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E3FF6352-1AC8-4398-83CE-1A93D3AA33E0}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe |
"{E9F93F2F-668B-4EDF-9044-970865D9FE1D}" = protocol=1 | dir=in | [email protected],-28543 |
"{EEB35DCF-F8EC-4ADF-AC93-6DF48813EFA5}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\rnow.exe |
"{F1B7610E-08C8-4BC8-84AD-FFC68756F235}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F463F9A5-14B5-4963-AD62-E106671621B5}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\rnow.exe |
"{F61E4E2D-100C-4FE4-A1F5-AB3D4D82A244}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe |
"TCP Query User{B9744B5B-C06C-49B9-B1BA-14E09BBD900A}C:\users\sherrill\appdata\local\crossloop\crossloopconnect.exe" = protocol=6 | dir=in | app=c:\users\sherrill\appdata\local\crossloop\crossloopconnect.exe |
"UDP Query User{7662AF71-9B57-4549-AD2E-2D7EBB0EBCE2}C:\users\sherrill\appdata\local\crossloop\crossloopconnect.exe" = protocol=17 | dir=in | app=c:\users\sherrill\appdata\local\crossloop\crossloopconnect.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{019E79B5-67B4-4780-8D0C-836C607F19BA}" = HP Officejet 6600 Product Improvement Study
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{0CE7EBAF-157D-4111-9146-057CB2A4023E}" = HP Application Assistant
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}" = HP Client Services
"{2FD3DC87-EC8D-78D2-1D3A-F4D6E7531BAF}" = AMD Fuel
"{45726347-6D97-4613-9F89-A9635ACBD34D}" = AMD Media Foundation Decoders
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5A847522-375C-4D05-BD3D-88C450CC047F}" = HP Launch Box
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6E810AB6-F34E-49A3-A93F-9E503660F718}" = ScorpionSaver Services
"{6ECDAC2F-12C1-E49B-448E-6002368967E0}" = AMD Steady Video Plug-In
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ACD449FA-9DF3-779D-DA68-11D486963225}" = AMD Catalyst Install Manager
"{AEC699FC-F916-46A0-B15E-70EF1534AE93}" = HP Officejet 6600 Basic Device Software
"{BF92729B-1505-55D8-DAD4-4727CDB02FF6}" = ccc-utility64
"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E102B843-786A-4F58-AF75-6504570E207B}" = Microsoft Security Client
"{ED6CD3AC-616B-4B20-BCF3-6E637B92A5AD}" = HP Security Assistant
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"ARO 2012_is1" = ARO 2012
"LinkSwift" = LinkSwift 3.0.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"MyPC Backup" = MyPC Backup
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{0535D679-6FFB-2CAB-F7FF-7B05D6D6CAB5}" = CCC Help Chinese Standard
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0CC04407-93DB-438C-B99F-FA1BF2D50472}" = Ancient Mysteries
"{120262A6-7A4B-4889-AE85-F5E5688D3683}" = HP MovieStore
"{15A160C8-124E-481F-BBBB-66218A95F6E1}" = Ancient Mysteries
"{16F1B95A-F813-7600-EFA5-A97CB11222BC}" = CCC Help French
"{17A5CB1F-712A-41D2-FBBB-4A881EBA9B17}" = CCC Help Polish
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20DBF540-DF10-0A5C-7443-F139A84CC1F5}" = CCC Help Dutch
"{21CC6030-B1EA-3E53-DF36-38054A1596B4}" = CCC Help Turkish
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{29819186-C15B-D50E-AB2E-8C24E2619273}" = CCC Help Portuguese
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2B7BDADB-EC8C-4C54-B5DD-CE45A016D3A7}" = Free Ride Games Player
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{314F8264-25FB-C833-1017-3A0E0846112C}" = CCC Help Hungarian
"{3167966F-9811-30EF-6093-B7B95E2F19B7}" = Catalyst Control Center Graphics Previews Common
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{346DAD45-38D4-B63C-C372-1E2BC136DE69}" = CCC Help Finnish
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3677D4D8-E5E0-49FC-B86E-06541CF00BBE}" = opensource
"{3A83B36C-17B9-4832-445A-7A9DF377BB12}" = CCC Help Swedish
"{41534932-2D56-3600-76A7-A758B70C0700}" = Ask Toolbar
"{415FA9AD-DA10-4ABE-97B6-5051D4795C90}" = HP FWUpdateEDO2
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{53B17A98-5BF0-40BC-AAFF-850A357975AC}" = HP Quick Launch
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{58A2F6F8-6009-CC35-2A83-DB5F922003DE}" = CCC Help Czech
"{5E21F3A1-9E84-DC22-1C62-0DB056EC7344}" = CCC Help Japanese
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{63E29D1A-D6B5-4295-BFAC-967606232411}_is1" = Cartwheel Shopping
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{675D093B-815D-47FD-AB2C-192EC751E8E2}" = HP Software Framework
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6EFD0C42-4CC1-4716-A0CA-21C1A062CF34}" = AMD System Monitor
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.1.1
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{741006D1-7B2B-4E33-B2B0-831F282EEF64}" = Blio
"{81C9D048-B677-3CDD-7E20-3AF8DBFC4A0A}" = Catalyst Control Center Localization All
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{8542CAE2-386D-41E6-BCE1-68E803DE2AE2}_is1" = Cartwheel Qwiklink Combo Installer
"{870163D1-4D3A-198C-5414-889F1F4347AE}" = CCC Help Korean
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{9008D736-35CA-40DB-A2BE-5F32D954E5AA}" = HP MovieStore
"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93335AAC-9F8B-54DF-7DB5-2C98D0DC2111}" = CCC Help Chinese Traditional
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{97486FBE-A3FC-4783-8D55-EA37E9D171CC}" = HP Update
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B65F9A3-9D24-452A-B6EF-1457D65E4259}" = ScorpionSaver
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D3D8C60-A55F-4123-B2B9-173F09590E16}" = REALTEK Wireless LAN Driver
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FA13759-5C2B-4177-9DDC-0038F8B5BEFD}" = Bing Bar
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.7) MUI
"{AD0AAA4D-9A81-8B10-EB28-3C1372987DE7}" = CCC Help Italian
"{AE856388-AFAD-4753-81DF-D96B19D0A17C}" = HP Setup Manager
"{B0C56FD7-493D-44DD-B007-BBB5117D6E6F}_is1" = PC Power Speed 1.0.0.27
"{B4F17D6A-12A3-5403-6050-32A5B4A31F31}" = Catalyst Control Center InstallProxy
"{BB4FC2AD-DF12-4EE1-8AA7-2C0A26B5E2FB}" = HP QuickWeb
"{BC6CB499-9F29-4B41-8B8B-FA7248525256}" = HP Documentation
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C55C2A19-BAD2-287A-1D7A-9D5FF5FD526E}" = AMD VISION Engine Control Center
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C818BA3A-226F-4ED0-9CEF-96A0DF300211}" = HP Officejet 6600 Help
"{CA6BCA2F-EDEB-408F-850B-31404BE16A61}" = I.R.I.S. OCR
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D46914D5-CA39-1A40-3CEC-9368E9C28568}" = CCC Help Greek
"{D8BCE5B9-67CF-4F3F-93AE-3ACC754C72EB}" = HP Power Manager
"{DBCD5E64-7379-4648-9444-8A6558DCB614}" = HP Recovery Manager
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DEA477E5-F916-973D-E1AB-3CDC735FDB58}" = CCC Help Norwegian
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E96CAA2A-0244-4A2A-8403-0C3C9534778B}" = ESU for Microsoft Windows 7 SP1
"{EA0E4DD2-7CD7-9583-0BE6-AFF3DF09E3E4}" = CCC Help Thai
"{ED1BD69A-07E3-418C-91F1-D856582581BF}" = HP On Screen Display
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE202411-2C26-49E8-9784-1BC1DBF7DE96}" = HP Support Assistant
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0A76517-2D1D-8DE3-F3B7-121B6A1990E8}" = CCC Help English
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C8BC0A-B0E7-4F39-848C-C5B06021B702}" = Hidden Mysteries - White House
"{F30403FF-0146-4633-AAC5-D5CD5C50AE70}" = Catalyst Control Center - Branding
"{F35C5FE9-57EC-9936-5738-D7EB3EA73B28}" = CCC Help Spanish
"{F4708461-A1E0-0657-1FC6-FACFEEA55CBE}" = CCC Help Russian
"{F4EB5AE1-0065-0752-FF11-1E45ABCD443A}" = CCC Help Danish
"{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}" = HP Setup
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote v. 4.2.3
"{FC2150C5-A1AF-6238-9632-E5BB8739C0BC}" = CCC Help German
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"111177437" = Mahjong Match
"A_Free_Ride_Games_Bar Toolbar" = A Free Ride Games Bar Toolbar
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Amanda Rose: The Game of Time" = Amanda Rose: The Game of Time
"Annabel" = Annabel
"Azteca" = Azteca
"BFG-Azada - In Libro" = Azada: In Libro
"BFGC" = Big Fish Games: Game Manager
"BFG-Found - A Hidden Object Adventure - Free to Play" = Found: A Hidden Object Adventure - Free to Play
"BFG-Hidden Expedition - The Uncharted Islands" = Hidden Expedition: The Uncharted Islands
"Call of Atlantis" = Call of Atlantis
"Caribbean Explorer_is1" = Caribbean Explorer 1.0.0.9
"CrossLoop_is1" = CrossLoop 2.82
"DefaultTab" = DefaultTab
"Desk 365" = Desk 365
"DMUninstaller" = DMUninstaller
"Elven Mists 2" = Elven Mists 2
"Empress of the Deep" = Empress of the Deep
"Enchanted Cavern" = Enchanted Cavern
"Escape The Emerald Star" = Escape The Emerald Star
"Farm Frenzy – Pizza Party!" = Farm Frenzy – Pizza Party!
"Farm Frenzy 3: Madagascar" = Farm Frenzy 3: Madagascar
"Hamlet" = Hamlet
"Happyville" = Happyville
"Hawaiian Explorer Pearl Harbor_is1" = Hawaiian Explorer Pearl Harbor 1.0.0.30
"Hidden Mysteries Buckingham Palace" = Hidden Mysteries Buckingham Palace
"Hidden Mysteries Civil War" = Hidden Mysteries Civil War
"Hidden Mysteries Forbidden City" = Hidden Mysteries Forbidden City
"Hidden Mysteries Notre Dame" = Hidden Mysteries Notre Dame
"Hollywood - The Director's Cut" = Hollywood - The Director's Cut
"HP Photo Creations" = HP Photo Creations
"IECT3294791" = Vafmusic2 Toolbar for IE
"IECT3310511" = SweetPacks Toolbar for IE
"Insider Tales – The stolen Venus" = Insider Tales – The stolen Venus
"Insider Tales: Missing in Rome" = Insider Tales: Missing in Rome
"Insider Tales: The Secret of Casanova" = Insider Tales: The Secret of Casanova
"Insider Tales: The Stolen Venus 2" = Insider Tales: The Stolen Venus 2
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"Joan Jade and the Gates of Xibalba" = Joan Jade and the Gates of Xibalba
"Legends_0" = Legends Platinum 10-Pack
"Legends_1" = Legends 2 Hidden Relics
"LiveSupport_is1" = LiveSupport
"Lost Secrets Bermuda Triangle" = Lost Secrets Bermuda Triangle
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.1.1000
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"Optimizer Pro_is1" = Optimizer Pro v3.2
"PC Health Kit_is1" = PC Health Kit v3.2
"Scepter of Ra" = Scepter of Ra
"SearchProtect" = Search Protect by conduit
"Software Updater_is1" = Software Updater version 1.8.3
"Soul Journey" = Soul Journey
"SuperLyrics-1" = SuperLyrics-1
"The Treasures Of Mystery Island" = The Treasures Of Mystery Island
"The Treasures of Mystery Island: The Gates of Fate" = The Treasures of Mystery Island: The Gates of Fate
"The Treasures of Mystery Island: The Ghost Ship" = The Treasures of Mystery Island: The Ghost Ship
"The Weather Channel App" = The Weather Channel App
"The Weather Channel Desktop 6" = The Weather Channel Desktop 6
"Tulula: Legend of a Volcano" = Tulula: Legend of a Volcano
"VideoPlayer" = VideoPlayer v2.0.6
"VIVAGplayer" = VIVA MEDIA GAME CENTER
"Wajam" = Wajam
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"WNLT" = IB Updater Service
"WRUNINST" = Webroot SecureAnywhere
"WTA-02fce626-93e7-4747-a0d0-b30296ab8875" = Farmscapes
"WTA-046f3adb-3dd0-4de3-b6b7-43960c73e224" = Mah Jong Medley
"WTA-103094ea-8277-404e-8c2b-4e24afa38b93" = The Treasures of Mystery Island: The Ghost Ship
"WTA-19306e08-d307-4336-b431-2baf7083d0b7" = Penguins!
"WTA-2391bce9-41a7-484c-bf41-5a83231b30de" = Cradle of Rome 2
"WTA-2b6ee581-d6b1-4461-9672-7eeb4e9bcb10" = Letters from Nowhere 2
"WTA-32327094-68e9-46a5-b6f9-1eacbb5c75ec" = FATE
"WTA-50db1726-7109-4fdc-9134-20e67de4deb9" = Zuma's Revenge
"WTA-515f2f6f-fc8d-42ea-960a-02b6cc015e9b" = Hoyle Card Games
"WTA-5793ec2b-bcde-4f4e-bdf7-915b121ef8e2" = Polar Golfer
"WTA-5932db8c-721d-4ed1-bc18-f83c89038bf6" = Virtual Villagers 4 - The Tree of Life
"WTA-6a967852-271e-44f8-9ed5-7f3d3c620d71" = Dora's World Adventure
"WTA-6d03cad0-6474-40e7-8cb1-d58d6adf74b9" = Poker Superstars III
"WTA-6ec6e4b6-246a-42da-88c2-656f2c7f6364" = Torchlight
"WTA-77c48557-07e6-4dbb-a09a-d66940a5fdc2" = Jewel Quest Mysteries: The Seventh Gate Collector's Edition
"WTA-7c2d1a8f-6cd1-41e4-8faa-8ca8ad160af4" = Blackhawk Striker 2
"WTA-86d03529-f28e-4b6e-a0c3-7580c7e03f89" = Final Drive Fury
"WTA-8ba63097-2a65-49b5-9d4d-16aa16cccad5" = Jewel Match 3
"WTA-950cecea-ea88-40cf-90e8-3e80fb37184c" = Luxor HD
"WTA-a7f4fd25-c854-4040-9c39-a0ac6ee48349" = Bejeweled 3
"WTA-b7f704b7-ffac-4f78-aeb4-1f8f04fe8654" = Plants vs. Zombies - Game of the Year
"WTA-db14a1bf-a766-4036-bcbc-98f8efc7f96d" = Chuzzle Deluxe
"WTA-edb6ee1b-e268-49fa-b316-b2516982da2a" = Farm Frenzy
"WTA-efaa8289-94dc-4a53-a745-a383ed68d707" = Polar Bowler
"WTA-f6247d29-5448-4cdf-a2a5-05896a97f02e" = RollerCoaster Tycoon 3: Platinum
"WTA-f9b839b1-a021-44ae-be54-e58818a534d2" = John Deere Drive Green
"Yahoo! Companion" = Yahoo! Toolbar

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{6A2EF989-A524-48bf-985F-9D076B334980}" = ArcadeCandy
"{AA01668E-5FA3-4B8D-9AB4-0D3480513000}" = PlayFizz
"Arcadesafari" = Arcadesafari
"PlayPickle" = Play Pickle Games Console
"Severe Weather Alerts" = Severe Weather Alerts
"Word Layers" = Word Layers

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 6/8/2013 4:23:11 PM | Computer Name = Sherrill-HP | Source = WinMgmt | ID = 10
Description =

Error - 6/8/2013 9:28:36 PM | Computer Name = Sherrill-HP | Source = WinMgmt | ID = 10
Description =

Error - 6/10/2013 1:53:46 PM | Computer Name = Sherrill-HP | Source = WinMgmt | ID = 10
Description =

Error - 6/10/2013 11:21:26 PM | Computer Name = Sherrill-HP | Source = WinMgmt | ID = 10
Description =

Error - 6/11/2013 7:48:40 PM | Computer Name = Sherrill-HP | Source = WinMgmt | ID = 10
Description =

Error - 6/12/2013 12:13:14 PM | Computer Name = Sherrill-HP | Source = WinMgmt | ID = 10
Description =

Error - 6/13/2013 5:15:34 PM | Computer Name = Sherrill-HP | Source = WinMgmt | ID = 10
Description =

Error - 6/13/2013 9:40:42 PM | Computer Name = Sherrill-HP | Source = WinMgmt | ID = 10
Description =

Error - 6/14/2013 1:24:48 PM | Computer Name = Sherrill-HP | Source = WinMgmt | ID = 10
Description =

Error - 6/16/2013 8:09:24 PM | Computer Name = Sherrill-HP | Source = WinMgmt | ID = 10
Description =

Error - 6/17/2013 12:13:33 PM | Computer Name = Sherrill-HP | Source = WinMgmt | ID = 10
Description =

Error - 6/17/2013 12:14:07 PM | Computer Name = Sherrill-HP | Source = Application Error | ID = 1000
Description = Faulting application name: ARO.exe, version: 8.0.12.0, time stamp:
0x4ff56973 Faulting module name: ARO.exe, version: 8.0.12.0, time stamp: 0x4ff56973
Exception
code: 0xc0000005 Fault offset: 0x0001ffaa Faulting process id: 0xe38 Faulting application
start time: 0x01ce6b75a73e00e8 Faulting application path: C:\Program Files (x86)\ARO
2012\ARO.exe Faulting module path: C:\Program Files (x86)\ARO 2012\ARO.exe Report
Id: ef48aa18-d768-11e2-8099-ec9a745f260f

Error - 6/18/2013 1:33:54 PM | Computer Name = Sherrill-HP | Source = WinMgmt | ID = 10
Description =

Error - 6/19/2013 7:46:56 PM | Computer Name = Sherrill-HP | Source = WinMgmt | ID = 10
Description =

[ Hewlett-Packard Events ]
Error - 9/24/2012 5:48:31 PM | Computer Name = Sherrill-HP | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 3561 Ram Utilization: 50 TargetSite: Void UpdateAndDetect()

Error - 10/1/2012 11:23:50 AM | Computer Name = Sherrill-HP | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 3561 Ram Utilization: 40 TargetSite: Void UpdateAndDetect()

Error - 10/1/2012 5:28:01 PM | Computer Name = Sherrill-HP | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 3561 Ram Utilization: 40 TargetSite: Void UpdateAndDetect()

Error - 10/8/2012 5:30:05 PM | Computer Name = Sherrill-HP | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 3561 Ram Utilization: 40 TargetSite: Void UpdateAndDetect()

Error - 10/15/2012 7:41:35 PM | Computer Name = Sherrill-HP | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 3561 Ram Utilization: 40 TargetSite: Void UpdateAndDetect()

Error - 10/22/2012 5:56:10 PM | Computer Name = Sherrill-HP | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 3561 Ram Utilization: 40 TargetSite: Void UpdateAndDetect()

Error - 10/29/2012 11:53:58 PM | Computer Name = Sherrill-HP | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 3561 Ram Utilization: 40 TargetSite: Void UpdateAndDetect()

Error - 11/1/2012 3:43:31 PM | Computer Name = Sherrill-HP | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 3561 Ram Utilization: 50 TargetSite: Void UpdateAndDetect()

Error - 11/5/2012 8:42:02 PM | Computer Name = Sherrill-HP | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 3561 Ram Utilization: 40 TargetSite: Void UpdateAndDetect()

Error - 11/12/2012 6:33:54 PM | Computer Name = Sherrill-HP | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 3561 Ram Utilization: 40 TargetSite: Void UpdateAndDetect()

[ HP Software Framework Events ]
Error - 10/15/2011 2:35:38 AM | Computer Name = HV0B8AN6B1UMP | Source = CaslWmi | ID = 5
Description = 2011/10/14 23:35:37.977|0000088C|Error |[CaslWmi]CommandPanelBrightness::GetCurrentPanelBrightnessFromOS{hpCasl.enReturnCode(CaslWmi.enPanelBrightnessDataType,ushort&)}|Exception
occurred in querying WMI for WmiMonitorBrightness: 'Not supported '

Error - 10/15/2011 2:35:38 AM | Computer Name = HV0B8AN6B1UMP | Source = CaslWmi | ID = 5
Description = 2011/10/14 23:35:38.632|0000088C|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state

Error - 6/11/2012 1:14:57 AM | Computer Name = Sherrill-HP | Source = CaslWmi | ID = 5
Description = 2012/06/10 22:14:57.107|000002BC|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state

Error - 6/11/2012 1:15:03 AM | Computer Name = Sherrill-HP | Source = CaslSmBios | ID = 5
Description = 2012/06/10 22:15:03.971|000002BC|Error |[CaslWmi]CommandDiags::A{hpCasl.enReturnCode(System.DateTime&)}|Error
attempting to parse year 0, month 0, day 0: Year, Month, and Day parameters describe
an un-representable DateTime.

Error - 6/11/2012 1:15:19 AM | Computer Name = Sherrill-HP | Source = CaslWmi | ID = 5
Description = 2012/06/10 22:15:19.275|000010E8|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state

Error - 6/12/2012 11:00:40 PM | Computer Name = Sherrill-HP | Source = CaslWmi | ID = 5
Description = 2012/06/12 20:00:40.706|000013CC|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state

Error - 6/12/2012 11:02:25 PM | Computer Name = Sherrill-HP | Source = CaslWmi | ID = 5
Description = 2012/06/12 20:02:25.012|000016F4|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state

Error - 6/12/2012 11:02:37 PM | Computer Name = Sherrill-HP | Source = CaslWmi | ID = 5
Description = 2012/06/12 20:02:37.213|000018AC|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state

[ System Events ]
Error - 1/1/2014 10:53:21 PM | Computer Name = Sherrill-HP | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
aCljEsil

Error - 1/1/2014 10:54:21 PM | Computer Name = Sherrill-HP | Source = DCOM | ID = 10016
Description =

Error - 1/1/2014 10:58:42 PM | Computer Name = Sherrill-HP | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.165.387.0 Update Source: %%859 Update Stage:
%%852 Source Path: http://www.microsoft.com Signature Type: %%800 Update Type: %%803

User:
NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10201.0

Error
code: 0x8024402c Error description: An unexpected problem occurred while checking
for updates. For information on installing or troubleshooting updates, see Help
and Support.

Error - 1/1/2014 10:58:46 PM | Computer Name = Sherrill-HP | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.165.387.0 Update Source: %%851 Update Stage:
%%852 Source Path: http://go.microsoft....5D-99752CCA7094

Signature
Type: %%800 Update Type: %%803 User: NT AUTHORITY\NETWORK SERVICE Current Engine Version:
Previous Engine Version: 1.1.10201.0 Error code: 0x80072ee7 Error description: The
server name or address could not be resolved

Error - 1/1/2014 10:58:46 PM | Computer Name = Sherrill-HP | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.165.387.0 Update Source: %%851 Update Stage:
%%852 Source Path: http://go.microsoft....5D-99752CCA7094

Signature
Type: %%801 Update Type: %%803 User: NT AUTHORITY\NETWORK SERVICE Current Engine Version:
Previous Engine Version: 1.1.10201.0 Error code: 0x80072ee7 Error description: The
server name or address could not be resolved

Error - 1/1/2014 10:58:46 PM | Computer Name = Sherrill-HP | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 109.61.0.0 Update Source: %%851 Update Stage:
%%852 Source Path: http://go.microsoft....5D-99752CCA7094

Signature
Type: %%886 Update Type: %%803 User: NT AUTHORITY\NETWORK SERVICE Current Engine Version:
Previous Engine Version: 2.1.10003.0 Error code: 0x80072ee7 Error description: The
server name or address could not be resolved

Error - 1/1/2014 11:02:40 PM | Computer Name = Sherrill-HP | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.165.387.0 Update Source: %%859 Update Stage:
%%852 Source Path: http://www.microsoft.com Signature Type: %%800 Update Type: %%803

User:
NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10201.0

Error
code: 0x8024402c Error description: An unexpected problem occurred while checking
for updates. For information on installing or troubleshooting updates, see Help
and Support.

Error - 1/1/2014 11:02:40 PM | Computer Name = Sherrill-HP | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.165.387.0 Update Source: %%851 Update Stage:
%%852 Source Path: http://go.microsoft....5D-99752CCA7094

Signature
Type: %%800 Update Type: %%803 User: NT AUTHORITY\NETWORK SERVICE Current Engine Version:
Previous Engine Version: 1.1.10201.0 Error code: 0x80072ee7 Error description: The
server name or address could not be resolved

Error - 1/1/2014 11:02:40 PM | Computer Name = Sherrill-HP | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.165.387.0 Update Source: %%851 Update Stage:
%%852 Source Path: http://go.microsoft....5D-99752CCA7094

Signature
Type: %%801 Update Type: %%803 User: NT AUTHORITY\NETWORK SERVICE Current Engine Version:
Previous Engine Version: 1.1.10201.0 Error code: 0x80072ee7 Error description: The
server name or address could not be resolved

Error - 1/1/2014 11:02:40 PM | Computer Name = Sherrill-HP | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 109.61.0.0 Update Source: %%851 Update Stage:
%%852 Source Path: http://go.microsoft....5D-99752CCA7094

Signature
Type: %%886 Update Type: %%803 User: NT AUTHORITY\NETWORK SERVICE Current Engine Version:
Previous Engine Version: 2.1.10003.0 Error code: 0x80072ee7 Error description: The
server name or address could not be resolved


< End of report >
  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,701 posts
  • MVP
Download : ADWCleaner to your desktop. Make sure you get the correct Download button. Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @BleepingComputer

NOTE: If using Internet Explorer and you get an alert that stops the program downloading, click on the warning and allow the download to complete.

Close all programs, pause your anti-virus and run AdwCleaner (Vista or Win 7 => right click and Run As Administrator).

Posted Image

Click on Scan and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.

The report will be saved in the C:\AdwCleaner folder.



Junkware-Removal-Tool

Please download Junkware Removal Tool to your desktop. Make sure you get the correct Download button. Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @Author's site
  • Pause your anti-virus. Close all browsers.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.



Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP