Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Pop Up ads after java update

Started by misstepp , Jun 06 2014 02:03 PM

Please log in to reply

#1
misstepp

Posted 06 June 2014 - 02:03 PM

Member

Member
25 posts

These started a week or so ago and I think the timing was such that it was right when I was prompted to update the Java. No doubt I clicked on something I shouldn't have. I found several programs installed which I uninstalled, but there is obviously malware still there since I am getting the popups. For instance, when I went to my bank's site I received three different popups regarding obtaining my credit score.

OTL logfile created on: 6/6/2014 2:54:14 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Brenda\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17031)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

11.94 Gb Total Physical Memory | 9.33 Gb Available Physical Memory | 78.14% Memory free
12.33 Gb Paging File | 9.46 Gb Available in Paging File | 76.69% Paging File free
Paging file location(s): c:\pagefile.sys 400 4096 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1841.39 Gb Total Space | 1617.63 Gb Free Space | 87.85% Space Free | Partition Type: NTFS
Drive D: | 19.80 Gb Total Space | 2.43 Gb Free Space | 12.28% Space Free | Partition Type: NTFS
Drive F: | 1863.01 Gb Total Space | 777.68 Gb Free Space | 41.74% Space Free | Partition Type: NTFS
Drive L: | 100.00 Mb Total Space | 68.08 Mb Free Space | 68.08% Space Free | Partition Type: NTFS
Drive M: | 931.41 Gb Total Space | 446.15 Gb Free Space | 47.90% Space Free | Partition Type: NTFS
Drive N: | 931.48 Gb Total Space | 569.44 Gb Free Space | 61.13% Space Free | Partition Type: NTFS

Computer Name: STUDYCOMPUTER | User Name: Brenda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/06/06 14:53:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Brenda\Desktop\OTL.exe
PRC - [2014/03/05 08:40:39 | 000,390,616 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2014/03/05 08:40:38 | 000,169,432 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
PRC - [2014/02/25 12:47:28 | 000,612,464 | ---- | M] () -- C:\Users\Brenda\AppData\Local\StormAlerts\StormAlertsApp.exe
PRC - [2013/12/24 10:47:09 | 000,196,096 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\WindowsApps\D50536CD.CitrixReceiver_1.4.0.220_x86__hmf6bx7z76t54\Receiver.exe
PRC - [2013/12/21 01:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/10/01 20:09:06 | 000,928,136 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
PRC - [2013/10/01 20:08:24 | 000,153,992 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
PRC - [2013/10/01 20:08:04 | 000,395,656 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
PRC - [2013/10/01 16:29:04 | 001,505,608 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\Receiver\Receiver.exe
PRC - [2013/08/30 22:18:18 | 000,287,592 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2013/08/30 22:18:16 | 000,015,720 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2013/08/29 19:27:28 | 000,414,496 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013/08/09 14:53:42 | 000,054,152 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe
PRC - [2013/05/20 23:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\ccsvchst.exe
PRC - [2012/12/07 02:12:26 | 000,006,144 | ---- | M] (The Neat Company) -- C:\Program Files (x86)\Neat\exec\NeatStartupService.exe
PRC - [2012/10/05 03:22:59 | 000,505,872 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
PRC - [2012/10/05 03:22:57 | 000,374,560 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
PRC - [2012/10/05 03:22:52 | 000,295,440 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
PRC - [2012/10/05 03:22:49 | 000,078,352 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
PRC - [2012/10/05 03:22:45 | 000,090,640 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
PRC - [2012/07/27 19:51:50 | 000,363,520 | ---- | M] (IVT Corporation) -- C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
PRC - [2012/07/23 12:29:34 | 001,544,192 | ---- | M] (IVT Corporation) -- C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
PRC - [2012/07/02 12:49:54 | 000,120,496 | ---- | M] (Seagate Technology LLC) -- C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
PRC - [2012/07/02 12:46:42 | 000,014,528 | ---- | M] (Seagate Technology LLC) -- C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
PRC - [2012/06/07 22:34:06 | 000,111,120 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
PRC - [2011/03/14 11:22:06 | 002,125,472 | ---- | M] (Audible, Inc.) -- C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe

========== Modules (No Company Name) ==========

MOD - [2014/05/14 06:18:51 | 000,797,184 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runt73a1fc9d#\3e17b0be5e7a03853d44d996d366e88b\System.Runtime.Remoting.ni.dll
MOD - [2014/05/14 06:18:48 | 001,928,704 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.V9921e851#\fab34eeddd8d0d9679cce669b2cff4fe\Microsoft.VisualBasic.ni.dll
MOD - [2014/04/27 06:45:14 | 000,046,080 | ---- | M] () -- C:\Users\Brenda\AppData\Local\Packages\D50536CD.CitrixReceiver_hmf6bx7z76t54\AC\Microsoft\CLR_v4.0_32\NativeImages\Citrix.Auth2d299ddf#\cd2af2741e7c96717fd4e44698b8f271\Citrix.AuthManager.SDK.ni.dll
MOD - [2014/04/27 06:45:13 | 002,552,320 | ---- | M] () -- C:\Users\Brenda\AppData\Local\Packages\D50536CD.CitrixReceiver_hmf6bx7z76t54\AC\Microsoft\CLR_v4.0_32\NativeImages\Citrix.Deli5a82a8c4#\4400198c0420ef50b2905c28f2472e82\Citrix.DeliveryServices.ni.dll
MOD - [2014/04/27 06:45:13 | 000,124,928 | ---- | M] () -- C:\Users\Brenda\AppData\Local\Packages\D50536CD.CitrixReceiver_hmf6bx7z76t54\AC\Microsoft\CLR_v4.0_32\NativeImages\UIShim\019964ad530e9f6f432b382badc4e06b\UIShim.ni.dll
MOD - [2014/04/27 06:45:13 | 000,110,080 | ---- | M] () -- C:\Users\Brenda\AppData\Local\Packages\D50536CD.CitrixReceiver_hmf6bx7z76t54\AC\Microsoft\CLR_v4.0_32\NativeImages\Citrix.Metr286917a4#\be1a28adc7b2c0da7f5a653598af79b1\Citrix.MetroReceiver.AppReceiverSDK.ni.dll
MOD - [2014/04/27 06:45:13 | 000,068,096 | ---- | M] () -- C:\Users\Brenda\AppData\Local\Packages\D50536CD.CitrixReceiver_hmf6bx7z76t54\AC\Microsoft\CLR_v4.0_32\NativeImages\Citrix.Authdf1e4b26#\15a8f26d312e990f451a290170ae80aa\Citrix.AuthManager.Server.ni.dll
MOD - [2014/04/27 06:45:11 | 000,738,816 | ---- | M] () -- C:\Users\Brenda\AppData\Local\Packages\D50536CD.CitrixReceiver_hmf6bx7z76t54\AC\Microsoft\CLR_v4.0_32\NativeImages\MetroReceivf3df8925#\c56974971c1bfba53868167d97f39622\MetroReceiver.BL.WinRT.ni.dll
MOD - [2014/04/27 06:45:11 | 000,134,144 | ---- | M] () -- C:\Users\Brenda\AppData\Local\Packages\D50536CD.CitrixReceiver_hmf6bx7z76t54\AC\Microsoft\CLR_v4.0_32\NativeImages\CrossPlatformBL\11bdbc116eccd0a3b78ca6148f03584f\CrossPlatformBL.ni.dll
MOD - [2014/04/27 06:44:45 | 002,964,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\15e0783372e02bd437cab8ac76420124\System.IdentityModel.ni.dll
MOD - [2014/04/27 06:44:43 | 000,785,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\ee53227bcc4430088d0b560752c1cd02\System.ServiceModel.Internals.ni.dll
MOD - [2014/04/27 06:44:43 | 000,118,272 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\352d34797f7cd44cd0973c33539200f1\SMDiagnostics.ni.dll
MOD - [2014/04/27 06:44:40 | 000,808,448 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Storage\f3deb382d1f91df4e2bf1801afb4ea21\Windows.Storage.ni.dll
MOD - [2014/04/27 06:44:40 | 000,304,128 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Graphics\4e33edd5ee2ee09f751c0071ba0a26c3\Windows.Graphics.ni.dll
MOD - [2014/04/27 06:44:39 | 000,960,000 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.UI\c95c4deae76420a882bef7161a449d72\Windows.UI.ni.dll
MOD - [2014/04/27 06:44:39 | 000,008,704 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ObjectModel\67dd353e70bac0caa6a7dde153081d12\System.ObjectModel.ni.dll
MOD - [2014/04/27 06:44:38 | 001,130,496 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.App640a3541#\224ab0385dc2991b9139bdbf7bcf8e0e\Windows.ApplicationModel.ni.dll
MOD - [2014/04/27 06:44:38 | 000,228,864 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Foundation\cf021988965369c551bb0987fe019862\Windows.Foundation.ni.dll
MOD - [2014/04/27 06:44:37 | 003,530,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.UI.Xaml\f2bf020fc6307e10194fd94e85d52a72\Windows.UI.Xaml.ni.dll
MOD - [2014/04/27 06:44:37 | 000,008,704 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtbff93e24#\1849d6bdd0f61a224d41ac2963221204\System.Runtime.InteropServices.WindowsRuntime.ni.dll
MOD - [2014/04/27 06:44:35 | 000,018,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime\7bf2203bf2d88857c463948cccf6156c\System.Runtime.ni.dll
MOD - [2014/04/25 16:04:08 | 001,070,080 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Servf73e6522#\39bc23d9592ef276c70a36ef0311070a\System.ServiceModel.Web.ni.dll
MOD - [2014/04/25 16:03:58 | 007,802,880 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\77bc1a994f64193efc124c297b93fdb7\System.Xml.ni.dll
MOD - [2014/04/25 16:03:54 | 012,856,832 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\635558b506364815e8348217e86fdf99\System.Windows.Forms.ni.dll
MOD - [2014/04/25 16:03:48 | 019,566,080 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\4c3126aec3364546e4ade89c24c4e742\System.ServiceModel.ni.dll
MOD - [2014/04/25 16:03:40 | 000,573,952 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runt0d283adf#\32aee6654d81a07e698f9ee18c886a2a\System.Runtime.WindowsRuntime.ni.dll
MOD - [2014/04/25 16:03:39 | 002,804,736 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\183eaaded316165bfbd32a991e4e8c8a\System.Runtime.Serialization.ni.dll
MOD - [2014/04/25 16:03:36 | 001,635,328 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\ddb52221ad0200b7c2e0a308e47d5c7c\System.Drawing.ni.dll
MOD - [2014/04/25 16:03:32 | 000,968,192 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\c5bf2f5c3e13726b3984a900221e1778\System.Configuration.ni.dll
MOD - [2014/04/25 16:03:16 | 006,951,424 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\c1194e56644c7688e7eb0f68a57dcc30\System.Core.ni.dll
MOD - [2014/04/25 16:03:12 | 010,003,456 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\c24d08cc4e93fc4f6f15a637b00a2721\System.ni.dll
MOD - [2014/02/25 12:47:28 | 000,612,464 | ---- | M] () -- C:\Users\Brenda\AppData\Local\StormAlerts\StormAlertsApp.exe
MOD - [2014/02/15 06:45:38 | 001,051,136 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\9f0fe59d471b42a6bbfe4ed1ca78aaa3\System.Management.ni.dll
MOD - [2014/02/15 06:44:59 | 000,978,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\97272e5adde36ea896d7216bf0270e15\System.Configuration.ni.dll
MOD - [2014/02/15 06:44:53 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\e1f54763aaa982a39dd949c279f2c45b\Accessibility.ni.dll
MOD - [2014/02/14 14:54:55 | 005,463,552 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\672138dc2f47a077f59ef14290a6973e\System.Xml.ni.dll
MOD - [2014/02/14 14:54:53 | 012,436,480 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\a673aacf407b499981342bb709cce917\System.Windows.Forms.ni.dll
MOD - [2014/02/14 14:54:49 | 001,593,344 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d76ae95d56d39a59f727f5518ac8e396\System.Drawing.ni.dll
MOD - [2014/02/14 14:54:48 | 006,656,512 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\5eedd7ea1972a47f490dc3949879e473\System.Data.ni.dll
MOD - [2014/02/14 14:54:30 | 007,993,856 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\20af51394609c937507288c2b1cf2c8c\System.ni.dll
MOD - [2014/02/14 14:54:26 | 011,499,520 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\3de119146ed0e59408f896aa69cdfc42\mscorlib.ni.dll
MOD - [2014/01/27 06:52:41 | 017,395,376 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\c90ef9a73ea0044641d31b19023aad61\mscorlib.ni.dll
MOD - [2014/01/20 14:17:04 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/01/20 14:16:38 | 001,044,808 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2014/01/19 18:09:12 | 008,007,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll
MOD - [2013/12/24 10:47:09 | 001,214,464 | ---- | M] () -- C:\Program Files\WindowsApps\D50536CD.CitrixReceiver_1.4.0.220_x86__hmf6bx7z76t54\Citrix.MetroReceiver.AppReceiverSdkLib.dll
MOD - [2013/12/24 10:47:09 | 000,339,456 | ---- | M] () -- C:\Program Files\WindowsApps\D50536CD.CitrixReceiver_1.4.0.220_x86__hmf6bx7z76t54\UIShim.dll
MOD - [2013/12/24 10:47:08 | 001,332,224 | ---- | M] () -- C:\Program Files\WindowsApps\D50536CD.CitrixReceiver_1.4.0.220_x86__hmf6bx7z76t54\Citrix.AuthManager.Server.dll
MOD - [2013/12/24 10:47:08 | 000,691,712 | ---- | M] () -- C:\Program Files\WindowsApps\D50536CD.CitrixReceiver_1.4.0.220_x86__hmf6bx7z76t54\Citrix.AuthManager.SDK.dll
MOD - [2013/12/24 10:47:08 | 000,665,088 | ---- | M] () -- C:\Program Files\WindowsApps\D50536CD.CitrixReceiver_1.4.0.220_x86__hmf6bx7z76t54\Citrix.MetroReceiver.AppReceiverSDK.dll
MOD - [2013/08/16 19:06:29 | 002,972,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2012/07/27 16:50:34 | 000,333,312 | ---- | M] () -- C:\Windows\SysWOW64\BsExtendFunc.dll
MOD - [2012/07/10 20:04:10 | 000,062,976 | ---- | M] () -- C:\Windows\SysWOW64\BsProfileFunc.dll
MOD - [2012/07/10 19:59:40 | 000,019,456 | ---- | M] () -- C:\Windows\SysWOW64\BsTrace.dll
MOD - [2012/07/10 19:26:44 | 000,011,264 | ---- | M] () -- C:\Windows\SysWOW64\SCChangeMonitor.dll
MOD - [2012/06/08 13:34:06 | 000,016,400 | ---- | M] () -- c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
MOD - [2012/06/07 22:34:06 | 000,627,216 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
MOD - [2012/05/30 01:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\wincfi39.dll
MOD - [2011/08/23 21:39:11 | 000,655,360 | ---- | M] () -- C:\Program Files (x86)\CyberLink\PowerDVD12\Common\Koan\_ssl.pyd
MOD - [2011/08/23 21:39:11 | 000,081,920 | ---- | M] () -- C:\Program Files (x86)\CyberLink\PowerDVD12\Common\Koan\_ctypes.pyd
MOD - [2011/08/23 21:39:11 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\CyberLink\PowerDVD12\Common\Koan\_socket.pyd

========== Services (SafeList) ==========

SRV:64bit: - [2014/04/25 05:32:54 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/03/23 21:31:14 | 000,347,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2014/03/23 21:31:14 | 000,023,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2014/03/08 00:41:25 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014/03/06 02:02:13 | 000,834,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2014/03/06 01:34:46 | 000,201,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2014/02/22 10:53:10 | 003,394,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2014/02/22 04:57:16 | 000,710,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2014/02/22 04:26:58 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014/02/22 04:25:39 | 000,399,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2014/02/22 04:25:14 | 000,269,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2014/02/22 04:23:58 | 001,576,960 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2014/01/27 10:38:59 | 001,584,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2014/01/19 19:53:42 | 000,076,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\inetsrv\w3logsvc.dll -- (w3logsvc)
SRV:64bit: - [2013/12/10 02:35:18 | 000,530,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2013/11/22 23:50:00 | 000,282,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/11/14 02:25:26 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2013/08/30 22:18:16 | 000,015,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV:64bit: - [2013/08/22 07:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2013/08/22 06:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013/08/22 06:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013/08/22 06:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013/08/22 06:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013/08/22 06:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/08/22 05:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013/08/22 05:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013/08/22 04:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013/08/22 04:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013/08/22 04:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/08/22 04:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/22 04:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013/08/22 04:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013/08/22 04:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/08/22 04:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2013/05/11 18:45:54 | 000,822,232 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel®
SRV:64bit: - [2013/05/11 18:45:38 | 000,733,696 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV:64bit: - [2012/08/10 03:34:09 | 000,321,536 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV - [2014/03/05 08:40:39 | 000,390,616 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2014/03/05 08:40:38 | 000,169,432 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2014/01/19 19:53:42 | 000,475,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2014/01/19 19:53:42 | 000,066,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\w3logsvc.dll -- (w3logsvc)
SRV - [2014/01/19 19:53:42 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2013/12/21 01:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/11/14 02:25:25 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2013/11/04 19:31:56 | 000,092,160 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2013/08/29 19:27:28 | 000,414,496 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013/08/22 07:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013/08/21 22:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/21 21:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2013/07/26 01:31:42 | 000,066,768 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Paragon Software\HFS+ for Windows 9.1\apmwinsrv.exe -- (apmwinsrv)
SRV - [2013/05/20 23:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\ccSvcHst.exe -- (NIS)
SRV - [2012/12/07 02:12:26 | 000,006,144 | ---- | M] (The Neat Company) [Auto | Running] -- C:\Program Files (x86)\Neat\exec\NeatStartupService.exe -- (Neat Startup Service)
SRV - [2012/12/04 23:23:24 | 000,148,480 | ---- | M] (Two Pilots) [Auto | Running] -- C:\Windows\VPDAgent_x64.exe -- (Agent)
SRV - [2012/10/05 03:22:52 | 000,295,440 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe -- (CyberLink PowerDVD 12 Media Server Service)
SRV - [2012/10/05 03:22:49 | 000,078,352 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe -- (CyberLink PowerDVD 12 Media Server Monitor Service)
SRV - [2012/10/05 03:22:45 | 000,090,640 | ---- | M] (CyberLink Corp.) [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe -- (CLHNServiceForPowerDVD12)
SRV - [2012/08/29 12:02:16 | 000,035,232 | ---- | M] (Hewlett-Packard) [Auto | Running] -- c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe -- (HPConnectedRemote)
SRV - [2012/07/23 12:29:34 | 001,544,192 | ---- | M] (IVT Corporation) [Auto | Running] -- C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe -- (BlueSoleilCS)
SRV - [2012/07/10 20:11:20 | 000,138,752 | ---- | M] (IVT Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe -- (BsHelpCS)
SRV - [2012/07/02 12:46:42 | 000,014,528 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe -- (Seagate Dashboard Services)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2014/05/12 16:40:58 | 000,061,112 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64.sys -- ({9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64)
DRV:64bit: - [2014/03/23 21:30:57 | 000,257,880 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2014/03/23 21:30:57 | 000,123,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2014/03/23 21:27:03 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2014/03/19 22:41:20 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2014/03/13 07:35:24 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2014/03/08 15:40:16 | 000,136,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2014/03/08 15:35:45 | 000,467,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2014/03/05 08:40:38 | 000,099,288 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverx64.sys -- (MEIx64)
DRV:64bit: - [2014/02/22 11:00:25 | 000,236,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2014/02/22 10:50:31 | 000,054,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2014/02/22 10:49:51 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2014/02/22 10:49:49 | 000,384,856 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014/02/22 10:49:49 | 000,189,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2014/02/22 10:49:49 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2014/02/22 10:49:47 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2014/02/22 10:44:13 | 000,924,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2014/02/22 07:14:02 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2014/01/19 19:55:52 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2014/01/19 19:55:52 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2014/01/19 19:55:52 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2013/12/27 13:34:44 | 001,205,448 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtbth.sys -- (rtbth)
DRV:64bit: - [2013/12/24 13:48:07 | 000,177,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2013/12/04 13:41:54 | 000,226,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2013/12/02 17:32:18 | 002,483,376 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2013/11/14 02:28:58 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013/11/14 02:25:25 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013/11/14 02:16:57 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013/11/14 02:16:54 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013/09/24 08:10:34 | 000,097,768 | ---- | M] (Citrix Systems, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ctxusbm.sys -- (ctxusbm)
DRV:64bit: - [2013/08/30 22:18:02 | 000,644,968 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2013/08/22 08:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 08:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 07:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/22 07:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 07:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 07:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 07:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 07:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 07:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 07:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 07:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 07:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 07:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 07:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 07:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 07:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 07:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 07:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 07:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 07:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 07:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 07:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 07:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 07:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 07:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 07:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 07:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 07:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013/08/22 07:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 06:39:58 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2013/08/22 06:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013/08/22 06:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 06:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 06:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 06:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 06:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 06:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Unknown (0) | Disabled | Unknown] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 06:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 06:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 06:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 06:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Unknown (0) | Disabled | Unknown] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 06:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 06:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/08/22 06:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Unknown (0) | Disabled | Unknown] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013/08/22 06:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 06:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 06:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 06:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013/08/22 06:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 06:36:17 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2013/08/22 06:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013/08/22 06:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013/08/22 03:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/12 18:25:46 | 000,017,624 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/09 19:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/07/30 13:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/26 01:31:44 | 000,204,496 | ---- | M] (Paragon Software Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hfsplus.sys -- (Hfsplus)
DRV:64bit: - [2013/07/26 01:31:44 | 000,045,776 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mounthlp.sys -- (mounthlp)
DRV:64bit: - [2013/07/26 01:31:44 | 000,015,568 | ---- | M] (Paragon Software Group) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\hfsplusrec.sys -- (HfsplusRec)
DRV:64bit: - [2013/07/26 01:31:42 | 000,061,136 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\gpt_loader.sys -- (gpt_loader)
DRV:64bit: - [2013/07/26 01:31:42 | 000,050,896 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\apmwin.sys -- (apmwin)
DRV:64bit: - [2013/07/25 14:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/06/18 09:44:59 | 000,129,224 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C63x64.sys -- (L1C)
DRV:64bit: - [2013/05/23 00:25:28 | 001,139,800 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1405000.01C\symefa64.sys -- (SymEFA)
DRV:64bit: - [2013/05/21 00:02:00 | 000,493,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1405000.01C\symds64.sys -- (SymDS)
DRV:64bit: - [2013/05/16 00:02:14 | 000,796,760 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1405000.01C\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2013/04/24 19:43:56 | 000,433,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1405000.01C\symnets.sys -- (SymNetS)
DRV:64bit: - [2013/04/15 21:41:14 | 000,169,048 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1405000.01C\ccsetx64.sys -- (ccSet_NIS)
DRV:64bit: - [2013/03/04 20:40:08 | 000,224,416 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1405000.01C\ironx64.sys -- (SymIRON)
DRV:64bit: - [2013/03/04 20:21:35 | 000,036,952 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1405000.01C\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2012/12/13 15:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/10/26 17:42:22 | 004,758,176 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2012/10/26 17:42:22 | 000,351,520 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2012/10/26 17:42:22 | 000,026,784 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvbflt64.sys -- (CompFilter64)
DRV:64bit: - [2012/08/21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/08/10 03:34:52 | 000,540,160 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2012/07/19 19:47:40 | 000,056,904 | ---- | M] (Ralink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BtL2caScoIf.sys -- (BthL2caScoIfSrv)
DRV:64bit: - [2012/07/11 21:02:54 | 000,048,352 | ---- | M] (Ralink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IvtUrbBtFlt.sys -- (btUrbFilterDrv)
DRV:64bit: - [2012/07/04 02:25:16 | 000,189,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012/06/25 12:24:50 | 000,092,536 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\CLVirtualDrive.sys -- (CLVirtualDrive)
DRV:64bit: - [2012/06/20 16:27:30 | 000,023,448 | R--- | M] (Symantec Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1405000.01C\symelam.sys -- (SymELAM)
DRV:64bit: - [2012/06/15 13:22:02 | 000,023,136 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BtAudioBus.sys -- (BtAudioBusSrv)
DRV:64bit: - [2008/05/06 17:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV - [2014/05/09 20:07:23 | 001,530,160 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20140510.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2014/03/25 18:11:16 | 000,525,016 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20140606.001\IDSviA64.sys -- (IDSVia64)
DRV - [2013/12/23 08:26:21 | 002,099,288 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20140606.003\ex64.sys -- (NAVEX15)
DRV - [2013/12/23 08:26:21 | 000,484,952 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2013/12/23 08:26:21 | 000,137,648 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2013/12/23 08:26:21 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20140606.003\eng64.sys -- (NAVENG)
DRV - [2012/10/04 16:57:56 | 000,147,704 | ---- | M] (CyberLink Corp.) [2013/12/24 09:13:49] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl -- ({73526619-C24F-470B-9BED-53D455FBB5C6})
DRV - [2012/06/20 04:35:49 | 000,083,704 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys -- (ntk_PowerDVD12)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK13/1
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK13/1
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...0TR&pc=HPDTDFJS
IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPDTDF
IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPDTDF
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...0TR&pc=HPDTDFJS
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPDTDF
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPDTDF

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK13/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.pinnaclesys.com/PublicS [Binary data over 200 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = http://search.condui...archTerms}=
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...0TR&pc=HPDTDFJS
IE - HKCU\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPDTDF
IE - HKCU\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPDTDF
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Citrix.com/npican: C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\IPSFF [2013/12/24 08:24:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\coFFPlgn\ [2014/06/05 05:40:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{CF13FA66-1F4F-426d-BB1B-E07A13BFF2C8}: C:\Program Files (x86)\Aimersoft\Video Converter Ultimate\SVRFirefoxExt\ [2014/05/12 06:02:11 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{CF13FA66-1F4F-426d-BB1B-E07A13BFF2C8}: C:\Program Files (x86)\Aimersoft\Video Converter Ultimate\SVRFirefoxExt\ [2014/05/12 06:02:11 | 000,000,000 | ---D | M]

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Error reading preferences file
CHR - Extension: Norton Identity Protection = C:\Users\Brenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.4.8.1_2\
CHR - Extension: Google Wallet = C:\Users\Brenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\

O1 HOSTS File: ([2013/08/22 08:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O2 - BHO: (Aimersoft Video Converter Ultimate) - {54F73992-6549-4369-9A0D-84FD310A464A} - C:\Program Files (x86)\Aimersoft\Video Converter Ultimate\SVRIEPlugin.dll (Aimersoft Software Co., Ltd.)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\coieplg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [BeatsOSDApp] C:\Program Files\IDT\WDM\Beats64.exe (Hewlett-Packard )
O4:64bit: - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [Aimersoft Helper Compact.exe] C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BrowserPlugInHelper] C:\Program Files (x86)\Aimersoft\Video Converter Ultimate\BrowserPlugInHelper.exe ()
O4 - HKLM..\Run: [BtTray] c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe (IVT Corporation)
O4 - HKLM..\Run: [CitrixReceiver] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk" File not found
O4 - HKLM..\Run: [CLMLServer_For_P2G8] c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (CyberLink)
O4 - HKLM..\Run: [CLVirtualDrive] c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe (CyberLink Corp.)
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [DBAgent] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe (Seagate Technology LLC)
O4 - HKLM..\Run: [PowerDVD12Agent] C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PowerDVD12DMREngine] C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe (CyberLink)
O4 - HKLM..\Run: [Redirector] C:\Program Files (x86)\Citrix\ICA Client\redirector.exe (Citrix Systems, Inc.)
O4 - HKCU..\Run: [Uploader] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe (Seagate Technology LLC)
O4:64bit: - HKLM..\RunOnce: [NCPluginUpdater] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe (Hewlett-Packard)
O4 - Startup: C:\Users\Brenda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Storm Alerts.lnk = C:\Users\Brenda\AppData\Local\StormAlerts\StormAlerts.exe (Weather Warnings LLC)
O4 - Startup: C:\Users\Brenda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StormAlerts.lnk = C:\Users\Brenda\AppData\Local\StormAlerts\StormAlertsApp.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Windows\SysNative\wlidnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Windows\SysNative\wlidnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Windows\SysWOW64\wlidnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Windows\SysWOW64\wlidnsp.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{32C4A203-94C6-4072-8C04-1859CD66BE75}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6BFF6CA2-985F-444C-B8F4-404A111FF1E7}: DhcpNameServer = 192.168.1.254 10.10.10.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWOW64\skype4com.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\application/x-ica - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=euc-jp - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=ISO-8859-1 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=MS936 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=MS949 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=MS950 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=UTF8 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=UTF-8 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=euc-jp - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=ISO-8859-1 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=MS936 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=MS949 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=MS950 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=UTF8 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=UTF-8 - No CLSID value found
O18:64bit: - Protocol\Filter\ica - No CLSID value found
O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/01/11 09:54:52 | 000,000,170 | ---- | M] () - F:\Autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/06/06 14:53:29 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Brenda\Desktop\OTL.exe
[2014/05/28 08:15:57 | 001,205,448 | ---- | C] (Ralink Technology, Corp.) -- C:\WINDOWS\SysNative\drivers\rtbth.sys
[2014/05/28 08:15:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mediatek
[2014/05/17 08:03:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014/05/17 08:02:40 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2014/05/17 08:02:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2014/05/17 08:02:40 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2014/05/17 08:02:40 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2014/05/15 07:22:48 | 000,061,112 | ---- | C] (StdLib) -- C:\WINDOWS\SysNative\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64.sys
[2014/05/15 05:54:21 | 000,000,000 | ---D | C] -- C:\Users\Brenda\Documents\Optimizer Pro
[2014/05/15 05:50:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Audacity
[2014/05/15 05:49:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\webget
[2014/05/15 05:49:26 | 000,000,000 | ---D | C] -- C:\Users\Brenda\AppData\Local\Weather_Warnings_LLC
[2014/05/15 05:49:23 | 000,000,000 | ---D | C] -- C:\Users\Brenda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Storm Alerts
[2014/05/15 05:49:20 | 000,000,000 | ---D | C] -- C:\Users\Brenda\AppData\Roaming\UpdaterEX
[2014/05/15 05:49:13 | 000,000,000 | ---D | C] -- C:\Users\Brenda\AppData\Local\StormAlerts
[2014/05/14 05:25:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2014/05/14 05:22:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\PCHEALTH

========== Files - Modified Within 30 Days ==========

[2014/06/06 14:53:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Brenda\Desktop\OTL.exe
[2014/06/06 14:25:33 | 000,004,524 | ---- | M] () -- C:\WINDOWS\SysWow64\LOCALSERVICE.INI
[2014/06/06 14:25:20 | 000,002,244 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/06/06 14:25:20 | 000,000,922 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/06/06 14:21:00 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/06/06 14:16:00 | 000,000,364 | ---- | M] () -- C:\WINDOWS\tasks\HPCeeScheduleForBrenda.job
[2014/06/05 05:42:44 | 000,958,356 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014/06/05 05:42:44 | 000,795,922 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014/06/05 05:42:44 | 000,161,676 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014/06/05 05:41:21 | 000,000,821 | ---- | M] () -- C:\WINDOWS\SysWow64\bscs.ini
[2014/06/05 05:40:48 | 002,697,276 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\NISx64\1405000.01C\Cat.DB
[2014/06/05 05:39:52 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/06/05 05:38:16 | 000,000,088 | ---- | M] () -- C:\WINDOWS\SysWow64\LOCALDEVICE.INI
[2014/06/05 05:37:52 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/06/05 05:37:46 | 1667,604,478 | -HS- | M] () -- C:\hiberfil.sys
[2014/05/17 16:49:00 | 000,000,324 | ---- | M] () -- C:\WINDOWS\tasks\UpdaterEX.job
[2014/05/17 08:03:06 | 000,001,836 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/05/16 00:49:01 | 000,000,088 | ---- | M] () -- C:\Users\Brenda\AppData\Roaming\WB.CFG
[2014/05/15 05:50:52 | 000,001,060 | ---- | M] () -- C:\Users\Brenda\Desktop\Audacity.lnk
[2014/05/15 05:49:24 | 000,001,178 | ---- | M] () -- C:\Users\Brenda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Storm Alerts.lnk
[2014/05/15 05:49:13 | 000,001,175 | ---- | M] () -- C:\Users\Brenda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StormAlerts.lnk
[2014/05/12 16:40:58 | 000,061,112 | ---- | M] (StdLib) -- C:\WINDOWS\SysNative\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64.sys
[2014/05/12 09:43:38 | 000,002,562 | ---- | M] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2014/05/12 06:02:12 | 000,001,499 | ---- | M] () -- C:\Users\Public\Desktop\Aimersoft Video Converter Ultimate.lnk
[2014/05/12 06:02:12 | 000,001,408 | ---- | M] () -- C:\Users\Brenda\Application Data\Microsoft\Internet Explorer\Quick Launch\Aimersoft Video Converter Ultimate.lnk

========== Files Created - No Company Name ==========

[2014/05/28 08:15:57 | 000,040,958 | ---- | C] () -- C:\WINDOWS\SysWow64\drivers\RT3298.BIN
[2014/05/28 08:15:57 | 000,040,958 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\rt3298.bin
[2014/05/17 08:03:05 | 000,001,836 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/05/15 05:50:52 | 000,001,060 | ---- | C] () -- C:\Users\Brenda\Desktop\Audacity.lnk
[2014/05/15 05:50:51 | 000,001,072 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
[2014/05/15 05:49:23 | 000,001,178 | ---- | C] () -- C:\Users\Brenda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Storm Alerts.lnk
[2014/05/15 05:49:23 | 000,000,088 | ---- | C] () -- C:\Users\Brenda\AppData\Roaming\WB.CFG
[2014/05/15 05:49:20 | 000,000,324 | ---- | C] () -- C:\WINDOWS\tasks\UpdaterEX.job
[2014/05/15 05:49:13 | 000,001,175 | ---- | C] () -- C:\Users\Brenda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StormAlerts.lnk
[2014/05/12 06:02:12 | 000,001,499 | ---- | C] () -- C:\Users\Public\Desktop\Aimersoft Video Converter Ultimate.lnk
[2014/05/12 06:02:09 | 000,721,263 | ---- | C] () -- C:\WINDOWS\SysWow64\AiCM64.dll
[2014/05/12 06:02:09 | 000,214,528 | ---- | C] () -- C:\WINDOWS\SysWow64\AiCM32.dll
[2014/04/24 07:37:26 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2014/03/18 13:40:35 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2014/02/09 22:44:20 | 000,008,192 | ---- | C] () -- C:\Users\Brenda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/01/19 18:06:06 | 000,973,290 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2013/12/24 08:40:04 | 000,000,126 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2013/12/23 08:05:00 | 000,000,141 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
[2013/08/22 10:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 10:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 09:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 02:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/21 22:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/21 18:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/21 18:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2012/10/26 17:42:24 | 000,336,232 | ---- | C] () -- C:\WINDOWS\SysWow64\DevManagerCore.dll
[2012/10/26 17:42:22 | 010,919,784 | ---- | C] () -- C:\WINDOWS\SysWow64\LogiDPP.dll
[2012/10/26 17:42:22 | 000,103,272 | ---- | C] () -- C:\WINDOWS\SysWow64\LogiDPPApp.exe
[2012/10/06 14:08:45 | 000,004,524 | ---- | C] () -- C:\WINDOWS\SysWow64\LOCALSERVICE.INI
[2012/10/06 14:08:45 | 000,000,088 | ---- | C] () -- C:\WINDOWS\SysWow64\LOCALDEVICE.INI
[2012/07/30 12:22:52 | 000,000,821 | ---- | C] () -- C:\WINDOWS\SysWow64\bscs.ini
[2012/07/27 16:50:34 | 000,333,312 | ---- | C] () -- C:\WINDOWS\SysWow64\BsExtendFunc.dll
[2012/07/25 15:22:54 | 000,982,240 | ---- | C] () -- C:\WINDOWS\SysWow64\igkrng500.bin
[2012/07/25 15:22:54 | 000,439,308 | ---- | C] () -- C:\WINDOWS\SysWow64\igcompkrng500.bin
[2012/07/25 15:22:54 | 000,092,356 | ---- | C] () -- C:\WINDOWS\SysWow64\igfcg500m.bin
[2012/07/10 20:04:10 | 000,062,976 | ---- | C] () -- C:\WINDOWS\SysWow64\BsProfileFunc.dll
[2012/07/10 19:59:40 | 000,019,456 | ---- | C] () -- C:\WINDOWS\SysWow64\BsTrace.dll
[2012/07/10 19:26:44 | 000,090,208 | ---- | C] () -- C:\WINDOWS\SysWow64\BSSkypeAgent.dll
[2012/07/10 19:26:44 | 000,086,108 | ---- | C] () -- C:\WINDOWS\SysWow64\BSVoIPComm.dll
[2012/07/10 19:26:44 | 000,081,920 | ---- | C] () -- C:\WINDOWS\SysWow64\BsVistaCommon.dll
[2012/07/10 19:26:44 | 000,049,664 | ---- | C] () -- C:\WINDOWS\SysWow64\BSWMPPlugin.dll
[2012/07/10 19:26:44 | 000,011,264 | ---- | C] () -- C:\WINDOWS\SysWow64\SCChangeMonitor.dll
[2012/06/13 10:45:02 | 000,008,704 | ---- | C] () -- C:\WINDOWS\SysWow64\SROF.dll

========== ZeroAccess Check ==========

[2014/02/19 08:16:08 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/27 04:12:37 | 021,225,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/27 02:48:28 | 018,679,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 04:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/21 21:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 04:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014/03/08 13:31:10 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\Aimersoft Video Converter Ultimate
[2013/12/24 12:14:53 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\ASAP Utilities
[2014/05/27 23:29:20 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\Audacity
[2013/12/24 09:24:24 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\Chief Architect Inc
[2013/12/24 09:20:42 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\GetRightToGo
[2013/12/24 09:21:08 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\Home Designer Pro 2014
[2014/03/05 18:45:56 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\ICAClient
[2014/03/30 19:54:58 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\Leadertech
[2014/02/13 23:42:52 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\OverDrive
[2014/03/30 19:53:34 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\Seagate
[2013/12/24 10:26:58 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\Systweak
[2014/05/15 05:49:20 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\UpdaterEX
[2013/12/24 12:16:15 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\WinBatch
[2013/12/24 09:27:56 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 220 bytes -> C:\Users\Brenda\SkyDrive:ms-properties

< End of report >

#2
misstepp

Posted 06 June 2014 - 02:14 PM

Member

Topic Starter
Member
25 posts

There was actually a second OTL log created. It said it is an OTL Extras logfile. Here are the contents of that

OTL Extras logfile created on: 6/6/2014 2:54:14 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Brenda\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17031)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

11.94 Gb Total Physical Memory | 9.33 Gb Available Physical Memory | 78.14% Memory free
12.33 Gb Paging File | 9.46 Gb Available in Paging File | 76.69% Paging File free
Paging file location(s): c:\pagefile.sys 400 4096 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1841.39 Gb Total Space | 1617.63 Gb Free Space | 87.85% Space Free | Partition Type: NTFS
Drive D: | 19.80 Gb Total Space | 2.43 Gb Free Space | 12.28% Space Free | Partition Type: NTFS
Drive F: | 1863.01 Gb Total Space | 777.68 Gb Free Space | 41.74% Space Free | Partition Type: NTFS
Drive L: | 100.00 Mb Total Space | 68.08 Mb Free Space | 68.08% Space Free | Partition Type: NTFS
Drive M: | 931.41 Gb Total Space | 446.15 Gb Free Space | 47.90% Space Free | Partition Type: NTFS
Drive N: | 931.48 Gb Total Space | 569.44 Gb Free Space | 61.13% Space Free | Partition Type: NTFS

Computer Name: STUDYCOMPUTER | User Name: Brenda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1546892B-B771-413D-8F5E-DEA3B8909BC9}" = lport=10243 | protocol=6 | dir=in | app=system |
"{1BCBE9B2-B599-42A8-A4C2-3DBEF0A4F78D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{52E9025C-7FD1-45AD-948A-EFF85EE9AEF9}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{73CDB924-A9F6-4795-826B-57E02934CBAC}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{775959F6-D5E4-4348-A8B0-1CE8B9E351FB}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{7B0FCC34-E664-4D9D-B9E9-A20D40F396FD}" = lport=2869 | protocol=6 | dir=in | app=system |
"{7D339299-805E-4F6B-8B2B-8FAB73EE56DB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{89F42C22-8497-4AC6-B769-8BCE2CCF3C16}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{A2FCCA68-FB87-47F6-9DE0-8E4801FD190D}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AA033CDC-D2CC-43B7-8B45-60CEC55FD252}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CD399216-AABD-4646-A66D-22084E0347B2}" = lport=53000 | protocol=6 | dir=in | name=hpconnectedremoteservice.exe |
"{D03A4CB4-3E8B-48A5-825D-9E2F8A2465D2}" = rport=10243 | protocol=6 | dir=out | app=system |
"{F9E62F0A-5A65-4104-89E9-BFE076B8ED2A}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{FA6AE2C0-E9EA-4AE4-9D36-C53DD08BA304}" = lport=52000 | protocol=6 | dir=in | name=hpconnectedremoteuser.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0748C584-AC08-4837-A472-FD32EDCD83A3}" = dir=out | name=norton studio |
"{08BF2EB3-2F8A-4496-9371-D3ABCE2F3FC1}" = dir=out | name=@{ad2f1837.hpscanandcapture_40.0.245.0_x64__v10z8vjag6ke6?ms-resource://ad2f1837.hpscanandcapture/resources/apptitle} |
"{098A1E13-A07E-4BB6-B00A-52EC6F2F169D}" = dir=out | name=@{microsoft.bingsports_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} |
"{09A461B3-4FD6-4DE1-A3F2-9A614E965A19}" = dir=out | name=hp registration |
"{0E78C62B-34E9-4A98-B01D-03100BC1CA33}" = dir=out | name=@{microsoft.bingmaps_2.1.2922.2139_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{135EBD14-E63A-4C87-A3C0-232C34C7D60D}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\kernel\dmr\powerdvd12dmrengine.exe |
"{140A2CF5-02B7-45BF-BF98-C724E7E56438}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{18106767-C27F-4875-AEB1-0D0F6C55BD94}" = dir=in | name=citrix receiver |
"{198BD194-B900-41D4-9302-0628144739A0}" = dir=out | name=juniper networks junos pulse |
"{1D2BD4FC-0AEB-4BDB-A3B8-9B5E924D1604}" = dir=in | name=f5 vpn |
"{1ED4C5BC-D85B-4E74-8216-08515A6EA640}" = dir=out | name=hp connected photo |
"{20418829-2E89-4F3D-931D-ECCAC33F0259}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{20C74AA8-5A32-4C5C-A835-62CB9185A18F}" = dir=out | name=@{microsoft.bingtravel_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{21B847BA-F241-427D-AF87-E73E31E44CFD}" = dir=out | name=microsoft minesweeper |
"{27296B77-F571-40D3-9840-5F5FFF226303}" = dir=in | name=hp all-in-one printer remote |
"{27669A51-B58F-4B8B-929D-793A3AA7BFF0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2C1DB822-55F7-4191-81B7-2126ACAA0868}" = protocol=6 | dir=in | app=c:\program files (x86)\ralink corporation\ralink bluetooth stack\bluesoleilcs.exe |
"{2C4A0077-437D-4774-9382-43538E2318E4}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{2C5B29B7-5394-472E-AE5D-A4C0EFEF4E6D}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{30B9296B-5E29-473F-90CE-815D199B60C1}" = dir=out | name=@{microsoft.reader_6.2.9200.20780_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{32824E5B-DEA7-45AC-9C31-D79324B4D5FB}" = dir=out | name=@{microsoft.xboxcompanion_1.4.2.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxcompanion/resources/33279} |
"{339D2722-6CF7-437D-8EA8-74C20D160F0D}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{33DE9EDA-A150-466B-A235-1CA2A15EF644}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{35CFD506-C603-455B-9C68-C9F3DF077EB0}" = dir=out | name=iheartradio |
"{36DB1C76-EA14-460D-B80F-8D9CFD04FC4D}" = dir=out | name=@{microsoft.bingfinance_2.0.0.308_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{401EFF36-BB2F-4B99-9114-C67990BE62DD}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\movie\powerdvd cinema\powerdvdcinema12.exe |
"{40F20E25-EF74-4C72-ADFB-F92347C42D2C}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{469664F7-05D5-44E5-8565-36D7A8BFE124}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12.exe |
"{487A8200-3CB2-4E70-A653-932AD714A9DC}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{4B444EC2-0B7A-4A1C-B254-AF8FA02A66EA}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{4E1FD30E-C932-4546-B4D9-F5CB95FF0C46}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{52CC3F26-C34A-4600-89F5-3579AA267401}" = dir=out | name=microsoft mahjong |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{55E38D5B-50AC-439F-82B1-28D9037E1BDE}" = dir=out | name=windows_ie_ac_001 |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{56987549-84E1-4027-A124-8BCEC8AF06CA}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{59821C77-6000-499A-9022-837BFDEE3109}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{5DEEA88F-6F53-4643-B952-B5E5E6D41C40}" = dir=out | name=@{microsoft.zunevideo_1.5.338.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{633C7030-5E30-4473-9A1F-AA7664816700}" = dir=out | name=getting started with windows 8 |
"{66FE257C-2B6B-402E-8BED-218CEDBE23F8}" = dir=in | app=c:\program files (x86)\hewlett-packard\hp support framework\resources\hpwarrantycheck\hpdevicedetection3.exe |
"{6707EA99-B533-4B87-93C5-9EEC7FBF0C24}" = dir=out | name=sonicwall mobile connect |
"{6A00584C-7112-4D38-9869-B4251F665594}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12agent.exe |
"{6BA22064-2317-4875-9CC9-E84596AD4BFE}" = dir=out | name=@{microsoft.xboxlivegames_1.3.10.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{6C137A1A-6C95-4D35-8595-DBCCFFFD0135}" = dir=out | name=netflix |
"{720767E0-00F3-49DA-85A6-039312D8640B}" = dir=out | name=microsoft solitaire collection |
"{75F89949-1BBF-4243-985B-6EC957FD150C}" = dir=in | name=sonicwall mobile connect |
"{7BAC74E8-F097-494B-A5D0-606BCE2C04A1}" = dir=out | name=@{microsoft.bingweather_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{80304B5A-3ABD-497B-926D-CC899AC2601A}" = dir=out | name=@{microsoft.zunemusic_1.5.216.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{882A481C-B613-429F-B05C-CF281FCFFE1E}" = protocol=6 | dir=in | app=c:\program files (x86)\ralink corporation\ralink bluetooth stack\bluesoleilcs.exe |
"{891B0D5C-CFFE-419F-BA18-9C44119756D9}" = protocol=17 | dir=in | app=c:\program files (x86)\ralink corporation\ralink bluetooth stack\bluesoleilcs.exe |
"{8D5838BE-1E7C-483A-A560-7938B3489849}" = dir=out | name=@{microsoft.bingnews_2.0.0.308_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{8D6FC4F6-FF65-4CD1-BB54-84F7ADD4A3F6}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\kernel\dms\clmsserverpdvd12.exe |
"{8E084595-2FD2-43BB-A6BC-B252C7BC7B6A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9486C5C7-ABBB-48C9-9D65-731B3D5AD085}" = dir=out | name=windows_ie_ac_001 |
"{9645B7AC-01FF-4FB4-9723-86110499E0D1}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{972BD24A-CC55-42A6-8B8D-1572B0DEC49B}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe |
"{98884754-BC5D-46C1-BD00-62554398D787}" = dir=in | name=@{ad2f1837.hpscanandcapture_40.0.245.0_x64__v10z8vjag6ke6?ms-resource://ad2f1837.hpscanandcapture/resources/apptitle} |
"{99BF364D-DEBD-4B0E-BD86-57C53BB0CD14}" = dir=in | name=check point vpn |
"{9AEF128A-3B9E-4124-A3B4-5081567347EB}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{9BB39995-26E1-4B74-8F1F-835B6769DD50}" = dir=in | name=microsoft minesweeper |
"{9D24BBE7-15F3-4620-B271-1DD948D45871}" = dir=in | name=microsoft mahjong |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{A0A49595-395D-471D-9F8A-8D94DBD7FB69}" = dir=out | name=f5 vpn |
"{A4255D18-43C3-47AE-B79A-70E0409255F9}" = dir=out | name=hp all-in-one printer remote |
"{A42AF23E-3564-4396-9B8F-A63E0B96760B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A73C04B4-0255-4CBD-9FB0-1196A594A970}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{AB1DCF26-585A-4D01-BD0E-B471203FEDA6}" = dir=in | name=overdrive media console |
"{AC5903B6-6CE3-4A6E-A1E1-C95BF2831016}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{B0DFB160-C753-45DA-810E-B34D7262FFEC}" = dir=in | name=skype |
"{B127755E-A42A-48E0-BC92-AB2FA1392CDA}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{B2EE2507-6475-4A6D-AD1A-B49DD69839BA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B445D82C-B534-41BF-B5BF-2351A3B1AF48}" = dir=out | name=@{microsoft.bingnews_3.0.2.261_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} |
"{B453D942-F704-4F14-8190-2F58C4840936}" = dir=out | name=skype |
"{B5203915-964E-4855-B4DD-767064DFDCDB}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{B63A2C6A-28E4-4A78-92CF-28D21529D94E}" = dir=out | name=@{microsoft.bingtravel_2.0.0.308_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{B64B54DF-DC48-4E10-B855-3DE14F9D5E95}" = protocol=17 | dir=in | name=hpconnectedremoteservice.exe |
"{BBA03B01-E07F-4B42-8C0A-94277DF80402}" = dir=out | name=@{microsoft.bingfinance_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} |
"{C0EABFC1-D508-4FBB-86D1-082FAB80C264}" = dir=in | name=getting started with windows 8 |
"{C4CEDEF8-8962-4DD8-BFFA-DDF47A16991E}" = dir=in | name=juniper networks junos pulse |
"{C9F35D9D-EEA6-474B-A7A1-11CD1EE42424}" = dir=out | name=@{microsoft.zunemusic_2.2.902.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{CC57F80E-7F12-4414-890B-0FBC3B62BA08}" = dir=out | name=@{microsoft.zunevideo_2.2.902.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{CC87B96D-9937-4618-BFA5-7D49A6FD6815}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{CFA90F2C-F70F-462E-9F5D-A9C60107CA69}" = dir=out | name=check point vpn |
"{D0DC0D34-EF79-4527-9FDC-5EBA4F02A0AC}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector10\pdr10.exe |
"{D1DCBB01-D9E4-4B86-97F7-EC10482BB5DF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D1F8B343-B701-440F-B97D-536C1D28A7AB}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{D7DA2039-64FD-4E69-BFC7-A82B1319201D}" = protocol=17 | dir=in | app=c:\program files (x86)\ralink corporation\ralink bluetooth stack\bluesoleilcs.exe |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{DDB15232-156D-49EE-80B1-109C802E238E}" = dir=out | name=@{microsoft.bingmaps_1.6.1821.2624_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{DE6FE505-B2FE-4533-9EDE-EB9DAB52FD3A}" = dir=in | name=@{microsoft.xboxcompanion_1.4.2.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxcompanion/resources/33279} |
"{E01396B5-B63C-4FC7-A708-74A6D0C064A1}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12ml.exe |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{E953A8EC-3B65-4DAC-B27F-EED909B42835}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EB1E76D7-49A7-49FE-AFEC-79967965D9B6}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{EC1AFAC8-CD8E-4AF1-A6C2-6A028E65A1A8}" = protocol=6 | dir=out | app=system |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{EC9C9345-92E1-4853-8E93-92486C535BF6}" = dir=out | name=citrix receiver |
"{EF5AF7FE-09DA-4B4D-B2FA-18EC990558E9}" = dir=out | name=@{microsoft.bingsports_2.0.0.310_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{F1B11388-F6AC-48BE-B5E5-5958214C91F9}" = dir=out | name=@{microsoft.bingweather_2.0.0.310_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{F3064F13-AFC4-4448-97DF-46FA5E8DEA0E}" = dir=in | name=microsoft solitaire collection |
"{F62839C0-0C15-4A21-83FB-4A8F6B383924}" = dir=in | name=hp connected photo |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F6B6819F-CDC3-4B0A-901C-60BA6CB48883}" = dir=out | name=windows_ie_ac_001 |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{FCEBDFB4-D7B1-4C7F-9F63-5D1BBE1CF4D8}" = dir=out | name=overdrive media console |
"{FF002005-9EEB-42C5-80F9-45584341694B}" = dir=in | name=@{microsoft.reader_6.2.9200.20780_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{1CF5754A-545B-4360-BFDE-2847BC728DFC}" = iTunes
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{237E305C-B625-466A-88CE-1E121BF4FDB1}" = Send To Neat
"{25427DA3-EBB7-B260-CD05-9E18F2F8E9F7}" = Ralink Bluetooth Stack64
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{409CB30E-E457-4008-9B1A-ED1B9EA21140}" = Intel® Rapid Storage Technology
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E14E6D6-3175-4E1A-B934-CAB5A86367CD}" = HP Postscript Converter
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{787136D2-F0F8-4625-AA3F-72D7795AC842}" = Apple Mobile Device Support
"{7EA2D88A-C8B7-4102-8644-0A437B6FC143}" = Neat Mobile Scanner Driver
"{81E20D41-C277-4526-934D-F2380AF91B78}" = iCloud
"{89AFB053-A343-46EF-97E4-D593AD7184E6}" = Intel® Trusted Connect Service Client
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A2BC7D4-A7D3-45D5-B3D2-394718C53C41}" = Neat ADF Scanner 2008 Driver
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96714280-14E6-4DF7-BACD-F797C0F17C3D}" = Intel® Rapid Storage Technology
"{A55F1206-BFA7-4027-92B8-CE4EFDBC3CF2}" = Neat ADF Scanner Driver
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 327.02
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 327.02
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 327.02
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.0613
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.18.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{D1108D4B-72F8-419F-88C5-ABB8DC09B3C7}" = Neat Mobile Scanner (Silver) Driver
"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{DDE25FC9-892D-4D24-9325-3BAA5C15ACA9}" = Neat Mobile Scanner 2008 Driver
"{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}" = HP Registration Service

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{012C59CF-074A-43DA-8085-B6E636733B59}" = Citrix Receiver(Aero)
"{034DD4BB-F0D6-4ECF-B064-8E39E3EF7076}" = Quicken 2013
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0E1C5B43-1837-4F98-A96B-79A8A0A5955F}" = Citrix Receiver(USB)
"{111EE7DF-FC45-40C7-98A7-753AC46B12FB}" = QuickTime 7
"{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}" = iSEEK AnswerWorks English Runtime
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite 10
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{43C423D9-E6D6-4607-ADC9-EBB54F690C57}" = Seagate Dashboard 2.0
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{456534C0-51E7-11DF-B336-005056C00008}" = Paragon HFS+ for Windows™ 9.1
"{47117FCA-0D00-4B6D-9D68-00B763629463}" = Self-service Plug-in
"{4862344A-A39C-4897-ACD4-A1BED5163C5A}" = CyberLink PhotoDirector 2011
"{574F0207-8E98-46CD-8F79-318348C98C46}" = HP Quick Start
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5E8AC853-65BB-4C99-A09E-19B81851E14C}" = Citrix Receiver Updater
"{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}" = NVIDIA PhysX
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.2.3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7326DA0C-C09B-491C-81FF-6DA12B2256BB}" = OverDrive Media Console
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}" = Ralink RT3290 802.11bgn Wi-Fi Adapter
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00B4-0409-0000-0000000FF1CE}" = Microsoft Office Project MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-003B-0000-0000-0000000FF1CE}" = Microsoft Office Project Professional 2010
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office
"{99432E4C-1189-4887-9D75-DAA796015FFD}" = Neat Core Files
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.07)
"{ADE8A83D-BB70-4FB5-BA19-26C47EA31894}" = Citrix Receiver(DV)
"{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10
"{B2B7B1C8-7C8B-476C-BE2C-049731C55992}" = HP Support Information
"{B39E1237-AB91-4DAE-BB8A-F7EF19C7BA2A}" = Mediatek Bluetooth Stack
"{B46BEA36-0B71-4A4E-AE41-87241643FA0A}" = CyberLink PowerDVD 12
"{C4E28723-0663-4012-9BDC-E21A14C1316C}" = Citrix Receiver (HDX Flash Redirection)
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{CA55005D-94AC-4596-9646-679D6CC0D620}" = Citrix Authentication Manager
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D509EC25-9221-4BE1-909A-6564723AA600}" = Home Designer Pro 2014
"{D9DAD0FF-495A-472B-9F10-BAE430A26682}" = Apple Application Support
"{D9EE360A-7C19-47EC-93C7-97DEFF64804B}" = Citrix Receiver Inside
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}" = HP Support Assistant
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F243A34B-AB7F-4065-B770-B85B767C247C}" = HP Connected Remote
"{F390D923-76F1-458E-8218-8C0C156CDCFD}" = Online Plug-in
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Aimersoft Video Converter Ultimate_is1" = Aimersoft Video Converter Ultimate(Build 6.1.0.0)
"ASAP Utilities_is1" = ASAP Utilities
"Audacity_is1" = Audacity 2.0.3
"AudibleDownloadManager" = Audible Download Manager
"CitrixOnlinePluginPackWeb" = Citrix Receiver
"Google Chrome" = Google Chrome
"InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite 10
"InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}" = CyberLink PhotoDirector 2011
"InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10
"InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}" = CyberLink PowerDVD 12
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"LAME_is1" = LAME v3.99.3 (for Windows)
"Neat" = Neat
"NIS" = Norton Internet Security
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PRJPROR" = Microsoft Project Professional 2010
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"StartHPConnectedMusic" = HP Connected Music (Meridian - installer)
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"StormAlerts" = StormAlerts

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 3/22/2014 9:29:23 PM | Computer Name = StudyComputer | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 3/22/2014 9:29:23 PM | Computer Name = StudyComputer | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 15312

Error - 3/22/2014 9:29:23 PM | Computer Name = StudyComputer | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 15312

Error - 3/22/2014 9:30:07 PM | Computer Name = StudyComputer | Source = Application Error | ID = 1000
Description = Faulting application name: BlueSoleilCS.exe, version: 9.0.709.0, time
stamp: 0x500cb70a Faulting module name: tl_filter.dll, version: 0.0.0.0, time stamp:
0x50123d74 Exception code: 0xc0000094 Fault offset: 0x0000c12d Faulting process id:
0x77c Faulting application start time: 0x01cf43db5480754d Faulting application path:
C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
Faulting
module path: c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\USB\tl_filter.dll
Report
Id: aa227264-b22a-11e3-be86-6894237f44ee Faulting package full name:   Faulting package-relative
application ID:

Error - 3/24/2014 10:15:17 AM | Computer Name = StudyComputer | Source = Application Hang | ID = 1002
Description = The program LiveComm.exe version 17.5.9600.20413 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel.    Process ID: 9f8    Start
Time: 01cf4766c3093950    Termination Time: 4294967295    Application Path: C:\Program
Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\LiveComm.exe

Report
Id: b6bbc565-b35a-11e3-be86-6894237f44ee Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe

Faulting
package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error - 3/25/2014 6:08:37 PM | Computer Name = StudyComputer | Source = Application Hang | ID = 1002
Description = The program LiveComm.exe version 17.5.9600.20413 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 149c Start
Time: 01cf4872fc36c28c Termination Time: 4294967295 Application Path: C:\Program
Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\LiveComm.exe

Report
Id: f0265ed9-b466-11e3-be86-6894237f44ee Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe

Faulting
package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error - 3/26/2014 5:04:05 PM | Computer Name = StudyComputer | Source = Application Hang | ID = 1002
Description = The program LiveComm.exe version 17.5.9600.20413 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1bec Start
Time: 01cf4933c582e7cd Termination Time: 4294967295 Application Path: C:\Program
Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\LiveComm.exe

Report
Id: b9585980-b527-11e3-be86-6894237f44ee Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe

Faulting
package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error - 3/27/2014 11:17:36 AM | Computer Name = StudyComputer | Source = Application Hang | ID = 1002
Description = The program LiveComm.exe version 17.5.9600.20413 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1bec Start
Time: 01cf49ced6472692 Termination Time: 4294967295 Application Path: C:\Program
Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\LiveComm.exe

Report
Id: c9fd5867-b5c2-11e3-be86-6894237f44ee Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe

Faulting
package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error - 3/28/2014 11:16:39 AM | Computer Name = StudyComputer | Source = Application Hang | ID = 1002
Description = The program LiveComm.exe version 17.5.9600.20413 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 2e48 Start
Time: 01cf4a9800bca1d6 Termination Time: 4294967295 Application Path: C:\Program
Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\LiveComm.exe

Report
Id: f474d1a8-b68b-11e3-be86-6894237f44ee Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe

Faulting
package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error - 3/28/2014 11:20:37 AM | Computer Name = StudyComputer | Source = Application Hang | ID = 1002
Description = The program LiveComm.exe version 17.5.9600.20413 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 2db0 Start
Time: 01cf4a93cfda0a53 Termination Time: 4294967295 Application Path: C:\Program
Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\LiveComm.exe

Report
Id: c3cea1e6-b687-11e3-be86-6894237f44ee Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe

Faulting
package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

[ System Events ]
Error - 5/17/2014 6:22:00 PM | Computer Name = StudyComputer | Source = Schannel | ID = 36870
Description = A fatal error occurred when attempting to access the SSL server credential
private key. The error code returned from the cryptographic module is 0x8009030d.
The internal error state is 10001.

Error - 5/17/2014 6:25:52 PM | Computer Name = StudyComputer | Source = Schannel | ID = 36870
Description = A fatal error occurred when attempting to access the SSL server credential
private key. The error code returned from the cryptographic module is 0x8009030d.
The internal error state is 10001.

Error - 5/17/2014 6:25:58 PM | Computer Name = StudyComputer | Source = Service Control Manager | ID = 7031
Description = The Util webget service terminated unexpectedly. It has done this
1 time(s). The following corrective action will be taken in 5000 milliseconds:
Restart the service.

Error - 5/17/2014 6:25:59 PM | Computer Name = StudyComputer | Source = Service Control Manager | ID = 7031
Description = The Update webget service terminated unexpectedly. It has done this
1 time(s). The following corrective action will be taken in 5000 milliseconds:
Restart the service.

Error - 5/17/2014 6:26:04 PM | Computer Name = StudyComputer | Source = Service Control Manager | ID = 7000
Description = The Util webget service failed to start due to the following error:
   %%2

Error - 5/17/2014 6:26:04 PM | Computer Name = StudyComputer | Source = Service Control Manager | ID = 7000
Description = The Update webget service failed to start due to the following error:
   %%2

Error - 5/17/2014 6:26:04 PM | Computer Name = StudyComputer | Source = Schannel | ID = 36870
Description = A fatal error occurred when attempting to access the SSL server credential
private key. The error code returned from the cryptographic module is 0x8009030d.
The internal error state is 10001.

Error - 5/17/2014 6:27:08 PM | Computer Name = StudyComputer | Source = Schannel | ID = 36870
Description = A fatal error occurred when attempting to access the SSL server credential
private key. The error code returned from the cryptographic module is 0x8009030d.
The internal error state is 10001.

Error - 5/17/2014 6:28:34 PM | Computer Name = StudyComputer | Source = Service Control Manager | ID = 7000
Description = The Update webget service failed to start due to the following error:
   %%2

Error - 5/17/2014 6:28:34 PM | Computer Name = StudyComputer | Source = Service Control Manager | ID = 7000
Description = The Util webget service failed to start due to the following error:
   %%2

< End of report >