So I have recently taken over this laptop for work and as I set it up to my own preferences, there seems to be some issues.
The computer has been taking longer than normal to boot and it seems to really lag at times, especially when I'm opening the browser or different pages.
Can someone take a look at this for me?
Please and thank you!
I have posted the OTL logs below;
OTL:
OTL logfile created on: 2014-06-24 8:49:52 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Calgary\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17126)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: yyyy-MM-dd
7.19 Gb Total Physical Memory | 2.32 Gb Available Physical Memory | 32.29% Memory free
9.32 Gb Paging File | 4.17 Gb Available in Paging File | 44.73% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 903.81 Gb Total Space | 840.08 Gb Free Space | 92.95% Space Free | Partition Type: NTFS
Drive D: | 26.59 Gb Total Space | 2.64 Gb Free Space | 9.91% Space Free | Partition Type: NTFS
Computer Name: CALGARYSHEPARD | User Name: Calgary | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014-06-24 08:47:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Calgary\Desktop\OTL.exe
PRC - [2014-06-24 08:40:05 | 002,127,952 | ---- | M] () -- C:\Users\Calgary\AppData\Local\Temp\TowerTilt\TowerTilt_Setup.exe
PRC - [2014-06-24 08:36:40 | 000,233,096 | ---- | M] () -- C:\Users\Calgary\AppData\Local\Temp\toolbar79977630.exe
PRC - [2014-06-24 08:36:23 | 006,369,312 | ---- | M] (http://yourfiledownloader.com) -- C:\Users\Calgary\AppData\Local\Temp\update79950875.exe
PRC - [2014-06-24 08:11:42 | 000,317,728 | ---- | M] () -- C:\Program Files (x86)\TowerTilt\updateTowerTilt.exe
PRC - [2014-06-23 11:58:09 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014-06-17 08:55:03 | 000,079,600 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
PRC - [2014-06-17 08:54:13 | 018,935,976 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE
PRC - [2014-06-05 07:58:39 | 000,860,488 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014-05-19 18:45:22 | 033,322,312 | ---- | M] (Dropbox, Inc.) -- C:\Users\Calgary\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2014-05-13 18:33:57 | 001,863,856 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
PRC - [2014-04-30 13:31:08 | 000,950,272 | ---- | M] (Manulife Financial) -- C:\Program Files (x86)\Manulife Financial\Diamond View\Diamondview.exe
PRC - [2014-03-07 02:02:08 | 000,267,224 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
PRC - [2014-01-27 19:15:18 | 000,227,904 | ---- | M] (WildTangent) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
PRC - [2013-12-25 15:20:30 | 001,045,304 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
PRC - [2013-12-25 15:20:26 | 001,039,160 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
PRC - [2013-12-12 11:27:52 | 000,186,408 | ---- | M] (Geek Software GmbH) -- C:\Program Files (x86)\PDF24\pdf24.exe
PRC - [2013-08-21 22:17:05 | 000,374,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2013-08-05 01:49:42 | 000,111,576 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
PRC - [2012-11-05 17:14:34 | 001,343,904 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
PRC - [2012-11-02 15:00:44 | 013,836,984 | ---- | M] (Telus) -- C:\Program Files (x86)\Telus\security advisor\5.5.12.650\TelusSecurityAdvisor.exe
PRC - [2012-11-02 14:58:32 | 012,575,752 | ---- | M] (Radialpoint SafeCare Inc.) -- C:\Program Files (x86)\Telus\security advisor\5.5.12.650\Telus_ServicepointService.exe
PRC - [2012-11-02 14:55:14 | 008,053,032 | ---- | M] (Radialpoint SafeCare Inc.) -- C:\Program Files (x86)\Telus\security advisor\5.5.12.650\TelusSecurityAdvisorComHandler.exe
PRC - [2012-07-13 16:50:00 | 000,093,296 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2011-03-04 12:45:08 | 001,529,856 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
PRC - [2007-11-20 20:11:05 | 003,289,088 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Google Talk\googletalk.exe
========== Modules (No Company Name) ==========
MOD - [2014-06-24 08:40:14 | 000,011,264 | ---- | M] () -- C:\Users\Calgary\AppData\Local\Temp\nstA5F8.tmp\System.dll
MOD - [2014-06-24 08:40:13 | 000,117,248 | ---- | M] () -- C:\Users\Calgary\AppData\Local\Temp\nstA5F8.tmp\IpConfig.dll
MOD - [2014-06-24 08:40:11 | 000,005,632 | ---- | M] () -- C:\Users\Calgary\AppData\Local\Temp\nstA5F8.tmp\ExecDos.dll
MOD - [2014-06-24 08:40:05 | 002,127,952 | ---- | M] () -- C:\Users\Calgary\AppData\Local\Temp\TowerTilt\TowerTilt_Setup.exe
MOD - [2014-06-24 08:37:56 | 000,117,248 | ---- | M] () -- C:\Users\Calgary\AppData\Local\Temp\nsc8DA7.tmp\IpConfig.dll
MOD - [2014-06-24 08:37:56 | 000,011,264 | ---- | M] () -- C:\Users\Calgary\AppData\Local\Temp\nsc8DA7.tmp\System.dll
MOD - [2014-06-24 08:36:40 | 000,233,096 | ---- | M] () -- C:\Users\Calgary\AppData\Local\Temp\toolbar79977630.exe
MOD - [2014-06-24 08:11:42 | 000,317,728 | ---- | M] () -- C:\Program Files (x86)\TowerTilt\updateTowerTilt.exe
MOD - [2014-06-23 11:58:07 | 003,852,912 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2014-06-23 10:28:42 | 000,043,008 | ---- | M] () -- c:\users\calgary\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgm4uvo.dll
MOD - [2014-06-17 08:54:54 | 000,316,584 | ---- | M] () -- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
MOD - [2014-06-17 08:54:52 | 008,890,536 | ---- | M] () -- C:\Program Files\Microsoft Office 15\root\office15\1033\GrooveIntlResource.dll
MOD - [2014-06-17 08:54:06 | 001,032,360 | ---- | M] () -- C:\Program Files\Microsoft Office 15\root\office15\ADDINS\UmOutlookAddin.dll
MOD - [2014-06-17 08:51:16 | 000,316,584 | ---- | M] () -- C:\Program Files\Microsoft Office 15\root\office15\appvisvstream32.dll
MOD - [2014-06-05 07:58:38 | 000,414,536 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppgooglenaclpluginchrome.dll
MOD - [2014-06-05 07:58:37 | 014,612,296 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll
MOD - [2014-06-05 07:58:36 | 004,217,672 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
MOD - [2014-06-05 07:58:32 | 000,716,616 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
MOD - [2014-06-05 07:58:31 | 000,126,280 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll
MOD - [2014-06-05 07:58:30 | 001,732,424 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
MOD - [2014-05-13 18:33:56 | 016,361,136 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll
MOD - [2014-04-23 16:05:12 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014-04-23 16:04:54 | 001,044,808 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2014-02-16 11:13:57 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\465dac2a0ebb43fd93816404c1b03bc9\System.ServiceProcess.ni.dll
MOD - [2014-02-16 11:13:39 | 000,978,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\97272e5adde36ea896d7216bf0270e15\System.Configuration.ni.dll
MOD - [2014-02-16 11:13:39 | 000,141,312 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\865b858298279774d2a3c6cecac95124\System.Configuration.Install.ni.dll
MOD - [2014-02-16 01:30:38 | 005,463,552 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\672138dc2f47a077f59ef14290a6973e\System.Xml.ni.dll
MOD - [2014-02-16 01:30:32 | 012,436,480 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\a673aacf407b499981342bb709cce917\System.Windows.Forms.ni.dll
MOD - [2014-02-16 01:30:23 | 001,593,344 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d76ae95d56d39a59f727f5518ac8e396\System.Drawing.ni.dll
MOD - [2014-02-16 01:29:47 | 007,993,856 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\20af51394609c937507288c2b1cf2c8c\System.ni.dll
MOD - [2014-02-16 01:29:41 | 011,499,520 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\3de119146ed0e59408f896aa69cdfc42\mscorlib.ni.dll
MOD - [2014-01-02 19:09:26 | 003,610,624 | ---- | M] () -- C:\Users\Calgary\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2013-08-23 13:01:44 | 025,100,288 | ---- | M] () -- C:\Users\Calgary\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2013-08-16 18:06:31 | 000,131,072 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
MOD - [2013-08-05 16:48:08 | 000,016,856 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
MOD - [2013-08-05 01:49:47 | 000,627,672 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
MOD - [2012-05-22 16:57:24 | 020,758,016 | ---- | M] () -- C:\Program Files (x86)\Telus\security advisor\5.5.12.650\libcef.dll
MOD - [2012-05-22 16:57:24 | 001,094,158 | ---- | M] () -- C:\Program Files (x86)\Telus\security advisor\5.5.12.650\avcodec-53.dll
MOD - [2012-05-22 16:57:24 | 000,622,080 | ---- | M] () -- C:\Program Files (x86)\Telus\security advisor\5.5.12.650\libGLESv2.dll
MOD - [2012-05-22 16:57:24 | 000,183,822 | ---- | M] () -- C:\Program Files (x86)\Telus\security advisor\5.5.12.650\avformat-53.dll
MOD - [2012-05-22 16:57:24 | 000,117,262 | ---- | M] () -- C:\Program Files (x86)\Telus\security advisor\5.5.12.650\avutil-51.dll
MOD - [2012-05-22 16:57:24 | 000,111,616 | ---- | M] () -- C:\Program Files (x86)\Telus\security advisor\5.5.12.650\libEGL.dll
========== Services (SafeList) ==========
SRV:64bit: - [2014-05-21 03:28:26 | 002,279,608 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe -- (ClickToRunSvc)
SRV:64bit: - [2014-04-06 05:20:36 | 000,201,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2014-04-02 20:51:48 | 001,584,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2014-03-23 20:31:14 | 000,347,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2014-03-23 20:31:14 | 000,023,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2014-03-14 00:26:25 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2014-03-07 23:41:25 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014-03-06 01:02:13 | 000,834,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2014-02-22 09:53:10 | 003,394,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2014-02-22 03:57:16 | 000,710,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2014-02-22 03:26:58 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014-02-22 03:25:39 | 000,399,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2014-02-22 03:25:14 | 000,269,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2014-02-22 03:23:58 | 001,576,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2014-02-06 04:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014-01-08 23:39:39 | 000,076,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\inetsrv\w3logsvc.dll -- (w3logsvc)
SRV:64bit: - [2013-12-13 11:23:32 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2013-12-10 01:35:18 | 000,530,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2013-11-22 22:50:00 | 000,282,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013-10-09 16:52:30 | 001,645,256 | ---- | M] (TELUS security services) [Auto | Running] -- C:\Program Files\TELUS security services\TELUS security services\vsserv.exe -- (VSSERV)
SRV:64bit: - [2013-10-09 16:52:30 | 000,069,392 | ---- | M] (TELUS security services) [Disabled | Stopped] -- C:\Program Files\TELUS security services\TELUS security services\bdparentalservice.exe -- (BdDesktopParental)
SRV:64bit: - [2013-10-09 16:52:30 | 000,067,320 | ---- | M] (TELUS security services) [Auto | Running] -- C:\Program Files\TELUS security services\TELUS security services\updatesrv.exe -- (UPDATESRV)
SRV:64bit: - [2013-08-22 06:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2013-08-22 05:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013-08-22 05:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013-08-22 05:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013-08-22 05:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013-08-22 05:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013-08-22 04:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013-08-22 04:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013-08-22 04:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013-08-22 04:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013-08-22 04:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013-08-22 04:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013-08-22 04:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013-08-22 04:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013-08-22 04:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013-08-22 03:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013-08-22 03:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013-08-22 03:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013-08-22 03:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013-08-22 03:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013-08-22 03:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013-08-22 03:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013-08-22 03:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2013-03-01 16:40:02 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2013-02-26 01:31:30 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2013-02-19 23:10:00 | 000,239,176 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE -- (RtkAudioService)
SRV:64bit: - [2009-11-17 20:14:00 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV - [2014-06-24 08:11:42 | 000,317,728 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\TowerTilt\updateTowerTilt.exe -- (Update TowerTilt)
SRV - [2014-06-23 11:58:08 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014-05-13 18:34:09 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014-03-14 00:10:16 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2014-01-27 19:15:18 | 000,227,904 | ---- | M] (WildTangent) [Auto | Running] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe -- (GamesAppIntegrationService)
SRV - [2014-01-08 23:39:40 | 000,475,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2014-01-08 23:39:39 | 000,066,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\w3logsvc.dll -- (w3logsvc)
SRV - [2014-01-08 23:39:38 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2013-12-25 15:20:26 | 001,039,160 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe -- (HPWMISVC)
SRV - [2013-08-22 06:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013-08-21 21:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013-08-21 20:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2012-11-02 14:58:32 | 012,575,752 | ---- | M] (Radialpoint SafeCare Inc.) [Auto | Running] -- C:\Program Files (x86)\Telus\security advisor\5.5.12.650\Telus_ServicepointService.exe -- (ServicepointService8)
SRV - [2012-09-27 12:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2011-03-04 12:45:08 | 001,529,856 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2010-10-12 11:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2014-05-01 07:31:39 | 000,055,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2014-04-01 00:23:41 | 000,384,856 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014-03-23 20:30:57 | 000,257,880 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2014-03-23 20:30:57 | 000,123,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2014-03-23 20:27:03 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2014-03-19 21:41:20 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2014-03-13 06:35:24 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2014-03-08 14:40:16 | 000,136,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2014-03-08 14:35:45 | 000,467,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2014-02-22 10:00:25 | 000,236,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2014-02-22 09:49:51 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2014-02-22 09:49:49 | 000,189,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2014-02-22 09:49:49 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2014-02-22 09:49:47 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2014-02-22 09:44:13 | 000,924,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2014-02-22 06:14:02 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2014-02-11 19:00:15 | 000,290,008 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsP2Stor.sys -- (RSP2STOR)
DRV:64bit: - [2014-02-11 18:57:31 | 000,830,680 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2014-01-27 21:58:37 | 000,041,704 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2014-01-08 23:42:43 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2014-01-08 23:42:43 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2014-01-08 23:42:43 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2013-12-13 11:23:36 | 013,207,552 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013-12-13 11:23:36 | 000,626,176 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013-12-04 12:41:54 | 000,226,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2013-12-02 10:42:14 | 001,204,424 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtbth.sys -- (rtbth)
DRV:64bit: - [2013-11-26 17:34:34 | 002,483,376 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2013-11-14 01:28:58 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013-11-14 01:25:25 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013-11-14 01:16:57 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013-11-14 01:16:54 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013-09-08 21:04:56 | 000,023,568 | ---- | M] (Bitdefender) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bdelam.sys -- (bdelam)
DRV:64bit: - [2013-08-23 14:48:49 | 000,150,256 | ---- | M] (BitDefender LLC) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\gzflt.sys -- (gzflt)
DRV:64bit: - [2013-08-22 07:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013-08-22 07:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013-08-22 06:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013-08-22 06:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013-08-22 06:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013-08-22 06:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013-08-22 06:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013-08-22 06:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013-08-22 06:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013-08-22 06:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013-08-22 06:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013-08-22 06:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013-08-22 06:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013-08-22 06:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013-08-22 06:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013-08-22 06:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013-08-22 06:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013-08-22 06:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013-08-22 06:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013-08-22 06:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013-08-22 06:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013-08-22 06:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013-08-22 06:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013-08-22 06:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013-08-22 06:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013-08-22 06:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013-08-22 06:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013-08-22 06:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013-08-22 06:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013-08-22 05:39:58 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2013-08-22 05:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013-08-22 05:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013-08-22 05:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013-08-22 05:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013-08-22 05:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013-08-22 05:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013-08-22 05:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013-08-22 05:38:30 | 000,131,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthA2DP.sys -- (BthA2DP)
DRV:64bit: - [2013-08-22 05:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013-08-22 05:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013-08-22 05:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013-08-22 05:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013-08-22 05:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013-08-22 05:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013-08-22 05:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013-08-22 05:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013-08-22 05:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013-08-22 05:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013-08-22 05:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013-08-22 05:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013-08-22 05:36:17 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2013-08-22 05:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013-08-22 05:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013-08-22 02:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013-08-12 17:25:46 | 000,017,624 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013-08-09 18:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013-08-07 14:46:28 | 000,389,240 | ---- | M] (BitDefender S.R.L.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\trufos.sys -- (trufos)
DRV:64bit: - [2013-07-30 12:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013-07-29 17:45:27 | 000,107,008 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Common Files\TELUS security services\TELUS security services Firewall\bdfwfpf.sys -- (bdfwfpf)
DRV:64bit: - [2013-07-25 13:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013-07-24 19:19:21 | 000,098,768 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Common Files\TELUS security services\TELUS security services Firewall\bdfndisf6.sys -- (BdfNdisf)
DRV:64bit: - [2013-07-23 17:50:57 | 000,082,824 | ---- | M] (BitDefender SRL) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bdsandbox.sys -- (BDSandBox)
DRV:64bit: - [2013-07-19 19:08:08 | 000,601,360 | ---- | M] (BitDefender) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\avckf.sys -- (avckf)
DRV:64bit: - [2013-07-19 19:04:54 | 000,727,592 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avc3.sys -- (avc3)
DRV:64bit: - [2013-03-18 16:51:08 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2013-03-05 13:01:42 | 000,091,712 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\CLVirtualDrive.sys -- (CLVirtualDrive)
DRV:64bit: - [2013-03-01 16:40:02 | 000,043,320 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2013-03-01 16:40:02 | 000,030,520 | ---- | M] (Hewlett-Packard) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2013-02-14 21:41:14 | 000,094,208 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW86.sys -- (AtiHDAudioService)
DRV:64bit: - [2013-02-05 22:54:18 | 000,469,232 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2013-02-05 22:54:16 | 000,031,984 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:64bit: - [2013-02-05 22:54:16 | 000,028,400 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Smb_driver_AMDASF.sys -- (SmbDrv)
DRV:64bit: - [2012-11-30 03:31:02 | 000,026,280 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2012-11-30 03:31:00 | 000,080,552 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2012-08-31 10:40:24 | 000,020,800 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WirelessButtonDriver64.sys -- (WirelessButtonDriver)
DRV:64bit: - [2012-08-28 09:27:24 | 000,058,536 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2012-08-21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012-04-09 10:13:58 | 000,057,472 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.2)
DRV:64bit: - [2011-03-04 12:51:50 | 000,306,536 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV:64bit: - [2010-02-08 08:32:00 | 000,014,992 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CVirtA64.sys -- (CVirtA)
DRV:64bit: - [2008-11-16 18:39:44 | 000,157,968 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dne64x.sys -- (DNE)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...0TR&pc=HPNTDFJS
IE:64bit: - HKLM\..\SearchScopes\{3BABA3F4-18AB-461F-BDCB-030F621C999E}: "URL" = http://www.amazon.ca...s={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...56705-11896-0/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...0TR&pc=HPNTDFJS
IE - HKLM\..\SearchScopes\{3BABA3F4-18AB-461F-BDCB-030F621C999E}: "URL" = http://www.amazon.ca...s={searchTerms}
IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...56705-11896-0/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3432463877-1759428120-2468046901-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-3432463877-1759428120-2468046901-1002\..\SearchScopes,DefaultScope = {6566C40D-EF72-4B49-B3AC-7E936B478530}
IE - HKU\S-1-5-21-3432463877-1759428120-2468046901-1002\..\SearchScopes\{053A6642-1AB0-40ED-A2A6-4ECC2A1A76A3}: "URL" = http://search.yahoo....petb&type=10803
IE - HKU\S-1-5-21-3432463877-1759428120-2468046901-1002\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...0TR&pc=HPNTDFJS
IE - HKU\S-1-5-21-3432463877-1759428120-2468046901-1002\..\SearchScopes\{3BABA3F4-18AB-461F-BDCB-030F621C999E}: "URL" = http://www.amazon.ca...s={searchTerms}
IE - HKU\S-1-5-21-3432463877-1759428120-2468046901-1002\..\SearchScopes\{6566C40D-EF72-4B49-B3AC-7E936B478530}: "URL" = http://search.findwi...k={searchTerms}
IE - HKU\S-1-5-21-3432463877-1759428120-2468046901-1002\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...56705-11896-0/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
IE - HKU\S-1-5-21-3432463877-1759428120-2468046901-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: %7B6e84150a-d526-41f1-a480-a67d3fed910d%7D:1.5.6
FF - prefs.js..extensions.enabledAddons: %7B12b6fdcd-4423-4276-82a3-73fdbff5f7e4%7D:1.8
FF - prefs.js..extensions.enabledAddons: %7B587cb346-a3d8-4884-b39b-f0ed918b6f96%7D:1.0.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@radialpoint.com/SPA_8,version=1: C:\Program Files (x86)\Telus\security advisor\5.5.12.650\nprpspa.dll (Telus)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf: C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@radialpoint.com/SPA_8,version=1: C:\Program Files (x86)\Telus\security advisor\5.5.12.650\nprpspa.dll (Telus)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF - HKCU\Software\MozillaPlugins\@citrixonline.com/appdetectorplugin: C:\Users\Calgary\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Calgary\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Calgary\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Calgary\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Calgary\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\hp.com/HPDetect: C:\Users\Calgary\AppData\Roaming\HewlettPackard\HPDetect\1.0.0.0\npHPDetect.dll (HP)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\PROGRAM FILES\TELUS SECURITY SERVICES\TELUS SECURITY SERVICES\BDTBEXT [2013-10-10 15:28:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\TELUS security services\TELUS security services\bdtbext [2013-10-10 15:28:31 | 000,000,000 | ---D | M]
[2014-06-10 09:50:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Calgary\AppData\Roaming\mozilla\Extensions
[2014-06-24 08:42:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Calgary\AppData\Roaming\mozilla\Firefox\Profiles\swkfz2xp.default\extensions
[2014-06-24 08:42:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Calgary\AppData\Roaming\mozilla\Firefox\Profiles\swkfz2xp.default\extensions\staged
[2014-06-24 08:42:02 | 000,023,674 | ---- | M] () (No name found) -- C:\Users\Calgary\AppData\Roaming\mozilla\firefox\profiles\swkfz2xp.default\extensions\{12b6fdcd-4423-4276-82a3-73fdbff5f7e4}.xpi
[2014-06-24 08:11:42 | 000,007,464 | ---- | M] () (No name found) -- C:\Users\Calgary\AppData\Roaming\mozilla\firefox\profiles\swkfz2xp.default\extensions\{587cb346-a3d8-4884-b39b-f0ed918b6f96}.xpi
[2014-06-20 09:56:26 | 000,111,028 | ---- | M] () (No name found) -- C:\Users\Calgary\AppData\Roaming\mozilla\firefox\profiles\swkfz2xp.default\extensions\{6e84150a-d526-41f1-a480-a67d3fed910d}.xpi
[2014-04-30 11:12:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014-06-23 11:58:12 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: https://www.google.ca/
CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = C:\Users\Calgary\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\
CHR - Extension: Google Drive = C:\Users\Calgary\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\Calgary\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5019_0\
CHR - Extension: WOT = C:\Users\Calgary\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\2.5.15_0\
CHR - Extension: YouTube = C:\Users\Calgary\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Adblock Plus = C:\Users\Calgary\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.3_0\
CHR - Extension: Google Search = C:\Users\Calgary\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Adobe Acrobat - Create PDF = C:\Users\Calgary\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\11.0.7.52_0\
CHR - Extension: IE Tab Multi (Enhance) = C:\Users\Calgary\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnfnbeppfinmnjnjhedifcfllpcfgeea\1.0.2.1_0\
CHR - Extension: Hola Better Internet = C:\Users\Calgary\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio\1.3.630_0\
CHR - Extension: TweetDeck by Twitter = C:\Users\Calgary\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl\3.7.4_0\
CHR - Extension: Favicon Changer = C:\Users\Calgary\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijaabbaphikljkkcbgpbaljfjpflpeoo\1.0.3_0\
CHR - Extension: Boomerang for Gmail = C:\Users\Calgary\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdanidgdpmkimeiiojknlnekblgmpdll\1.2.4_0\
CHR - Extension: Hangouts = C:\Users\Calgary\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd\2014.610.433.2_0\
CHR - Extension: Google Wallet = C:\Users\Calgary\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: video2mp3 = C:\Users\Calgary\AppData\Local\Google\Chrome\User Data\Default\Extensions\oljlcbniifdjapjocdfamhlnmpkojdkm\1.0.4_1\
CHR - Extension: OneClick Cleaner for Chrome = C:\Users\Calgary\AppData\Local\Google\Chrome\User Data\Default\Extensions\oncckmaelaecccmaniihojgeopkcajfh\0.9.0.9_0\
CHR - Extension: Gmail = C:\Users\Calgary\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2014-03-02 11:32:21 | 000,517,700 | ---- | M]) - C:\Windows\SysNative\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost #[IPv6]
O1 - Hosts: 0.0.0.0 fr.a2dfp.net
O1 - Hosts: 0.0.0.0 m.fr.a2dfp.net
O1 - Hosts: 0.0.0.0 mfr.a2dfp.net
O1 - Hosts: 0.0.0.0 ad.a8.net
O1 - Hosts: 0.0.0.0 asy.a8ww.net
O1 - Hosts: 0.0.0.0 abcstats.com
O1 - Hosts: 0.0.0.0 ad4.abradio.cz
O1 - Hosts: 0.0.0.0 a.abv.bg
O1 - Hosts: 0.0.0.0 adserver.abv.bg
O1 - Hosts: 0.0.0.0 adv.abv.bg
O1 - Hosts: 0.0.0.0 bimg.abv.bg
O1 - Hosts: 0.0.0.0 ca.abv.bg
O1 - Hosts: 0.0.0.0 www2.a-counter.kiev.ua
O1 - Hosts: 0.0.0.0 track.acclaimnetwork.com
O1 - Hosts: 0.0.0.0 accuserveadsystem.com
O1 - Hosts: 0.0.0.0 www.accuserveadsystem.com
O1 - Hosts: 0.0.0.0 achmedia.com
O1 - Hosts: 0.0.0.0 csh.actiondesk.com
O1 - Hosts: 0.0.0.0 ads.activepower.net
O1 - Hosts: 0.0.0.0 app.activetrail.com
O1 - Hosts: 0.0.0.0 stat.active24stats.nl #[Tracking.Cookie]
O1 - Hosts: 0.0.0.0 traffic.acwebconnecting.com
O1 - Hosts: 0.0.0.0 office.ad1.ru
O1 - Hosts: 15432 more lines...
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O2 - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation)
O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3 - HKLM\..\Toolbar: (no name) - {56CF4856-ECB4-4e46-A897-A378821F97B9} - No CLSID value found.
O3 - HKU\S-1-5-21-3432463877-1759428120-2468046901-1002\..\Toolbar\WebBrowser: (no name) - {F258B9BC-B306-4343-9D1C-22EC837B646F} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Bdagent] C:\Program Files\TELUS security services\TELUS security services\bdagent.exe (TELUS security services)
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\WINDOWS\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [DSFMAJAutoService] C:\Desjardins\Accueil\DesjardinsMajAutoFusion.exe (DJSFC)
O4 - HKLM..\Run: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPMessageService] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [PDFPrint] C:\Program Files (x86)\PDF24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TelusSecurityAdvisor] C:\Program Files (x86)\Telus\security advisor\5.5.12.650\TelusSecurityAdvisor.exe (Telus)
O4 - HKU\S-1-5-21-3432463877-1759428120-2468046901-1002..\Run: [DiamondView] C:\Program Files (x86)\Manulife Financial\Diamond View\Diamondview.exe (Manulife Financial)
O4 - HKU\S-1-5-21-3432463877-1759428120-2468046901-1002..\Run: [GoogleChromeAutoLaunch_FA631E094BF4279435CE920E853E56FF] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKU\S-1-5-21-3432463877-1759428120-2468046901-1002..\Run: [googletalk] C:\Program Files (x86)\Google\Google Talk\googletalk.exe (Google)
O4 - HKU\S-1-5-21-3432463877-1759428120-2468046901-1002..\Run: [Power2GoExpress8] NA File not found
O4:64bit: - HKLM..\RunOnce: [NCPluginUpdater] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe (Hewlett-Packard)
O4 - HKU\S-1-5-21-3432463877-1759428120-2468046901-1002..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_13_0_0_214_Plugin.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Users\Calgary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Calgary\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files\TELUS security services\TELUS security services\BdProvider.dll (Bitdefender)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files\TELUS security services\TELUS security services\BdProvider.dll (Bitdefender)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files\TELUS security services\TELUS security services\BdProvider.dll (Bitdefender)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files\TELUS security services\TELUS security services\BdProvider.dll (Bitdefender)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files\TELUS security services\TELUS security services\BdProvider.dll (Bitdefender)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files\TELUS security services\TELUS security services\BdProvider.dll (Bitdefender)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Program Files\TELUS security services\TELUS security services\BdProvider.dll (Bitdefender)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Program Files\TELUS security services\TELUS security services\BdProvider.dll (Bitdefender)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Program Files\TELUS security services\TELUS security services\BdProvider.dll (Bitdefender)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Program Files\TELUS security services\TELUS security services\BdProvider.dll (Bitdefender)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000022 - C:\Program Files\TELUS security services\TELUS security services\BdProvider.dll (Bitdefender)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\TELUS security services\TELUS security services\BdProvider32\BdProvider.dll (Bitdefender)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\TELUS security services\TELUS security services\BdProvider32\BdProvider.dll (Bitdefender)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\TELUS security services\TELUS security services\BdProvider32\BdProvider.dll (Bitdefender)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\TELUS security services\TELUS security services\BdProvider32\BdProvider.dll (Bitdefender)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\TELUS security services\TELUS security services\BdProvider32\BdProvider.dll (Bitdefender)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\TELUS security services\TELUS security services\BdProvider32\BdProvider.dll (Bitdefender)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\TELUS security services\TELUS security services\BdProvider32\BdProvider.dll (Bitdefender)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\TELUS security services\TELUS security services\BdProvider32\BdProvider.dll (Bitdefender)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\TELUS security services\TELUS security services\BdProvider32\BdProvider.dll (Bitdefender)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\TELUS security services\TELUS security services\BdProvider32\BdProvider.dll (Bitdefender)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Program Files\TELUS security services\TELUS security services\BdProvider32\BdProvider.dll (Bitdefender)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} https://www.avdlext.com/dwa7W.cab (Domino Web Access 7 Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{23BBA13D-658C-4B98-90BC-CE58CAD114D1}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{905D83DC-1F93-46CB-BF84-5CEA204B8E3F}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014-06-24 08:47:46 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Calgary\Desktop\OTL.exe
[2014-06-24 08:36:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\YourFileDownloader
[2014-06-23 12:36:10 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014-06-23 12:12:27 | 000,000,000 | ---D | C] -- C:\Users\Calgary\Canada Life
[2014-06-23 12:10:10 | 000,000,000 | ---D | C] -- C:\Users\Calgary\Desktop\Client Care
[2014-06-23 12:07:02 | 006,542,336 | ---- | C] (Amyuni Technologies
http://www.amyuni.com) -- C:\WINDOWS\SysNative\cdintf450_64.dll
[2014-06-23 12:07:02 | 004,818,432 | ---- | C] (Amyuni Technologies
http://www.amyuni.com) -- C:\WINDOWS\SysWow64\cdintf450.dll
[2014-06-19 09:02:54 | 000,000,000 | ---D | C] -- C:\Users\Calgary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Excellence
[2014-06-19 09:02:49 | 000,000,000 | ---D | C] -- C:\Users\Calgary\AppData\Local\Excellence
[2014-06-19 09:02:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Excellence
[2014-06-17 14:33:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Software FX Shared
[2014-06-17 14:33:27 | 000,901,120 | ---- | C] (Three |D| Graphics, Inc.) -- C:\WINDOWS\SysWow64\sscsdk32.dll
[2014-06-17 14:33:27 | 000,221,696 | ---- | C] (Seagate Software Information Management Group, Inc.) -- C:\WINDOWS\SysWow64\u2fhtml.dll
[2014-06-17 14:33:27 | 000,201,728 | ---- | C] (Seagate Software Information Management Group, Inc.) -- C:\WINDOWS\SysWow64\p2ssql.dll
[2014-06-17 14:33:27 | 000,180,736 | ---- | C] (Seagate Software Information Management Group, Inc.) -- C:\WINDOWS\SysWow64\u2fxls.dll
[2014-06-17 14:33:27 | 000,160,768 | ---- | C] (Seagate Software Information Management Group, Inc.) -- C:\WINDOWS\SysWow64\p2ssyb10.dll
[2014-06-17 14:33:27 | 000,129,024 | ---- | C] (Seagate Software Information Management Group, Inc.) -- C:\WINDOWS\SysWow64\u2ftext.dll
[2014-06-17 14:33:27 | 000,120,320 | ---- | C] (Seagate Software Information Management Group, Inc.) -- C:\WINDOWS\SysWow64\u2fwordw.dll
[2014-06-17 14:33:27 | 000,113,664 | ---- | C] (Seagate Software Information Management Group, Inc.) -- C:\WINDOWS\SysWow64\u2frtf.dll
[2014-06-17 14:33:27 | 000,102,912 | ---- | C] (Seagate Software Information Management Group, Inc.) -- C:\WINDOWS\SysWow64\u2dnotes.dll
[2014-06-17 14:33:27 | 000,095,232 | ---- | C] (Seagate Software Information Management Group, Inc.) -- C:\WINDOWS\SysWow64\u2dpost.dll
[2014-06-17 14:33:27 | 000,093,184 | ---- | C] (Seagate Software Information Management Group, Inc.) -- C:\WINDOWS\SysWow64\u2fodbc.dll
[2014-06-17 14:33:27 | 000,092,160 | ---- | C] (Seagate Software Information Management Group, Inc.) -- C:\WINDOWS\SysWow64\u2dvim.dll
[2014-06-17 14:33:27 | 000,075,264 | ---- | C] (Seagate Software Information Management Group, Inc.) -- C:\WINDOWS\SysWow64\u2fwks.dll
[2014-06-17 14:33:27 | 000,074,240 | ---- | C] (Seagate Software Information Management Group, Inc.) -- C:\WINDOWS\SysWow64\u2dmapi.dll
[2014-06-17 14:33:27 | 000,073,728 | ---- | C] (Seagate Software Information Management Group, Inc.) -- C:\WINDOWS\SysWow64\u2fsepv.dll
[2014-06-17 14:33:27 | 000,070,144 | ---- | C] (Seagate Software Information Management Group, Inc.) -- C:\WINDOWS\SysWow64\u2dapp.dll
[2014-06-17 14:33:27 | 000,064,000 | ---- | C] (Seagate Software Information Management Group, Inc.) -- C:\WINDOWS\SysWow64\u2frec.dll
[2014-06-17 14:33:27 | 000,064,000 | ---- | C] (Seagate Software Information Management Group, Inc.) -- C:\WINDOWS\SysWow64\u2fcr.dll
[2014-06-17 14:33:27 | 000,058,880 | ---- | C] (Seagate Software Information Management Group, Inc.) -- C:\WINDOWS\SysWow64\u2ddisk.dll
[2014-06-17 14:33:27 | 000,056,320 | ---- | C] (Seagate Software Information Management Group, Inc.) -- C:\WINDOWS\SysWow64\u2l2000.dll
[2014-06-17 14:33:27 | 000,055,808 | ---- | C] (Seagate Software Information Management Group, Inc.) -- C:\WINDOWS\SysWow64\u252000.dll
[2014-06-17 14:33:27 | 000,024,576 | ---- | C] (Seagate Software, Inc) -- C:\WINDOWS\SysWow64\u2lcom.dll
[2014-06-17 14:33:26 | 000,693,888 | ---- | C] (FarPoint Technologies, Inc.) -- C:\WINDOWS\SysWow64\SSVBX25.VBX
[2014-06-17 14:33:26 | 000,693,888 | ---- | C] (FarPoint Technologies, Inc.) -- C:\WINDOWS\System\SSVBX25.VBX
[2014-06-17 14:33:26 | 000,268,288 | ---- | C] (Seagate Software Information Management Group, Inc.) -- C:\WINDOWS\SysWow64\p2bxbse.dll
[2014-06-17 14:33:26 | 000,232,208 | ---- | C] (Sheridan Software Systems, Inc.) -- C:\WINDOWS\SysWow64\SSDATA2.VBX
[2014-06-17 14:33:26 | 000,232,208 | ---- | C] (Sheridan Software Systems, Inc.) -- C:\WINDOWS\System\SSDATA2.VBX
[2014-06-17 14:33:26 | 000,229,888 | ---- | C] (Seagate Software, Information Management Group, Inc.) -- C:\WINDOWS\SysWow64\crpaig32.dll
[2014-06-17 14:33:26 | 000,216,064 | ---- | C] (Seagate Software Information Management Group, Inc.) -- C:\WINDOWS\SysWow64\p2sora7.dll
[2014-06-17 14:33:26 | 000,208,127 | ---- | C] (Seagate Software Information Management Group, Inc.) -- C:\WINDOWS\SysWow64\p2bbde.dll
[2014-06-17 14:33:26 | 000,189,952 | ---- | C] (Seagate Software, Inc) -- C:\WINDOWS\SysWow64\p2smon.dll
[2014-06-17 14:33:26 | 000,173,568 | ---- | C] (Seagate Software, Information Management Group, Inc.) -- C:\WINDOWS\SysWow64\p2sifmx.dll
[2014-06-17 14:33:26 | 000,138,240 | ---- | C] (Seagate Software, Inc) -- C:\WINDOWS\SysWow64\p2soledb.dll
[2014-06-17 14:33:26 | 000,129,152 | ---- | C] (VideoSoft) -- C:\WINDOWS\SysWow64\VSVIEW2.VBX
[2014-06-17 14:33:26 | 000,092,176 | ---- | C] (VideoSoft) -- C:\WINDOWS\SysWow64\VSVBX.VBX
[2014-06-17 14:33:26 | 000,092,176 | ---- | C] (VideoSoft) -- C:\WINDOWS\System\VSVBX.VBX
[2014-06-17 14:33:26 | 000,064,432 | ---- | C] (Sheridan Software Systems, Inc.) -- C:\WINDOWS\SysWow64\THREED.VBX
[2014-06-17 14:33:26 | 000,064,432 | ---- | C] (Sheridan Software Systems, Inc.) -- C:\WINDOWS\System\THREED.VBX
[2014-06-17 14:33:26 | 000,060,416 | ---- | C] (Seagate Software, Inc.) -- C:\WINDOWS\SysWow64\crxlat32.dll
[2014-06-17 14:33:26 | 000,047,472 | ---- | C] (Sheridan Software Systems, Inc.) -- C:\WINDOWS\SysWow64\SSDATA1.VBX
[2014-06-17 14:33:26 | 000,047,472 | ---- | C] (Sheridan Software Systems, Inc.) -- C:\WINDOWS\System\SSDATA1.VBX
[2014-06-17 14:33:25 | 000,058,032 | ---- | C] (Crescent division of Progress Software Corporation) -- C:\WINDOWS\SysWow64\QPRO200.DLL
[2014-06-17 14:33:25 | 000,058,032 | ---- | C] (Crescent division of Progress Software Corporation) -- C:\WINDOWS\System\QPRO200.DLL
[2014-06-17 14:33:24 | 000,206,848 | ---- | C] (Seagate Software Information Management Group, Inc.) -- C:\WINDOWS\SysWow64\P2SODBC.DLL
[2014-06-17 14:33:24 | 000,152,576 | ---- | C] (Seagate Software Information Management Group, Inc.) -- C:\WINDOWS\SysWow64\P2BDAO.DLL
[2014-06-17 14:33:24 | 000,112,640 | ---- | C] (Seagate Software Information Management Group, Inc.) -- C:\WINDOWS\SysWow64\P2IRDAO.DLL
[2014-06-17 14:33:24 | 000,081,408 | ---- | C] (Seagate Software Information Management Group, Inc.) -- C:\WINDOWS\SysWow64\P2CTDAO.DLL
[2014-06-17 14:33:24 | 000,059,392 | ---- | C] (Seagate Software Information Management Group, Inc.) -- C:\WINDOWS\SysWow64\P2BBND.DLL
[2014-06-17 14:33:21 | 005,350,912 | ---- | C] (Seagate Software, Inc.) -- C:\WINDOWS\SysWow64\Crpe32.dll
[2014-06-17 14:33:21 | 000,687,800 | ---- | C] (APEX Software Corporation) -- C:\WINDOWS\SysWow64\TDBG5_32.OCX
[2014-06-17 14:33:21 | 000,480,032 | ---- | C] (Bits Per Second Ltd) -- C:\WINDOWS\SysWow64\GRAPHX.VBX
[2014-06-17 14:33:21 | 000,480,032 | ---- | C] (Bits Per Second Ltd) -- C:\WINDOWS\System\GRAPHX.VBX
[2014-06-17 14:33:21 | 000,475,168 | ---- | C] (Sheridan Software Systems, Inc.) -- C:\WINDOWS\SysWow64\SSTABS32.OCX
[2014-06-17 14:33:21 | 000,399,984 | ---- | C] (Bits Per Second Ltd) -- C:\WINDOWS\SysWow64\GSW16.EXE
[2014-06-17 14:33:21 | 000,399,984 | ---- | C] (Bits Per Second Ltd) -- C:\WINDOWS\System\GSW16.EXE
[2014-06-17 14:33:21 | 000,174,592 | ---- | C] (Bits Per Second Ltd) -- C:\WINDOWS\SysWow64\GSWAG16.DLL
[2014-06-17 14:33:21 | 000,174,592 | ---- | C] (Bits Per Second Ltd) -- C:\WINDOWS\System\GSWAG16.DLL
[2014-06-17 14:33:21 | 000,070,800 | ---- | C] (Bits Per Second Ltd) -- C:\WINDOWS\SysWow64\GRAPH.VBX
[2014-06-17 14:33:21 | 000,064,000 | ---- | C] (Desaware Inc.) -- C:\WINDOWS\SysWow64\APIGID32.DLL
[2014-06-17 14:33:21 | 000,050,352 | ---- | C] (Bits Per Second Ltd) -- C:\WINDOWS\SysWow64\GSWDLL16.DLL
[2014-06-17 14:33:21 | 000,050,352 | ---- | C] (Bits Per Second Ltd) -- C:\WINDOWS\System\GSWDLL16.DLL
[2014-06-17 14:33:21 | 000,030,448 | ---- | C] (Ed Staffin Software) -- C:\WINDOWS\SysWow64\MSGBLAST.VBX
[2014-06-17 14:33:21 | 000,030,448 | ---- | C] (Ed Staffin Software) -- C:\WINDOWS\System\MSGBLAST.VBX
[2014-06-17 14:33:20 | 004,822,528 | ---- | C] (Seagate Software, Inc.) -- C:\WINDOWS\SysWow64\craxdrt.dll
[2014-06-17 14:33:20 | 000,993,996 | ---- | C] (Seagate Software, Inc.) -- C:\WINDOWS\SysWow64\CRYSTL32.OCX
[2014-06-17 14:32:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\illustrate inc
[2014-06-17 14:32:58 | 000,663,552 | ---- | C] (APEX Software Corporation) -- C:\WINDOWS\SysWow64\TDBG5.OCX
[2014-06-17 14:32:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ENVISION
[2014-06-17 14:32:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Empire
[2014-06-17 13:52:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Novinsoft
[2014-06-17 13:52:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Great West Life
[2014-06-17 13:50:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canada Life
[2014-06-17 13:50:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Canada Life
[2014-06-17 13:49:54 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Great West Life
[2014-06-17 13:49:54 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Canada Life IG
[2014-06-17 13:49:54 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Canada Life
[2014-06-17 13:49:50 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\London Life
[2014-06-17 13:49:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZoomExpressKeyview
[2014-06-17 13:48:56 | 000,000,000 | ---D | C] -- C:\ProgramData\{28F8033D-7256-4F66-A16C-E080A43797B2}
[2014-06-17 13:47:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Concourse CL Content
[2014-06-17 13:47:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Concourse CL App
[2014-06-17 13:46:01 | 000,000,000 | ---D | C] -- C:\ProgramData\{C0F6CDBD-EEC6-4F06-96E1-02AE8F01B948}
[2014-06-17 13:41:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BMO Insurance
[2014-06-17 13:41:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BMONET
[2014-06-17 13:37:54 | 000,000,000 | ---D | C] -- C:\Users\Calgary\Desktop\3rd Party
[2014-06-17 13:36:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RBC Illustrations
[2014-06-17 13:36:15 | 001,089,536 | ---- | C] (eHelp Corporation.) -- C:\WINDOWS\SysWow64\Roboex32.dll
[2014-06-17 13:36:14 | 000,936,448 | ---- | C] (Vista Software) -- C:\WINDOWS\SysWow64\ApolloSQL61.DLL
[2014-06-17 13:36:14 | 000,327,680 | ---- | C] (Vista Software) -- C:\WINDOWS\SysWow64\SDENSX61.DLL
[2014-06-17 13:36:14 | 000,323,584 | ---- | C] (Vista Software) -- C:\WINDOWS\SysWow64\SDECDX61.DLL
[2014-06-17 13:36:14 | 000,290,816 | ---- | C] (Vista Software) -- C:\WINDOWS\SysWow64\SDENTX61.DLL
[2014-06-17 13:36:12 | 000,229,376 | ---- | C] (Vista Software) -- C:\WINDOWS\SysWow64\SDE61.DLL
[2014-06-17 13:35:05 | 000,000,000 | ---D | C] -- C:\Users\Calgary\Documents\RBC Illustrations
[2014-06-17 13:35:05 | 000,000,000 | ---D | C] -- C:\Users\Calgary\AppData\Roaming\RBC Illustrations
[2014-06-17 13:35:02 | 000,778,240 | ---- | C] (Borland Software Corporation) -- C:\WINDOWS\SysWow64\rtl70.bpl
[2014-06-17 13:35:02 | 000,264,704 | ---- | C] (Borland Software Corporation) -- C:\WINDOWS\SysWow64\vcldb70.bpl
[2014-06-17 13:35:02 | 000,257,024 | ---- | C] (Borland Software Corporation) -- C:\WINDOWS\SysWow64\dbrtl70.bpl
[2014-06-17 13:35:02 | 000,097,792 | ---- | C] (Borland Software Corporation) -- C:\WINDOWS\SysWow64\vcljpg70.bpl
[2014-06-17 13:35:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RBC Illustrations
[2014-06-17 13:35:01 | 001,381,376 | ---- | C] (Borland Software Corporation) -- C:\WINDOWS\SysWow64\vcl70.bpl
[2014-06-17 13:35:00 | 000,215,040 | ---- | C] (Borland Software Corporation) -- C:\WINDOWS\SysWow64\vclx70.bpl
[2014-06-17 12:34:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[2014-06-17 12:34:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Manulife Financial
[2014-06-17 12:34:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Manulife Financial
[2014-06-17 12:34:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2014-06-17 12:29:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Manulife Financial
[2014-06-11 13:13:43 | 000,000,000 | ---D | C] -- C:\Users\Calgary\Desktop\Music
[2014-06-11 10:24:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PhantomPDF
[2014-06-10 23:52:29 | 000,000,000 | ---D | C] -- C:\Users\Calgary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2014-06-10 23:51:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014-06-10 14:21:49 | 000,000,000 | ---D | C] -- C:\Users\Calgary\AppData\Local\offsync
[2014-06-10 12:48:01 | 000,000,000 | ---D | C] -- C:\Users\Calgary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
[2014-06-10 12:47:33 | 000,000,000 | ---D | C] -- C:\Users\Calgary\AppData\Roaming\VOPackage
[2014-06-10 12:44:48 | 000,000,000 | ---D | C] -- C:\Users\Calgary\AppData\Local\SearchProtect
[2014-06-10 12:44:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TowerTilt
[2014-06-10 12:44:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SearchProtect
[2014-06-10 12:43:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\YourFileDownloader Updater
[2014-06-10 12:43:28 | 000,000,000 | ---D | C] -- C:\Users\Calgary\AppData\Roaming\YourFileDownloader
[2014-06-10 11:34:48 | 000,000,000 | ---D | C] -- C:\Users\Calgary\Desktop\Grierson
[2014-06-10 11:34:39 | 000,000,000 | ---D | C] -- C:\Users\Calgary\Desktop\Pastor
[2014-06-10 09:51:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\Workspace Logs
[2014-06-10 09:51:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Workspace
[2014-06-10 09:50:25 | 000,000,000 | ---D | C] -- C:\Users\Calgary\Documents\Workspace Logs
[2014-06-10 09:50:24 | 000,000,000 | ---D | C] -- C:\Users\Calgary\AppData\Local\Workspace
[2014-06-03 22:06:24 | 000,000,000 | ---D | C] -- C:\Users\Calgary\AppData\Roaming\Apple Computer
[2014-06-03 22:06:24 | 000,000,000 | ---D | C] -- C:\Users\Calgary\AppData\Local\Apple Computer
[2014-06-03 22:06:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014-06-03 22:03:11 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2014-06-03 22:03:10 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2014-06-03 22:03:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2014-06-03 22:03:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2014-06-03 22:03:10 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2014-06-03 22:02:56 | 000,000,000 | ---D | C] -- C:\Users\Calgary\AppData\Local\Apple
[2014-06-03 22:02:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2014-06-03 22:02:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2014-06-03 22:01:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2014-05-29 10:29:15 | 000,000,000 | ---D | C] -- C:\Users\Calgary\Documents\Outlook Files
[2014-05-29 08:43:47 | 000,000,000 | ---D | C] -- C:\Users\Calgary\Desktop\Software
[2014-05-27 18:44:39 | 000,000,000 | ---D | C] -- C:\Users\Calgary\Desktop\CSE
========== Files - Modified Within 30 Days ==========
[2014-06-24 08:47:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Calgary\Desktop\OTL.exe
[2014-06-24 08:35:06 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014-06-23 21:48:00 | 000,000,932 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014-06-23 21:33:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014-06-23 21:27:05 | 000,000,370 | ---- | M] () -- C:\WINDOWS\tasks\HPCeeScheduleForCalgary.job
[2014-06-23 21:12:00 | 000,000,946 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3432463877-1759428120-2468046901-1002UA.job
[2014-06-23 20:54:00 | 000,000,604 | ---- | M] () -- C:\WINDOWS\tasks\G2MUpdateTask-S-1-5-21-3432463877-1759428120-2468046901-1002.job
[2014-06-23 19:48:01 | 000,000,928 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014-06-23 11:58:10 | 000,000,030 | ---- | M] () -- C:\WINDOWS\MaritimeLife.ini
[2014-06-23 10:31:31 | 000,956,476 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014-06-23 10:31:31 | 000,800,408 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014-06-23 10:31:31 | 000,165,436 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014-06-23 10:23:58 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014-06-23 10:23:50 | 1884,295,167 | -HS- | M] () -- C:\hiberfil.sys
[2014-06-20 13:32:11 | 000,043,416 | ---- | M] () -- C:\Users\Calgary\Desktop\TD Jag.pdf
[2014-06-20 10:12:05 | 000,000,894 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3432463877-1759428120-2468046901-1002Core.job
[2014-06-19 11:36:02 | 000,378,443 | ---- | M] () -- C:\Users\Calgary\Desktop\Policy Receipt.pdf
[2014-06-19 11:27:07 | 000,380,858 | ---- | M] () -- C:\Users\Calgary\Desktop\Office Policy_Receipt.pdf
[2014-06-19 10:17:53 | 000,073,461 | ---- | M] () -- C:\Users\Calgary\Desktop\Monnex Coverage.pdf
[2014-06-17 14:35:53 | 000,000,000 | ---- | M] () -- C:\WINDOWS\efgtemp.ini
[2014-06-17 14:35:51 | 000,000,000 | ---- | M] () -- C:\WINDOWS\iireport53.INI
[2014-06-17 14:33:55 | 000,000,156 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2014-06-17 14:33:20 | 000,000,097 | ---- | M] () -- C:\WINDOWS\fdpxld.ini
[2014-06-17 14:33:20 | 000,000,000 | ---- | M] () -- C:\WINDOWS\IIREPO~1.INI
[2014-06-17 12:30:43 | 000,000,029 | ---- | M] () -- C:\WINDOWS\MLI.INI
[2014-06-14 14:07:33 | 000,485,720 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2014-06-10 23:52:29 | 000,001,291 | ---- | M] () -- C:\Users\Calgary\Desktop\Revo Uninstaller.lnk
[2014-06-10 12:45:58 | 000,000,004 | ---- | M] () -- C:\end
[2014-06-10 09:19:22 | 000,881,306 | ---- | M] () -- C:\Users\Calgary\Desktop\Axis 2013 Financials.pdf
[2014-06-03 21:39:45 | 000,088,555 | ---- | M] () -- C:\Users\Calgary\Desktop\ISI 2014-06-03.pdf
[2014-05-29 10:29:22 | 000,001,079 | ---- | M] () -- C:\Users\Calgary\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2014-05-27 18:50:26 | 000,001,115 | ---- | M] () -- C:\Users\Calgary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2014-05-27 18:50:11 | 000,001,087 | ---- | M] () -- C:\Users\Calgary\Desktop\Dropbox.lnk
========== Files Created - No Company Name ==========
[2014-06-23 11:58:10 | 000,000,030 | ---- | C] () -- C:\WINDOWS\MaritimeLife.ini
[2014-06-20 13:32:10 | 000,043,416 | ---- | C] () -- C:\Users\Calgary\Desktop\TD Jag.pdf
[2014-06-19 11:18:07 | 000,380,858 | ---- | C] () -- C:\Users\Calgary\Desktop\Office Policy_Receipt.pdf
[2014-06-19 11:15:30 | 000,378,443 | ---- | C] () -- C:\Users\Calgary\Desktop\Policy Receipt.pdf
[2014-06-19 10:17:51 | 000,073,461 | ---- | C] () -- C:\Users\Calgary\Desktop\Monnex Coverage.pdf
[2014-06-17 14:35:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iireport53.INI
[2014-06-17 14:33:55 | 000,149,504 | ---- | C] () -- C:\Program Files (x86)\UNWISE.EXE
[2014-06-17 14:33:55 | 000,000,156 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2014-06-17 14:33:36 | 000,010,912 | ---- | C] () -- C:\WINDOWS\SHARE.EXE
[2014-06-17 14:33:21 | 000,081,920 | ---- | C] () -- C:\WINDOWS\SysWow64\Csread32.ocx
[2014-06-17 14:33:21 | 000,024,880 | ---- | C] () -- C:\WINDOWS\SysWow64\MDICHILD.VBX
[2014-06-17 14:33:21 | 000,022,776 | ---- | C] () -- C:\WINDOWS\SysWow64\FDPTOOLS.DLL
[2014-06-17 14:33:21 | 000,022,776 | ---- | C] () -- C:\WINDOWS\System\FDPTOOLS.DLL
[2014-06-17 14:33:21 | 000,018,944 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\Implode.dll
[2014-06-17 14:33:21 | 000,018,688 | ---- | C] () -- C:\WINDOWS\SysWow64\CMDIALOG.VBX
[2014-06-17 14:33:21 | 000,018,688 | ---- | C] () -- C:\WINDOWS\System\CMDIALOG.VBX
[2014-06-17 14:33:20 | 000,000,097 | ---- | C] () -- C:\WINDOWS\fdpxld.ini
[2014-06-17 14:33:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\IIREPO~1.INI
[2014-06-17 14:32:13 | 000,000,000 | ---- | C] () -- C:\WINDOWS\efgtemp.ini
[2014-06-17 13:36:15 | 000,023,552 | ---- | C] () -- C:\WINDOWS\SysWow64\AppStuff.bpl
[2014-06-17 12:30:43 | 000,000,029 | ---- | C] () -- C:\WINDOWS\MLI.INI
[2014-06-10 23:52:29 | 000,001,291 | ---- | C] () -- C:\Users\Calgary\Desktop\Revo Uninstaller.lnk
[2014-06-10 12:43:56 | 000,000,004 | ---- | C] () -- C:\end
[2014-06-10 09:19:47 | 000,881,306 | ---- | C] () -- C:\Users\Calgary\Desktop\Axis 2013 Financials.pdf
[2014-06-03 22:02:56 | 000,002,535 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2014-06-03 21:39:44 | 000,088,555 | ---- | C] () -- C:\Users\Calgary\Desktop\ISI 2014-06-03.pdf
[2014-05-29 10:29:22 | 000,001,079 | ---- | C] () -- C:\Users\Calgary\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2014-05-21 09:22:18 | 000,002,491 | ---- | C] () -- C:\ProgramData\regid.2012-05.ca.repsource_EC596C15-1BA5-4A0F-8804-4CC5BB52F1EE.swidtag
[2014-04-15 20:46:44 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2014-03-17 16:41:59 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2014-03-03 20:46:15 | 002,436,794 | ---- | C] () -- C:\ProgramData\1393900866.bdinstall.bin
[2014-02-24 09:05:32 | 000,065,928 | ---- | C] () -- C:\WINDOWS\SysWow64\bgsresfr.dll
[2014-02-24 09:05:32 | 000,065,928 | ---- | C] () -- C:\WINDOWS\SysWow64\bgsreses.dll
[2014-02-24 09:05:32 | 000,065,928 | ---- | C] () -- C:\WINDOWS\SysWow64\bgsresde.dll
[2014-02-24 09:05:32 | 000,056,200 | ---- | C] () -- C:\WINDOWS\SysWow64\bgsresen.dll
[2014-01-08 22:50:48 | 000,930,400 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2014-01-08 22:47:47 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2013-12-13 11:23:56 | 000,204,952 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsvl.dat
[2013-12-13 11:23:54 | 000,157,144 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsva.dat
[2013-12-13 11:23:46 | 000,003,917 | ---- | C] () -- C:\WINDOWS\SysWow64\atipblag.dat
[2013-12-13 11:23:24 | 000,995,342 | ---- | C] () -- C:\WINDOWS\SysWow64\amdocl_as32.exe
[2013-12-13 11:23:24 | 000,798,734 | ---- | C] () -- C:\WINDOWS\SysWow64\amdocl_ld32.exe
[2013-12-13 11:23:14 | 000,123,392 | ---- | C] () -- C:\WINDOWS\SysWow64\amdhdl32.dll
[2013-10-07 20:40:42 | 000,369,624 | ---- | C] () -- C:\WINDOWS\SysWow64\drivers\FW7650.bin
[2013-10-07 20:40:42 | 000,000,313 | ---- | C] () -- C:\WINDOWS\SysWow64\RaCheckBTDev.ini
[2013-08-22 09:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013-08-22 09:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013-08-22 08:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013-08-22 01:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013-08-21 21:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013-08-21 17:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013-08-21 17:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2012-11-27 01:18:46 | 000,038,912 | ---- | C] () -- C:\WINDOWS\SysWow64\kdbsdk32.dll
[2012-07-25 14:22:54 | 000,982,240 | ---- | C] () -- C:\WINDOWS\SysWow64\igkrng500.bin
[2012-07-25 14:22:54 | 000,439,308 | ---- | C] () -- C:\WINDOWS\SysWow64\igcompkrng500.bin
[2012-07-25 14:22:54 | 000,092,356 | ---- | C] () -- C:\WINDOWS\SysWow64\igfcg500m.bin
========== ZeroAccess Check ==========
[2014-01-14 18:15:45 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014-04-06 10:31:39 | 021,268,952 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014-04-06 09:22:20 | 018,755,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013-08-22 03:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013-08-21 20:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013-08-22 03:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2014-01-02 22:09:54 | 000,000,000 | ---D | M] -- C:\Users\Calgary\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2014-04-24 19:01:04 | 000,000,000 | ---D | M] -- C:\Users\Calgary\AppData\Roaming\CrystalIdea Software
[2014-06-23 10:31:20 | 000,000,000 | ---D | M] -- C:\Users\Calgary\AppData\Roaming\Dropbox
[2014-06-23 10:30:28 | 000,000,000 | ---D | M] -- C:\Users\Calgary\AppData\Roaming\DropboxMaster
[2014-04-08 22:45:40 | 000,000,000 | ---D | M] -- C:\Users\Calgary\AppData\Roaming\EPSON
[2014-06-10 09:57:49 | 000,000,000 | ---D | M] -- C:\Users\Calgary\AppData\Roaming\Foxit Software
[2014-02-18 16:31:45 | 000,000,000 | ---D | M] -- C:\Users\Calgary\AppData\Roaming\HewlettPackard
[2014-01-02 23:37:11 | 000,000,000 | ---D | M] -- C:\Users\Calgary\AppData\Roaming\PDAppFlex
[2014-03-03 20:41:45 | 000,000,000 | ---D | M] -- C:\Users\Calgary\AppData\Roaming\QuickScan
[2014-06-17 13:35:05 | 000,000,000 | ---D | M] -- C:\Users\Calgary\AppData\Roaming\RBC Illustrations
[2014-05-17 11:01:50 | 000,000,000 | ---D | M] -- C:\Users\Calgary\AppData\Roaming\SketchUp
[2013-12-30 20:51:38 | 000,000,000 | ---D | M] -- C:\Users\Calgary\AppData\Roaming\Synaptics
[2014-03-03 20:35:28 | 000,000,000 | ---D | M] -- C:\Users\Calgary\AppData\Roaming\Telus
[2014-03-03 20:44:44 | 000,000,000 | ---D | M] -- C:\Users\Calgary\AppData\Roaming\TELUS security services
[2014-06-11 20:34:02 | 000,000,000 | ---D | M] -- C:\Users\Calgary\AppData\Roaming\VOPackage
[2014-02-05 23:52:08 | 000,000,000 | ---D | M] -- C:\Users\Calgary\AppData\Roaming\WildTangent
[2014-06-10 12:49:19 | 000,000,000 | ---D | M] -- C:\Users\Calgary\AppData\Roaming\YourFileDownloader
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 220 bytes -> C:\Users\Calgary\SkyDrive:ms-properties
< End of report >
EXTRAS:
OTL Extras logfile created on: 2014-06-24 8:49:52 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Calgary\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17126)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: yyyy-MM-dd
7.19 Gb Total Physical Memory | 2.32 Gb Available Physical Memory | 32.29% Memory free
9.32 Gb Paging File | 4.17 Gb Available in Paging File | 44.73% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 903.81 Gb Total Space | 840.08 Gb Free Space | 92.95% Space Free | Partition Type: NTFS
Drive D: | 26.59 Gb Total Space | 2.64 Gb Free Space | 9.91% Space Free | Partition Type: NTFS
Computer Name: CALGARYSHEPARD | User Name: Calgary | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-3432463877-1759428120-2468046901-1002\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{19F1EB5A-C761-44A0-B700-69B9C7BBA6E5}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{35C8C3BE-EE57-4AB2-836B-260072EAEED5}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\outlook.exe |
"{37FD5936-BD25-4F92-A619-4B998B7A4F2C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6C94EC34-0192-4513-A67F-72D40051FB19}" = lport=10243 | protocol=6 | dir=in | app=system |
"{8BEAE107-4442-4AED-B63F-DF05664B7F8F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8E1AA1B2-A951-4CD3-85F4-8643DFC9417A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9A0B73DF-563B-4A7A-BFD7-331F00819C27}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9E3AD7A6-A05E-41BB-8ADF-93FBB1F49037}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{BAFE005B-28A2-46D3-B7D2-E564B4081BEC}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{BFD44319-A1CD-4970-A521-73C23AC49599}" = rport=10243 | protocol=6 | dir=out | app=system |
"{E50A4C38-17DC-4C70-AE17-C4C8AE60E72F}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{EC2AADF8-DC4F-4D03-AA41-FD6568C1BE6A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{EE5462F7-73F3-4876-9A58-E2D27D956E29}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F67DDEC0-49F2-4D04-9C5B-7BC541902A9F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00907908-0D69-45DA-AF9F-A7433B9BCED9}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{01C0D443-9DE3-451A-93A3-6CF824D008AF}" = dir=out | name=juniper networks junos pulse |
"{03B8AA23-60D8-468F-8811-4BCF0980BED1}" = dir=in | app=%localappdata%\hpconnectedmusic\application\spotify_helper.exe |
"{0456B75D-69F8-46BB-8735-C4B880EBF71E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{05577BB2-CA33-4700-9CB3-A2D1835ADBB7}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{06EEDEDA-C540-4177-9925-169CF6588A82}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{09520117-01C5-4CE4-863F-00CBF9E98071}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{0998C86B-B332-4F6F-98B1-36DD9EA452A5}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{0AC5795C-9812-4288-B0AD-8CF25FA2FCF0}" = dir=out | name=@{microsoft.bingweather_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{0BCB69F6-0521-4ACD-92D6-EA6C7586E33A}" = protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\ucmapi.exe |
"{0FACE1BB-06C0-455E-910E-BAB0FB0F5420}" = dir=in | name=microsoft mahjong |
"{1597D460-138B-435F-9E55-22BEE53A5DCF}" = dir=in | name=@{ad2f1837.gettingstartedwithwindows8_1.5.3.1_neutral__v10z8vjag6ke6?ms-resource://ad2f1837.gettingstartedwithwindows8/resources/id_app_title} |
"{191487FE-D290-4C6D-BE29-896BB8402A76}" = dir=out | name=windows_ie_ac_001 |
"{1937F339-FABE-46F3-A23E-02389A1EEEAE}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{1AFE98D4-B224-4301-B02B-BF9F70C12867}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{1C153857-1AD5-4986-A7A7-E060BEBA5275}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{1CF2A4B4-7806-4341-ADB1-43C044A9D279}" = dir=out | name=@{30059jarrey.magiclockscreen_2.1.0.1_x64__2cz0jn84nveec?ms-resource://30059jarrey.magiclockscreen/resources/packagedisplayname} |
"{1DBDE7D1-4400-4FAE-8511-BE9081075371}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{2D931C1E-5AC1-4196-8F8E-82F4145B9C69}" = dir=in | name=@{microsoft.xboxcompanion_1.4.2.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxcompanion/resources/33279} |
"{2EAEFAA0-01EE-4F69-8F05-8801D269B0E0}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{2F5F7DD5-81CD-4769-9084-89B9AE76EEC3}" = protocol=17 | dir=in | app=c:\program files (x86)\google\google talk\googletalk.exe |
"{2FE0D977-8ECF-4395-91C7-39DCBCB3BFBF}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{331C510E-5BD8-4BD4-8D55-518817D2C002}" = dir=in | app=c:\program files (x86)\hpconnectedmusic\hpconnectedmusic.exe |
"{33D986DB-C061-4FEB-8937-815E3CE96DFD}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{342D0AF9-E38C-43B7-B4D3-1B9999442C72}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{3697E0B4-A874-48EC-87F8-10F07B1CFDC6}" = dir=out | name=microsoft mahjong |
"{36FF89CC-26AE-44BD-B721-AA122478DA64}" = dir=in | app=c:\users\administrator\appdata\local\microsoft\skydrive\skydrive.exe |
"{38BA6EAA-0399-4BA9-A55F-7A715C1794FF}" = protocol=17 | dir=in | app=c:\users\calgary\downloads\foxit_phantom_pdf_activation_key_downloader.exe |
"{39E126F1-0EDC-4D11-A3DE-63E56FDED062}" = protocol=17 | dir=in | app=c:\program files (x86)\yourfiledownloader\yourfile.exe |
"{3B67A3D2-EDC4-4258-A8CE-804D89D50FCF}" = protocol=6 | dir=in | app=c:\program files (x86)\yourfiledownloader\yourfile.exe |
"{3BE26973-AB4E-48A6-80ED-A40FD31085C5}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{3E530973-813B-4BBA-9E70-E3BE85F1115C}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{3FE0DC31-6B59-4674-BDCE-8E12D83857FC}" = protocol=6 | dir=in | app=c:\program files (x86)\ralink corporation\ralink bluetooth stack\bluesoleilcs.exe |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{445C26DA-75B5-48D0-9FFF-DEAA72E7F76D}" = dir=out | app=%localappdata%\hpconnectedmusic\application\hpconnectedmusic.exe |
"{4A6CC6B9-B3F3-4864-92D9-1DFD1906046C}" = dir=in | name=microsoft solitaire collection |
"{4C628FAD-7426-4D3D-95C8-EB925816127C}" = protocol=17 | dir=in | app=c:\program files (x86)\ralink corporation\ralink bluetooth stack\bluesoleilcs.exe |
"{4CAF4FE1-9902-4B20-9E72-8A0CD0A3BA4C}" = dir=out | name=youcam for hp |
"{503F6B4C-D1E7-4CC4-A904-2827AB5E59F5}" = dir=out | name=@{microsoft.bingmaps_2.1.2922.2139_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{504BB215-A984-4DE0-B58A-5E394A5E69AF}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{52B32E2F-1758-4CA1-8EF7-09B60E49CCFF}" = dir=out | name=hp+ |
"{52F2D942-56E7-4C59-937E-D83E21BE62F5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{53C2DBB7-DC83-4129-95D0-29E954B0DA72}" = dir=in | name=f5 vpn |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{55C2E2A4-BC95-4F39-A811-D3D71DDB35E5}" = dir=out | name=windows_ie_ac_001 |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{56705BDA-BFDF-4727-8AFC-08601A2128E2}" = dir=out | name=skype |
"{56A5060A-54C1-4546-814F-9E7D3103D71A}" = dir=in | name=torrex pro |
"{5964156C-0112-4945-97B0-4CA686EBF1F0}" = dir=out | name=ebay |
"{5A7A84B3-FE05-44B9-832D-4182F58D667D}" = dir=out | name=@{microsoft.zunevideo_2.2.902.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{5BEAA4E7-7657-4659-B9B9-CA3C2FB527DB}" = protocol=6 | dir=in | app=c:\users\calgary\downloads\foxit_phantom_pdf_activation_key_downloader.exe |
"{5E9B15DC-B5AB-4165-BF57-76B52FD06648}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5EEC6F6C-BADF-4A41-9060-430FA016FC7A}" = dir=in | name=canon office printer utility |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{660D260D-C6EE-485B-8057-E0F092C4A514}" = dir=out | name=torrex pro |
"{6AEC3E31-8BD9-43F0-8861-F43660FEC2AA}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{740846EB-7298-41FA-963C-C8855FEDD8B0}" = dir=out | name=f5 vpn |
"{7645E935-810D-4286-B74E-C6199D11A067}" = dir=out | app=%localappdata%\hpconnectedmusic\application\spotify_helper.exe |
"{76BB6471-483A-4150-9E73-8129FCA2175E}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{770F4339-7BC9-43ED-87DC-3EA79746F71A}" = dir=in | app=%localappdata%\hpconnectedmusic\application\hpconnectedmusic.exe |
"{7CE7B442-C042-4D7E-B9F1-45389AE9C74C}" = dir=out | name=hp games |
"{7F6EA649-26FB-4A86-A24E-F19B8BFFF0A6}" = protocol=6 | dir=out | app=system |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{83355486-CB97-4D96-A0C1-3ABC52D0DEB2}" = protocol=17 | dir=in | app=c:\program files (x86)\yourfiledownloader\downloader.exe |
"{84C37675-13C0-4E7C-9BD6-159874EBE213}" = dir=in | name=hp+ |
"{8958747C-DD5D-4E15-92A0-15DEA46944D6}" = dir=in | name=check point vpn |
"{8A346D39-374E-49D2-ACC0-B2E6F306FDF8}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{8B6B313E-5E4A-49DE-A6C9-FF1C7D2A2964}" = protocol=6 | dir=in | app=c:\users\calgary\appdata\roaming\dropbox\bin\dropbox.exe |
"{8C046D8A-A2B0-4E2F-8F27-CCC4026CDCDE}" = dir=out | name=@{microsoft.skypeapp_1.2.0.129_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{8F07C3F5-A50D-4AD4-8117-0D9DF89BC1DB}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{91CE9238-9035-4D3D-BF7E-58DA2C7E6AF2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9289CF51-2A49-4B29-8DF4-33BFB60224AF}" = dir=out | name=@{microsoft.bingsports_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} |
"{99E21B1B-DF09-47B0-BF61-18012942CD4C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9BEC488B-6493-486C-A558-9A55C905D386}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9C7B0B57-4555-49B5-BD83-9093A5A8554D}" = dir=in | name=@{microsoft.skypeapp_1.2.0.129_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{9F07DFD6-166D-4CF0-A51B-610F1E5EE8BB}" = dir=in | name=box |
"{A515B055-DC70-4F4D-B99C-44BA2092D1CE}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{A847DD26-C4BD-4EB4-AF59-C9432065FB81}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector10\pdr10.exe |
"{A9FEB88E-16A2-470A-AF6C-7CA3E7AE054E}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{ADA2DBA7-70B3-49F5-A7CC-7403CF0D50B2}" = dir=in | name=juniper networks junos pulse |
"{AE6719BF-E9A2-4B9F-800F-B72155F3DC4D}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe |
"{B1A9C677-E558-4E30-9769-916FF0353BF0}" = protocol=6 | dir=in | app=c:\program files (x86)\yourfiledownloader\downloader.exe |
"{B35DB667-FFD9-4B06-A145-B663A5FC7E06}" = protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\lync.exe |
"{B3AC8F7A-B6FB-4AEE-9A38-F2060D7F872E}" = dir=out | name=check point vpn |
"{B5952A52-77D4-49B3-8212-8C4BFB5D0754}" = dir=out | name=@{microsoft.bingtravel_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{B668DF47-F27C-4D3E-9595-96125881987C}" = dir=out | name=facebook |
"{B6A5D279-C3C3-43AE-8C0A-7A20970F84F7}" = dir=out | name=@{microsoft.xboxcompanion_1.4.2.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxcompanion/resources/33279} |
"{B72B26FD-BFCD-449F-92BF-474C757EB5BE}" = dir=in | name=hp all-in-one printer remote |
"{B7C691BF-02D4-490E-8BDD-9473544AE594}" = dir=out | name=@{microsoft.bingnews_3.0.2.261_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} |
"{B7EEC0C9-BB70-4AB0-934B-DC8173D92321}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{C374D61C-7611-483F-B43A-1514309F2EC3}" = dir=out | name=@{microsoft.bingfinance_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} |
"{C38F2403-B14D-425C-9130-D2680759BE76}" = protocol=6 | dir=in | app=c:\program files\microsoft office 15\root\office15\ucmapi.exe |
"{CA05684C-0E3F-4DA7-81D2-1F12F153943C}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{CB0DCCAF-CEBE-4D2D-B40F-2ACAD15EBEEA}" = protocol=6 | dir=in | app=c:\program files\microsoft office 15\root\office15\lync.exe |
"{D1290782-4396-4E01-94D9-3AB6AFC9B801}" = protocol=6 | dir=in | app=c:\program files (x86)\google\google talk\googletalk.exe |
"{D1E91089-1A9B-4A47-BDCB-89D35430E91D}" = dir=out | name=cbc |
"{D26C8D2F-8ED8-4DE6-A38D-355464FF858C}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{D37A5BD3-53EA-4B27-9CBE-41D8BE0247CE}" = dir=out | app=c:\program files (x86)\hpconnectedmusic\hpconnectedmusic.exe |
"{D3B370D2-E1DB-4741-B8B9-78259679A0FE}" = dir=out | name=@{ad2f1837.gettingstartedwithwindows8_1.5.3.1_neutral__v10z8vjag6ke6?ms-resource://ad2f1837.gettingstartedwithwindows8/resources/id_app_title} |
"{D3C1BE0C-7C5F-416B-9B00-7DEFD2628049}" = dir=in | name=sonicwall mobile connect |
"{D5DFB9C1-3635-4A3A-B5EB-16FC0DB47B54}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{D6A29512-66E3-4897-977A-FB3838B5A635}" = protocol=17 | dir=in | app=c:\program files (x86)\telus\security advisor\5.5.12.650\telus_servicepointservice.exe |
"{D8B0F1CE-37D5-4D8E-B97F-50F1BD73F5CC}" = dir=out | name=hp all-in-one printer remote |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{E3D420F0-72A3-4399-AB89-CF125BEDFB19}" = protocol=6 | dir=in | app=c:\program files (x86)\telus\security advisor\5.5.12.650\telus_servicepointservice.exe |
"{E4F419D3-AFD3-44E3-A96B-9759167BF8FB}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{E7FFAC69-A10A-4851-B13B-16C2E6FA1AC7}" = dir=out | name=box |
"{E876A26D-2CE0-44B9-8D37-7AE357D85878}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{F109BA51-2980-4417-BE40-E9092C446504}" = dir=in | name=hp connected photo |
"{F2D6098C-3E8D-4481-AB6B-89CBB4899A84}" = dir=out | name=hp registration |
"{F5096119-FC7D-4C3B-8989-5426014F9AB6}" = dir=out | name=sonicwall mobile connect |
"{F57F0C3F-ED4F-4953-8723-53E66B38D831}" = dir=out | name=microsoft solitaire collection |
"{F5E29059-B583-4AF5-8CE4-CC4CA79C55AB}" = dir=in | name=skype |
"{F5E820F4-4171-4B86-B51C-9B0EC2F98377}" = dir=out | name=canon office printer utility |
"{F62050C4-FB8A-4AAD-B6F8-D3AAACBA18E9}" = dir=out | name=hp connected photo |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F6B6819F-CDC3-4B0A-901C-60BA6CB48883}" = dir=out | name=windows_ie_ac_001 |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{F80BBDE3-CB8D-401E-A37D-E78A492E0FFC}" = dir=out | name=@{microsoft.zunemusic_2.2.903.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{F8E139D9-8586-4ECB-AE1A-43834D5E4F6B}" = dir=out | name=netflix |
"{FF363847-3756-4901-B34F-BEEE1D5517D7}" = protocol=17 | dir=in | app=c:\users\calgary\appdata\roaming\dropbox\bin\dropbox.exe |
"{FFA07B64-9933-4B54-8DA0-0DF00AB17FAD}" = dir=out | name=kindle |
"TCP Query User{64F70F2D-0F2A-4E36-A6D1-8A849E6579C9}C:\users\calgary\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\calgary\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{241708D4-AD0F-48D2-B420-F27892CE38CB}C:\users\calgary\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\calgary\appdata\roaming\dropbox\bin\dropbox.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{2BFA9B05-7418-4EDE-A6FC-620427BAAAA3}" = Crystal Reports Basic Runtime for Visual Studio 2008 (x64)
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5A68A656-979F-4168-8795-E2E368AA4DC2}" = iTunes
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}" = Cisco Systems VPN Client 5.0.07.0440
"{66D292E3-6228-3AF1-EDED-6D53C63DBCB7}" = Mediatek Bluetooth
"{6E14E6D6-3175-4E1A-B934-CAB5A86367CD}" = HP Postscript Converter
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{73237EBB-B26F-4628-8754-4EFE563D72E9}" = HP Utility Center
"{787136D2-F0F8-4625-AA3F-72D7795AC842}" = Apple Mobile Device Support
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90150000-008F-0000-1000-0000000FF1CE}" = Office 15 Click-to-Run Licensing Component
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9DF3589E-483F-65F3-32F7-006C0B162891}" = AMD Fuel
"{9E2BF31C-7E39-C549-8AFE-56C3B927BD91}" = AMD Catalyst Install Manager
"{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
"{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
"{AFD060D5-8D37-8B06-6A03-F2C5128496ED}" = ccc-utility64
"{C788B026-20BD-4E96-B698-533F1D6C5013}" = 64 Bit HP CIO Components Installer
"{D1E8F2D7-7794-4245-B286-87ED86C1893C}" = HP Registration Service
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{F2B9FC01-887F-AB28-8880-233894150681}" = AMD Accelerated Video Transcoding
"CutePDF Writer Installation" = CutePDF Writer 3.0
"novaPDF Pro v5_is1" = novaPDF Pro v5 (novaPDF Professional Desktop 5.5 printer)
"O365HomePremRetail - en-us" = Microsoft Office 365 - en-us
"ProPlusRetail - en-us" = Microsoft Office Professional Plus 2013 - en-us
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TELUS security services" = TELUS security services
"TowerTilt" = TowerTilt
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{020FF978-7DD6-EEE3-47E3-2F37B6449F54}" = CCC Help Chinese Standard
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08B31070-171E-11D6-BECF-000629F77048}" = MenuFusion
"{0F1D290F-2EF5-4A39-8882-1B28E4B0E421}" = Manulife - Launcher
"{10202EBB-A6E7-4BA2-9E38-8563DB84C28F}" = Manulife - Synergy / Manuvie - Synergie
"{117DF79C-38F1-8A46-A488-365A72C4C1F1}" = CCC Help Finnish
"{11AF9A96-6D83-4C3B-8DCB-16EA2A358E3F}" = HP CoolSense
"{14025FDE-2A98-4241-9DC5-FA9F5B7A488F}" = CIMS.Net
"{15134cb0-b767-4960-a911-f2d16ae54797}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
"{18272881-CFC0-434D-A975-E5BE44206AA0}" = Windows Live UX Platform Language Pack
"{192BFB6B-7E9C-4346-8ECB-2A42DABFF4DB}" = Manulife - Insure Right / Manuvie - Bien s'assurer
"{1AE37508-089E-41AC-95BD-99FF06887C2F}" = HP Recovery Manager
"{1E48910A-F1D9-0526-DF24-8024C3BA7566}" = CCC Help Italian
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite 10
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"{253FD6A5-CE77-4FBC-A937-202D15808D0C}" = Readiris Pro 14
"{2585840A-1098-A34B-42BD-9422B84602F7}" = CCC Help Polish
"{25EC2D8D-D64D-4EA0-6341-C0F79883FBFE}" = CCC Help Chinese Traditional
"{27916B81-FEDB-43A0-B724-923784B3DAE7}" = Empire Life Envision
"{28BF1FE2-8F54-4356-8404-26EA20E0C1BA}" = Manulife - Term
"{2947B647-40A5-41AD-9833-F414EB32CA34}" = CenoPDF (32-bit)
"{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{300699CA-B992-4719-0D29-3A33D960D4AC}" = Catalyst Control Center Graphics Previews Common
"{30879FF8-1582-41CB-BCDB-B5DDFF93FD3C}" = GWL Illustrator Par
"{30B2D1D8-0A07-4B71-9553-0710C5D31E35}" = HP Wireless Button Driver
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{32D3C724-3E32-11D9-8211-00B0D075DF5C}" = Diamond View Update
"{37BF8DE6-CB40-4F3C-8A24-6CE6BB1F6A55}" = Manulife - Concepts
"{391FE76E-DC08-180B-61EF-C208698E6199}" = CCC Help Dutch
"{39337565-330E-4ab6-A9AE-AC81E0720B10}" = Cyberlink PhotoDirector
"{420106FE-E83B-47C1-87F9-11D263B52C39}" = Cardiris 5.5
"{446a474f-287b-4c98-8036-2dd6bbaf6dfb}" = CenoPDF v3.6.230.0
"{446CC8CE-0E90-44F7-ADD0-774B243EF090}" = Galerie de photos
"{47582F50-3974-4F89-AFEA-468DD33B2EA4}" = GWL Illustrator Par Config
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{4F937EE8-09DA-40D7-BDE2-1AC842160809}" = Installation Launcher
"{52E225FC-FCB4-41F7-837B-6E37FB05BD7B}" = Adobe AIR
"{574F0207-8E98-46CD-8F79-318348C98C46}" = HP Quick Start
"{58351B90-FB53-4DCD-87C7-5E86C727133C}" = Concourse 2.1 - Content
"{586FC9AE-F8A1-D397-178A-304F67D4AF18}" = CCC Help English
"{58F9538F-E242-C094-B68D-3A4CB9E3654A}" = CCC Help Danish
"{5905DC5D-00E7-4BEF-A1CD-FCAE05E20DA8}" = GWL Illustrator Term
"{5BABDA39-61CF-41EE-992D-4054B6649A9B}" = Movie Maker
"{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}" = Realtek Card Reader
"{5F0838D9-4EDC-43B1-91B5-D475C5738B06}" = Manulife - Level Gold Investment Account - MLLG
"{600C1E5D-E59E-9B9A-824C-70A3A863DCC9}" = CCC Help Japanese
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{64B54493-BC68-4D6F-B9EB-214E74CC0647}" = Concourse 1.0
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6BE061BE-0474-EA1F-DE33-91826D7868D9}" = CCC Help French
"{6CBC95EF-0185-4C2D-A7EB-F3D2837EED60}" = Manulife - UltraVision
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.1.1
"{70867522-4CC7-4BAD-8EBC-048B18807D4D}" = Manulife - Concept slideshows
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7957540D-F97C-409A-80CE-AC021AB96302}" = Pyramide 4.0.2
"{7C07D52A-76F1-4A84-BF24-7B37C49B7B2F}" = Canada Life Reference Material 14.1
"{7CF6604E-BCB8-4B5F-A1CC-1E6DA0C60151}" = MSXML
"{7F149284-BA2D-DB74-0405-EB5D9D2F452C}" = CCC Help Korean
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 6.2.0
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{839B9B4C-7FC7-4F7F-BD31-99AEF07A49F1}" = GWL Illustrator
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8BF1459F-FDDE-673C-2378-A803DC278270}" = CCC Help Turkish
"{8D813AFF-D91D-4EE0-821F-B901FC2E89FA}" = Windows Live
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}" = Ralink RT3290 802.11bgn Wi-Fi Adapter
"{90150000-008C-0000-0000-0000000FF1CE}" = Office 15 Click-to-Run Extensibility Component
"{90150000-008C-0409-0000-0000000FF1CE}" = Office 15 Click-to-Run Localization Component
"{90993BD9-C7D9-4C2F-B56C-2F7AFEBD4CD0}" = Windows Live UX Platform Language Pack
"{927CFF8E-A448-46D3-01B9-764FC2A881BA}" = CCC Help Greek
"{96EA5361-BF11-4518-A14A-8FCADEEA7820}" = GWL Illustrator Term Config
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B5088FA-8C09-439E-A515-E1957993303F}" = GWL Illustrator Config
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C35EDE5-4B0F-45E7-A438-314BA889948E}" = HP MyRoom
"{9E1227EB-BFD6-970B-7867-0658EC53525F}" = CCC Help Hungarian
"{A17946CA-18E5-4CF0-8D55-A56D804718F8}" = Movie Maker
"{A1A9956A-56A2-4933-A4F0-CC236790CC29}" = Diamond View Launcher
"{A34FE6B9-B981-B2F5-DF3D-78D61776EA0C}" = CCC Help Spanish
"{A608A8D3-E77C-4BEE-8F2A-F8124F5F0FE2}" = SketchUp 2014
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AE794AB6-424B-31E9-5EA1-968088EFAE06}" = Catalyst Control Center InstallProxy
"{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10
"{B41C6B3F-F752-46EA-BC46-F26D3AD147B8}" = HP Documentation
"{B82085C0-07DD-5E7F-1D48-D63087064524}" = CCC Help Czech
"{BA4355A4-E388-117A-721A-F1B23175B9AD}" = AMD VISION Engine Control Center
"{BB5B11D5-ADC5-9AA2-76D9-8C447C4EC3B7}" = CCC Help German
"{BC63AE56-730A-D46F-27A6-C579E8390CB2}" = CCC Help Swedish
"{C007CFA1-FC3C-49B8-8D30-DB5BF3396632}" = ZoomExpressKeyView14.1
"{C00D40FA-148E-490A-9EC9-5C9DE0826E08}" = Foxit PhantomPDF Business
"{C034A6F9-6569-491B-B3BF-F5D15221A708}" = Windows Live Essentials
"{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}" = Google Talk Plugin
"{C3E46E73-67D3-72FA-0AA9-5A1CBE9CE0DD}" = CCC Help Norwegian
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C54BC404-EA0C-044E-F118-2E02802626F4}" = CCC Help Portuguese
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C631192F-E2DC-4A77-BE81-09972975EEC9}" = Manulife - Limited Pay UL / Manuvie - Vu à prime temporaire
"{C89A97B6-F991-EBB5-77B7-927BCF420EBE}" = OEM Application Profile
"{C8B22494-0B58-4BBB-BDD2-E4EFD378FB0D}" = Manulife - Performax Gold - Performax Or - MLPG
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{CCCDD476-98F9-4B06-91DB-23F27CEC3BE1}" = HPDetect
"{CF09D056-3FFA-11D6-8171-0010B5BCE08C}" = Solo
"{CFD9991F-F7EE-1B2E-F4FE-99E2BC2836CE}" = CCC Help Russian
"{D5C4EC31-0685-4797-8217-1C2A22EEE897}" = The Wave 28.0 Illustration System / Le système d'illustration La Vague 28.0
"{D73E2E92-C6A1-4850-B50D-7CCC9CF81C6E}" = Manulife - Personal Accident/Personal Accident
"{D888F114-7537-4D48-AF03-5DA9C82D7540}" = Photo Common
"{D9DAD0FF-495A-472B-9F10-BAE430A26682}" = Apple Application Support
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD
"{DF9EAF22-8AE3-48CB-901A-AAF31EC1C0C5}" = Manulife Financial - Health and Dental
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E15BC10F-04AA-0AFD-A6C9-476730195F8B}" = Adobe Download Assistant
"{E1671AC4-78E1-41BE-BB15-DB31205E2D90}" = Manulife - Universal Life
"{EA92C290-0985-4502-9081-91133A571423}" = Manulife - YRT Gold Investment Account - MLYG
"{ED684F1C-291C-A7BE-D464-8A44717F8F17}" = CCC Help Thai
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{EED3CC4B-40BD-11D6-8171-0010B5BCE08C}" = Sommum / Pace / Traditionnel
"{EEEDA52B-3C42-4BD7-BE42-FDB596EAFCEF}" = Catalyst Control Center - Branding
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F17C3DC2-2ACA-4B0E-BDBF-ACE61B14E7CD}" = Citrix Online Launcher
"{F35EE4BC-95E1-4417-BA36-7C32FF24A59A}" = HP System Event Utility
"{F4E3A754-5569-4E1C-BF99-B3CC2BDFDEFB}" = Manulife - Living Benefits
"{F54030F3-14B6-432D-9361-78DCB1473920}" = Photo Common
"{F90A86C9-7779-47DD-AC06-8EE832C55F55}" = HP 3D DriveGuard
"{FA26FB8C-5FC4-0EA8-EED9-32AE23A2DCCA}" = Catalyst Control Center Localization All
"{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}" = Energy Star
"{FC6C7107-7D72-41A1-A031-3CE751159BAB}" = Photo Gallery
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"BroadGun pdfMachine" = BroadGun pdfMachine
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"EFR_is1" = EFR 3.14 (2013-11)
"EPSON Scanner" = EPSON Scan
"Google Chrome" = Google Chrome
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite 10
"InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}" = Cyberlink PhotoDirector
"InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD
"Mozilla Firefox 30.0 (x86 en-US)" = Mozilla Firefox 30.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Radialpoint_8_Spd_is1" = TELUS security advisor 5.5.12
"RBC Illustrations System 8.0" = RBC Illustrations System 8.0
"Revo Uninstaller" = Revo Uninstaller 1.95
"StartHPConnectedMusic" = HP Connected Music (Meridian - installer)
"VOPackage" = Installer
"WinLiveSuite" = Windows Live Essentials
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3432463877-1759428120-2468046901-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"GoToMeeting" = GoToMeeting 6.3.0.1440
"HPConnectedMusic" = HP Connected Music (Meridian - player)
"OneDriveSetup.exe" = Microsoft OneDrive
"YourFileDownloaderUpdater" = Feature Update Service (YFD)
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 2014-06-24 11:06:00 AM | Computer Name = CalgaryShepard | Source = ESENT | ID = 476
Description = svchost (1800) SRUJet: The database page read from the file "C:\WINDOWS\system32\SRU\SRUDB.dat"
at offset 1241088 (0x000000000012f000) (database page 302 (0x12E)) for 4096 (0x00001000)
bytes failed verification because it contains no page data. The read operation
will fail with error -1019 (0xfffffc05). If this condition persists then please
restore the database from a previous backup. This problem is likely due to faulty
hardware. Please contact your hardware vendor for further assistance diagnosing
the problem.
Error - 2014-06-24 11:06:00 AM | Computer Name = CalgaryShepard | Source = ESENT | ID = 474
Description = svchost (1800) SRUJet: The database page read from the file "C:\WINDOWS\system32\SRU\SRUDB.dat"
at offset 1220608 (0x000000000012a000) (database page 297 (0x129)) for 4096 (0x00001000)
bytes failed verification due to a page checksum mismatch. The stored checksum
was [000000db00000005] and the computed checksum was [0ee10ee1017ffac6]. The read
operation will fail with error -1018 (0xfffffc06). If this condition persists
then please restore the database from a previous backup. This problem is likely
due to faulty hardware. Please contact your hardware vendor for further assistance
diagnosing the problem.
Error - 2014-06-24 11:07:00 AM | Computer Name = CalgaryShepard | Source = ESENT | ID = 476
Description = svchost (1800) SRUJet: The database page read from the file "C:\WINDOWS\system32\SRU\SRUDB.dat"
at offset 1253376 (0x0000000000132000) (database page 305 (0x131)) for 4096 (0x00001000)
bytes failed verification because it contains no page data. The read operation
will fail with error -1019 (0xfffffc05). If this condition persists then please
restore the database from a previous backup. This problem is likely due to faulty
hardware. Please contact your hardware vendor for further assistance diagnosing
the problem.
Error - 2014-06-24 11:07:00 AM | Computer Name = CalgaryShepard | Source = ESENT | ID = 474
Description = svchost (1800) SRUJet: The database page read from the file "C:\WINDOWS\system32\SRU\SRUDB.dat"
at offset 1306624 (0x000000000013f000) (database page 318 (0x13E)) for 4096 (0x00001000)
bytes failed verification due to a page checksum mismatch. The stored checksum
was [0775001000001047] and the computed checksum was [0000013e3418fc66]. The read
operation will fail with error -1018 (0xfffffc06). If this condition persists
then please restore the database from a previous backup. This problem is likely
due to faulty hardware. Please contact your hardware vendor for further assistance
diagnosing the problem.
Error - 2014-06-24 11:07:00 AM | Computer Name = CalgaryShepard | Source = ESENT | ID = 476
Description = svchost (1800) SRUJet: The database page read from the file "C:\WINDOWS\system32\SRU\SRUDB.dat"
at offset 1241088 (0x000000000012f000) (database page 302 (0x12E)) for 4096 (0x00001000)
bytes failed verification because it contains no page data. The read operation
will fail with error -1019 (0xfffffc05). If this condition persists then please
restore the database from a previous backup. This problem is likely due to faulty
hardware. Please contact your hardware vendor for further assistance diagnosing
the problem.
Error - 2014-06-24 11:07:00 AM | Computer Name = CalgaryShepard | Source = ESENT | ID = 474
Description = svchost (1800) SRUJet: The database page read from the file "C:\WINDOWS\system32\SRU\SRUDB.dat"
at offset 1220608 (0x000000000012a000) (database page 297 (0x129)) for 4096 (0x00001000)
bytes failed verification due to a page checksum mismatch. The stored checksum
was [000000db00000005] and the computed checksum was [0ee10ee1017ffac6]. The read
operation will fail with error -1018 (0xfffffc06). If this condition persists
then please restore the database from a previous backup. This problem is likely
due to faulty hardware. Please contact your hardware vendor for further assistance
diagnosing the problem.
Error - 2014-06-24 11:08:00 AM | Computer Name = CalgaryShepard | Source = ESENT | ID = 476
Description = svchost (1800) SRUJet: The database page read from the file "C:\WINDOWS\system32\SRU\SRUDB.dat"
at offset 1253376 (0x0000000000132000) (database page 305 (0x131)) for 4096 (0x00001000)
bytes failed verification because it contains no page data. The read operation
will fail with error -1019 (0xfffffc05). If this condition persists then please
restore the database from a previous backup. This problem is likely due to faulty
hardware. Please contact your hardware vendor for further assistance diagnosing
the problem.
Error - 2014-06-24 11:08:00 AM | Computer Name = CalgaryShepard | Source = ESENT | ID = 474
Description = svchost (1800) SRUJet: The database page read from the file "C:\WINDOWS\system32\SRU\SRUDB.dat"
at offset 1306624 (0x000000000013f000) (database page 318 (0x13E)) for 4096 (0x00001000)
bytes failed verification due to a page checksum mismatch. The stored checksum
was [0775001000001047] and the computed checksum was [0000013e3418fc66]. The read
operation will fail with error -1018 (0xfffffc06). If this condition persists
then please restore the database from a previous backup. This problem is likely
due to faulty hardware. Please contact your hardware vendor for further assistance
diagnosing the problem.
Error - 2014-06-24 11:08:00 AM | Computer Name = CalgaryShepard | Source = ESENT | ID = 476
Description = svchost (1800) SRUJet: The database page read from the file "C:\WINDOWS\system32\SRU\SRUDB.dat"
at offset 1241088 (0x000000000012f000) (database page 302 (0x12E)) for 4096 (0x00001000)
bytes failed verification because it contains no page data. The read operation
will fail with error -1019 (0xfffffc05). If this condition persists then please
restore the database from a previous backup. This problem is likely due to faulty
hardware. Please contact your hardware vendor for further assistance diagnosing
the problem.
Error - 2014-06-24 11:08:00 AM | Computer Name = CalgaryShepard | Source = ESENT | ID = 474
Description = svchost (1800) SRUJet: The database page read from the file "C:\WINDOWS\system32\SRU\SRUDB.dat"
at offset 1220608 (0x000000000012a000) (database page 297 (0x129)) for 4096 (0x00001000)
bytes failed verification due to a page checksum mismatch. The stored checksum
was [000000db00000005] and the computed checksum was [0ee10ee1017ffac6]. The read
operation will fail with error -1018 (0xfffffc06). If this condition persists
then please restore the database from a previous backup. This problem is likely
due to faulty hardware. Please contact your hardware vendor for further assistance
diagnosing the problem.
[ System Events ]
Error - 2014-05-29 10:40:00 AM | Computer Name = CalgaryShepard | Source = NetBT | ID = 4321
Description = The name "WORKGROUP :1d" could not be registered on the interface
with IP address 192.168.1.134. The computer with the IP address 192.168.1.1 did
not allow the name to be claimed by this computer.
Error - 2014-06-02 4:01:26 PM | Computer Name = CalgaryShepard | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Windows
Search service to connect.
Error - 2014-06-02 4:01:26 PM | Computer Name = CalgaryShepard | Source = Service Control Manager | ID = 7000
Description = The Windows Search service failed to start due to the following error:
%%1053
Error - 2014-06-02 4:01:26 PM | Computer Name = CalgaryShepard | Source = DCOM | ID = 10005
Description =
Error - 2014-06-03 11:55:46 AM | Computer Name = CalgaryShepard | Source = DCOM | ID = 10001
Description =
Error - 2014-06-03 11:55:48 AM | Computer Name = CalgaryShepard | Source = DCOM | ID = 10001
Description =
Error - 2014-06-04 1:04:05 PM | Computer Name = CalgaryShepard | Source = DCOM | ID = 10001
Description =
Error - 2014-06-07 9:59:30 PM | Computer Name = CalgaryShepard | Source = NetBT | ID = 4319
Description = A duplicate name has been detected on the TCP network. The IP address
of the computer that sent the message is in the data. Use nbtstat -n in a command
window to see which name is in the Conflict state.
Error - 2014-06-07 9:59:32 PM | Computer Name = CalgaryShepard | Source = bowser | ID = 8003
Description =
Error - 2014-06-08 12:27:57 PM | Computer Name = CalgaryShepard | Source = DCOM | ID = 10001
Description =
< End of report >