working on my sister's computer and it's really slow. takes a long time starting and has a bunch of programs running in the background. hopefully it just needs some cleaning and it isn't infected, but i wanted to be sure.
OTL.txt
OTL logfile created on: 1/9/2015 7:17:57 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\the Hoff\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17501)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
7.75 Gb Total Physical Memory | 4.80 Gb Available Physical Memory | 61.95% Memory free
15.49 Gb Paging File | 12.39 Gb Available in Paging File | 79.93% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1862.92 Gb Total Space | 360.88 Gb Free Space | 19.37% Space Free | Partition Type: NTFS
Drive D: | 4.23 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive E: | 1.92 Gb Total Space | 1.71 Gb Free Space | 89.43% Space Free | Partition Type: FAT
Computer Name: THEHOFF-PC | User Name: the Hoff | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2015/01/09 19:16:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\the Hoff\Desktop\OTL.exe
PRC - [2014/12/21 22:31:16 | 001,872,520 | ---- | M] (Plex, Inc.) -- C:\Program Files (x86)\Plex\Plex Media Server\PlexDlnaServer.exe
PRC - [2014/12/21 22:31:16 | 000,034,952 | ---- | M] (Python Software Foundation) -- C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
PRC - [2014/12/21 22:31:14 | 005,142,664 | ---- | M] (Plex, Inc.) -- C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
PRC - [2014/12/12 03:25:42 | 005,227,112 | ---- | M] (AVAST Software) -- C:\Program Files\[]TOOLS[]\Avast\avastui.exe
PRC - [2014/12/08 19:45:28 | 039,207,112 | ---- | M] (Dropbox, Inc.) -- C:\Users\the Hoff\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2014/12/02 13:53:16 | 000,337,520 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\[]TOOLS[]\Mozilla Firefox\firefox.exe
PRC - [2014/11/17 12:09:44 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\[]TOOLS[]\Avast\AvastSvc.exe
PRC - [2014/10/27 16:07:11 | 001,514,040 | ---- | M] (Spotify Ltd) -- C:\Users\the Hoff\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2014/08/26 15:47:14 | 001,110,880 | ---- | M] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) -- C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
PRC - [2013/10/18 22:40:24 | 000,122,984 | ---- | M] (Seagate Technology LLC) -- C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
PRC - [2013/10/18 22:36:14 | 001,517,128 | ---- | M] (Seagate Technology LLC) -- C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe
PRC - [2013/09/19 17:36:28 | 001,782,576 | ---- | M] (Actual Tools) -- C:\Program Files (x86)\[]TOOLS[]\Actual Multiple Monitors\ActualMultipleMonitorsCenter.exe
PRC - [2011/09/14 21:06:38 | 000,169,624 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
PRC - [2010/03/23 06:17:43 | 000,417,280 | ---- | M] (Stardock Corporation) -- C:\Program Files (x86)\[]TOOLS[]\CursorFX\CursorFX.exe
========== Modules (No Company Name) ==========
MOD - [2015/01/09 19:05:15 | 000,043,008 | ---- | M] () -- c:\Users\the Hoff\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmptkjz4_.dll
MOD - [2014/12/21 22:31:50 | 000,043,656 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\SSL.pyd
MOD - [2014/12/21 22:31:50 | 000,034,952 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\Exts\simplejson\_speedups.pyd
MOD - [2014/12/21 22:31:48 | 000,836,232 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\etree.pyd
MOD - [2014/12/21 22:31:48 | 000,192,136 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\objectify.pyd
MOD - [2014/12/21 22:31:48 | 000,054,920 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\crypto.pyd
MOD - [2014/12/21 22:31:48 | 000,017,032 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\rand.pyd
MOD - [2014/12/21 22:31:46 | 000,044,680 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_socket.pyd
MOD - [2014/12/21 22:31:46 | 000,027,784 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ssl.pyd
MOD - [2014/12/21 22:31:44 | 000,081,544 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ctypes.pyd
MOD - [2014/12/21 22:31:44 | 000,018,568 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_hashlib.pyd
MOD - [2014/12/21 22:31:42 | 000,689,800 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\DLLs\unicodedata.pyd
MOD - [2014/12/21 22:31:42 | 000,111,240 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\DLLs\pyexpat.pyd
MOD - [2014/12/21 22:31:42 | 000,072,840 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\zlib.dll
MOD - [2014/12/21 22:31:42 | 000,016,520 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\DLLs\select.pyd
MOD - [2014/12/21 22:31:40 | 000,502,920 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\tag.dll
MOD - [2014/12/21 22:31:38 | 000,049,800 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\soci_sqlite3-vc80-3_0.dll
MOD - [2014/12/21 22:31:36 | 000,086,664 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\soci_core-vc80-3_0.dll
MOD - [2014/12/21 22:31:32 | 002,092,680 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\opencv_core249.dll
MOD - [2014/12/21 22:31:32 | 001,883,272 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\opencv_imgproc249.dll
MOD - [2014/12/21 22:31:30 | 000,838,792 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\libxml2.dll
MOD - [2014/12/21 22:31:30 | 000,166,024 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\libxslt.dll
MOD - [2014/12/21 22:31:28 | 000,196,232 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\libidn.dll
MOD - [2014/12/21 22:31:28 | 000,062,600 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\libexslt.dll
MOD - [2014/12/02 13:53:15 | 003,758,192 | ---- | M] () -- C:\Program Files (x86)\[]TOOLS[]\Mozilla Firefox\mozjs.dll
MOD - [2014/11/17 12:10:31 | 038,562,088 | ---- | M] () -- C:\Program Files\[]TOOLS[]\Avast\libcef.dll
MOD - [2014/11/13 03:26:57 | 001,947,136 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.V9921e851#\b597c30ed765fa6d99a12f00c3314394\Microsoft.VisualBasic.ni.dll
MOD - [2014/11/13 03:26:52 | 000,805,376 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Runt73a1fc9d#\11650ce4aad4575fc146aa66a575bcb7\System.Runtime.Remoting.ni.dll
MOD - [2014/10/21 16:22:50 | 000,750,080 | ---- | M] () -- C:\Users\the Hoff\AppData\Roaming\Dropbox\bin\libGLESv2.dll
MOD - [2014/10/21 16:22:50 | 000,047,616 | ---- | M] () -- C:\Users\the Hoff\AppData\Roaming\Dropbox\bin\libEGL.dll
MOD - [2014/10/21 16:22:48 | 000,863,744 | ---- | M] () -- C:\Users\the Hoff\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
MOD - [2014/10/21 16:22:46 | 000,200,704 | ---- | M] () -- C:\Users\the Hoff\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
MOD - [2014/10/14 23:11:00 | 012,894,208 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\db563d596d76daed04e9b5d25b2f4cb9\System.Windows.Forms.ni.dll
MOD - [2014/10/14 23:10:58 | 007,668,736 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\7147fa233a070283dba824da40089bf1\System.Xml.ni.dll
MOD - [2014/10/14 23:10:58 | 006,990,336 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Core\691c1ad89d16f49d80e84fa06a79089a\System.Core.ni.dll
MOD - [2014/10/14 23:10:56 | 000,976,384 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\0648dbecb7e3fb9523565107e04a5caf\System.Configuration.ni.dll
MOD - [2014/10/14 23:10:55 | 001,644,544 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b4c08872c259018b17b2801da33ac80f\System.Drawing.ni.dll
MOD - [2014/10/14 23:10:54 | 010,100,736 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System\17a393b77ae757f0768501fb95ff5af6\System.ni.dll
MOD - [2014/08/26 15:47:16 | 000,436,576 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
MOD - [2014/08/26 15:47:16 | 000,318,304 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
MOD - [2014/02/26 03:07:34 | 016,953,856 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll
MOD - [2014/02/12 19:58:32 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/02/12 19:58:10 | 001,044,808 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/03/23 06:17:43 | 000,059,904 | ---- | M] () -- C:\Program Files (x86)\[]TOOLS[]\CursorFX\zlib1.dll
========== Services (SafeList) ==========
SRV:64bit: - [2014/11/21 18:35:29 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/11/17 12:09:44 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\[]TOOLS[]\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2014/11/17 12:08:40 | 004,012,248 | ---- | M] (Avast Software) [On_Demand | Running] -- C:\Program Files\[]TOOLS[]\Avast\ng\vbox\AvastVBoxSVC.exe -- (AvastVBoxSvc)
SRV:64bit: - [2014/04/09 05:13:48 | 000,289,256 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe -- (McComponentHostService)
SRV:64bit: - [2014/03/24 14:50:50 | 000,357,144 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2013/05/26 21:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2011/04/20 01:04:20 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2015/01/02 11:07:43 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/12/02 13:53:15 | 000,114,800 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/03/20 14:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013/10/18 22:36:28 | 000,016,000 | ---- | M] (Seagate Technology LLC) [Auto | Stopped] -- C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe -- (Seagate Dashboard Services)
SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2011/09/14 21:06:38 | 000,169,624 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor10.0)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2014/11/21 15:55:59 | 001,050,432 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsnx.sys -- (aswSnx)
DRV:64bit: - [2014/11/17 12:10:43 | 000,116,728 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm)
DRV:64bit: - [2014/11/17 12:10:42 | 000,436,624 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)
DRV:64bit: - [2014/11/17 12:10:42 | 000,267,632 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014/11/17 12:10:41 | 000,083,280 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014/11/17 12:10:41 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2014/11/17 12:10:41 | 000,029,208 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2014/11/17 12:10:40 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2014/11/17 12:08:40 | 000,271,752 | ---- | M] (Avast Software) [Kernel | Disabled | Unknown] -- C:\Program Files\[]TOOLS[]\Avast\ng\vbox\VBoxAswDrv.sys -- (VBoxAswDrv)
DRV:64bit: - [2014/07/28 13:52:00 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2014/03/18 16:24:40 | 000,059,160 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2014/03/18 16:24:38 | 000,076,568 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2014/03/18 16:24:36 | 000,013,080 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidEqd.sys -- (LHidEqd)
DRV:64bit: - [2014/03/18 16:24:34 | 000,077,592 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LEqdUsb.sys -- (LEqdUsb)
DRV:64bit: - [2013/05/13 14:36:06 | 000,050,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2013/05/13 14:36:06 | 000,029,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nuidfltr.sys -- (NuidFltr)
DRV:64bit: - [2013/05/06 07:32:28 | 000,076,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2012/08/23 06:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 06:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/02/29 22:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/06/10 05:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/04/20 01:44:50 | 009,319,936 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2011/04/20 01:44:50 | 009,319,936 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/04/20 00:22:34 | 000,306,176 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/03/10 22:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 22:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 05:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/07/15 04:47:42 | 000,116,240 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010/03/19 02:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/01/01 09:20:28 | 000,034,472 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2009/07/13 17:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 17:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 17:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/10 08:07:02 | 001,222,144 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2009/06/10 12:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 12:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 12:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 12:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 12:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/05/06 15:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2006/11/01 02:23:42 | 000,015,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV - [2009/07/13 17:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {5807584B-75B6-465D-88B0-3C4AC684276C}
IE:64bit: - HKLM\..\SearchScopes\{5807584B-75B6-465D-88B0-3C4AC684276C}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{B01640CD-4AE7-4121-9097-F4E61054E570}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://nmd.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://nmd.msn.com
IE - HKCU\..\SearchScopes,DefaultScope = {B01640CD-4AE7-4121-9097-F4E61054E570}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE11SR
IE - HKCU\..\SearchScopes\{B01640CD-4AE7-4121-9097-F4E61054E570}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.addSBtoToolbar: false
FF - prefs.js..browser.search.autosizerwizard: ""
FF - prefs.js..browser.search.highlightCount: 0
FF - prefs.js..browser.search.minwidth: 156
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "chrome://fastdial/content/fastdial.html"
FF - prefs.js..extensions.enabledAddons: quickdrag%40mozilla.ktechcomputing.com:2.1.3.23
FF - prefs.js..extensions.enabledAddons: %7B1A2D0EC4-75F5-4c91-89C4-3656F6E44B68%7D:0.6.3
FF - prefs.js..extensions.enabledAddons: %7B2e17e2b2-b8d4-4a67-8d7b-fafa6cc9d1d0%7D:1.2.7.0
FF - prefs.js..extensions.enabledAddons: %7B54BB9F3F-07E5-486c-9B39-C7398B99391C%7D:4.1.2013040601
FF - prefs.js..extensions.enabledAddons: %7B582195F5-92E7-40a0-A127-DB71295901D7%7D:0.6.4.1.3
FF - prefs.js..extensions.enabledAddons: %7B5F590AA2-1221-4113-A6F4-A4BB62414FAC%7D:0.45.8.20130519.3
FF - prefs.js..extensions.enabledAddons: %7Bdc0fa13c-3dae-73eb-e852-912722c852f9%7D:0.3.1
FF - prefs.js..extensions.enabledAddons: %7BDDC359D1-844A-42a7-9AA1-88A850A938A8%7D:2.0.17
FF - prefs.js..extensions.enabledAddons: CLEO%40guid.customsoftwareconsult.com:6.0
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.24
FF - prefs.js..extensions.enabledAddons: fastdial%40telega.phpnet.us:4.12
FF - prefs.js..extensions.enabledAddons: undoclosedtabsbutton%40supernova00.biz:3.9.3
FF - prefs.js..extensions.enabledAddons: %7B1ced4832-f06e-413f-aa14-9eb63ad40ace%7D:1.1
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:2.3
FF - prefs.js..extensions.enabledAddons: thumbnailZoom%40dadler.github.com:3.2
FF - prefs.js..extensions.enabledAddons: %7B4BBDD651-70CF-4821-84F8-2B918CF89CA3%7D:8.2
FF - prefs.js..extensions.enabledAddons: %7B3d7eb24f-2740-49df-8937-200b1cc08f8a%7D:1.5.18
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:34.0
FF - prefs.js..keyword.URL: "http://www.google.co...ient&gfns=1&q="
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\[]TOOLS[]\PDF-XChange\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\[]TOOLS[]\PDF-XChange\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.71.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.7: C:\Program Files (x86)\[]TOOLS[]\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@citrixonline.com/appdetectorplugin: C:\Users\the Hoff\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101752.dll (Amazon.com, Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\[]TOOLS[]\Avast\WebRep\FF [2014/11/17 12:10:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F003DA68-8256-4b37-A6C4-350FA04494DF}: C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014/08/12 22:03:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 34.0\extensions\\Components: C:\Program Files (x86)\[]TOOLS[]\Mozilla Firefox\components [2014/12/02 13:53:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 34.0\extensions\\Plugins: C:\Program Files (x86)\[]TOOLS[]\Mozilla Firefox\plugins [2014/12/02 13:53:11 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{e4f94d1e-2f53-401e-8885-681602c0ddd8}: C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014/04/04 02:36:14 | 000,010,691 | ---- | M] ()
[2011/03/03 12:39:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\the Hoff\AppData\Roaming\Mozilla\Extensions
[2015/01/09 19:18:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\extensions
[2014/12/10 10:06:19 | 000,000,000 | ---D | M] (Flashblock) -- C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
[2014/12/08 10:10:35 | 000,000,000 | ---D | M] (FEBE) -- C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}
[2011/03/03 13:55:57 | 000,000,000 | ---D | M] (Aquatint Slate) -- C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\extensions\{526fd696-27a0-11dc-8314-0800200c9a66}
[2011/03/03 13:55:51 | 000,000,000 | ---D | M] (Aquatint Black) -- C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\extensions\{7694c49c-9fbd-11dc-8314-0800200c9a66}
[2011/03/09 18:57:02 | 000,000,000 | ---D | M] (Noia 2.0 (eXtreme)) -- C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\extensions\{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}
[2014/09/08 18:32:44 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011/03/03 13:55:52 | 000,000,000 | ---D | M] (Gradient iBlu) -- C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\extensions\{bf70ba50-e70d-11dd-ba2f-0800200c9a66}
[2011/03/03 13:55:51 | 000,000,000 | ---D | M] (Gradient iCool) -- C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\extensions\{de5809e0-2b07-11dd-bd0b-0800200c9a66}
[2014/07/10 07:17:35 | 000,000,000 | ---D | M] (CLEO) -- C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\extensions\[email protected]
[2014/09/24 18:49:06 | 000,000,000 | ---D | M] (Fast Dial) -- C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\extensions\[email protected]
[2012/03/31 19:32:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\extensions\[email protected]
[2011/03/03 13:55:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\extensions\{526fd696-27a0-11dc-8314-0800200c9a66}\chrome\mac\browser\extensions
[2011/03/03 13:55:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\extensions\{526fd696-27a0-11dc-8314-0800200c9a66}\chrome\mac\mozapps\extensions
[2011/03/03 13:55:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\extensions\{526fd696-27a0-11dc-8314-0800200c9a66}\chrome\win\browser\extensions
[2011/03/03 13:55:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\extensions\{526fd696-27a0-11dc-8314-0800200c9a66}\chrome\win\mozapps\extensions
[2011/03/03 13:55:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\extensions\{7694c49c-9fbd-11dc-8314-0800200c9a66}\chrome\win\mozapps\extensions
[2014/11/20 19:12:16 | 000,016,275 | ---- | M] () (No name found) -- C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\extensions\[email protected]
[2012/03/31 06:50:28 | 000,032,381 | ---- | M] () (No name found) -- C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\extensions\[email protected]
[2013/09/19 09:45:50 | 000,015,751 | ---- | M] () (No name found) -- C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\extensions\[email protected]
[2014/12/04 12:14:32 | 000,197,276 | ---- | M] () (No name found) -- C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\extensions\[email protected]
[2014/10/08 13:09:25 | 000,039,197 | ---- | M] () (No name found) -- C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\extensions\[email protected]
[2014/10/20 16:48:39 | 000,537,656 | ---- | M] () (No name found) -- C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi
[2013/06/04 18:01:21 | 000,096,207 | ---- | M] () (No name found) -- C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}.xpi
[2014/10/20 12:25:11 | 000,020,242 | ---- | M] () (No name found) -- C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\extensions\{1ced4832-f06e-413f-aa14-9eb63ad40ace}.xpi
[2015/01/09 19:18:33 | 002,057,151 | ---- | M] () (No name found) -- C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\extensions\{28197867-b1ef-4140-8e3b-55c45b9c8460}.xpi
[2012/06/07 12:04:10 | 000,009,253 | ---- | M] () (No name found) -- C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\extensions\{2e17e2b2-b8d4-4a67-8d7b-fafa6cc9d1d0}.xpi
[2013/04/13 14:40:48 | 000,307,011 | ---- | M] () (No name found) -- C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\extensions\{54BB9F3F-07E5-486c-9B39-C7398B99391C}.xpi
[2011/09/17 20:49:22 | 000,242,715 | ---- | M] () (No name found) -- C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\extensions\{582195F5-92E7-40a0-A127-DB71295901D7}.xpi
[2013/06/04 18:01:21 | 000,043,024 | ---- | M] () (No name found) -- C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\extensions\{5F590AA2-1221-4113-A6F4-A4BB62414FAC}.xpi
[2014/11/12 19:12:19 | 000,979,699 | ---- | M] () (No name found) -- C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2011/10/17 20:00:59 | 000,003,147 | ---- | M] () (No name found) -- C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\extensions\{dc0fa13c-3dae-73eb-e852-912722c852f9}.xpi
[2014/05/04 22:21:34 | 000,731,942 | ---- | M] () (No name found) -- C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
[2014/10/31 09:45:37 | 000,304,000 | ---- | M] () (No name found) -- C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2014/12/07 17:38:16 | 000,001,362 | ---- | M] () (No name found) -- C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}\chrome\skin\xpinstallItemGeneric.png
[2008/03/20 15:43:48 | 000,001,182 | ---- | M] () (No name found) -- C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\extensions\{526fd696-27a0-11dc-8314-0800200c9a66}\chrome\mac\mozapps\xpinstall\xpinstallConfirm.css
[2008/04/07 19:41:16 | 000,001,937 | ---- | M] () (No name found) -- C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\extensions\{526fd696-27a0-11dc-8314-0800200c9a66}\chrome\mac\mozapps\xpinstall\xpinstallItemGeneric.png
[2009/06/16 23:52:20 | 000,001,502 | ---- | M] () (No name found) -- C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\extensions\{526fd696-27a0-11dc-8314-0800200c9a66}\chrome\win\mozapps\xpinstall\xpinstallConfirm.css
[2009/06/16 23:18:30 | 000,001,423 | ---- | M] () (No name found) -- C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\extensions\{526fd696-27a0-11dc-8314-0800200c9a66}\chrome\win\mozapps\xpinstall\xpinstallItemGeneric.png
[2010/04/01 09:10:00 | 000,001,502 | ---- | M] () (No name found) -- C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\extensions\{7694c49c-9fbd-11dc-8314-0800200c9a66}\chrome\win\mozapps\xpinstall\xpinstallConfirm.css
[2010/04/01 08:51:04 | 000,001,362 | ---- | M] () (No name found) -- C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\extensions\{7694c49c-9fbd-11dc-8314-0800200c9a66}\chrome\win\mozapps\xpinstall\xpinstallItemGeneric.png
[2013/09/26 13:28:15 | 000,001,913 | ---- | M] () -- C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\searchplugins\mycroft-project.xml
[2014/12/12 19:13:21 | 000,002,488 | ---- | M] () -- C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default\searchplugins\youtube.xml
========== Chrome ==========
CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.google.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java Platform SE 6 U24 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft® Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\[]TOOLS[]\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: PDF-XChange Viewer (Enabled) = C:\Program Files (x86)\[]TOOLS[]\Mozilla Firefox\plugins\npPDFXCviewNPPlugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\[]TOOLS[]\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\[]TOOLS[]\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\[]TOOLS[]\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\[]TOOLS[]\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\[]TOOLS[]\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\[]TOOLS[]\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\[]TOOLS[]\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Windows Live® Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files (x86)\[]TOOLS[]\VLC\npvlc.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\[]TOOLS[]\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - default_search_provider: A1370F28A391521539184D6046DC845CA35F4B0A8565421DDBAC62ADC3C42DC0 (Enabled)
CHR - default_search_provider: search_url = BF2153C16D756A94860215C7A8439CE8B6403C0E5603BFE580FC88DB94360F9A
CHR - default_search_provider: suggest_url =
CHR - homepage: 9A9FF161B8C08817C84B67F2FA3FB4FFA0ADA54C9B795D9CE87E70CD0795A0C7
CHR - Extension: Google Drive = C:\Users\the Hoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\the Hoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: Avast Online Security = C:\Users\the Hoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.0.2502.149_0\
CHR - Extension: Avast Online Security = C:\Users\the Hoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2021.112_0\
CHR - Extension: Google Wallet = C:\Users\the Hoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
O1 HOSTS File: ([2013/09/25 12:25:56 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\[]TOOLS[]\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll File not found
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll File not found
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\[]TOOLS[]\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Evernote extension) - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
O2 - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll File not found
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll File not found
O3:64bit: - HKLM\..\Toolbar: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3:64bit: - HKLM\..\Toolbar: (no name) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll File not found
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\[]TOOLS[]\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DBAgent] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe (Seagate Technology LLC)
O4 - HKCU..\Run: [Actual Multiple Monitors] C:\Program Files (x86)\[]TOOLS[]\Actual Multiple Monitors\ActualMultipleMonitorsCenter.exe (Actual Tools)
O4 - HKCU..\Run: [CursorFX] C:\Program Files (x86)\[]TOOLS[]\CursorFX\CursorFX.exe (Stardock Corporation)
O4 - HKCU..\Run: [Plex Media Server] C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe (Plex, Inc.)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\the Hoff\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKCU..\Run: [Uploader] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe (Seagate Technology LLC)
O4 - Startup: C:\Users\the Hoff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\the Hoff\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\the Hoff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogOff = 0
O8:64bit: - Extra context menu item: Clip bookmark - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0 File not found
O8:64bit: - Extra context menu item: Clip image - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4 File not found
O8:64bit: - Extra context menu item: Clip selection - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3 File not found
O8:64bit: - Extra context menu item: Clip this page - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1 File not found
O8:64bit: - Extra context menu item: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0 File not found
O8:64bit: - Extra context menu item: New note - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html ()
O8 - Extra context menu item: Clip bookmark - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0 File not found
O8 - Extra context menu item: Clip image - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4 File not found
O8 - Extra context menu item: Clip selection - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3 File not found
O8 - Extra context menu item: Clip this page - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1 File not found
O8 - Extra context menu item: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0 File not found
O8 - Extra context menu item: New note - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html ()
O9:64bit: - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html ()
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html ()
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} http://images3.pnime...veX_Control.cab (Photo Upload Plugin Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B0B045C6-0DBA-4926-8B56-159FF565315A}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{64406a3d-ca9a-11e3-bd2c-bcaec54f1b9f}\Shell - "" = AutoRun
O33 - MountPoints2\{64406a3d-ca9a-11e3-bd2c-bcaec54f1b9f}\Shell\AutoRun\command - "" = H:\TL_Bootstrap.exe
O33 - MountPoints2\{912af8cb-85b2-11e3-8d84-bcaec54f1b9f}\Shell - "" = AutoRun
O33 - MountPoints2\{912af8cb-85b2-11e3-8d84-bcaec54f1b9f}\Shell\AutoRun\command - "" = L:\VZW_Software_upgrade_assistant.exe
O33 - MountPoints2\{d0b5e87b-7d42-11e2-9f15-bcaec54f1b9f}\Shell - "" = AutoRun
O33 - MountPoints2\{d0b5e87b-7d42-11e2-9f15-bcaec54f1b9f}\Shell\AutoRun\command - "" = K:\VZW_Software_upgrade_assistant.exe
O33 - MountPoints2\{d0b5e897-7d42-11e2-9f15-bcaec54f1b9f}\Shell - "" = AutoRun
O33 - MountPoints2\{d0b5e897-7d42-11e2-9f15-bcaec54f1b9f}\Shell\AutoRun\command - "" = H:\VZW_Software_upgrade_assistant.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2015/01/09 19:16:44 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\the Hoff\Desktop\OTL.exe
[2015/01/06 11:40:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2015/01/06 11:40:51 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
[2015/01/02 11:13:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2015/01/02 11:08:10 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
[2014/12/26 17:07:35 | 000,000,000 | ---D | C] -- C:\Users\the Hoff\AppData\Local\Plex Media Server
[2014/12/26 17:06:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server
[2014/12/26 17:04:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Plex
[2014/12/26 17:03:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2014/12/18 12:54:35 | 000,000,000 | ---D | C] -- C:\Users\the Hoff\Desktop\Pictures off Mandy's phone 12-18-2014
[2014/12/18 12:53:25 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Verizon2.0_Log
[2014/12/18 12:53:25 | 000,000,000 | ---D | C] -- C:\Users\the Hoff\AppData\Roaming\VERIZON
[2014/12/15 11:10:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Citrix
[2014/12/15 11:09:38 | 000,000,000 | ---D | C] -- C:\Users\the Hoff\AppData\Local\Citrix
[11 C:\Users\the Hoff\Documents\*.tmp files -> C:\Users\the Hoff\Documents\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2015/01/09 19:24:05 | 000,000,544 | ---- | M] () -- C:\windows\tasks\G2MUpdateTask-S-1-5-21-3472861432-3466800176-631802751-1001.job
[2015/01/09 19:19:51 | 000,018,736 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015/01/09 19:19:51 | 000,018,736 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015/01/09 19:16:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\the Hoff\Desktop\OTL.exe
[2015/01/09 19:04:13 | 000,000,894 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/01/09 19:03:50 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2015/01/09 19:03:36 | 1944,719,359 | -HS- | M] () -- C:\hiberfil.sys
[2015/01/06 14:56:00 | 000,000,898 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/01/06 14:46:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2015/01/06 11:40:59 | 000,001,893 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2015/01/06 11:40:59 | 000,001,893 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2015/01/06 08:17:10 | 000,786,578 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2015/01/06 08:17:10 | 000,665,304 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2015/01/06 08:17:10 | 000,123,112 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2015/01/05 14:31:07 | 000,019,448 | ---- | M] () -- C:\Users\the Hoff\Desktop\10451650_10204254144167068_6268355639048558052_n.jpg
[2015/01/04 14:28:22 | 000,558,714 | ---- | M] () -- C:\Users\the Hoff\Desktop\11266_Starter_Kit_Flyer_US_WEB.pdf
[2015/01/01 13:13:05 | 000,036,453 | ---- | M] () -- C:\Users\the Hoff\Desktop\10906199_769586233110359_4886365575943365343_n.jpg
[2014/12/27 18:29:47 | 000,098,874 | ---- | M] () -- C:\Users\the Hoff\Desktop\11371_End_of_Year_Flyer_US_lores.pdf
[2014/12/24 14:41:50 | 002,105,008 | ---- | M] () -- C:\Users\the Hoff\Desktop\download_20141218_225341.jpeg
[2014/12/16 22:03:58 | 000,001,150 | ---- | M] () -- C:\Users\the Hoff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2014/12/15 12:20:30 | 000,235,633 | ---- | M] () -- C:\Users\the Hoff\Desktop\10873002_10204656441665427_7299825460784694091_o.jpg
[2014/12/15 12:20:10 | 000,160,830 | ---- | M] () -- C:\Users\the Hoff\Desktop\10866213_10204656479146364_5517118639090790789_o.jpg
[2014/12/15 11:54:40 | 001,042,628 | ---- | M] () -- C:\Users\the Hoff\Desktop\11392_JAN15_HS_US_Combined_Final.pdf
[2014/12/15 11:26:43 | 000,078,808 | ---- | M] () -- C:\Users\the Hoff\Desktop\10868192_10203334188503162_7806083871633330140_n.jpg
[2014/12/15 11:26:02 | 000,091,081 | ---- | M] () -- C:\Users\the Hoff\Desktop\10688462_841154455943295_5452542407191263943_o.jpg
[2014/12/15 11:25:47 | 000,085,120 | ---- | M] () -- C:\Users\the Hoff\Desktop\1501025_841153382610069_4535495853193058627_o.jpg
[2014/12/15 11:25:34 | 000,083,315 | ---- | M] () -- C:\Users\the Hoff\Desktop\10838275_841153199276754_7108543570504921912_o.jpg
[2014/12/15 11:25:21 | 000,088,177 | ---- | M] () -- C:\Users\the Hoff\Desktop\10856643_841152635943477_5933600009805470548_o.jpg
[2014/12/15 11:24:56 | 000,065,490 | ---- | M] () -- C:\Users\the Hoff\Desktop\10845894_841151475943593_5333808386377634965_o.jpg
[2014/12/15 11:24:34 | 000,083,122 | ---- | M] () -- C:\Users\the Hoff\Desktop\10864006_841152385943502_45739359078370745_o.jpg
[11 C:\Users\the Hoff\Documents\*.tmp files -> C:\Users\the Hoff\Documents\*.tmp -> ]
========== Files Created - No Company Name ==========
[2015/01/05 14:31:04 | 000,019,448 | ---- | C] () -- C:\Users\the Hoff\Desktop\10451650_10204254144167068_6268355639048558052_n.jpg
[2015/01/04 14:28:18 | 000,558,714 | ---- | C] () -- C:\Users\the Hoff\Desktop\11266_Starter_Kit_Flyer_US_WEB.pdf
[2015/01/02 11:07:59 | 000,001,893 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2015/01/02 11:07:59 | 000,001,893 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2015/01/01 13:13:02 | 000,036,453 | ---- | C] () -- C:\Users\the Hoff\Desktop\10906199_769586233110359_4886365575943365343_n.jpg
[2014/12/27 18:29:47 | 000,098,874 | ---- | C] () -- C:\Users\the Hoff\Desktop\11371_End_of_Year_Flyer_US_lores.pdf
[2014/12/24 14:41:39 | 002,105,008 | ---- | C] () -- C:\Users\the Hoff\Desktop\download_20141218_225341.jpeg
[2014/12/15 12:20:27 | 000,235,633 | ---- | C] () -- C:\Users\the Hoff\Desktop\10873002_10204656441665427_7299825460784694091_o.jpg
[2014/12/15 12:20:07 | 000,160,830 | ---- | C] () -- C:\Users\the Hoff\Desktop\10866213_10204656479146364_5517118639090790789_o.jpg
[2014/12/15 11:54:40 | 001,042,628 | ---- | C] () -- C:\Users\the Hoff\Desktop\11392_JAN15_HS_US_Combined_Final.pdf
[2014/12/15 11:26:40 | 000,078,808 | ---- | C] () -- C:\Users\the Hoff\Desktop\10868192_10203334188503162_7806083871633330140_n.jpg
[2014/12/15 11:25:59 | 000,091,081 | ---- | C] () -- C:\Users\the Hoff\Desktop\10688462_841154455943295_5452542407191263943_o.jpg
[2014/12/15 11:25:44 | 000,085,120 | ---- | C] () -- C:\Users\the Hoff\Desktop\1501025_841153382610069_4535495853193058627_o.jpg
[2014/12/15 11:25:31 | 000,083,315 | ---- | C] () -- C:\Users\the Hoff\Desktop\10838275_841153199276754_7108543570504921912_o.jpg
[2014/12/15 11:25:18 | 000,088,177 | ---- | C] () -- C:\Users\the Hoff\Desktop\10856643_841152635943477_5933600009805470548_o.jpg
[2014/12/15 11:24:53 | 000,065,490 | ---- | C] () -- C:\Users\the Hoff\Desktop\10845894_841151475943593_5333808386377634965_o.jpg
[2014/12/15 11:24:31 | 000,083,122 | ---- | C] () -- C:\Users\the Hoff\Desktop\10864006_841152385943502_45739359078370745_o.jpg
[2014/12/15 11:10:01 | 000,000,544 | ---- | C] () -- C:\windows\tasks\G2MUpdateTask-S-1-5-21-3472861432-3466800176-631802751-1001.job
[2013/09/24 21:04:06 | 000,000,207 | ---- | C] () -- C:\windows\tweaking.com-regbackup-THEHOFF-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
[2011/08/12 20:20:48 | 000,007,680 | ---- | C] () -- C:\Users\the Hoff\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2009/07/13 20:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/06/24 18:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/06/24 17:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 17:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 04:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 17:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013/02/22 15:03:21 | 000,000,000 | ---D | M] -- C:\Users\the Hoff\AppData\Roaming\Actual Tools
[2012/12/21 18:27:33 | 000,000,000 | ---D | M] -- C:\Users\the Hoff\AppData\Roaming\Amazon
[2011/03/04 07:20:11 | 000,000,000 | ---D | M] -- C:\Users\the Hoff\AppData\Roaming\Auslogics
[2013/12/01 20:39:26 | 000,000,000 | ---D | M] -- C:\Users\the Hoff\AppData\Roaming\AVAST Software
[2014/01/20 19:06:50 | 000,000,000 | ---D | M] -- C:\Users\the Hoff\AppData\Roaming\Blackboard
[2014/04/17 21:08:33 | 000,000,000 | ---D | M] -- C:\Users\the Hoff\AppData\Roaming\calibre
[2011/04/30 10:25:39 | 000,000,000 | ---D | M] -- C:\Users\the Hoff\AppData\Roaming\Canon
[2012/04/21 10:07:33 | 000,000,000 | ---D | M] -- C:\Users\the Hoff\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012/04/20 17:11:06 | 000,000,000 | ---D | M] -- C:\Users\the Hoff\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2013/09/19 10:39:51 | 000,000,000 | ---D | M] -- C:\Users\the Hoff\AppData\Roaming\com.wwnorton.WTS3-iLGs
[2013/12/25 20:03:13 | 000,000,000 | ---D | M] -- C:\Users\the Hoff\AppData\Roaming\dBpoweramp
[2015/01/09 19:06:09 | 000,000,000 | ---D | M] -- C:\Users\the Hoff\AppData\Roaming\Dropbox
[2015/01/03 21:58:54 | 000,000,000 | ---D | M] -- C:\Users\the Hoff\AppData\Roaming\HandBrake
[2013/01/29 13:15:58 | 000,000,000 | ---D | M] -- C:\Users\the Hoff\AppData\Roaming\IrfanView
[2014/01/23 12:07:58 | 000,000,000 | ---D | M] -- C:\Users\the Hoff\AppData\Roaming\Leadertech
[2011/03/05 23:14:09 | 000,000,000 | ---D | M] -- C:\Users\the Hoff\AppData\Roaming\MoveFab
[2011/03/03 16:49:49 | 000,000,000 | ---D | M] -- C:\Users\the Hoff\AppData\Roaming\Outertech
[2014/01/23 12:12:06 | 000,000,000 | ---D | M] -- C:\Users\the Hoff\AppData\Roaming\Seagate
[2014/12/21 10:27:56 | 000,000,000 | ---D | M] -- C:\Users\the Hoff\AppData\Roaming\Spotify
[2015/01/01 13:22:42 | 000,000,000 | ---D | M] -- C:\Users\the Hoff\AppData\Roaming\TeraCopy
========== Purity Check ==========
< End of report >
Extras.txt
OTL Extras logfile created on: 1/9/2015 7:17:57 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\the Hoff\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17501)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
7.75 Gb Total Physical Memory | 4.80 Gb Available Physical Memory | 61.95% Memory free
15.49 Gb Paging File | 12.39 Gb Available in Paging File | 79.93% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1862.92 Gb Total Space | 360.88 Gb Free Space | 19.37% Space Free | Partition Type: NTFS
Drive D: | 4.23 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive E: | 1.92 Gb Total Space | 1.71 Gb Free Space | 89.43% Space Free | Partition Type: FAT
Computer Name: THEHOFF-PC | User Name: the Hoff | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.ini[@ = GetDiz.Document] -- C:\Program Files (x86)\[]TOOLS[]\GetDiz\GetDiz.exe (Outertech - http://outertech.com)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
.txt[@ = GetDiz.Document] -- C:\Program Files (x86)\[]TOOLS[]\GetDiz\GetDiz.exe (Outertech - http://outertech.com)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.ini [@ = GetDiz.Document] -- C:\Program Files (x86)\[]TOOLS[]\GetDiz\GetDiz.exe (Outertech - http://outertech.com)
.txt [@ = GetDiz.Document] -- C:\Program Files (x86)\[]TOOLS[]\GetDiz\GetDiz.exe (Outertech - http://outertech.com)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\[]TOOLS[]\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\[]TOOLS[]\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\[]TOOLS[]\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
"C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
"C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08B68986-1ADB-4F33-A09F-D5C85D788CB4}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0E17E818-88B9-41B2-9605-67F8EDE7A693}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{117F1ACB-E49F-4330-890A-4ABE078DF032}" = lport=445 | protocol=6 | dir=in | app=system |
"{25AF7653-9EB0-4C4F-B8A6-EB412F7D2220}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{334F281E-1D8C-493D-B1A9-4326231EE6FB}" = rport=445 | protocol=6 | dir=out | app=system |
"{4EC1D028-1292-40A4-8415-399B97E4C5C7}" = lport=139 | protocol=6 | dir=in | app=system |
"{538A555E-F339-4664-9D7B-33D2BFAABD8C}" = rport=139 | protocol=6 | dir=out | app=system |
"{53EA1340-B741-4A3D-AB9D-F110BF853DBE}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{63442658-C06E-41C9-AD02-70600F7D43C5}" = lport=137 | protocol=17 | dir=in | app=system |
"{6BB592B3-E543-429F-964E-9457C21662D2}" = rport=137 | protocol=17 | dir=out | app=system |
"{8C9E6C80-F89B-4289-ABB1-66B4D0C85DE3}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{A2661CC2-CCCA-4CEB-B628-0B9D22B98F8E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{B4C4A38C-416B-4783-9B59-9BE45DAB433C}" = lport=138 | protocol=17 | dir=in | app=system |
"{D2B0D7AB-A572-4211-8C37-53933C5149C7}" = rport=138 | protocol=17 | dir=out | app=system |
"{EB0C5C1B-110F-43CB-908D-4163B10C49BD}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D153C91-2B50-40D6-B962-3FDD5FE33C54}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{1C771021-44CE-45D1-B4CC-6E5A66610E25}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{3A2E8B97-A379-4336-9EC4-2679EF88724B}" = protocol=6 | dir=in | app=c:\program files\[]tools[]\avast\ng\vbox\aswfe.exe |
"{48F16599-8208-489A-BF7F-63DADD51B6B7}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{5FF5E7A1-44EB-4C8A-B38B-3C5C02F7399B}" = dir=in | app=c:\program files (x86)\plex\plex media server\plexscripthost.exe |
"{7F946ED7-FE9C-45EA-939B-17592F658E11}" = protocol=58 | dir=out | [email protected],-28546 |
"{83EF87D9-4AA0-4F07-869F-9ED6106125CF}" = protocol=1 | dir=out | [email protected],-28544 |
"{867AB9B8-E0FF-482E-9FC7-73F3581F2F4D}" = dir=in | app=c:\program files (x86)\plex\plex media server\plexdlnaserver.exe |
"{951FE704-D88D-4A9D-AD18-AE2C1AB6DB6D}" = protocol=6 | dir=in | app=c:\users\the hoff\appdata\roaming\spotify\spotify.exe |
"{9DF7625F-625F-4788-BA22-A090570E8C65}" = protocol=58 | dir=in | [email protected],-28545 |
"{AC25C83C-51B4-4169-8CFF-3DB79068F038}" = protocol=1 | dir=in | [email protected],-28543 |
"{B0D0959C-54A6-4FF4-B942-2FCE0BF5A013}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{B8B3C65B-B87F-40F5-A720-B3D593462B2A}" = dir=in | app=c:\program files (x86)\plex\plex media server\plex media server.exe |
"{BA3B7216-5D48-4947-AD18-0A4E4BD1E1B6}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{C3F83AE7-548F-4762-88F9-6ECC9884A5F5}" = protocol=17 | dir=in | app=c:\users\the hoff\appdata\roaming\spotify\spotify.exe |
"{FA24A23F-3B8D-422C-996A-32F832C3A679}" = protocol=17 | dir=in | app=c:\program files\[]tools[]\avast\ng\vbox\aswfe.exe |
"TCP Query User{44138902-AC97-429A-B961-D2AA0CB4F1C3}C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe" = protocol=6 | dir=in | app=c:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe |
"TCP Query User{C4F9352F-0EBD-403E-8003-F5DE6DEF7948}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{20FF6F98-2A54-4CAA-AED4-74E08C50EC09}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{F088E644-25E6-48AA-9907-4284F1E6BBF6}C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe" = protocol=17 | dir=in | app=c:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX300_series" = Canon MX300 series
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6096C0CC-7E19-4355-87F0-627EC5AA146D}" = iCloud
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{897BE4A7-682B-7375-BBAF-05A44FC2B524}" = ATI Catalyst Install Manager
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B678797F-DF38-4556-8A31-8B818E261868}" = Apple Mobile Device Support
"{E3047FA0-2D6B-4BD6-8CD4-599955F1CE9D}" = Microsoft Mouse and Keyboard Center
"{EE18FF09-2F2A-4A88-85B3-B845EFD5C5FE}" = PDF-XChange Viewer
"{F46AA0F1-E284-4878-A462-5F11B9166C0E}" = iTunes
"CANONIJINBOXADDON200" = Canon Inkjet Printer Driver Add-On Module V2.00
"CCleaner" = CCleaner
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft Mouse and Keyboard Center" = Microsoft Mouse and Keyboard Center
"sp6" = Logitech SetPoint 6.65
"TeraCopy_is1" = TeraCopy 2.12
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{08F32589-5E39-42B8-8BC5-6A8126ED2A70}" = Microsoft Visual C++ 2008 Redistributable Package
"{09076BCB-56D7-483C-969E-1723E9FC3F4E}" = calibre
"{0A5B39D2-7ED6-4779-BCC9-37F381139DB3}" = Adobe AIR
"{11D08055-939C-432b-98C3-E072478A0CD7}" = PSE10 STI Installer
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{1a413f37-ed88-4fec-9666-997AF4905D9C}" = FLV.com FLV Converter 4.7
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{22D3A614-482C-444A-932C-9DA1B8ECDFD2}" = Elements 10 Organizer
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 71
"{2E6044C5-3495-485F-91BC-46D1B6430E51}" = Windows 7 Logon Background Changer
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{43C423D9-E6D6-4607-ADC9-EBB54F690C57}" = Seagate Dashboard 2.0
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}" = Google Earth Plug-in
"{51399947-35EF-10B8-FC7F-0D435C701A2D}" = Catalyst Control Center InstallProxy
"{5C6F884D-680C-448B-B4C9-22296EE1B206}" = Logitech Harmony Remote Software 7
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7425d872-d65d-42c9-8c6d-7a8a529a4b50}" = Plex Media Server
"{78002155-F025-4070-85B3-7C0453561701}" = Apple Application Support
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{80F19EAA-44C4-47C2-AE87-1C7628E858D6}" = Logitech Harmony Remote Software 7
"{845DE456-3003-28B9-4022-1552B8974F16}" = WTS3_iLGs
"{8471021C-F529-43DE-84DF-3612E10F58C4}" = Remote Control USB Driver
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90120000-00D1-0409-0000-0000000FF1CE}" = Microsoft Office Access database engine 2007 (English)
"{90140000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C126D2F-7B21-4DE4-90CA-1BC30DA6DE95}" = Plex Media Server
"{9F479685-180E-4C05-9400-D59292A1B29C}" = Windows Live Movie Maker
"{A08A6B7D-1F21-4843-85A3-77B8D15FAE0E}" = Citrix Online Launcher
"{A127C3C0-055E-38CF-B38F-1E85F8BBBFFE}" = Adobe Community Help
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C0E5147E-C9F3-4360-9ED0-2E875F11766C}" = Respondus LockDown Browser
"{C1080852-065E-4991-9260-F3756E3CC182}" = CursorFX
"{C60F3836-333A-4AE2-B526-CFDBA143A9BA}" = Google Drive
"{C82185E8-C27B-4EF4-2010-4444BC2C2B6D}" = Microsoft Streets & Trips 2010
"{C8773FDB-D0DB-BE52-D536-F48F9886B57B}" = Adobe Download Assistant
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{DFDF0BE2-2D71-11E4-9454-00163E98E7D6}" = Evernote v. 5.6.4
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{EC8282AB-48DD-91D2-7387-01CD6E100A5D}" = Adobe Photoshop.com Inspiration Browser
"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery
"{EE549AF9-8FAA-4584-83B2-ECF1BC9DC1FF}" = Adobe Photoshop Elements 10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"7-Zip" = 7-Zip 9.20
"Actual Multiple Monitors_is1" = Actual Multiple Monitors 8.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 15 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 16 NPAPI
"Adobe Photoshop Elements 10" = Adobe Photoshop Elements 10
"Aleks 3.14" = Aleks 3.14
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.17
"avast" = Avast Free Antivirus
"CanonMyPrinter" = Canon My Printer
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"CloneDVD2" = CloneDVD2
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"com.wwnorton.WTS3-iLGs" = WTS3_iLGs
"CursorFX" = CursorFX
"dBpoweramp [Calculate Audio CRC] Codec" = dBpoweramp [Calculate Audio CRC] Codec
"dBpoweramp [Multi Encoder] Codec" = dBpoweramp [Multi Encoder] Codec
"dBpoweramp [ReplayGain] Codec" = dBpoweramp [ReplayGain] Codec
"dBpoweramp AAC Encoder" = dBpoweramp AAC Encoder
"dBpoweramp CLI Encoder" = dBpoweramp CLI Encoder
"dBpoweramp Dalet Codec" = dBpoweramp Dalet Codec
"dBpoweramp FLAC Codec" = dBpoweramp FLAC Codec
"dBpoweramp m4a Codec" = dBpoweramp m4a Codec
"dBpoweramp m4a Utilities" = dBpoweramp m4a Utilities
"dBpoweramp Monkeys Audio Codec" = dBpoweramp Monkeys Audio Codec
"dBpoweramp Mp2 and BwfMp2 codec" = dBpoweramp Mp2 and BwfMp2 codec
"dBpoweramp mp3 (Fraunhofer IIS) Codec" = dBpoweramp mp3 (Fraunhofer IIS) Codec
"dBpoweramp Music Converter" = dBpoweramp Music Converter
"dBpoweramp Ogg Vorbis Codec" = dBpoweramp Ogg Vorbis Codec
"dBpoweramp Real Audio (Helix) Encoder" = dBpoweramp Real Audio (Helix) Encoder
"dBPoweramp tooLame MP2 codec" = dBPoweramp tooLame MP2 codec
"dBpoweramp Wave64 Codec" = dBpoweramp Wave64 Codec
"dBpoweramp WavPack Codec" = dBpoweramp WavPack Codec
"dBpoweramp Windows Media Audio 10 Codec" = dBpoweramp Windows Media Audio 10 Codec
"DVDFab 8_is1" = DVDFab 8.0.6.1 (18/12/2010)
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"GetDiz 4.5" = GetDiz 4.5
"Google Chrome" = Google Chrome
"HandBrake" = HandBrake 0.9.8
"HTC_WModemDriver" = WModem Driver Installer
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"IrfanView" = IrfanView (remove only)
"JumpStart Languages" = JumpStart Languages
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Mozilla Firefox 34.0 (x86 en-US)" = Mozilla Firefox 34.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 1.0" = Canon MP Navigator EX 1.0
"Office14.STANDARD" = Microsoft Office Standard 2010
"PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1" = Adobe Photoshop.com Inspiration Browser
"Revo Uninstaller" = Revo Uninstaller 1.91
"The KMPlayer" = The KMPlayer (remove only)
"Tweaking.com - Registry Backup" = Tweaking.com - Registry Backup
"VLC media player" = VLC media player 2.1.3
"WinLiveSuite_Wave3" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"GoToMeeting" = GoToMeeting 7.0.5.2152
"Spotify" = Spotify
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 8/30/2014 3:28:23 AM | Computer Name = theHoff-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 5023
Error - 8/30/2014 3:28:24 AM | Computer Name = theHoff-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 8/30/2014 3:28:24 AM | Computer Name = theHoff-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 6022
Error - 8/30/2014 3:28:24 AM | Computer Name = theHoff-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 6022
Error - 8/30/2014 3:28:25 AM | Computer Name = theHoff-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 8/30/2014 3:28:25 AM | Computer Name = theHoff-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 7020
Error - 8/30/2014 3:28:25 AM | Computer Name = theHoff-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 7020
Error - 8/30/2014 3:28:26 AM | Computer Name = theHoff-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 8/30/2014 3:28:26 AM | Computer Name = theHoff-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 8018
Error - 8/30/2014 3:28:26 AM | Computer Name = theHoff-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 8018
[ Media Center Events ]
Error - 12/13/2014 1:11:32 PM | Computer Name = theHoff-PC | Source = MCUpdate | ID = 0
Description = 9:11:31 AM - Failed to retrieve SportsV2 (Error: Unable to connect
to the remote server)
Error - 12/15/2014 1:10:50 PM | Computer Name = theHoff-PC | Source = MCUpdate | ID = 0
Description = 9:10:50 AM - Failed to retrieve Directory (Error: Unable to connect
to the remote server)
Error - 12/15/2014 1:11:01 PM | Computer Name = theHoff-PC | Source = MCUpdate | ID = 0
Description = 9:11:01 AM - Failed to retrieve SportsSchedule (Error: Unable to connect
to the remote server)
Error - 12/15/2014 2:11:14 PM | Computer Name = theHoff-PC | Source = MCUpdate | ID = 0
Description = 10:11:14 AM - Failed to retrieve Directory (Error: Unable to connect
to the remote server)
Error - 12/16/2014 1:36:40 PM | Computer Name = theHoff-PC | Source = MCUpdate | ID = 0
Description = 9:36:24 AM - Failed to retrieve Broadband (Error: Unable to connect
to the remote server)
Error - 12/16/2014 2:36:55 PM | Computer Name = theHoff-PC | Source = MCUpdate | ID = 0
Description = 10:36:50 AM - Failed to retrieve Broadband (Error: Unable to connect
to the remote server)
Error - 12/16/2014 3:37:02 PM | Computer Name = theHoff-PC | Source = MCUpdate | ID = 0
Description = 11:37:01 AM - Failed to retrieve Broadband (Error: Unable to connect
to the remote server)
Error - 12/18/2014 1:31:18 PM | Computer Name = theHoff-PC | Source = MCUpdate | ID = 0
Description = 9:31:18 AM - Failed to retrieve Directory (Error: Unable to connect
to the remote server)
Error - 12/18/2014 1:31:23 PM | Computer Name = theHoff-PC | Source = MCUpdate | ID = 0
Description = 9:31:23 AM - Failed to retrieve MCEClientUX (Error: Unable to connect
to the remote server)
Error - 12/18/2014 1:31:34 PM | Computer Name = theHoff-PC | Source = MCUpdate | ID = 0
Description = 9:31:29 AM - Failed to retrieve Broadband (Error: Unable to connect
to the remote server)
[ System Events ]
Error - 1/2/2015 2:34:00 AM | Computer Name = theHoff-PC | Source = DCOM | ID = 10010
Description =
Error - 1/2/2015 2:56:33 PM | Computer Name = theHoff-PC | Source = Service Control Manager | ID = 7006
Description = The ScRegSetValueExW call failed for Type with the following error:
%%5
Error - 1/2/2015 2:57:36 PM | Computer Name = theHoff-PC | Source = NetBT | ID = 4321
Description = The name "WORKGROUP :1d" could not be registered on the interface
with IP address 192.168.0.2. The computer with the IP address 192.168.0.16 did not
allow the name to be claimed by this computer.
Error - 1/2/2015 3:09:37 PM | Computer Name = theHoff-PC | Source = DCOM | ID = 10010
Description =
Error - 1/6/2015 4:51:18 PM | Computer Name = theHoff-PC | Source = DCOM | ID = 10010
Description =
Error - 1/6/2015 5:35:11 PM | Computer Name = theHoff-PC | Source = Service Control Manager | ID = 7006
Description = The ScRegSetValueExW call failed for Type with the following error:
%%5
Error - 1/6/2015 5:42:04 PM | Computer Name = theHoff-PC | Source = Service Control Manager | ID = 7022
Description = The Windows Update service hung on starting.
Error - 1/6/2015 7:43:49 PM | Computer Name = theHoff-PC | Source = DCOM | ID = 10010
Description =
Error - 1/9/2015 11:04:43 PM | Computer Name = theHoff-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Seagate
Dashboard Services service to connect.
Error - 1/9/2015 11:05:51 PM | Computer Name = theHoff-PC | Source = Service Control Manager | ID = 7006
Description = The ScRegSetValueExW call failed for Type with the following error:
%%5
< End of report >