I have 3 users on my Windows 8.1 machine. Myself, my mother and another family member. My mother's user has constant issues with explorer.exe crashing or at least I think this is the issue because her desktop goes black and nearly freezes. When I right click on the desktop or taskbar the menus show up slowly and come line by line, rather than popping up right away like they normally do. The only way I've found to remedy this issue is to go to the task manager and end task for windows explorer. The desktop comes back to normal. Another thing that made me think it was explorer related was when I log her off to my user which doesn't really have this problem and I have shut down from my user and her own I will briefly see a box mentioning an exploxer.exe error and a red x as the computer is shutting down. The message pops up so briefly that I can't really read it fast it enough to see what it all says. I scanned the computer with Spybot, Malwarebytes, Microsoft's security scanner from their website (http://www.microsoft...us/default.aspx) and My webroot antivirus. I have found nothing problematic. I defragged my hard drives recently and try to keep my temp, prefetch and internet caches cleaned regularly as well. So I didn't think that could be interfering with the explorer.
I was very frustrated with this explorer issue so I tried to see if an free/open source alternative to explorer would work with my computer. I tried Cubic and Xplorer 2 and we didn't think they were as visually appealing as the regular Win Explorer, but if any helper here can tell me about how to customize any of these or of another free/open source explorer like Win explorer in terms of looks, but with more features I'd be very open to this even if this can be fixed or isn't malware related.
OTL logfile created on: 3/13/2014 8:21:53 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\A Lamar\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16518)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
7.87 Gb Total Physical Memory | 4.12 Gb Available Physical Memory | 52.35% Memory free
8.70 Gb Paging File | 2.89 Gb Available in Paging File | 33.18% Paging File free
Paging file location(s): c:\pagefile.sys 400 4096 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1850.39 Gb Total Space | 490.54 Gb Free Space | 26.51% Space Free | Partition Type: NTFS
Drive D: | 10.81 Gb Total Space | 1.27 Gb Free Space | 11.74% Space Free | Partition Type: NTFS
Drive E: | 14.83 Gb Total Space | 9.76 Gb Free Space | 65.80% Space Free | Partition Type: FAT32
Drive K: | 2794.51 Gb Total Space | 521.28 Gb Free Space | 18.65% Space Free | Partition Type: NTFS
Drive M: | 931.28 Gb Total Space | 77.33 Gb Free Space | 8.30% Space Free | Partition Type: FAT32
Drive O: | 3725.90 Gb Total Space | 1469.46 Gb Free Space | 39.44% Space Free | Partition Type: NTFS
Computer Name: HP | User Name: A Lamar | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\A Lamar\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Webroot\WRSA.exe (Webroot)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe (Maxthon International ltd.)
PRC - C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe (IObit)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\AdFender\AdFender.exe (AdFender, Inc.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe (MPC-HC Team)
PRC - C:\Program Files (x86)\eFax Messenger 4.4\J2GDllCmd.exe (j2 Global Communications, Inc.)
PRC - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe (IVT Corporation)
PRC - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe (IVT Corporation)
PRC - C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (ABBYY)
========== Modules (No Company Name) ==========
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\ppgooglenaclpluginchrome.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\PepperFlash\pepflashplayer.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\libegl.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\ffmpegsumo.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\chrome_elf.dll ()
MOD - C:\Program Files (x86)\Audials\Audials 11\ac3filter.ax ()
MOD - C:\Program Files (x86)\Maxthon\Addons\Mobile\MxMobile.dll ()
MOD - C:\Program Files (x86)\Maxthon\Core\Webkit\ffmpegsumo.dll ()
MOD - C:\Program Files (x86)\Maxthon\Core\Webkit\libGLESv2.dll ()
MOD - C:\Program Files (x86)\Maxthon\Core\Webkit\libEGL.dll ()
MOD - C:\Program Files (x86)\Maxthon\Bin\Maxzlib.dll ()
MOD - C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\avcodec-lav-55.dll ()
MOD - C:\Program Files (x86)\K-Lite Codec Pack\Filters\ffdshow\ffdshow.ax ()
MOD - C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\avformat-lav-55.dll ()
MOD - C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\swscale-lav-2.dll ()
MOD - C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\avutil-lav-52.dll ()
MOD - C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\libbluray.dll ()
MOD - C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\avfilter-lav-3.dll ()
MOD - C:\Program Files (x86)\K-Lite Codec Pack\Filters\ffdshow\ff_libmad.dll ()
MOD - C:\Program Files (x86)\IObit\Smart Defrag 3\webres.dll ()
MOD - C:\Windows\SysWOW64\BsExtendFunc.dll ()
MOD - C:\Windows\SysWOW64\BsProfileFunc.dll ()
MOD - C:\Windows\SysWOW64\BsTrace.dll ()
MOD - C:\Windows\SysWOW64\SCChangeMonitor.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (WRSVC) -- C:\Program Files\Webroot\WRSA.exe (Webroot)
SRV:64bit: - (IEEtwCollectorService) -- C:\WINDOWS\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (EpsonCustomerParticipation) -- C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe (SEIKO EPSON CORPORATION)
SRV:64bit: - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation)
SRV:64bit: - (w3logsvc) -- C:\Windows\SysNative\inetsrv\w3logsvc.dll (Microsoft Corporation)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation)
SRV:64bit: - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (lfsvc) -- C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
SRV:64bit: - (WdNisSvc) -- C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (STacSV) -- C:\Program Files\IDT\WDM\stacsv64.exe (IDT, Inc.)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (WAS) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (w3logsvc) -- C:\Windows\SysWOW64\inetsrv\w3logsvc.dll (Microsoft Corporation)
SRV - (AppHostSvc) -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll (Microsoft Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (lfsvc) -- C:\Windows\SysWOW64\GeofenceMonitorService.dll (Microsoft Corporation)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (NCO) -- C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe (Symantec Corporation)
SRV - (PrintNotify) -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation)
SRV - (HPConnectedRemote) -- c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe (Hewlett-Packard)
SRV - (HP Support Assistant Service) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Hewlett-Packard Company)
SRV - (BlueSoleilCS) -- C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe (IVT Corporation)
SRV - (BsHelpCS) -- C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe (IVT Corporation)
SRV - (ABBYY.Licensing.FineReader.Sprint.9.0) -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (ABBYY)
========== Driver Services (SafeList) ==========
DRV:64bit: - (WRkrn) -- C:\Windows\SysNative\drivers\WRkrn.sys (Webroot)
DRV:64bit: - (SmartDefragDriver) -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys (IObit)
DRV:64bit: - (debutfilter) -- C:\Windows\SysNative\drivers\debutfilterx64.sys ()
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation)
DRV:64bit: - (tbhsd) -- C:\Windows\SysNative\drivers\tbhsd.sys (RapidSolution Software AG)
DRV:64bit: - (RrNetCapFilterDriver) -- C:\Windows\SysNative\drivers\RrNetCapFilterDriver.sys (Audials AG)
DRV:64bit: - (rtbth) -- C:\Windows\SysNative\drivers\rtbth.sys (Ralink Technology, Corp.)
DRV:64bit: - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (intaud_WaveExtensible) -- C:\Windows\SysNative\drivers\intelaud.sys (Intel Corporation)
DRV:64bit: - (iwdbus) -- C:\Windows\SysNative\drivers\iwdbus.sys (Intel Corporation)
DRV:64bit: - (ccSet_NST) -- C:\Windows\SysNative\drivers\NSTx64\7DE06000.01B\ccSetx64.sys (Symantec Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (LSI_SAS3) -- C:\Windows\SysNative\drivers\lsi_sas3.sys (LSI Corporation)
DRV:64bit: - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (ReFS) -- C:\WINDOWS\SysNative\drivers\refs.sys (Microsoft Corporation)
DRV:64bit: - (UEFI) -- C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (WdNisDrv) -- C:\Windows\SysNative\drivers\WdNisDrv.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
DRV:64bit: - (WSDScan) -- C:\Windows\SysNative\drivers\WSDScan.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc63.sys (Microsoft Corporation)
DRV:64bit: - (BthLEEnum) -- C:\Windows\SysNative\drivers\BthLEEnum.sys (Microsoft Corporation)
DRV:64bit: - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows ® Win 7 DDK provider)
DRV:64bit: - (iaStorAV) -- C:\Windows\SysNative\drivers\iaStorAV.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation)
DRV:64bit: - (netr28x) -- C:\Windows\SysNative\drivers\netr28x.sys (Ralink Technology, Corp.)
DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C63x64.sys (Qualcomm Atheros Co., Ltd.)
DRV:64bit: - (hpvision) -- C:\Windows\SysNative\drivers\hp64vision.sys (Windows ® Codename Longhorn DDK provider)
DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.)
DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\drivers\iaStorA.sys (Intel Corporation)
DRV:64bit: - (BthL2caScoIfSrv) -- C:\Windows\SysNative\drivers\BtL2caScoIf.sys (Ralink Corporation)
DRV:64bit: - (btUrbFilterDrv) -- C:\Windows\SysNative\drivers\IvtUrbBtFlt.sys (Ralink Corporation)
DRV:64bit: - (CLVirtualDrive) -- C:\Windows\SysNative\drivers\CLVirtualDrive.sys (CyberLink)
DRV:64bit: - (BtAudioBusSrv) -- C:\Windows\SysNative\drivers\BtAudioBus.sys (IVT Corporation)
DRV:64bit: - (VNUSB) -- C:\Windows\SysNative\drivers\VNUSB.sys (OLYMPUS IMAGING CORP.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (USB28xxBGA) -- C:\Windows\SysNative\drivers\emBDA64.sys (eMPIA Technology, Inc.)
DRV:64bit: - (USB28xxOEM) -- C:\Windows\SysNative\drivers\emOEM64.sys (eMPIA Technology, Inc.)
DRV - (IObitUnlocker) -- C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys (IObit)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.17
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.4: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F04D2D30-776C-4d02-8627-8E4385ECA58D}: C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.6.0.27\coFFPlgn\ [2014/03/13 12:36:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\webrootsecure@webroot.com: C:\ProgramData\WRData\PKG\FIREFOX\WebrootSecure_SocketServer [2014/03/07 09:23:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 27.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 27.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2013/12/26 13:50:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\A Lamar\AppData\Roaming\Mozilla\Extensions
[2014/01/03 13:18:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\A Lamar\AppData\Roaming\Mozilla\Firefox\Profiles\cfr080di.default\extensions
[2014/01/03 13:17:25 | 000,000,000 | ---D | M] (DivX Browser Bar) -- C:\Users\A Lamar\AppData\Roaming\Mozilla\Firefox\Profiles\cfr080di.default\extensions\{77e8143b-6759-416e-b521-82cfed75150b}
[2014/01/03 13:17:26 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\A Lamar\AppData\Roaming\Mozilla\Firefox\Profiles\cfr080di.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2014/01/03 13:17:39 | 000,000,000 | ---D | M] (FoxLingo) -- C:\Users\A Lamar\AppData\Roaming\Mozilla\Firefox\Profiles\cfr080di.default\extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}
[2014/01/03 13:17:21 | 000,000,000 | ---D | M] (Freecorder) -- C:\Users\A Lamar\AppData\Roaming\Mozilla\Firefox\Profiles\cfr080di.default\extensions\addon@freecorder.com
[2014/01/03 13:17:21 | 000,000,000 | ---D | M] (Vaudix) -- C:\Users\A Lamar\AppData\Roaming\Mozilla\Firefox\Profiles\cfr080di.default\extensions\ywb@cqimkfk.co.uk
[2014/01/03 13:17:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\A Lamar\AppData\Roaming\Mozilla\Firefox\Profiles\cfr080di.default\healthreport\extensions
[2014/01/03 13:17:03 | 000,000,000 | ---D | M] (DivX Browser Bar) -- C:\Users\A Lamar\AppData\Roaming\Mozilla\Firefox\Profiles\cfr080di.default\healthreport\extensions\{77e8143b-6759-416e-b521-82cfed75150b}
[2014/01/03 13:17:04 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\A Lamar\AppData\Roaming\Mozilla\Firefox\Profiles\cfr080di.default\healthreport\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2014/01/03 13:17:05 | 000,000,000 | ---D | M] (FoxLingo) -- C:\Users\A Lamar\AppData\Roaming\Mozilla\Firefox\Profiles\cfr080di.default\healthreport\extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}
[2014/01/03 13:16:58 | 000,000,000 | ---D | M] (Freecorder) -- C:\Users\A Lamar\AppData\Roaming\Mozilla\Firefox\Profiles\cfr080di.default\healthreport\extensions\addon@freecorder.com
[2014/01/03 13:16:58 | 000,000,000 | ---D | M] (Vaudix) -- C:\Users\A Lamar\AppData\Roaming\Mozilla\Firefox\Profiles\cfr080di.default\healthreport\extensions\ywb@cqimkfk.co.uk
[2014/01/03 13:15:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\A Lamar\AppData\Roaming\Mozilla\Firefox\Profiles\cfr080di.default\storage\extensions
[2014/01/03 13:15:19 | 000,000,000 | ---D | M] (DivX Browser Bar) -- C:\Users\A Lamar\AppData\Roaming\Mozilla\Firefox\Profiles\cfr080di.default\storage\extensions\{77e8143b-6759-416e-b521-82cfed75150b}
[2014/01/03 13:15:20 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\A Lamar\AppData\Roaming\Mozilla\Firefox\Profiles\cfr080di.default\storage\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2014/01/03 13:15:33 | 000,000,000 | ---D | M] (FoxLingo) -- C:\Users\A Lamar\AppData\Roaming\Mozilla\Firefox\Profiles\cfr080di.default\storage\extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}
[2014/01/03 13:15:14 | 000,000,000 | ---D | M] (Freecorder) -- C:\Users\A Lamar\AppData\Roaming\Mozilla\Firefox\Profiles\cfr080di.default\storage\extensions\addon@freecorder.com
[2014/01/03 13:15:14 | 000,000,000 | ---D | M] (Vaudix) -- C:\Users\A Lamar\AppData\Roaming\Mozilla\Firefox\Profiles\cfr080di.default\storage\extensions\ywb@cqimkfk.co.uk
[2013/08/15 00:31:44 | 000,354,970 | ---- | M] () (No name found) -- C:\Users\A Lamar\AppData\Roaming\Mozilla\Firefox\Profiles\cfr080di.default\extensions\client@anonymox.net.xpi
[2013/08/15 00:31:44 | 001,343,603 | ---- | M] () (No name found) -- C:\Users\A Lamar\AppData\Roaming\Mozilla\Firefox\Profiles\cfr080di.default\extensions\readable@evernote.com.xpi
[2012/12/26 16:44:16 | 000,615,655 | ---- | M] () (No name found) -- C:\Users\A Lamar\AppData\Roaming\Mozilla\Firefox\Profiles\cfr080di.default\extensions\testpilot@labs.mozilla.com.xpi
[2013/06/25 20:54:25 | 000,347,599 | ---- | M] () (No name found) -- C:\Users\A Lamar\AppData\Roaming\Mozilla\Firefox\Profiles\cfr080di.default\extensions\translator@dontfollowme.net.xpi
[2013/07/21 13:02:33 | 000,008,984 | ---- | M] () (No name found) -- C:\Users\A Lamar\AppData\Roaming\Mozilla\Firefox\Profiles\cfr080di.default\extensions\{4324f4a6-3a89-477e-b388-6bca032df78b}.xpi
[2013/07/26 09:19:19 | 000,111,726 | ---- | M] () (No name found) -- C:\Users\A Lamar\AppData\Roaming\Mozilla\Firefox\Profiles\cfr080di.default\extensions\{89f8dde0-010a-11da-8cd6-0800200c9a66}.xpi
[2013/01/05 08:29:08 | 000,556,618 | ---- | M] () (No name found) -- C:\Users\A Lamar\AppData\Roaming\Mozilla\Firefox\Profiles\cfr080di.default\extensions\{ceff3aa1-bfdc-f434-c52d-922216a9cdf5}.xpi
[2013/08/01 13:26:52 | 000,824,302 | ---- | M] () (No name found) -- C:\Users\A Lamar\AppData\Roaming\Mozilla\Firefox\Profiles\cfr080di.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/05/20 21:28:14 | 000,555,916 | ---- | M] () (No name found) -- C:\Users\A Lamar\AppData\Roaming\Mozilla\Firefox\Profiles\cfr080di.default\extensions\{ef914f7f-701e-b874-85f8-9a53e30326d5}.xpi
[2013/08/15 00:31:44 | 000,354,970 | ---- | M] () (No name found) -- C:\Users\A Lamar\AppData\Roaming\Mozilla\Firefox\Profiles\cfr080di.default\healthreport\extensions\client@anonymox.net.xpi
[2013/08/15 00:31:44 | 001,343,603 | ---- | M] () (No name found) -- C:\Users\A Lamar\AppData\Roaming\Mozilla\Firefox\Profiles\cfr080di.default\healthreport\extensions\readable@evernote.com.xpi
[2012/12/26 16:44:16 | 000,615,655 | ---- | M] () (No name found) -- C:\Users\A Lamar\AppData\Roaming\Mozilla\Firefox\Profiles\cfr080di.default\healthreport\extensions\testpilot@labs.mozilla.com.xpi
[2013/06/25 20:54:25 | 000,347,599 | ---- | M] () (No name found) -- C:\Users\A Lamar\AppData\Roaming\Mozilla\Firefox\Profiles\cfr080di.default\healthreport\extensions\translator@dontfollowme.net.xpi
[2013/07/21 13:02:33 | 000,008,984 | ---- | M] () (No name found) -- C:\Users\A Lamar\AppData\Roaming\Mozilla\Firefox\Profiles\cfr080di.default\healthreport\extensions\{4324f4a6-3a89-477e-b388-6bca032df78b}.xpi
[2013/07/26 09:19:19 | 000,111,726 | ---- | M] () (No name found) -- C:\Users\A Lamar\AppData\Roaming\Mozilla\Firefox\Profiles\cfr080di.default\healthreport\extensions\{89f8dde0-010a-11da-8cd6-0800200c9a66}.xpi
[2013/01/05 08:29:08 | 000,556,618 | ---- | M] () (No name found) -- C:\Users\A Lamar\AppData\Roaming\Mozilla\Firefox\Profiles\cfr080di.default\healthreport\extensions\{ceff3aa1-bfdc-f434-c52d-922216a9cdf5}.xpi
[2013/08/01 13:26:52 | 000,824,302 | ---- | M] () (No name found) -- C:\Users\A Lamar\AppData\Roaming\Mozilla\Firefox\Profiles\cfr080di.default\healthreport\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/05/20 21:28:14 | 000,555,916 | ---- | M] () (No name found) -- C:\Users\A Lamar\AppData\Roaming\Mozilla\Firefox\Profiles\cfr080di.default\healthreport\extensions\{ef914f7f-701e-b874-85f8-9a53e30326d5}.xpi
[2013/08/15 00:31:44 | 000,354,970 | ---- | M] () (No name found) -- C:\Users\A Lamar\AppData\Roaming\Mozilla\Firefox\Profiles\cfr080di.default\storage\extensions\client@anonymox.net.xpi
[2013/08/15 00:31:44 | 001,343,603 | ---- | M] () (No name found) -- C:\Users\A Lamar\AppData\Roaming\Mozilla\Firefox\Profiles\cfr080di.default\storage\extensions\readable@evernote.com.xpi
[2012/12/26 16:44:16 | 000,615,655 | ---- | M] () (No name found) -- C:\Users\A Lamar\AppData\Roaming\Mozilla\Firefox\Profiles\cfr080di.default\storage\extensions\testpilot@labs.mozilla.com.xpi
[2013/06/25 20:54:25 | 000,347,599 | ---- | M] () (No name found) -- C:\Users\A Lamar\AppData\Roaming\Mozilla\Firefox\Profiles\cfr080di.default\storage\extensions\translator@dontfollowme.net.xpi
[2013/07/21 13:02:33 | 000,008,984 | ---- | M] () (No name found) -- C:\Users\A Lamar\AppData\Roaming\Mozilla\Firefox\Profiles\cfr080di.default\storage\extensions\{4324f4a6-3a89-477e-b388-6bca032df78b}.xpi
[2013/07/26 09:19:19 | 000,111,726 | ---- | M] () (No name found) -- C:\Users\A Lamar\AppData\Roaming\Mozilla\Firefox\Profiles\cfr080di.default\storage\extensions\{89f8dde0-010a-11da-8cd6-0800200c9a66}.xpi
[2013/01/05 08:29:08 | 000,556,618 | ---- | M] () (No name found) -- C:\Users\A Lamar\AppData\Roaming\Mozilla\Firefox\Profiles\cfr080di.default\storage\extensions\{ceff3aa1-bfdc-f434-c52d-922216a9cdf5}.xpi
[2013/08/01 13:26:52 | 000,824,302 | ---- | M] () (No name found) -- C:\Users\A Lamar\AppData\Roaming\Mozilla\Firefox\Profiles\cfr080di.default\storage\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/05/20 21:28:14 | 000,555,916 | ---- | M] () (No name found) -- C:\Users\A Lamar\AppData\Roaming\Mozilla\Firefox\Profiles\cfr080di.default\storage\extensions\{ef914f7f-701e-b874-85f8-9a53e30326d5}.xpi
[2014/01/10 15:08:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/01/10 15:08:38 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014/01/17 04:56:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\updated\browser\extensions
[2014/01/17 04:56:16 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\updated\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\A Lamar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: No name found = C:\Users\A Lamar\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\A Lamar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\A Lamar\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.2_0\
CHR - Extension: No name found = C:\Users\A Lamar\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.4_0\
CHR - Extension: No name found = C:\Users\A Lamar\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Webroot Filtering Extension = C:\Users\A Lamar\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjeghcllfecehndceplomkocgfbklffd\1.0.0.26_0\
CHR - Extension: Google Wallet = C:\Users\A Lamar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Google Wallet = C:\Users\A Lamar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Google Wallet = C:\Users\A Lamar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\
CHR - Extension: Norton Identity Protection = C:\Users\A Lamar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob\2014.6.0.27_0\
CHR - Extension: Norton Identity Protection = C:\Users\A Lamar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob\2014.6.2.3_0\
CHR - Extension: Norton Identity Protection = C:\Users\A Lamar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob\2014.6.4.11_0\
CHR - Extension: Norton Identity Protection = C:\Users\A Lamar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob\2014.6.4.11_1\
CHR - Extension: No name found = C:\Users\A Lamar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2014/01/24 22:41:15 | 000,450,639 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 123fporn.info
O1 - Hosts: 15467 more lines...
O2:64bit: - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
O2:64bit: - BHO: (Norton Identity Protection) - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.6.0.27\CoIEPlg.dll (Symantec Corporation)
O2:64bit: - BHO: (Webroot Filtering Extension) - {C9C42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files\Webroot\WRData\PKG\Vistax64\wrflt.dll (Webroot)
O2:64bit: - BHO: (ClassicIEBHO Class) - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
O2:64bit: - BHO: (Adblock Plus for IE Browser Helper Object) - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus)
O2 - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
O2 - BHO: (Norton Identity Protection) - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Webroot Filtering Extension) - {C9C42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files\Webroot\WRData\PKG\Vistax86\wrflt.dll (Webroot)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O2 - BHO: (ClassicIEBHO Class) - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
O2 - BHO: (Adblock Plus for IE Browser Helper Object) - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)
O3:64bit: - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
O3:64bit: - HKLM\..\Toolbar: (Norton Identity Safe Toolbar) - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.6.0.27\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
O3 - HKLM\..\Toolbar: (Norton Identity Safe Toolbar) - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\CoIEPlg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [BeatsOSDApp] C:\Program Files\IDT\WDM\Beats64.exe (Hewlett-Packard )
O4:64bit: - HKLM..\Run: [Classic Start Menu] C:\Program Files\Classic Shell\ClassicStartMenu.exe (IvoSoft)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BtTray] c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe (IVT Corporation)
O4 - HKLM..\Run: [CLMLServer_For_P2G8] c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (CyberLink)
O4 - HKLM..\Run: [CLVirtualDrive] c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe (CyberLink Corp.)
O4 - HKLM..\Run: [ContentTransferWMDetector.exe] C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe (Sony Corporation)
O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [eFax 4.4] C:\Program Files (x86)\eFax Messenger 4.4\J2GDllCmd.exe (j2 Global Communications, Inc.)
O4 - HKLM..\Run: [FUFAXRCV] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [FUFAXSTM] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [WRSVC] C:\Program Files\Webroot\WRSA.exe (Webroot)
O4 - HKCU..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIHWA.EXE /EPT "EPLTarget\P0000000000000000" /M "WorkForce 545" /EF "HKCU" File not found
O4 - HKCU..\Run: [Growl] C:\Program Files (x86)\Growl for Windows\Growl.exe File not found
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRunOnce = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRunOnce = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoShellSearchButton = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFile = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDeletePrinter = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDFSTab = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoEncryptOnMove = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRunasInstallPrompt = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoHardwareTab = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSubFolders = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRunOnce = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRunOnce = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoShellSearchButton = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFile = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDeletePrinter = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDFSTab = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoEncryptOnMove = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRunasInstallPrompt = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoHardwareTab = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSubFolders = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O9:64bit: - Extra 'Tools' menuitem : Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe (IvoSoft)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe (IvoSoft)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{03D8532E-0BB6-4BAD-AFC1-7180316A1809}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWOW64\skype4com.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
NetSvcs:64bit: lfsvc - C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
NetSvcs:64bit: wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:64bit: DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:64bit: NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
Drivers32:64bit: msacm.ac3acm - ac3acm.acm (fccHandler)
Drivers32:64bit: msacm.l3acm - l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: msacm.l3codecp - l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FFDS - ff_vfw.dll ()
Drivers32:64bit: VIDC.LAGS - lagarith.dll ( )
Drivers32:64bit: VIDC.X264 - x264vfw64.dll (x264vfw project)
Drivers32:64bit: VIDC.XVID - xvidvfw.dll ()
Drivers32: msacm.ac3acm - C:\WINDOWS\SysWow64\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\WINDOWS\SysWow64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\WINDOWS\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\SysWow64\SL_ANET.ACM (Sipro Lab Telecom Inc.)
Drivers32: vidc.cvid - C:\WINDOWS\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\SysWow64\ff_vfw.dll ()
Drivers32: VIDC.LAGS - C:\WINDOWS\SysWow64\lagarith.dll ( )
Drivers32: VIDC.MP42 - C:\WINDOWS\SysWow64\MPG4C32.DLL (Microsoft Corporation)
Drivers32: VIDC.MPG4 - C:\WINDOWS\SysWow64\MPG4C32.DLL (Microsoft Corporation)
Drivers32: VIDC.X264 - C:\WINDOWS\SysWow64\x264vfw.dll (x264vfw project)
Drivers32: VIDC.XVID - C:\WINDOWS\SysWow64\xvidvfw.dll ()
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2038/09/13 09:48:18 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2038/09/13 09:36:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Recovery
[2038/09/13 09:21:13 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shopping and Services
[2038/09/13 09:20:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2038/09/13 07:54:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SymSilent
[2038/09/13 07:54:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2038/09/13 07:54:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\drivers\NISx64
[2038/09/13 07:54:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2038/09/13 07:53:53 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2038/09/13 07:53:36 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
[2038/09/13 07:53:20 | 000,000,000 | R--D | C] -- C:\Program Files\Online Services
[2038/09/13 07:53:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\en
[2038/09/13 07:52:58 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[2038/09/13 07:52:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2038/09/13 07:52:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2038/09/13 07:52:19 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10_42.dll
[2038/09/13 07:52:19 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAudio2_5.dll
[2038/09/13 07:52:19 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_42.dll
[2038/09/13 07:52:19 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAPOFX1_3.dll
[2038/09/13 07:52:17 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_32.dll
[2038/09/13 07:52:17 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_32.dll
[2038/09/13 07:52:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2038/09/13 07:50:29 | 000,029,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msxml3a.dll
[2038/09/13 07:46:01 | 000,092,536 | ---- | C] (CyberLink) -- C:\WINDOWS\SysNative\drivers\CLVirtualDrive.sys
[2038/09/13 07:46:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\DRVSTORE
[2038/09/13 07:46:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\CyberLink
[2038/09/13 07:45:18 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2038/09/13 07:45:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2038/09/13 07:45:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2038/09/13 07:45:16 | 000,377,344 | ---- | C] (Hewlett-Packard) -- C:\WINDOWS\SysNative\hpbrprtmon.dll
[2038/09/13 07:45:16 | 000,355,840 | ---- | C] (Hewlett-Packard) -- C:\WINDOWS\SysNative\hpbprtmon.dll
[2038/09/13 07:45:16 | 000,170,496 | ---- | C] (Hewlett-Packard) -- C:\WINDOWS\SysNative\hpbprtmonui.dll
[2038/09/13 07:45:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HPConnectedMusic
[2038/09/13 07:45:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nikon
[2038/09/13 07:44:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2038/09/13 07:44:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Autonomy
[2038/09/13 07:44:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Autonomy
[2038/09/13 07:43:59 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Online Services
[2038/09/13 07:43:54 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
[2038/09/13 07:43:36 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2038/09/13 07:43:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CyberLink
[2038/09/13 07:43:07 | 000,000,000 | ---D | C] -- C:\ProgramData\install_clap
[2038/09/13 07:42:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2038/09/13 07:42:08 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
[2038/09/13 07:41:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2038/09/13 07:40:51 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
[2038/09/13 07:40:12 | 000,000,000 | ---D | C] -- C:\ProgramData\{AFF99647-6D64-46F2-934A-F12F468037F6}
[2038/09/13 07:39:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Ralink Driver
[2038/09/13 07:38:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ralink Corporation
[2038/09/13 07:37:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2038/09/13 07:37:25 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos
[2038/09/13 07:37:22 | 000,000,000 | ---D | C] -- C:\Program Files\IDT
[2038/09/13 07:37:19 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2038/09/13 07:36:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Hewlett-Packard
[2038/09/13 07:36:16 | 000,117,248 | ---- | C] (Hewlett-Packard) -- C:\WINDOWS\SysNative\HPMUIDir.exe
[2038/09/13 07:36:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hewlett-Packard
[2038/09/13 07:36:14 | 000,000,000 | ---D | C] -- C:\Program Files\Hewlett-Packard
[2038/09/13 07:32:30 | 006,085,632 | ---- | C] (IDT, Inc.) -- C:\WINDOWS\SysNative\stlang64.dll
[2038/09/13 07:32:30 | 001,821,184 | ---- | C] (IDT, Inc.) -- C:\WINDOWS\SysNative\IDTNC64.cpl
[2038/09/13 07:32:30 | 001,425,408 | ---- | C] (IDT, Inc.) -- C:\WINDOWS\sttray64.exe
[2038/09/13 07:32:30 | 000,224,256 | ---- | C] (IDT, Inc.) -- C:\WINDOWS\SysNative\HPToneCtrls64.dll
[2038/09/13 07:32:30 | 000,037,888 | ---- | C] (Hewlett-Packard ) -- C:\WINDOWS\SysNative\Beats64.exe
[2038/09/13 07:32:30 | 000,000,000 | ---D | C] -- C:\ProgramData\SoundResearch
[2038/09/13 07:32:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel
[2038/09/13 07:32:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel
[2014/03/13 20:09:04 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\A Lamar\Desktop\HiJackThis.exe
[2014/03/13 20:08:17 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\A Lamar\Desktop\OTL.exe
[2014/03/12 23:54:03 | 000,586,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\qedit.dll
[2014/03/12 23:54:03 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\qedit.dll
[2014/03/11 05:25:59 | 000,000,000 | ---D | C] -- C:\Users\A Lamar\AppData\Local\Apple
[2014/03/11 05:22:45 | 000,000,000 | ---D | C] -- C:\Users\A Lamar\AppData\Local\Apple Computer
[2014/03/07 21:39:54 | 000,000,000 | ---D | C] -- C:\Users\A Lamar\AppData\Roaming\IDT
[2014/03/06 06:23:16 | 000,000,000 | ---D | C] -- C:\Users\A Lamar\Desktop\ojik.geudaeman.(2011).eng.1cd.(4465452)
[2014/03/04 22:50:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/03/04 22:17:09 | 000,000,000 | ---D | C] -- C:\Users\A Lamar\AppData\Roaming\eFax Messenger
[2014/03/04 22:17:07 | 000,000,000 | ---D | C] -- C:\ProgramData\eFax Messenger 4.4 Setup
[2014/03/04 22:17:01 | 000,000,000 | ---D | C] -- C:\Users\A Lamar\Documents\eFax Messenger 4.4
[2014/03/04 22:17:01 | 000,000,000 | ---D | C] -- C:\Users\A Lamar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eFax Messenger 4.4
[2014/03/04 22:17:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eFax Messenger 4.4
[2014/03/02 23:25:29 | 000,000,000 | ---D | C] -- C:\Users\A Lamar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CubicExplorer
[2014/03/02 23:25:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CubicExplorer
[2014/02/27 19:39:29 | 000,000,000 | ---D | C] -- C:\Users\A Lamar\AppData\Roaming\IObit
[2014/02/24 16:26:51 | 000,000,000 | ---D | C] -- C:\Users\A Lamar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ZSoft
[2014/02/24 16:26:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZSoft
[2014/02/22 17:43:22 | 000,000,000 | ---D | C] -- C:\Users\A Lamar\AppData\Roaming\WebApp
[2014/02/22 17:42:38 | 000,000,000 | ---D | C] -- C:\Users\A Lamar\AppData\Local\Cyberlink
[2014/02/22 17:42:33 | 000,000,000 | ---D | C] -- C:\Users\A Lamar\Documents\CyberLink
[2014/02/22 17:42:32 | 000,000,000 | ---D | C] -- C:\Users\A Lamar\AppData\Roaming\CyberLink
[2014/02/22 17:34:46 | 000,000,000 | ---D | C] -- C:\Users\A Lamar\Documents\ConvertXtoDVD
[2014/02/22 03:28:11 | 000,000,000 | ---D | C] -- C:\Users\A Lamar\AppData\Local\Diagnostics
[2014/02/22 03:14:00 | 000,000,000 | ---D | C] -- C:\Users\A Lamar\AppData\Roaming\Opera Software
[2014/02/22 03:14:00 | 000,000,000 | ---D | C] -- C:\Users\A Lamar\AppData\Local\Opera Software
[2014/02/21 23:21:47 | 000,000,000 | ---D | C] -- C:\ProgramData\vsosdk
[2014/02/20 23:50:48 | 000,000,000 | ---D | C] -- C:\Users\A Lamar\AppData\Local\CrashDumps
[2014/02/20 23:26:09 | 000,000,000 | ---D | C] -- C:\Users\A Lamar\Documents\Any Video Converter
[2014/02/20 23:26:09 | 000,000,000 | ---D | C] -- C:\Users\A Lamar\AppData\Roaming\AnvSoft
[2014/02/20 23:25:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft
[2014/02/20 23:25:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AnvSoft
[2014/02/20 16:12:39 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2014/02/20 16:12:39 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2014/02/17 09:14:18 | 000,637,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncHost.exe
[2014/02/17 09:14:18 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncCore.dll
[2014/02/17 09:14:18 | 000,479,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncHost.exe
[2014/02/17 09:14:17 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncCore.dll
[2014/02/17 09:14:10 | 003,210,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2vdec.dll
[2014/02/17 09:14:09 | 018,577,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2014/02/17 09:14:09 | 002,804,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmpeg2vdec.dll
[2014/02/17 09:14:07 | 002,142,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2014/02/17 09:14:07 | 001,928,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll
[2014/02/17 09:14:06 | 002,131,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2014/02/17 09:14:05 | 001,371,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\combase.dll
[2014/02/17 09:14:04 | 002,617,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll
[2014/02/17 09:14:03 | 013,925,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2014/02/17 09:14:02 | 001,399,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winmde.dll
[2014/02/17 09:13:58 | 002,295,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll
[2014/02/17 09:13:58 | 001,374,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmpmde.dll
[2014/02/17 09:13:57 | 001,204,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winmde.dll
[2014/02/17 09:13:56 | 000,764,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmpeg2srcsnk.dll
[2014/02/17 09:13:56 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemEventsBrokerServer.dll
[2014/02/17 09:13:56 | 000,263,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bisrv.dll
[2014/02/17 09:13:55 | 000,809,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmp4srcsnk.dll
[2014/02/17 09:13:55 | 000,669,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll
[2014/02/17 09:13:55 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ubpm.dll
[2014/02/17 09:13:55 | 000,032,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ploptin.dll
[2014/02/17 09:13:54 | 001,415,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2014/02/17 09:13:54 | 000,745,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\oleaut32.dll
[2014/02/17 09:13:54 | 000,663,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll
[2014/02/17 09:13:54 | 000,470,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfds.dll
[2014/02/17 09:13:54 | 000,461,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XpsGdiConverter.dll
[2014/02/17 09:13:53 | 000,433,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfds.dll
[2014/02/17 09:13:53 | 000,273,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Graphics.dll
[2014/02/17 09:13:53 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\psmsrv.dll
[2014/02/17 09:13:52 | 000,589,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rastls.dll
[2014/02/17 09:13:52 | 000,306,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msieftp.dll
[2014/02/17 09:13:52 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Graphics.dll
[2014/02/17 09:13:51 | 001,227,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mispace.dll
[2014/02/17 09:13:51 | 000,980,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mispace.dll
[2014/02/17 09:13:51 | 000,336,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XpsGdiConverter.dll
[2014/02/17 09:13:51 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bi.dll
[2014/02/17 09:13:50 | 000,513,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rastls.dll
[2014/02/17 09:13:50 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msieftp.dll
[2014/02/17 09:13:50 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BtaMPM.sys
[2014/02/17 09:13:49 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\deviceregistration.dll
[2014/02/17 08:56:09 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieetwproxystub.dll
[2014/02/17 08:56:08 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwproxystub.dll
[2014/02/17 08:56:08 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iernonce.dll
[2014/02/17 08:56:08 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollectorres.dll
[2014/02/17 08:56:06 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesetup.dll
[2014/02/17 08:56:06 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iernonce.dll
[2014/02/17 08:56:05 | 001,964,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2014/02/17 08:56:05 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll
[2014/02/17 08:56:05 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollector.exe
[2014/02/17 08:56:04 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2014/02/17 08:56:03 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesetup.dll
[2014/02/17 08:56:02 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2014/02/17 08:56:02 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2014/02/17 08:56:02 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieUnatt.exe
[2014/02/17 08:56:01 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2014/02/17 08:56:01 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrating.dll
[2014/02/17 08:55:59 | 005,768,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2014/02/17 08:55:59 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2014/02/17 08:55:59 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll
[2014/02/17 08:55:59 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieUnatt.exe
[2014/02/17 08:55:58 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msrating.dll
[2014/02/17 08:53:34 | 013,209,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2014/02/17 08:53:34 | 011,702,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2014/02/17 08:53:34 | 007,416,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Search.dll
[2014/02/17 08:53:33 | 004,961,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Search.dll
[2014/02/17 08:53:33 | 001,105,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchFolder.dll
[2014/02/17 08:53:32 | 001,462,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\propsys.dll
[2014/02/17 08:23:16 | 004,217,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncEngine.dll
[2014/02/17 08:23:16 | 002,804,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll
[2014/02/17 08:23:16 | 000,919,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MrmCoreR.dll
[2014/02/17 08:23:16 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDrive.exe
[2014/02/17 08:23:16 | 000,720,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDriveTelemetry.dll
[2014/02/17 08:23:16 | 000,628,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MrmCoreR.dll
[2014/02/17 08:23:15 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDriveShell.dll
[2014/02/17 08:23:15 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winbici.dll
[2014/02/17 08:23:15 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SkyDriveShell.dll
[2014/02/17 07:20:57 | 000,570,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msdrm.dll
[2014/02/17 07:20:23 | 004,604,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d2d1.dll
[2014/02/17 07:20:23 | 002,397,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d10warp.dll
[2014/02/17 06:11:45 | 000,548,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2014/02/17 06:02:50 | 001,113,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2014/02/17 05:55:24 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pcaui.exe
[2014/02/17 05:55:24 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\pcaui.exe
[2014/02/14 14:14:03 | 000,000,000 | ---D | C] -- C:\Users\A Lamar\AppData\Roaming\NCH Software
[2014/01/03 15:00:18 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\A Lamar\AppData\Roaming\pcouffin.sys
========== Files - Modified Within 30 Days ==========
[2038/09/13 09:21:09 | 000,000,000 | RHS- | M] () -- C:\WINDOWS\SysWow64\drivers\103C_HP_cPC_h8-1410_Y53316J_0U_Q4CE2370G93_E12NA3RR8605_4A_I2AD5_SPEGATRON CORPORATION_V1.03_B8.18_T130318_W8101-0_L409_M8059_J2000_7Intel_86A9_93.00_#380913_N19691091;18143290_Z_G80860152_Ohp DVD-RAM SW810.MRK
[2038/09/13 09:21:09 | 000,000,000 | RHS- | M] () -- C:\WINDOWS\SysNative\drivers\103C_HP_cPC_h8-1410_Y53316J_0U_Q4CE2370G93_E12NA3RR8605_4A_I2AD5_SPEGATRON CORPORATION_V1.03_B8.18_T130318_W8101-0_L409_M8059_J2000_7Intel_86A9_93.00_#380913_N19691091;18143290_Z_G80860152_Ohp DVD-RAM SW810.MRK
[2038/09/13 07:57:35 | 000,018,630 | ---- | M] () -- C:\WINDOWS\SysNative\results.xml
[2038/09/13 07:50:27 | 000,029,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msxml3a.dll
[2038/09/13 07:39:01 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_BtL2caScoIf_01009.Wdf
[2038/09/13 07:38:47 | 000,000,000 | ---- | M] () -- C:\WINDOWS\SysNative\0
[2014/03/13 20:13:00 | 000,000,384 | ---- | M] () -- C:\WINDOWS\tasks\WpsNotifyTask_A Lamar.job
[2014/03/13 20:10:42 | 000,625,664 | ---- | M] () -- C:\Users\A Lamar\Desktop\dds.scr
[2014/03/13 20:10:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/03/13 20:10:00 | 000,000,384 | ---- | M] () -- C:\WINDOWS\tasks\WpsUpdateTask_A Lamar.job
[2014/03/13 20:09:04 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\A Lamar\Desktop\HiJackThis.exe
[2014/03/13 20:08:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\A Lamar\Desktop\OTL.exe
[2014/03/13 19:47:00 | 000,000,902 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/03/13 19:39:00 | 000,000,380 | ---- | M] () -- C:\WINDOWS\tasks\WpsUpdateTask_White.job
[2014/03/13 19:39:00 | 000,000,380 | ---- | M] () -- C:\WINDOWS\tasks\WpsNotifyTask_White.job
[2014/03/13 16:47:00 | 000,000,898 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/03/13 14:45:23 | 000,000,821 | ---- | M] () -- C:\WINDOWS\SysWow64\bscs.ini
[2014/03/13 14:42:29 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/03/13 14:42:21 | 000,004,524 | ---- | M] () -- C:\WINDOWS\SysWow64\LOCALSERVICE.INI
[2014/03/13 14:42:19 | 000,000,043 | ---- | M] () -- C:\WINDOWS\SysWow64\LOCALDEVICE.INI
[2014/03/13 12:41:51 | 000,956,476 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014/03/13 12:41:51 | 000,794,884 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014/03/13 12:41:51 | 000,161,140 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014/03/13 12:36:12 | 000,496,256 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2014/03/13 12:35:51 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/03/13 12:35:45 | 2465,050,623 | -HS- | M] () -- C:\hiberfil.sys
[2014/03/08 17:15:59 | 000,000,889 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2014/03/08 07:42:47 | 000,154,248 | ---- | M] (Webroot) -- C:\WINDOWS\SysWow64\WRusr.dll
[2014/03/08 07:42:47 | 000,115,168 | ---- | M] (Webroot) -- C:\WINDOWS\SysNative\drivers\WRkrn.sys
[2014/03/08 07:42:47 | 000,105,320 | ---- | M] (Webroot) -- C:\WINDOWS\SysNative\WRusr.dll
[2014/03/06 06:23:00 | 000,020,375 | ---- | M] () -- C:\Users\A Lamar\Desktop\ojik.geudaeman.(2011).eng.1cd.(4465452).zip
[2014/03/05 18:05:01 | 000,002,265 | ---- | M] () -- C:\Users\A Lamar\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/03/04 22:51:23 | 000,002,474 | ---- | M] () -- C:\Users\A Lamar\Desktop\JRW - Chrome.lnk
[2014/03/04 22:51:23 | 000,002,430 | ---- | M] () -- C:\Users\A Lamar\Desktop\A LAMAR Chrome.lnk
[2014/03/04 22:17:05 | 000,000,000 | ---- | M] () -- C:\WINDOWS\SysNative\eFax_4_4_Port
[2014/03/04 21:53:43 | 000,000,885 | ---- | M] () -- C:\Users\A Lamar\Desktop\P - Shortcut.lnk
[2014/03/01 14:41:19 | 000,001,145 | ---- | M] () -- C:\Users\A Lamar\Desktop\Malwarebytes Anti-Malware.lnk
[2014/02/27 18:16:47 | 000,000,854 | ---- | M] () -- C:\Users\A Lamar\Desktop\CCleaner.lnk
[2014/02/24 16:26:51 | 000,001,131 | ---- | M] () -- C:\Users\A Lamar\Desktop\ZSoft Uninstaller.lnk
[2014/02/22 17:46:58 | 000,001,927 | ---- | M] () -- C:\Users\A Lamar\Desktop\Media Go.lnk
[2014/02/22 17:43:45 | 000,001,421 | ---- | M] () -- C:\Users\A Lamar\Desktop\CyberLink Media Suite.lnk
[2014/02/22 16:57:04 | 000,001,360 | ---- | M] () -- C:\Users\A Lamar\Desktop\Freemake Video Converter.lnk
[2014/02/22 03:04:42 | 000,000,141 | ---- | M] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
[2014/02/20 23:25:55 | 000,001,221 | ---- | M] () -- C:\Users\A Lamar\Desktop\Any Video Converter.lnk
[2014/02/17 17:00:34 | 000,693,240 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2014/02/17 17:00:34 | 000,105,464 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2014/02/14 20:36:00 | 000,001,313 | ---- | M] () -- C:\Users\A Lamar\Desktop\Media Player Classic.lnk
========== Files Created - No Company Name ==========
[2038/09/13 09:18:56 | 2465,050,623 | -HS- | C] () -- C:\hiberfil.sys
[2038/09/13 09:17:24 | 268,435,456 | -HS- | C] () -- C:\swapfile.sys
[2038/09/13 07:57:35 | 000,018,630 | ---- | C] () -- C:\WINDOWS\SysNative\results.xml
[2038/09/13 07:57:16 | 000,004,524 | ---- | C] () -- C:\WINDOWS\SysWow64\LOCALSERVICE.INI
[2038/09/13 07:57:16 | 000,000,043 | ---- | C] () -- C:\WINDOWS\SysWow64\LOCALDEVICE.INI
[2038/09/13 07:52:53 | 000,001,308 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
[2038/09/13 07:52:49 | 000,001,377 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
[2038/09/13 07:45:11 | 000,001,118 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Connected Music powered by Meridian.lnk
[2038/09/13 07:42:45 | 000,002,435 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk
[2038/09/13 07:41:15 | 000,024,376 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\cpqdfw.sys
[2038/09/13 07:39:01 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_BtL2caScoIf_01009.Wdf
[2038/09/13 07:38:47 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SysNative\0
[2038/09/13 07:35:30 | 000,000,000 | RHS- | C] () -- C:\WINDOWS\SysWow64\drivers\103C_HP_cPC_h8-1410_Y53316J_0U_Q4CE2370G93_E12NA3RR8605_4A_I2AD5_SPEGATRON CORPORATION_V1.03_B8.18_T130318_W8101-0_L409_M8059_J2000_7Intel_86A9_93.00_#380913_N19691091;18143290_Z_G80860152_Ohp DVD-RAM SW810.MRK
[2038/09/13 07:35:30 | 000,000,000 | RHS- | C] () -- C:\WINDOWS\SysNative\drivers\103C_HP_cPC_h8-1410_Y53316J_0U_Q4CE2370G93_E12NA3RR8605_4A_I2AD5_SPEGATRON CORPORATION_V1.03_B8.18_T130318_W8101-0_L409_M8059_J2000_7Intel_86A9_93.00_#380913_N19691091;18143290_Z_G80860152_Ohp DVD-RAM SW810.MRK
[2014/03/13 20:10:41 | 000,625,664 | ---- | C] () -- C:\Users\A Lamar\Desktop\dds.scr
[2014/03/06 06:22:59 | 000,020,375 | ---- | C] () -- C:\Users\A Lamar\Desktop\ojik.geudaeman.(2011).eng.1cd.(4465452).zip
[2014/03/04 21:53:43 | 000,000,885 | ---- | C] () -- C:\Users\A Lamar\Desktop\P - Shortcut.lnk
[2014/03/01 14:41:19 | 000,001,145 | ---- | C] () -- C:\Users\A Lamar\Desktop\Malwarebytes Anti-Malware.lnk
[2014/02/24 16:26:51 | 000,001,131 | ---- | C] () -- C:\Users\A Lamar\Desktop\ZSoft Uninstaller.lnk
[2014/02/22 17:46:58 | 000,001,927 | ---- | C] () -- C:\Users\A Lamar\Desktop\Media Go.lnk
[2014/02/22 17:43:45 | 000,001,421 | ---- | C] () -- C:\Users\A Lamar\Desktop\CyberLink Media Suite.lnk
[2014/02/22 16:57:04 | 000,001,360 | ---- | C] () -- C:\Users\A Lamar\Desktop\Freemake Video Converter.lnk
[2014/02/22 03:04:42 | 000,000,141 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
[2014/02/20 23:25:55 | 000,001,221 | ---- | C] () -- C:\Users\A Lamar\Desktop\Any Video Converter.lnk
[2014/02/17 09:13:47 | 000,385,614 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2014/02/17 08:53:32 | 000,009,701 | ---- | C] () -- C:\WINDOWS\SysWow64\connectedsearch-results.searchconnector-ms
[2014/02/17 08:53:32 | 000,009,701 | ---- | C] () -- C:\WINDOWS\SysNative\connectedsearch-results.searchconnector-ms
[2014/02/14 20:36:00 | 000,001,313 | ---- | C] () -- C:\Users\A Lamar\Desktop\Media Player Classic.lnk
[2014/01/30 00:31:50 | 002,927,360 | ---- | C] () -- C:\WINDOWS\wweb32.dll
[2014/01/17 11:01:02 | 000,091,136 | ---- | C] () -- C:\WINDOWS\SendToClip.exe
[2014/01/17 06:35:18 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2014/01/03 15:00:18 | 000,099,384 | ---- | C] () -- C:\Users\A Lamar\AppData\Roaming\inst.exe
[2014/01/03 15:00:18 | 000,007,859 | ---- | C] () -- C:\Users\A Lamar\AppData\Roaming\pcouffin.cat
[2014/01/03 15:00:18 | 000,001,167 | ---- | C] () -- C:\Users\A Lamar\AppData\Roaming\pcouffin.inf
[2013/12/24 13:09:06 | 000,000,079 | ---- | C] () -- C:\WINDOWS\EWF545.ini
[2013/12/24 10:28:59 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2013/12/24 08:18:35 | 000,000,085 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2013/12/24 02:16:05 | 000,650,752 | ---- | C] () -- C:\WINDOWS\SysWow64\xvidcore.dll
[2013/12/24 02:16:05 | 000,243,200 | ---- | C] () -- C:\WINDOWS\SysWow64\xvidvfw.dll
[2013/12/24 02:16:05 | 000,216,064 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\lagarith.dll
[2013/12/24 02:16:04 | 000,217,176 | ---- | C] () -- C:\WINDOWS\SysWow64\unrar.dll
[2013/12/24 02:16:03 | 000,112,640 | ---- | C] () -- C:\WINDOWS\SysWow64\ff_vfw.dll
[2013/12/23 19:24:40 | 000,930,400 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2013/10/21 15:53:00 | 000,315,904 | ---- | C] () -- C:\WINDOWS\SysWow64\igdmd32.dll
[2013/10/21 15:52:58 | 000,180,736 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2013/10/21 15:52:56 | 000,142,848 | ---- | C] () -- C:\WINDOWS\SysWow64\igdail32.dll
[2013/08/22 11:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 11:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 10:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 03:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/21 23:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/21 19:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/21 19:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2012/07/30 13:22:52 | 000,000,821 | ---- | C] () -- C:\WINDOWS\SysWow64\bscs.ini
[2012/07/27 17:50:34 | 000,333,312 | ---- | C] () -- C:\WINDOWS\SysWow64\BsExtendFunc.dll
[2012/07/25 16:22:54 | 000,982,240 | ---- | C] () -- C:\WINDOWS\SysWow64\igkrng500.bin
[2012/07/25 16:22:54 | 000,439,308 | ---- | C] () -- C:\WINDOWS\SysWow64\igcompkrng500.bin
[2012/07/25 16:22:54 | 000,092,356 | ---- | C] () -- C:\WINDOWS\SysWow64\igfcg500m.bin
[2012/07/10 21:04:10 | 000,062,976 | ---- | C] () -- C:\WINDOWS\SysWow64\BsProfileFunc.dll
[2012/07/10 20:59:40 | 000,019,456 | ---- | C] () -- C:\WINDOWS\SysWow64\BsTrace.dll
[2012/07/10 20:26:44 | 000,090,208 | ---- | C] () -- C:\WINDOWS\SysWow64\BSSkypeAgent.dll
[2012/07/10 20:26:44 | 000,086,108 | ---- | C] () -- C:\WINDOWS\SysWow64\BSVoIPComm.dll
[2012/07/10 20:26:44 | 000,081,920 | ---- | C] () -- C:\WINDOWS\SysWow64\BsVistaCommon.dll
[2012/07/10 20:26:44 | 000,049,664 | ---- | C] () -- C:\WINDOWS\SysWow64\BSWMPPlugin.dll
[2012/07/10 20:26:44 | 000,011,264 | ---- | C] () -- C:\WINDOWS\SysWow64\SCChangeMonitor.dll
[2012/06/13 11:45:02 | 000,008,704 | ---- | C] () -- C:\WINDOWS\SysWow64\SROF.dll
[2012/06/05 00:31:00 | 000,000,417 | ---- | C] () -- C:\WINDOWS\SysWow64\RaoBLE.ini
========== ZeroAccess Check ==========
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/11/23 07:49:06 | 021,196,664 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/11/23 04:19:35 | 018,642,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 05:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/21 22:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 05:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2014/02/20 23:26:09 | 000,000,000 | ---D | M] -- C:\Users\A Lamar\AppData\Roaming\AnvSoft
[2014/01/03 13:57:43 | 000,000,000 | ---D | M] -- C:\Users\A Lamar\AppData\Roaming\Canneverbe Limited
[2014/03/13 17:23:17 | 000,000,000 | ---D | M] -- C:\Users\A Lamar\AppData\Roaming\ClassicShell
[2014/03/04 22:17:09 | 000,000,000 | ---D | M] -- C:\Users\A Lamar\AppData\Roaming\eFax Messenger
[2014/01/23 12:09:22 | 000,000,000 | ---D | M] -- C:\Users\A Lamar\AppData\Roaming\Epson
[2014/03/07 21:39:54 | 000,000,000 | ---D | M] -- C:\Users\A Lamar\AppData\Roaming\IDT
[2014/02/27 19:39:29 | 000,000,000 | ---D | M] -- C:\Users\A Lamar\AppData\Roaming\IObit
[2014/01/17 09:44:24 | 000,000,000 | ---D | M] -- C:\Users\A Lamar\AppData\Roaming\JGsoft
[2014/02/01 20:50:28 | 000,000,000 | ---D | M] -- C:\Users\A Lamar\AppData\Roaming\Kingsoft
[2014/01/03 19:09:08 | 000,000,000 | ---D | M] -- C:\Users\A Lamar\AppData\Roaming\Matus Tomlein
[2014/03/04 21:15:27 | 000,000,000 | ---D | M] -- C:\Users\A Lamar\AppData\Roaming\Maxthon3
[2014/02/22 03:14:00 | 000,000,000 | ---D | M] -- C:\Users\A Lamar\AppData\Roaming\Opera Software
[2014/02/01 05:39:39 | 000,000,000 | ---D | M] -- C:\Users\A Lamar\AppData\Roaming\Sony
[2014/03/11 23:59:12 | 000,000,000 | ---D | M] -- C:\Users\A Lamar\AppData\Roaming\Vso
[2014/02/22 17:43:22 | 000,000,000 | ---D | M] -- C:\Users\A Lamar\AppData\Roaming\WebApp
========== Purity Check ==========
========== Custom Scans ==========
< %USERPROFILE%\..|smtmp;true;true;true /FP >
< %temp%\smtmp\*.* /s > >
< MD5 for: EXPLORER.ADML >
[2013/11/14 03:14:33 | 000,003,671 | ---- | M] () MD5=007B16AEF3E958080573CDB80648167D -- C:\Windows\WinSxS\amd64_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.3.9600.16384_en-us_13bedf9d3e4c78d1\Explorer.adml
< MD5 for: EXPLORER.ADMX >
[2013/06/18 10:57:40 | 000,003,836 | ---- | M] () MD5=AD131A834808E6AFF4A3918DE05BFCF6 -- C:\Windows\WinSxS\amd64_microsoft-windows-shell-grouppolicy_31bf3856ad364e35_6.3.9600.16384_none_067909bec4cce684\Explorer.admx
< MD5 for: EXPLORER.EXE >
[2013/11/14 03:29:02 | 002,065,448 | ---- | M] (Microsoft Corporation) MD5=1A0BC9598E4A58FC84570FFF5A108E58 -- C:\Windows\SysWOW64\explorer.exe
[2013/11/14 03:29:02 | 002,065,448 | ---- | M] (Microsoft Corporation) MD5=1A0BC9598E4A58FC84570FFF5A108E58 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16441_none_4ceff22781f6788c\explorer.exe
[2013/11/14 03:29:01 | 002,328,872 | ---- | M] (Microsoft Corporation) MD5=63DC38C3E4564B2405D562855643ABA2 -- C:\Windows\explorer.exe
[2013/11/14 03:29:01 | 002,328,872 | ---- | M] (Microsoft Corporation) MD5=63DC38C3E4564B2405D562855643ABA2 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16441_none_429b47d54d95b691\explorer.exe
[2013/09/20 11:51:08 | 003,885,120 | ---- | M] (Safer-Networking Ltd.) MD5=CDEB46FE688F062D3033209B29755203 -- C:\Program Files (x86)\Spybot - Search & Destroy 2\explorer.exe
< MD5 for: EXPLORER.EXE.MUI >
[2013/11/14 03:14:23 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=6B943F9892499269B3C4886C1F0BD843 -- C:\Windows\en-US\explorer.exe.mui
[2013/11/14 03:14:23 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=6B943F9892499269B3C4886C1F0BD843 -- C:\Windows\SysWOW64\en-US\explorer.exe.mui
[2013/11/14 03:14:23 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=6B943F9892499269B3C4886C1F0BD843 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer.resources_31bf3856ad364e35_6.3.9600.16384_en-us_f6b0e7284798d168\explorer.exe.mui
[2013/11/14 03:14:23 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=6B943F9892499269B3C4886C1F0BD843 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer.resources_31bf3856ad364e35_6.3.9600.16384_en-us_0105917a7bf99363\explorer.exe.mui
< MD5 for: EXPLORER.EXE-03C49D11.PF >
[2014/03/12 05:52:18 | 000,204,684 | ---- | M] () MD5=A8DD5B0E54C4CF731BAC20D7B7BAB39F -- C:\Windows\Prefetch\EXPLORER.EXE-03C49D11.pf
< MD5 for: IEXPLORE.EXE >
[2014/02/06 09:08:02 | 000,806,064 | ---- | M] (Microsoft Corporation) MD5=2E032281A818BCD191E3DD92000A8EAE -- C:\Program Files\Internet Explorer\iexplore.exe
[2014/02/06 09:08:02 | 000,806,064 | ---- | M] (Microsoft Corporation) MD5=2E032281A818BCD191E3DD92000A8EAE -- C:\Windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.0.9600.16518_none_9c5ec16890d148c6\iexplore.exe
[2014/03/13 13:10:18 | 000,000,012 | ---- | M] () MD5=3EFB7DD484879DE81FC1BEB72BC92B8F -- C:\Windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.0.9600.16521_none_9c60612a90cfaeb6\iexplore.exe
[2014/03/13 13:10:43 | 000,000,012 | ---- | M] () MD5=3EFB7DD484879DE81FC1BEB72BC92B8F -- C:\Windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.0.9600.16521_none_a6b50b7cc53070b1\iexplore.exe
[2014/02/20 06:31:23 | 000,009,369 | ---- | M] () MD5=7B0FB14120A13191E63C458C64720489 -- C:\Windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.0.9600.16384_none_a6d068b8c51b1dbc\iexplore.exe
[2014/02/06 07:18:16 | 000,808,112 | ---- | M] (Microsoft Corporation) MD5=9FBB2F038A2DDCE696BDEE7080241C0C -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
[2014/02/06 07:18:16 | 000,808,112 | ---- | M] (Microsoft Corporation) MD5=9FBB2F038A2DDCE696BDEE7080241C0C -- C:\Windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.0.9600.16518_none_a6b36bbac5320ac1\iexplore.exe
[2013/04/04 15:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\iexplore.exe
[2014/02/20 06:23:17 | 000,010,956 | ---- | M] () MD5=CB6B6941B52B10900DB2808854F70233 -- C:\Windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.0.9600.16384_none_9c7bbe6690ba5bc1\iexplore.exe
< MD5 for: IEXPLORE.EXE.MUI >
[2013/11/14 03:14:34 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=25B70D28D1CE87B67EEC2BA899126244 -- C:\Program Files (x86)\Internet Explorer\en-US\iexplore.exe.mui
[2013/11/14 03:14:34 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=25B70D28D1CE87B67EEC2BA899126244 -- C:\Program Files\Internet Explorer\en-US\iexplore.exe.mui
[2013/11/14 03:14:34 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=25B70D28D1CE87B67EEC2BA899126244 -- C:\Windows\WinSxS\amd64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_11.0.9600.16384_en-us_962853ddc8679ca8\iexplore.exe.mui
[2013/11/14 03:14:34 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=25B70D28D1CE87B67EEC2BA899126244 -- C:\Windows\WinSxS\wow64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_11.0.9600.16384_en-us_a07cfe2ffcc85ea3\iexplore.exe.mui
< MD5 for: IEXPLORE.VISUALELEMENTSMANIFEST.XML >
[2013/06/18 10:48:46 | 000,000,340 | ---- | M] () MD5=2C776DCD91132FCC6A8C066DD529B307 -- C:\Program Files\Internet Explorer\iexplore.VisualElementsManifest.xml
[2013/06/18 10:48:46 | 000,000,340 | ---- | M] () MD5=2C776DCD91132FCC6A8C066DD529B307 -- C:\Windows\WinSxS\amd64_microsoft-windows-immersivebrowser_31bf3856ad364e35_11.0.9600.16384_none_c673d0d2f4ca87f4\iexplore.VisualElementsManifest.xml
< MD5 for: SERVICES >
[2013/08/22 11:04:54 | 000,003,777 | ---- | M] () MD5=5EE2D65841D1985E8C1BC68B2EB4357B -- C:\Windows\WinSxS\amd64_microsoft-windows-w..ucture-other-minwin_31bf3856ad364e35_6.3.9600.16384_none_25fdfd813908f8a6\services
< MD5 for: SERVICES.CFG >
[2012/09/24 00:43:36 | 000,603,848 | R--- | M] () MD5=81B120EAEE296F0E54F66C16C5A21367 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744BA0000000010\11.0.0\services.cfg
[2013/12/21 02:04:16 | 000,559,392 | ---- | M] () MD5=F9FBA73F44366AB3514BD1985707F178 -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Services\Services.cfg
< MD5 for: SERVICES.EXE >
[2013/08/22 09:25:40 | 000,405,488 | ---- | M] (Microsoft Corporation) MD5=B4B610BBCB002EC478C6FD80CF915697 -- C:\WINDOWS\SysNative\services.exe
[2013/08/22 09:25:40 | 000,405,488 | ---- | M] (Microsoft Corporation) MD5=B4B610BBCB002EC478C6FD80CF915697 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_6.3.9600.16384_none_2fd72579d09a45e9\services.exe
< MD5 for: SERVICES.EXE.MUI >
[2013/11/14 03:14:16 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=0626E9CF9F010A5E5D5A8E200A59DDDC -- C:\WINDOWS\SysNative\en-US\services.exe.mui
[2013/11/14 03:14:16 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=0626E9CF9F010A5E5D5A8E200A59DDDC -- C:\Windows\WinSxS\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.3.9600.16384_en-us_5abba721f9ec3435\services.exe.mui
< MD5 for: SERVICES.JS >
[2013/12/26 13:44:54 | 000,095,613 | ---- | M] () MD5=7453C7FF6D8422AB7B0D6000AA8885C9 -- C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.1.299_x64__8wekyb3d8bbwe\common\js\services.js
[2013/12/26 13:46:00 | 000,095,613 | ---- | M] () MD5=7453C7FF6D8422AB7B0D6000AA8885C9 -- C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.1.337_x64__8wekyb3d8bbwe\common\js\services.js
[2013/12/26 13:46:00 | 000,095,613 | ---- | M] () MD5=7453C7FF6D8422AB7B0D6000AA8885C9 -- C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.1.335_x64__8wekyb3d8bbwe\common\js\services.js
[2013/12/26 13:46:00 | 000,095,613 | ---- | M] () MD5=7453C7FF6D8422AB7B0D6000AA8885C9 -- C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.1.321_x64__8wekyb3d8bbwe\common\js\services.js
[2014/02/24 23:56:57 | 000,078,905 | ---- | M] () MD5=DE4B5FF45A106DA53CA566314EFE2E1F -- C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.2.234_x64__8wekyb3d8bbwe\Common\js\services.js
[2014/02/24 23:56:57 | 000,078,905 | ---- | M] () MD5=DE4B5FF45A106DA53CA566314EFE2E1F -- C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.2.236_x64__8wekyb3d8bbwe\Common\js\services.js
[2014/02/24 23:56:57 | 000,078,905 | ---- | M] () MD5=DE4B5FF45A106DA53CA566314EFE2E1F -- C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.2.233_x64__8wekyb3d8bbwe\Common\js\services.js
[2014/02/24 23:56:57 | 000,078,905 | ---- | M] () MD5=DE4B5FF45A106DA53CA566314EFE2E1F -- C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.2.233_x64__8wekyb3d8bbwe\Common\js\services.js
[2014/02/24 23:56:57 | 000,078,905 | ---- | M] () MD5=DE4B5FF45A106DA53CA566314EFE2E1F -- C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.2.233_x64__8wekyb3d8bbwe\Common\js\services.js
[2014/02/24 23:56:57 | 000,078,905 | ---- | M] () MD5=DE4B5FF45A106DA53CA566314EFE2E1F -- C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.2.233_x64__8wekyb3d8bbwe\Common\js\services.js
[2014/02/24 23:56:57 | 000,078,905 | ---- | M] () MD5=DE4B5FF45A106DA53CA566314EFE2E1F -- C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.2.233_x64__8wekyb3d8bbwe\Common\js\services.js
[2013/12/26 13:37:03 | 000,095,331 | ---- | M] () MD5=FAA0FC80FCDDF0B163707F352BEA3C36 -- C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.1.203_x64__8wekyb3d8bbwe\common\js\services.js
[2013/12/26 13:36:44 | 000,095,331 | ---- | M] () MD5=FAA0FC80FCDDF0B163707F352BEA3C36 -- C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.1.202_x64__8wekyb3d8bbwe\common\js\services.js
[2013/12/26 13:36:44 | 000,095,331 | ---- | M] () MD5=FAA0FC80FCDDF0B163707F352BEA3C36 -- C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.1.203_x64__8wekyb3d8bbwe\common\js\services.js
< MD5 for: SERVICES.LNK >
[2013/08/22 02:54:57 | 000,001,158 | ---- | M] () MD5=5C11B0E362D426FD6E99B07705BA4A48 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2013/08/22 02:54:57 | 000,001,158 | ---- | M] () MD5=5C11B0E362D426FD6E99B07705BA4A48 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2013/08/22 02:54:57 | 000,001,158 | ---- | M] () MD5=5C11B0E362D426FD6E99B07705BA4A48 -- C:\Windows\WinSxS\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.3.9600.16384_none_c02242af19b1eb57\services.lnk
< MD5 for: SERVICES.MOF >
[2013/06/18 10:51:33 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\WINDOWS\SysNative\wbem\services.mof
[2013/06/18 10:51:33 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.3.9600.16384_none_c01e2072a140077e\services.mof
< MD5 for: SERVICES.MSC >
[2013/11/14 03:14:19 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\WINDOWS\SysNative\en-US\services.msc
[2013/06/18 10:47:53 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\WINDOWS\SysNative\services.msc
[2013/11/14 03:14:19 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\SysWOW64\en-US\services.msc
[2013/06/18 08:23:54 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\SysWOW64\services.msc
[2013/11/14 03:14:19 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.3.9600.16384_en-us_94fd770dd055ce28\services.msc
[2013/06/18 10:47:53 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\WinSxS\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.3.9600.16384_none_c02242af19b1eb57\services.msc
[2013/06/18 08:23:54 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\WinSxS\wow64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.3.9600.16384_none_ca76ed014e12ad52\services.msc
[2013/11/14 03:14:19 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\WinSxS\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.3.9600.16384_en-us_38dedb8a17f85cf2\services.msc
< MD5 for: SERVICES.PNG >
[2012/07/17 11:09:28 | 000,000,863 | ---- | M] () MD5=D1216C0F5D2A014C4F6CD31E49F02A29 -- C:\Users\A Lamar\AppData\Roaming\Mozilla\Firefox\Profiles\cfr080di.default\extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}\chrome\skin\services.png
[2012/07/17 11:09:28 | 000,000,863 | ---- | M] () MD5=D1216C0F5D2A014C4F6CD31E49F02A29 -- C:\Users\A Lamar\AppData\Roaming\Mozilla\Firefox\Profiles\cfr080di.default\storage\extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}\chrome\skin\services.png
< MD5 for: SERVICES.PTXML >
[2013/08/22 02:45:36 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\WINDOWS\SysNative\wdi\perftrack\Services.ptxml
[2013/08/22 02:45:36 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.3.9600.16384_none_c01e2072a140077e\Services.ptxml
< MD5 for: SERVICES.SBS >
[2011/03/01 01:00:00 | 000,034,818 | ---- | M] () MD5=62AFD4B2025CE6D4706B36F4C4808F9B -- C:\Program Files (x86)\Spybot - Search & Destroy 2\Includes\Services.sbs
[2011/03/01 03:58:46 | 000,034,818 | ---- | M] () MD5=62AFD4B2025CE6D4706B36F4C4808F9B -- C:\Program Files (x86)\Spybot - Search & Destroy 2\Updates\Extracts\Services.sbs
< MD5 for: SERVICES.SBS-20110301.CAB >
[2014/01/24 22:33:13 | 000,041,248 | ---- | M] () MD5=149FF3413EED31253183D6E65E383138 -- C:\Program Files (x86)\Spybot - Search & Destroy 2\Updates\Downloads\Services.sbs-20110301.cab
< MD5 for: WINLOGON.ADML >
[2013/11/14 03:48:14 | 000,002,631 | ---- | M] () MD5=3FC16D999444A213C04297050F42DA07 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon-adm.resources_31bf3856ad364e35_6.3.9600.16384_en-us_85c27192b0d9003d\WinLogon.adml
< MD5 for: WINLOGON.ADMX >
[2013/08/22 10:57:15 | 000,001,101 | ---- | M] () MD5=513B8C31BC439F0A37EA44D540F98916 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon-adm_31bf3856ad364e35_6.3.9600.16384_none_6bcbbccd4d39421a\WinLogon.admx
< MD5 for: WINLOGON.EXE >
[2013/08/22 05:55:08 | 000,564,736 | ---- | M] (Microsoft Corporation) MD5=7C94FDA3809015B8F2208D2E1C221F17 -- C:\WINDOWS\SysNative\winlogon.exe
[2013/08/22 05:55:08 | 000,564,736 | ---- | M] (Microsoft Corporation) MD5=7C94FDA3809015B8F2208D2E1C221F17 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.16384_none_60816121a8e88269\winlogon.exe
[2013/04/04 15:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
< MD5 for: WINLOGON.EXE.MUI >
[2013/11/14 03:14:28 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=E1EA8FA8EDA1C8E5BFF41FCECE119841 -- C:\WINDOWS\SysNative\en-US\winlogon.exe.mui
[2013/11/14 03:14:28 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=E1EA8FA8EDA1C8E5BFF41FCECE119841 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.3.9600.16384_en-us_bbb6f195d80d78ae\winlogon.exe.mui
< MD5 for: WINLOGON.EXE-0D9AB72B.PF >
[2014/03/13 12:38:59 | 000,032,606 | ---- | M] () MD5=C46915156E3FF04C57D5659C778CF800 -- C:\Windows\Prefetch\WINLOGON.EXE-0D9AB72B.pf
< MD5 for: WINLOGON.MFL >
[2013/11/14 03:14:28 | 000,001,080 | ---- | M] () MD5=2783ED50691284F7EAE6BE9729337E1A -- C:\WINDOWS\SysNative\wbem\en-US\winlogon.mfl
[2013/11/14 03:14:28 | 000,001,080 | ---- | M] () MD5=2783ED50691284F7EAE6BE9729337E1A -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon-mof.resources_31bf3856ad364e35_6.3.9600.16384_en-us_19794360f345d243\winlogon.mfl
< MD5 for: WINLOGON.MOF >
[2013/08/22 02:45:12 | 000,003,192 | ---- | M] () MD5=DF722B96F32A61783BC310FACF10240B -- C:\WINDOWS\SysNative\wbem\winlogon.mof
[2013/08/22 02:45:12 | 000,003,192 | ---- | M] () MD5=DF722B96F32A61783BC310FACF10240B -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon-mof_31bf3856ad364e35_6.3.9600.16384_none_70f729db49dee3dc\winlogon.mof
< %SYSTEMDRIVE%\*.* >
[2013/12/24 08:11:15 | 000,000,000 | ---- | M] () -- C:\12NA3RR8605.restore
[2012/07/25 23:44:30 | 000,398,156 | RHS- | M] () -- C:\bootmgr
[2013/06/18 08:18:29 | 000,000,001 | -HS- | M] () -- C:\BOOTNXT
[2014/03/13 12:35:45 | 2465,050,623 | -HS- | M] () -- C:\hiberfil.sys
[2013/12/24 08:11:15 | 000,000,000 | RHS- | M] () -- C:\OS
[2014/03/13 15:15:54 | 889,192,448 | -HS- | M] () -- C:\pagefile.sys
[2014/03/13 12:35:51 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
< %systemroot%\Fonts\*.com >
[2013/12/23 19:17:34 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2013/12/23 19:17:34 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2013/12/23 19:17:34 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2013/12/23 19:17:34 | 000,043,318 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
< %systemroot%\Fonts\*.dll >
< %systemroot%\Fonts\*.ini >
[2013/08/22 11:35:03 | 000,000,065 | ---- | M] () -- C:\WINDOWS\Fonts\desktop.ini
< %systemroot%\Fonts\*.ini2 >
< %systemroot%\Fonts\*.exe >
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
< %systemroot%\REPAIR\*.bak1 >
< %systemroot%\REPAIR\*.ini >
< %systemroot%\system32\*.jpg >
< %systemroot%\*.jpg >
< %systemroot%\*.png >
< %systemroot%\*.scr >
[2012/03/08 21:37:20 | 000,302,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WLXPGSS.SCR
< %systemroot%\*._sy >
< %APPDATA%\Adobe\Update\*.* >
< %ALLUSERSPROFILE%\Favorites\*.* >
< %APPDATA%\Microsoft\*.* >
< %PROGRAMFILES%\*.* >
[2013/08/22 11:34:52 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini
< %APPDATA%\Update\*.* >
< %systemroot%\*. /mp /s >
< dir "%systemdrive%\*" /S /A:L /C >
Volume in drive C is OS
Volume Serial Number is 620E-E73A
Directory of C:\
08/22/2013 10:45 AM <JUNCTION> Documents and Settings [C:\Users]
0 File(s) 0 bytes
Directory of C:\ProgramData
08/22/2013 10:45 AM <JUNCTION> Application Data [C:\ProgramData]
08/22/2013 10:45 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
08/22/2013 10:45 AM <JUNCTION> Documents [C:\Users\Public\Documents]
08/22/2013 10:45 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
08/22/2013 10:45 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\SYSTEM.SAV\LOGS\SymLogs
09/13/2038 07:54 AM <SYMLINKD> cclog [C:\Users\Public\Symantec\SymSilent\cclog]
0 File(s) 0 bytes
Directory of C:\Users
08/22/2013 10:45 AM <SYMLINKD> All Users [C:\ProgramData]
08/22/2013 10:45 AM <JUNCTION> Default User [C:\Users\Default]
0 File(s) 0 bytes
Directory of C:\Users\A Lamar
12/26/2013 01:31 PM <JUNCTION> Application Data [C:\Users\A Lamar\AppData\Roaming]
12/26/2013 01:31 PM <JUNCTION> Cookies [C:\Users\A Lamar\AppData\Local\Microsoft\Windows\INetCookies]
12/26/2013 01:31 PM <JUNCTION> Local Settings [C:\Users\A Lamar\AppData\Local]
12/26/2013 01:31 PM <JUNCTION> My Documents [C:\Users\A Lamar\Documents]
12/26/2013 01:31 PM <JUNCTION> NetHood [C:\Users\A Lamar\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
12/26/2013 01:31 PM <JUNCTION> PrintHood [C:\Users\A Lamar\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
12/26/2013 01:31 PM <JUNCTION> Recent [C:\Users\A Lamar\AppData\Roaming\Microsoft\Windows\Recent]
12/26/2013 01:31 PM <JUNCTION> SendTo [C:\Users\A Lamar\AppData\Roaming\Microsoft\Windows\SendTo]
12/26/2013 01:31 PM <JUNCTION> Start Menu [C:\Users\A Lamar\AppData\Roaming\Microsoft\Windows\Start Menu]
12/26/2013 01:31 PM <JUNCTION> Templates [C:\Users\A Lamar\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\A Lamar\AppData\Local
12/26/2013 01:31 PM <JUNCTION> Application Data [C:\Users\A Lamar\AppData\Local]
12/26/2013 01:31 PM <JUNCTION> History [C:\Users\A Lamar\AppData\Local\Microsoft\Windows\History]
12/26/2013 01:31 PM <JUNCTION> Temporary Internet Files [C:\Users\A Lamar\AppData\Local\Microsoft\Windows\INetCache]
0 File(s) 0 bytes
Directory of C:\Users\A Lamar\AppData\Local\Microsoft\Windows
12/26/2013 01:31 PM <JUNCTION> Temporary Internet Files [C:\Users\A Lamar\AppData\Local\Microsoft\Windows\INetCache]
0 File(s) 0 bytes
Directory of C:\Users\A Lamar\AppData\Local\Microsoft\Windows\INetCache
12/26/2013 01:31 PM <JUNCTION> Content.IE5 [C:\Users\A Lamar\AppData\Local\Microsoft\Windows\INetCache\IE\]
0 File(s) 0 bytes
Directory of C:\Users\A Lamar\AppData\Local\Microsoft\Windows\INetCache\Low
12/26/2013 01:34 PM <JUNCTION> Content.IE5 [C:\Users\A Lamar\AppData\Local\Microsoft\Windows\INetCache\Low\IE\]
0 File(s) 0 bytes
Directory of C:\Users\A Lamar\Documents
12/26/2013 01:31 PM <JUNCTION> My Music [C:\Users\A Lamar\Music]
12/26/2013 01:31 PM <JUNCTION> My Pictures [C:\Users\A Lamar\Pictures]
12/26/2013 01:31 PM <JUNCTION> My Videos [C:\Users\A Lamar\Videos]
0 File(s) 0 bytes
Directory of C:\Users\All Users
08/22/2013 10:45 AM <JUNCTION> Application Data [C:\ProgramData]
08/22/2013 10:45 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
08/22/2013 10:45 AM <JUNCTION> Documents [C:\Users\Public\Documents]
08/22/2013 10:45 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
08/22/2013 10:45 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default
08/22/2013 10:45 AM <JUNCTION> Application Data [C:\Users\Default\AppData\Roaming]
08/22/2013 10:45 AM <JUNCTION> Cookies [C:\Users\Default\AppData\Local\Microsoft\Windows\INetCookies]
08/22/2013 10:45 AM <JUNCTION> Local Settings [C:\Users\Default\AppData\Local]
08/22/2013 10:45 AM <JUNCTION> My Documents [C:\Users\Default\Documents]
08/22/2013 10:45 AM <JUNCTION> NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
08/22/2013 10:45 AM <JUNCTION> PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
08/22/2013 10:45 AM <JUNCTION> Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
08/22/2013 10:45 AM <JUNCTION> SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
08/22/2013 10:45 AM <JUNCTION> Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
08/22/2013 10:45 AM <JUNCTION> Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default\AppData\Local
08/22/2013 10:45 AM <JUNCTION> Application Data [C:\Users\Default\AppData\Local]
08/22/2013 10:45 AM <JUNCTION> History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
08/22/2013 10:45 AM <JUNCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache]
0 File(s) 0 bytes
Directory of C:\Users\Default\AppData\Local\Microsoft\Windows
08/22/2013 10:45 AM <JUNCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache]
0 File(s) 0 bytes
Directory of C:\Users\Default\Documents
08/22/2013 10:45 AM <JUNCTION> My Music [C:\Users\Default\Music]
08/22/2013 10:45 AM <JUNCTION> My Pictures [C:\Users\Default\Pictures]
08/22/2013 10:45 AM <JUNCTION> My Videos [C:\Users\Default\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Default.migrated\Documents
07/26/2012 03:22 AM <JUNCTION> My Music [C:\Users\Default\Music]
07/26/2012 03:22 AM <JUNCTION> My Pictures [C:\Users\Default\Pictures]
07/26/2012 03:22 AM <JUNCTION> My Videos [C:\Users\Default\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Eurceliakins
12/24/2013 03:31 AM <JUNCTION> Application Data [C:\Users\Eurceliakins\AppData\Roaming]
12/24/2013 03:31 AM <JUNCTION> Cookies [C:\Users\Eurceliakins\AppData\Local\Microsoft\Windows\INetCookies]
12/24/2013 03:31 AM <JUNCTION> Local Settings [C:\Users\Eurceliakins\AppData\Local]
12/24/2013 03:31 AM <JUNCTION> My Documents [C:\Users\Eurceliakins\Documents]
12/24/2013 03:31 AM <JUNCTION> NetHood [C:\Users\Eurceliakins\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
12/24/2013 03:31 AM <JUNCTION> PrintHood [C:\Users\Eurceliakins\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
12/24/2013 03:31 AM <JUNCTION> Recent [C:\Users\Eurceliakins\AppData\Roaming\Microsoft\Windows\Recent]
12/24/2013 03:31 AM <JUNCTION> SendTo [C:\Users\Eurceliakins\AppData\Roaming\Microsoft\Windows\SendTo]
12/24/2013 03:31 AM <JUNCTION> Start Menu [C:\Users\Eurceliakins\AppData\Roaming\Microsoft\Windows\Start Menu]
12/24/2013 03:31 AM <JUNCTION> Templates [C:\Users\Eurceliakins\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Eurceliakins\AppData\Local
12/24/2013 03:31 AM <JUNCTION> Application Data [C:\Users\Eurceliakins\AppData\Local]
12/24/2013 03:31 AM <JUNCTION> History [C:\Users\Eurceliakins\AppData\Local\Microsoft\Windows\History]
12/24/2013 03:31 AM <JUNCTION> Temporary Internet Files [C:\Users\Eurceliakins\AppData\Local\Microsoft\Windows\INetCache]
0 File(s) 0 bytes
Directory of C:\Users\Eurceliakins\AppData\Local\Microsoft\Windows
12/24/2013 03:31 AM <JUNCTION> Temporary Internet Files [C:\Users\Eurceliakins\AppData\Local\Microsoft\Windows\INetCache]
0 File(s) 0 bytes
Directory of C:\Users\Eurceliakins\AppData\Local\Microsoft\Windows\INetCache
12/24/2013 03:31 AM <JUNCTION> Content.IE5 [C:\Users\Eurceliakins\AppData\Local\Microsoft\Windows\INetCache\IE\]
0 File(s) 0 bytes
Directory of C:\Users\Eurceliakins\AppData\Local\Microsoft\Windows\INetCache\Low
12/27/2013 02:09 AM <JUNCTION> Content.IE5 [C:\Users\Eurceliakins\AppData\Local\Microsoft\Windows\INetCache\Low\IE\]
0 File(s) 0 bytes
Directory of C:\Users\Eurceliakins\Documents
12/24/2013 03:31 AM <JUNCTION> My Music [C:\Users\Eurceliakins\Music]
12/24/2013 03:31 AM <JUNCTION> My Pictures [C:\Users\Eurceliakins\Pictures]
12/24/2013 03:31 AM <JUNCTION> My Videos [C:\Users\Eurceliakins\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Public\Documents
08/22/2013 10:45 AM <JUNCTION> My Music [C:\Users\Public\Music]
08/22/2013 10:45 AM <JUNCTION> My Pictures [C:\Users\Public\Pictures]
08/22/2013 10:45 AM <JUNCTION> My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\Users\White
12/23/2013 07:26 PM <JUNCTION> Application Data [C:\Users\White\AppData\Roaming]
12/23/2013 07:26 PM <JUNCTION> Cookies [C:\Users\White\AppData\Local\Microsoft\Windows\INetCookies]
12/23/2013 07:26 PM <JUNCTION> Local Settings [C:\Users\White\AppData\Local]
12/23/2013 07:26 PM <JUNCTION> My Documents [C:\Users\White\Documents]
12/23/2013 07:26 PM <JUNCTION> NetHood [C:\Users\White\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
12/23/2013 07:26 PM <JUNCTION> PrintHood [C:\Users\White\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
12/23/2013 07:26 PM <JUNCTION> Recent [C:\Users\White\AppData\Roaming\Microsoft\Windows\Recent]
12/23/2013 07:26 PM <JUNCTION> SendTo [C:\Users\White\AppData\Roaming\Microsoft\Windows\SendTo]
12/23/2013 07:26 PM <JUNCTION> Start Menu [C:\Users\White\AppData\Roaming\Microsoft\Windows\Start Menu]
12/23/2013 07:26 PM <JUNCTION> Templates [C:\Users\White\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\White\AppData\Local
12/23/2013 07:26 PM <JUNCTION> Application Data [C:\Users\White\AppData\Local]
12/23/2013 07:26 PM <JUNCTION> History [C:\Users\White\AppData\Local\Microsoft\Windows\History]
12/23/2013 07:26 PM <JUNCTION> Temporary Internet Files [C:\Users\White\AppData\Local\Microsoft\Windows\INetCache]
0 File(s) 0 bytes
Directory of C:\Users\White\AppData\Local\Microsoft\Windows
12/23/2013 07:26 PM <JUNCTION> Temporary Internet Files [C:\Users\White\AppData\Local\Microsoft\Windows\INetCache]
0 File(s) 0 bytes
Directory of C:\Users\White\AppData\Local\Microsoft\Windows\INetCache
12/23/2013 07:36 PM <JUNCTION> Content.IE5 [C:\Users\White\AppData\Local\Microsoft\Windows\INetCache\IE\]
0 File(s) 0 bytes
Directory of C:\Users\White\AppData\Local\Microsoft\Windows\INetCache\Low
12/23/2013 07:40 PM <JUNCTION> Content.IE5 [C:\Users\White\AppData\Local\Microsoft\Windows\INetCache\Low\IE\]
0 File(s) 0 bytes
Directory of C:\Users\White\Documents
12/23/2013 07:26 PM <JUNCTION> My Music [C:\Users\White\Music]
12/23/2013 07:26 PM <JUNCTION> My Pictures [C:\Users\White\Pictures]
12/23/2013 07:26 PM <JUNCTION> My Videos [C:\Users\White\Videos]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile
01/03/2014 08:29 PM <JUNCTION> Application Data [C:\WINDOWS\system32\config\systemprofile\AppData\Roaming]
01/03/2014 08:29 PM <JUNCTION> Cookies [C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCookies]
01/03/2014 08:29 PM <JUNCTION> Local Settings [C:\WINDOWS\system32\config\systemprofile\AppData\Local]
01/03/2014 08:29 PM <JUNCTION> My Documents [C:\WINDOWS\system32\config\systemprofile\Documents]
01/03/2014 08:29 PM <JUNCTION> NetHood [C:\WINDOWS\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
01/03/2014 08:29 PM <JUNCTION> PrintHood [C:\WINDOWS\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
01/03/2014 08:29 PM <JUNCTION> Recent [C:\WINDOWS\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Recent]
01/03/2014 08:29 PM <JUNCTION> SendTo [C:\WINDOWS\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\SendTo]
01/03/2014 08:29 PM <JUNCTION> Start Menu [C:\WINDOWS\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu]
01/03/2014 08:29 PM <JUNCTION> Templates [C:\WINDOWS\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local
01/03/2014 08:29 PM <JUNCTION> Application Data [C:\WINDOWS\system32\config\systemprofile\AppData\Local]
01/03/2014 08:29 PM <JUNCTION> History [C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
01/03/2014 08:29 PM <JUNCTION> Temporary Internet Files [C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows
01/03/2014 08:29 PM <JUNCTION> Temporary Internet Files [C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache
01/18/2014 01:24 PM <JUNCTION> Content.IE5 [C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE\]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\Documents
01/03/2014 08:29 PM <JUNCTION> My Music [C:\WINDOWS\system32\config\systemprofile\Music]
01/03/2014 08:29 PM <JUNCTION> My Pictures [C:\WINDOWS\system32\config\systemprofile\Pictures]
01/03/2014 08:29 PM <JUNCTION> My Videos [C:\WINDOWS\system32\config\systemprofile\Videos]
0 File(s) 0 bytes
Directory of C:\Windows\SysWOW64\config\systemprofile
01/03/2014 08:29 PM <JUNCTION> Application Data [C:\WINDOWS\system32\config\systemprofile\AppData\Roaming]
01/03/2014 08:29 PM <JUNCTION> Cookies [C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCookies]
01/03/2014 08:29 PM <JUNCTION> Local Settings [C:\WINDOWS\system32\config\systemprofile\AppData\Local]
01/03/2014 08:29 PM <JUNCTION> My Documents [C:\WINDOWS\system32\config\systemprofile\Documents]
01/03/2014 08:29 PM <JUNCTION> NetHood [C:\WINDOWS\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
01/03/2014 08:29 PM <JUNCTION> PrintHood [C:\WINDOWS\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
01/03/2014 08:29 PM <JUNCTION> Recent [C:\WINDOWS\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Recent]
01/03/2014 08:29 PM <JUNCTION> SendTo [C:\WINDOWS\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\SendTo]
01/03/2014 08:29 PM <JUNCTION> Start Menu [C:\WINDOWS\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu]
01/03/2014 08:29 PM <JUNCTION> Templates [C:\WINDOWS\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Windows\SysWOW64\config\systemprofile\AppData\Local
01/03/2014 08:29 PM <JUNCTION> Application Data [C:\WINDOWS\system32\config\systemprofile\AppData\Local]
01/03/2014 08:29 PM <JUNCTION> History [C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
01/03/2014 08:29 PM <JUNCTION> Temporary Internet Files [C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache]
0 File(s) 0 bytes
Directory of C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows
01/03/2014 08:29 PM <JUNCTION> Temporary Internet Files [C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache]
0 File(s) 0 bytes
Directory of C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache
01/18/2014 01:24 PM <JUNCTION> Content.IE5 [C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE\]
0 File(s) 0 bytes
Directory of C:\Windows\SysWOW64\config\systemprofile\Documents
01/03/2014 08:29 PM <JUNCTION> My Music [C:\WINDOWS\system32\config\systemprofile\Music]
01/03/2014 08:29 PM <JUNCTION> My Pictures [C:\WINDOWS\system32\config\systemprofile\Pictures]
01/03/2014 08:29 PM <JUNCTION> My Videos [C:\WINDOWS\system32\config\systemprofile\Videos]
0 File(s) 0 bytes
Total Files Listed:
0 File(s) 0 bytes
130 Dir(s) 526,683,836,416 bytes free
< %systemroot%\System32\config\*.sav >
< %PROGRAMFILES%\bak. /s >
< %systemroot%\system32\bak. /s >
< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
< %systemroot%\system32\config\systemprofile\*.dat /x >
< %systemroot%\*.config >
< %systemroot%\system32\*.db >
< %PROGRAMFILES%\Internet Explorer\*.dat >
< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2013/12/26 13:34:41 | 000,000,223 | -HS- | M] () -- C:\Users\A Lamar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini
< %USERPROFILE%\Desktop\*.exe >
[2014/03/13 20:09:04 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\A Lamar\Desktop\HiJackThis.exe
[2014/03/13 20:08:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\A Lamar\Desktop\OTL.exe
< %PROGRAMFILES%\Common Files\*.* >
< %systemroot%\*.src >
< %systemroot%\install\*.* >
< %systemroot%\system32\DLL\*.* >
< %systemroot%\system32\HelpFiles\*.* >
< %systemroot%\system32\rundll\*.* >
< %systemroot%\winn32\*.* >
< %systemroot%\Java\*.* >
< %systemroot%\system32\test\*.* >
< %systemroot%\system32\Rundll32\*.* >
< %systemroot%\AppPatch\Custom\*.* >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU\NoAutoUpdate]
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
========== Alternate Data Streams ==========
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:5C321E34
< End of report >
OTL Extras logfile created on: 3/13/2014 8:21:53 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\A Lamar\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16518)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
7.87 Gb Total Physical Memory | 4.12 Gb Available Physical Memory | 52.35% Memory free
8.70 Gb Paging File | 2.89 Gb Available in Paging File | 33.18% Paging File free
Paging file location(s): c:\pagefile.sys 400 4096 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1850.39 Gb Total Space | 490.54 Gb Free Space | 26.51% Space Free | Partition Type: NTFS
Drive D: | 10.81 Gb Total Space | 1.27 Gb Free Space | 11.74% Space Free | Partition Type: NTFS
Drive E: | 14.83 Gb Total Space | 9.76 Gb Free Space | 65.80% Space Free | Partition Type: FAT32
Drive K: | 2794.51 Gb Total Space | 521.28 Gb Free Space | 18.65% Space Free | Partition Type: NTFS
Drive M: | 931.28 Gb Total Space | 77.33 Gb Free Space | 8.30% Space Free | Partition Type: FAT32
Drive O: | 3725.90 Gb Total Space | 1469.46 Gb Free Space | 39.44% Space Free | Partition Type: NTFS
Computer Name: HP | User Name: A Lamar | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = internetshortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = Max3.Association.HTML] -- C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe (Maxthon International ltd.)
.txt [@ = txtfile] -- C:\Program Files\Just Great Software\EditPad Lite 7\EditPadLite7.exe (Just Great Software)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Browse with FastStone] -- "C:\Program Files (x86)\FastStone Image Viewer\FSViewer.exe" "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [sendtotoys1add] -- C:\Program Files\Send To Toys\SendToAdd.exe "%1" ()
Directory [sendtotoys1remove] -- C:\Program Files\Send To Toys\SendToRemove.exe "%1" ()
Directory [sendtotoys2prompt] -- C:\Program Files\Send To Toys\SendToCommandPrompt.exe "%1" ()
Directory [SynkronDelete] -- "C:\Program Files (x86)\Synkron\Synkron.exe" "-delete" "%1" ()
Directory [SynkronRename] -- "C:\Program Files (x86)\Synkron\Synkron.exe" "-rename" "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Browse with FastStone] -- "C:\Program Files (x86)\FastStone Image Viewer\FSViewer.exe" "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [sendtotoys1add] -- C:\Program Files\Send To Toys\SendToAdd.exe "%1" ()
Directory [sendtotoys1remove] -- C:\Program Files\Send To Toys\SendToRemove.exe "%1" ()
Directory [sendtotoys2prompt] -- C:\Program Files\Send To Toys\SendToCommandPrompt.exe "%1" ()
Directory [SynkronDelete] -- "C:\Program Files (x86)\Synkron\Synkron.exe" "-delete" "%1" ()
Directory [SynkronRename] -- "C:\Program Files (x86)\Synkron\Synkron.exe" "-rename" "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"FirewallOverride" = 0
"AntivirusOverride" = 0
"UacDisableNotify" = 0
"AntiSpywareDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03ED9C80-86AD-43FF-9B14-71A61EBC1B25}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{137E6952-1503-4F32-BB2F-588EB154FC3F}" = rport=445 | protocol=6 | dir=out | app=system |
"{1ADCF04D-8A2A-4397-B96E-9618A8CBFF95}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1C799E84-BCA7-4100-A6D2-356E3316F42A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2C94EF82-16ED-420B-ADB5-F318B138EBA9}" = rport=139 | protocol=6 | dir=out | app=system |
"{3585C650-752B-4478-98A2-2DD329C296C8}" = rport=138 | protocol=17 | dir=out | app=system |
"{41355CB2-73BD-4A62-A6EA-462C8C5066A0}" = lport=53000 | protocol=6 | dir=in | name=hpconnectedremoteservice.exe |
"{45940FED-95BB-479F-93FF-6C499F9D545D}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{46621D0C-028A-4B17-8D8D-B8C1934E31F9}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4D8BC483-19D3-43F2-8FD5-7D31DA560BB7}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{55DCE112-023F-424C-ACEA-05F1E8B262A7}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{570591F5-B791-4F28-8506-276A62A8C87F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5B1A44BF-C714-43D9-8F11-30DBDFA06DAE}" = rport=10243 | protocol=6 | dir=out | app=system |
"{62016588-A141-4F5B-A2DF-D0958484A72C}" = lport=137 | protocol=17 | dir=in | app=system |
"{714B309B-F105-453A-9A73-5EE4F87C18CD}" = lport=10243 | protocol=6 | dir=in | app=system |
"{746C63A6-C012-41C0-95DC-E601DF8BF85A}" = lport=14714 | protocol=6 | dir=in | name=audials localhttpserver 14714 |
"{791E96B4-8743-443E-8C26-ABA4E48B0B08}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{804E821B-6438-44F9-8CFA-EBDA939FB715}" = lport=139 | protocol=6 | dir=in | app=system |
"{A2708CE8-3485-4B07-BE1A-0998B0DF5670}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A69D5300-676B-457F-9C2B-33FEF8158257}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{B8CDA331-E3F8-4BEE-B7FA-9313E020A1AC}" = rport=137 | protocol=17 | dir=out | app=system |
"{BAD811C7-7124-4BD6-B08F-D732B8366308}" = lport=31931 | protocol=6 | dir=in | name=audials localhttpserver 31931 |
"{C3E12D76-9265-4060-B3E1-41805A23AEE4}" = lport=12972 | protocol=6 | dir=in | name=audials localhttpserver 12972 |
"{C56A8A60-5352-4E9D-9756-89FEA4A0AF4A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{C99A7038-504D-4D30-8400-FCC8C9BB3F65}" = lport=445 | protocol=6 | dir=in | app=system |
"{CE89D058-77FE-49A8-8186-BD41FDE9AF0A}" = lport=138 | protocol=17 | dir=in | app=system |
"{E7DB75C1-7EFF-419E-AE73-E8EDBEB4F6FD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F6946FCF-06E4-41FB-B53B-316790AC95BF}" = lport=52000 | protocol=6 | dir=in | name=hpconnectedremoteuser.exe |
"{FA7B0212-EC43-4A1E-B59C-2901F943AABF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FF2E71A8-E120-4130-83F5-FF1B7777EDE6}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0003C92B-E5C6-4086-9B3F-E2078A64DBC5}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{002AA4C8-54D3-486D-902E-0AF2662A9815}" = dir=out | name=juniper networks junos pulse |
"{01798083-E004-408D-881D-75D4BCFBD00C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{01F55FC3-9B45-43CB-B344-36AD9FD933B9}" = protocol=6 | dir=in | app=c:\program files (x86)\ralink corporation\ralink bluetooth stack\bluesoleilcs.exe |
"{061B663A-7FD5-40B8-9F5E-2FBE5FC0D211}" = dir=out | name=@{microsoft.bingsports_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} |
"{0638C58E-9003-4579-8A12-32874F8C7478}" = dir=out | name=microsoft solitaire collection |
"{08605DAD-C5E7-4F72-AD09-C1CE4F5E3A30}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.2.236_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{08F2B763-FB7B-419A-8E45-72EB57651366}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{09D9D848-B14D-4311-95A2-06AC5ACC4906}" = dir=out | name=windows_ie_ac_001 |
"{09E99509-1ECF-4630-BD06-2B76D9E91AA7}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{0B52A012-50C4-4B45-A267-248FB47C27CA}" = dir=out | name=netflix |
"{0CA5AC1E-0E76-4BE1-BAB0-2D5C3FE4508E}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.2.236_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{0CD7A8D7-2351-43A3-B08E-26B0A4075130}" = dir=out | name=@{microsoft.bingmaps_2.0.2210.2401_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{0E371576-D6F3-42A2-AE75-340E76FE4A3E}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{0F4007B8-54BB-490A-B4C2-C7E234B18BCB}" = dir=in | name=f5 vpn |
"{0FBE60B5-8441-49E2-96F0-C36DDB3820F3}" = dir=in | name=f5 vpn |
"{11253735-0AFC-4188-A273-F3F964707483}" = dir=out | name=skype |
"{128E2ACE-53D2-4879-892C-63062B514AB0}" = dir=out | name=microsoft mahjong |
"{129AC7E9-455F-425D-BCD2-ED488CBBC590}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{13643B55-92A2-4F07-9CED-AFA8EBBD6686}" = dir=out | name=kindle |
"{14A498B4-5B8F-4713-8F4B-1F6D741AB146}" = dir=out | name=@{microsoft.bingnews_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} |
"{17D565D8-4774-4F6A-BE2C-D2EBE0C33292}" = dir=in | name=sonicwall mobile connect |
"{190941FA-6B30-455D-A01A-3D9F85103936}" = dir=out | name=getting started with windows 8 |
"{192F3442-0FAA-4488-B18D-51F4D3AAC035}" = dir=out | name=microsoft mahjong |
"{1951A36A-2F7B-4524-AD67-A64E9CC03C8D}" = dir=out | name=@{microsoft.bingweather_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{1A33AB61-0251-4587-88F5-B9A4C780801D}" = protocol=17 | dir=in | app=c:\program files (x86)\maxthon\bin\maxthon.exe |
"{1C9EBE6D-1E15-4CA2-AAEA-71E5B3C22C70}" = dir=out | name=microsoft solitaire collection |
"{1D64FB19-21ED-4FD1-967B-1D4C673B9DEE}" = dir=out | name=@{microsoft.zunevideo_2.2.767.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{1DB96CBE-C5C1-4C60-85A0-B0B0EE4E45CC}" = dir=out | name=@{microsoft.bingsports_3.0.1.203_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{1DCC3FB2-A553-481D-8597-D0C2D8DD2F14}" = dir=in | name=skype |
"{1DE66B81-17A7-4583-9C1D-657305761BDE}" = dir=out | name=netflix |
"{1E24B851-BE05-44EC-991E-186E008446DF}" = dir=out | name=hp connected photo powered by snapfish |
"{1FD0AB9A-EA3B-4569-BA45-79690694893D}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{20C3187B-6ACB-4220-81E3-2D98177CEDCE}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{210A9762-917A-4162-9E90-9559443CF0E5}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{25AB937D-3C05-48CF-8B09-0B09F9025873}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{262F9506-5087-4905-B6A6-2C0157B1BF50}" = protocol=17 | dir=in | app=c:\program files (x86)\maxthon\bin\mxup.exe |
"{2A9E6394-DCBC-4054-A792-32D1BF1263FA}" = dir=out | name=@{microsoft.bingtravel_3.0.1.202_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{2AF03732-DF2F-4F80-BF78-F9FE17CB1970}" = protocol=6 | dir=in | app=c:\program files (x86)\maxthon\bin\mxup.exe |
"{2BC978FA-FA2A-47AB-82EE-C620667A414F}" = dir=out | name=f5 vpn |
"{2CD245B9-ADE8-40FD-B75B-BD02F943AEDE}" = dir=out | name=@{microsoft.bingfinance_3.0.2.234_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} |
"{2F494BE4-9E88-45E0-BCCA-89C0732BFD4D}" = protocol=17 | dir=in | app=c:\program files (x86)\vso\vso downloader\3\vsodownloader.exe |
"{2F4ED169-A73E-4AE5-BA41-6D9CFB0039DB}" = dir=out | name=iheartradio |
"{3025F865-B331-4A56-A5F6-05148F45A401}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3167EDB6-BC19-487A-A001-1FB1040177EC}" = protocol=17 | dir=in | name=hpconnectedremoteservice.exe |
"{31F364FA-AFD5-4418-9A22-C11044E4465C}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{336BB7BF-F594-4D82-B403-24D6F4A784A4}" = dir=out | name=hp registration |
"{37FCBAD6-C3B3-41E5-A8BA-33C6504371A6}" = dir=out | name=@{microsoft.bingfinance_3.0.1.299_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{39056E61-8A1A-45DE-B705-8EFF9F7A6C0A}" = dir=in | name=microsoft solitaire collection |
"{3A91FC77-DE7F-43C1-B5E5-F12EF66B76BF}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector10\pdr10.exe |
"{3CADDAC6-4798-4C07-815F-1DF967DE3F76}" = dir=out | name=norton studio |
"{3CC1999A-E427-4B62-8D06-B69CC0F43B4B}" = dir=out | name=@{microsoft.zunemusic_2.2.767.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{41548B42-4EEC-4B38-9886-5586F045A3D4}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.1.335_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{418A3A60-5605-404D-ADF3-913149820A2E}" = dir=in | name=microsoft mahjong |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{44661591-FAA3-4760-BB1C-503A59D3B39E}" = protocol=17 | dir=in | app=c:\program files (x86)\ralink corporation\ralink bluetooth stack\bluesoleilcs.exe |
"{456B6BFD-0058-4C9F-AFE7-1765CD4B1FD1}" = dir=out | name=@{microsoft.bingnews_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} |
"{4905EE05-7D06-4B49-BEEA-63C9E2242F42}" = protocol=6 | dir=in | app=c:\program files (x86)\vso\vso downloader\3\vsodownloader.exe |
"{4A7BBD32-C20F-47B6-BF4D-2A6EC5B001AF}" = dir=in | name=hp connected photo powered by snapfish |
"{4BA37726-E3AA-40D1-80F6-79DEAA989351}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{4BA9AF1B-6CF1-43E7-8FB9-D78207713B26}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{4DBBF7E9-F5EE-4895-B587-B29FF9A59B3B}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{4F448CBA-7282-49AC-93E9-CACD77A01B69}" = dir=out | name=ebay |
"{510DDDF3-A8C2-48C7-AB56-3FBDE4FA8D49}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{5148ABD6-0979-4D66-B4C6-4ABB94766716}" = dir=out | name=sonicwall mobile connect |
"{51A40712-8FC8-4671-9F89-84F64AA7553E}" = dir=out | name=hp connected photo powered by snapfish |
"{51E94C0D-344E-416D-9DB2-F7FC14F05C1B}" = dir=out | name=f5 vpn |
"{525277C2-70DB-4363-BB1F-280798421614}" = protocol=58 | dir=in | app=system |
"{53A97570-395A-4C87-8707-C30FE3B83293}" = dir=out | name=norton studio |
"{53BE02DE-C1FC-44FB-B938-5372463E1D41}" = dir=in | name=sonicwall mobile connect |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{5588FBBA-DFD7-49C4-AB50-85DD7462D6D3}" = dir=out | name=iheartradio |
"{55EC9B1A-D5C4-4636-8BD7-C7D21F2D478F}" = dir=in | name=hp+ |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{5955B8C6-8CFA-4BC5-B1A7-22E1A1D13D6E}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{5E449800-8573-4C91-B8F8-AC49871FE27E}" = dir=in | name=hp connected photo powered by snapfish |
"{5F0F2DC6-287C-44F6-9F52-578290BD61EB}" = dir=in | name=getting started with windows 8 |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{60C952E3-A9AC-44A7-A938-0A10A7EC2DDD}" = dir=out | name=hp+ |
"{611B6B11-8229-40D3-8D4A-9ADA8D192669}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{625B05DE-5AEF-44FC-8539-25B5E26A65C0}" = protocol=6 | dir=in | app=c:\program files (x86)\ralink corporation\ralink bluetooth stack\bluesoleilcs.exe |
"{64737D01-9436-49E6-8474-93732FAB2FE4}" = dir=out | name=ebay |
"{66EA19A2-5A4E-4E30-90B7-EB755569A4BC}" = dir=out | name=@{microsoft.bingsports_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} |
"{68AF1D50-3564-4F63-B98A-15A766CD9360}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{68FC0DA6-2355-4EDA-A951-26A912157CAE}" = dir=out | name=check point vpn |
"{69A24896-009E-49F3-8851-819F8229B97B}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{6AA73374-B47B-481B-9DC9-781652AF8417}" = dir=out | name=ebay |
"{6B3CB18E-BD1E-4106-86BA-DFFDC1D1D61C}" = dir=in | name=skype |
"{6BFC00A3-AE1C-408C-A7E5-9A83FC5E56F7}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{6CB2454A-35EE-4041-9A4E-222A9D9C0385}" = dir=out | name=hp connected photo powered by snapfish |
"{6DB2E5DA-0BAB-4162-9A3E-0DBC5C2E6963}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{6DBF7925-EEF3-4B9A-ACD8-2A4D2D511F1A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{729B6FF5-0F73-47CF-A893-A3D604ABF836}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{73E90A6F-2DA3-4DA5-A79E-6BBC680A2120}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7557CC92-9479-483F-A039-C387560934A9}" = dir=out | name=f5 vpn |
"{770DDF5B-29A2-4C25-AE12-DBACA4529DF5}" = dir=out | name=@{microsoft.bingtravel_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{77D9F1EF-463A-4B1B-8006-E98BFFB37831}" = dir=out | name=@{microsoft.zunemusic_2.2.767.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{7907A702-E36E-451C-A0CB-6F0627D83642}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7ADCFB13-85F3-462D-AA7C-5F2874C5F86A}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7E3425A1-3102-42EE-9D8C-006563DA1366}" = protocol=6 | dir=out | app=system |
"{80316091-FD9F-447D-86C9-398B076DB561}" = dir=out | name=kindle |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{80921D65-C166-4147-9AAB-414B53538D06}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{81431DCD-400D-4F55-AE34-CA7193F2D4D3}" = dir=in | name=skype |
"{83706AAD-8E08-4EE1-BB14-8EE2F99D74B2}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{8491FB39-4100-4798-B544-912AF667B3D2}" = dir=out | name=hp+ |
"{87907060-594E-4EAC-A9DF-1C5EAE5D5117}" = dir=in | name=hp+ |
"{87912772-A7FB-4BCF-9FDA-0BC999D24105}" = dir=out | name=microsoft solitaire collection |
"{8842DEF7-1B80-4BC7-8270-98140201B00D}" = dir=out | name=@{microsoft.bingnews_3.0.1.321_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/apptitle} |
"{8C8D295F-8E6C-4E05-9CA6-CA96A512AD60}" = dir=in | name=juniper networks junos pulse |
"{8E57C98A-F923-4E6D-B1F7-9E15321DCF9B}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{933B7EDF-BE68-4D1C-B43E-882B742FF364}" = dir=out | name=windows_ie_ac_001 |
"{9358670A-D42D-4E59-91FC-1EB40EF33989}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{9628EE1C-B3C3-4EAD-8172-DCA30DA838B9}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{98B42573-AB93-459E-82DD-9F0AEE677599}" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{993CB8D8-EE68-4475-A4C3-218517CDBEB8}" = dir=out | name=getting started with windows 8 |
"{9AC8F0ED-B762-4269-9390-DCB2EF1D8444}" = dir=out | name=juniper networks junos pulse |
"{9C72A444-14D6-4541-A667-C89C7E1F0109}" = dir=in | name=check point vpn |
"{9CC77241-1F8B-46B3-9866-C2E81294DC09}" = dir=in | name=hp+ |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{A1A15CC1-FC64-4B50-8C60-BC833ACA1AEF}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{A3D2D0E4-4156-47B6-9964-078DE50ACBC1}" = dir=in | name=getting started with windows 8 |
"{A477765B-1047-4479-87B3-02D63C36DB20}" = protocol=17 | dir=in | app=c:\program files (x86)\ralink corporation\ralink bluetooth stack\bluesoleilcs.exe |
"{A51171BB-018F-43EE-86FD-6738C63E3AE0}" = dir=out | name=@{microsoft.zunevideo_2.2.767.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{A5D5E745-D016-4F9C-B3D5-5AE2F48E94E1}" = dir=out | name=juniper networks junos pulse |
"{A5F0395C-4E70-498A-99E2-4E8BB8117BEE}" = dir=in | name=microsoft solitaire collection |
"{A714B1EA-B9B6-48DA-AC9D-325BD4CA8155}" = dir=out | name=hp+ |
"{A8803841-90C8-4EE6-AAA2-7D21FDC2CD3B}" = dir=out | name=@{microsoft.zunemusic_2.2.444.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{A8A23128-6C27-4DBB-AF27-96D84AAE77AF}" = dir=out | name=skype |
"{A8F41A25-1CCF-4924-9C81-95BC6DCB976E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{AD08513F-2A72-4DB4-AA3B-847961BBF914}" = dir=out | name=netflix |
"{AE9889BD-4754-4E99-8E2A-3F908C5FACCB}" = dir=in | name=check point vpn |
"{B214ED58-6D8E-4AB9-B228-02631D6DA9C6}" = dir=in | name=juniper networks junos pulse |
"{B2FE535F-2D5A-4EC8-BD31-02EF33839550}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{B32AA3DD-80CA-4D91-B77F-5357AD6C7305}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B3DEE0D2-448B-4E98-A4FD-668C6A9F97E1}" = dir=out | name=microsoft mahjong |
"{B3F1588C-89B9-47CC-8DD2-8A4476BFD5D5}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B4E1BE9D-3A6D-450B-A48B-F1AFBFB25DDB}" = dir=out | name=@{microsoft.bingweather_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{B5788639-B8A2-40F6-87BE-2AFF5C665BA3}" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{B59B2521-2BF3-4993-8686-7D8579425615}" = dir=out | name=iheartradio |
"{B775E156-55BB-4A43-9E53-A63EBB540771}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{B876250A-D726-4AFD-AAB6-BB4E396A06EA}" = dir=in | name=hp connected photo powered by snapfish |
"{B953B454-623C-4A3D-BC89-0C2C11323557}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{BA7C6F53-5EB0-4901-9AAF-82BF4CD6D535}" = dir=out | name=hp registration |
"{BBF48DE7-4AE6-479D-A0E0-241F171384C2}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{BC0A9AF9-20AB-4351-93CA-8C01B33994EA}" = dir=in | name=check point vpn |
"{BCA858B9-A8A1-461A-9473-FFEF0505539E}" = dir=out | name=check point vpn |
"{BD822629-DBBF-4AD4-A229-F30179F6E8EA}" = dir=in | name=f5 vpn |
"{C0D7940D-5C77-4EA8-8798-9AE30D804C6C}" = dir=out | name=@{microsoft.bingfinance_3.0.2.234_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} |
"{C232E681-4443-49CF-94C2-26A53D6B3930}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{C37E3EC2-13FA-44BF-BC35-86A82C59097F}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{C425FDA0-0FB9-451A-95F8-5A3C796D2741}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{C6385A81-6623-4702-81F9-9C2451EE5725}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{C67181C1-EF56-4449-BDFE-ABA3C9959BDF}" = dir=out | name=getting started with windows 8 |
"{C7A510D5-DDED-4B34-8DCD-354CC2BE40E3}" = dir=out | name=@{microsoft.zunevideo_2.2.338.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{C8822745-4C34-4308-8E51-2B66CD05D7A9}" = dir=out | name=@{microsoft.bingtravel_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{CD903669-3B7E-4DB4-9DB4-B585EC873796}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{CFCFB85A-F98A-4871-B68F-11CE1B1A7408}" = dir=in | app=c:\program files (x86)\audials\audials 11\audials.exe |
"{D112511A-6C1D-4555-B1D2-D36AFB37EFA7}" = dir=out | name=skype |
"{D3F1AF59-412F-4653-8AE6-E6CEA1B2795E}" = dir=out | name=sonicwall mobile connect |
"{D584F3AA-2761-4CB0-9DDE-63C0F4AF0910}" = dir=in | name=microsoft mahjong |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{D6A97B26-6AD9-4E99-829E-54505F9A60A2}" = protocol=6 | dir=in | app=c:\program files (x86)\maxthon\bin\maxthon.exe |
"{D7F84947-13B2-4013-AAF3-A57C9FE08C14}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{DC89F97F-53CA-474B-9C32-0B15FD4865B8}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{DCCE9C8C-8875-47BD-B639-1A9C6C9FA4F2}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{DD05B7B7-F147-4408-AAA7-4A878156B282}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DF521E90-18B1-45D0-B90E-ED5A8021983B}" = dir=out | name=sonicwall mobile connect |
"{E04950B6-0A8D-409E-84E2-C209BDCD759F}" = dir=in | name=microsoft mahjong |
"{E1FBA719-C0CC-457A-A17F-8641FC7A9960}" = dir=out | name=hp registration |
"{E3A32DD6-E018-4E34-AD77-9A6C410DD70B}" = dir=out | name=@{microsoft.bingmaps_2.0.2530.2317_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{E789E738-FA7C-4EE6-99BF-9F7CB071E344}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{E9633636-46FA-42E1-B9C6-E83BFB4D1612}" = dir=out | name=@{microsoft.bingweather_3.0.1.203_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{EA5B7F84-A7AE-47E8-BA26-472AE8A2074D}" = dir=in | name=sonicwall mobile connect |
"{EB42D19F-217E-4837-BFE9-470094970037}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{EEE85BA4-EF6E-4C95-BD0B-C666463189FF}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{F07376E9-904C-40AB-809F-8429E0398AA3}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{F1AD2975-BAF1-42A8-A1F8-197B6F1234CA}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F4961B96-C07F-4247-9EDA-6CEF518D6A22}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.1.337_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{F4ED8DFF-288D-4BF5-9A02-152AB06FFE02}" = dir=in | name=microsoft solitaire collection |
"{F543862F-FB9C-4325-8DFC-6180CFF1CDA7}" = dir=out | name=check point vpn |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F6B6819F-CDC3-4B0A-901C-60BA6CB48883}" = dir=out | name=windows_ie_ac_001 |
"{F76206BB-EC5D-4EF2-BF67-9FE9BCE98058}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{F77AFA08-CD2B-404F-BC6A-DF4961495C40}" = dir=out | name=@{microsoft.bingmaps_2.0.2530.2317_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{F92B5C8D-CD03-475F-A477-7B0338CBE6FF}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{FB83DF4A-FD2E-4751-81B9-26ADC84938C9}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{FF44D407-D224-4D13-92B1-2BC7547AE903}" = dir=in | name=juniper networks junos pulse |
"{FF6636CF-E072-4A67-B861-AFD65D97BAC5}" = dir=out | name=kindle |
"{FFCD71C0-819F-4F3E-A5B1-7EAA40F768A3}" = dir=out | name=norton studio |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{2368907C-E8F6-4750-A023-254C3E2B5E8D}" = Classic Shell
"{25427DA3-EBB7-B260-CD05-9E18F2F8E9F7}" = Ralink Bluetooth Stack64
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5E11C972-1E76-45FE-8F92-14E0D1140B1B}" = iTunes
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E14E6D6-3175-4E1A-B934-CAB5A86367CD}" = HP Postscript Converter
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support
"{814FA673-A085-403C-9545-747FC1495069}" = Epson Customer Participation
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{C23EE7CE-C1A3-4F94-A8F0-9E0AC9C6DE6E}" = Adblock Plus for IE (32-bit and 64-bit)
"{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}" = HP Registration Service
"75BD84FDFF77342C2A347F729669CBD84CE11B04" = Windows Driver Package - OLYMPUS IMAGING CORP. (VNUSB) VNUSB (09/29/2009 2.0.0.0)
"CCleaner" = CCleaner
"CutePDF Writer Installation" = CutePDF Writer 3.0
"EditPad Lite" = EditPad Lite 7.2.2
"EPSON WorkForce 545 Series" = EPSON WorkForce 545 Series Printer Uninstall
"MediaInfo" = MediaInfo 0.7.65
"Send To Toys_is1" = Send To Toys v2.7
"VLC media player" = VLC media player 2.1.4
"WinRAR archiver" = WinRAR 5.00 beta 8 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}" = Epson FAX Utility
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation®Store
"{10F63395-157F-4B93-AB4D-702A2FF11942}" = Epson Download Navigator
"{167158CE-1637-4167-8A1C-C2549EEA966A}" = The Weather Channel App
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite 10
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2758691A-2CDE-4942-A4AC-0E8F61FE2067}" = USB2.0 VIDBOX NW03
"{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{44FF002B-5AB3-4447-8F98-614387B63EE6}" = honestech VHS to DVD 5.0 Deluxe
"{4862344A-A39C-4897-ACD4-A1BED5163C5A}" = CyberLink PhotoDirector
"{49D9CE9D-C8B7-B941-90E1-608044A0FC8D}" = Media Go Video Playback Engine 2.0.113.09020
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{633A0911-77AE-4B18-BEF0-F46EC8CF54EA}" = WORDsearch Basic
"{64BA551C-9AF6-495C-93F3-D1270E0045FC}" = Epson Connect
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6B8D6199-EE44-4FD7-813A-6D8C62C9B384}" = SlimCleaner
"{6BA5F6E7-6CC1-4117-816D-A549A06CE44E}" = HP Connected Backup
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.0.0
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8D92969D-A6A3-44C8-9D63-D377E94F44B5}" = Media Go
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}" = Ralink RT3290 802.11bgn Wi-Fi Adapter
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90300409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Media Content
"{929408E6-D265-4174-805F-81D1D914E2A4}" = QuickTime
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C35EDE5-4B0F-45E7-A438-314BA889948E}" = HP MyRoom
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.06)
"{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10
"{B2B7B1C8-7C8B-476C-BE2C-049731C55992}" = HP Support Information
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1" = VSO ConvertXToDVD
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFADE4AF-C0CF-4A04-A776-741318F1658F}" = Content Transfer
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DB51721D-9716-429C-B311-DCEC0ECA49D0}" = honestech VHS to DVD 5.0 Deluxe
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD
"{DF6DA606-904D-4C18-823F-A4CFC3035E53}" = eFax Messenger
"{DF83FFB3-D4E3-4A9B-9775-3982D23208B0}" = Audials
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F243A34B-AB7F-4065-B770-B85B767C247C}" = HP Connected Remote
"{F9000000-0018-0000-0000-074957833700}" = ABBYY FineReader 9.0 Sprint
"{FA9D303D-0FB2-49C7-9397-8E6B11EA892D}" = Epson Event Manager
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel® SDK for OpenCL - CPU Only Runtime Package
"{fd97d1e2-368a-4cd9-af63-8eeff938044a}" = Adblock Plus for IE
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF27F674-821E-4BA2-985B-DDF539C2CD03}" = HP Support Assistant
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"ABBYY FineReader 9.0 Sprint" = ABBYY FineReader 9.0 Sprint
"AdFender" = AdFender
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"Any Video Converter_is1" = Any Video Converter 5.5.5
"Audacity_is1" = Audacity 2.0.3
"Debut" = Debut Video Capture Software
"DVD Decrypter" = DVD Decrypter (Remove Only)
"DVD Shrink_is1" = DVD Shrink 3.2
"EPSON PC-FAX Driver 2" = Epson PC-FAX Driver
"EPSON Scanner" = EPSON Scan
"FastStone Image Viewer" = FastStone Image Viewer 4.8
"Freemake Video Converter_is1" = Freemake Video Converter version 4.1.2
"GoldenVideos" = Golden Videos
"Google Chrome" = Google Chrome
"HandBrake" = HandBrake 0.9.9.1
"iLuminaPremium" = iLumina Gold Premium
"ImgBurn" = ImgBurn
"InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite 10
"InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}" = CyberLink PhotoDirector
"InstallShield_{929408E6-D265-4174-805F-81D1D914E2A4}" = QuickTime
"InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD
"IObit Unlocker_is1" = IObit Unlocker
"Kingsoft Office" = Kingsoft Office 2013 (9.1.0.4480)
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 10.0.0
"LAME_is1" = LAME v3.99.3 (for Windows)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Maxthon3" = Maxthon Cloud Browser
"Mozilla Firefox 27.0 (x86 en-US)" = Mozilla Firefox 27.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NST" = Norton Identity Safe
"Opera 19.0.1326.59" = Opera Stable 19.0.1326.59
"Slice" = Slice Audio File Splitter
"Smart Defrag 3_is1" = Smart Defrag 3
"SpywareBlaster_is1" = SpywareBlaster 5.0
"StartHPConnectedMusic" = HP Connected Music (Meridian - installer)
"Switch" = Switch Sound File Converter
"Tomlein.Synkron_is1" = Synkron 1.6.2
"WinLiveSuite" = Windows Live Essentials
"WORDsearch Basic" = WORDsearch Basic
"WordWeb" = WordWeb
"WRUNINST" = Webroot SecureAnywhere
"ZSoft Uninstaller" = ZSoft Uninstaller 2.5
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 3/11/2014 5:59:42 PM | Computer Name = HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 5750
Error - 3/11/2014 5:59:43 PM | Computer Name = HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 3/11/2014 5:59:43 PM | Computer Name = HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 6906
Error - 3/11/2014 5:59:43 PM | Computer Name = HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 6906
Error - 3/11/2014 5:59:44 PM | Computer Name = HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 3/11/2014 5:59:44 PM | Computer Name = HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 8062
Error - 3/11/2014 5:59:44 PM | Computer Name = HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 8062
Error - 3/11/2014 5:59:45 PM | Computer Name = HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 3/11/2014 5:59:45 PM | Computer Name = HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 9250
Error - 3/11/2014 5:59:45 PM | Computer Name = HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 9250
Error - 3/11/2014 6:12:54 PM | Computer Name = HP | Source = Application Error | ID = 1000
Description = Faulting application name: BlueSoleilCS.exe, version: 9.0.709.0, time
stamp: 0x500cb70a Faulting module name: tl_filter.dll, version: 0.0.0.0, time stamp:
0x50123d74 Exception code: 0xc0000094 Fault offset: 0x0000c12d Faulting process id:
0x2370 Faulting application start time: 0x01cf3b128bc62480 Faulting application path:
C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
Faulting
module path: c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\USB\tl_filter.dll
Report
Id: 4aa9ff0e-a96a-11e3-beaf-689423099ede Faulting package full name: Faulting package-relative
application ID:
[ System Events ]
Error - 3/7/2014 1:56:25 PM | Computer Name = HP | Source = DCOM | ID = 10010
Description =
Error - 3/7/2014 1:56:55 PM | Computer Name = HP | Source = DCOM | ID = 10010
Description =
Error - 3/7/2014 1:57:25 PM | Computer Name = HP | Source = DCOM | ID = 10010
Description =
Error - 3/7/2014 11:57:29 PM | Computer Name = HP | Source = DCOM | ID = 10010
Description =
Error - 3/7/2014 11:57:29 PM | Computer Name = HP | Source = DCOM | ID = 10010
Description =
Error - 3/8/2014 7:15:19 AM | Computer Name = HP | Source = disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk5\DR5.
Error - 3/8/2014 7:15:19 AM | Computer Name = HP | Source = disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk6\DR6.
Error - 3/8/2014 7:15:19 AM | Computer Name = HP | Source = disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk7\DR7.
Error - 3/8/2014 7:18:01 AM | Computer Name = HP | Source = Service Control Manager | ID = 7034
Description = The BlueSoleilCS service terminated unexpectedly. It has done this
3 time(s).
Error - 3/8/2014 11:00:01 AM | Computer Name = HP | Source = DCOM | ID = 10016
Description =
< End of report >
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:40:52 PM, on 3/13/2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.16518)
Boot mode: Normal
Running processes:
C:\Program Files\Webroot\WRSA.exe
C:\Program Files (x86)\AdFender\AdFender.exe
C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe
C:\Program Files (x86)\QuickTime\qttask.exe
C:\Program Files (x86)\eFax Messenger 4.4\J2GDllCmd.exe
C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\A Lamar\Desktop\HiJackThis.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\coIEPlg.dll
O2 - BHO: Webroot Filtering Extension - {C9C42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files\Webroot\WRData\PKG\Vistax86\wrflt.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O2 - BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
O3 - Toolbar: Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\coIEPlg.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O4 - HKLM\..\Run: [BtTray] "c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [WRSVC] "C:\Program Files\Webroot\WRSA.exe" -ul
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
O4 - HKLM\..\Run: [FUFAXRCV] "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe"
O4 - HKLM\..\Run: [FUFAXSTM] "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe"
O4 - HKLM\..\Run: [ContentTransferWMDetector.exe] C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [eFax 4.4] "C:\Program Files (x86)\eFax Messenger 4.4\J2GDllCmd.exe" /R
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [Growl] C:\Program Files (x86)\Growl for Windows\Growl.exe
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIHWA.EXE /EPT "EPLTarget\P0000000000000000" /M "WorkForce 545" /EF "HKCU"
O4 - Global Startup: AdFender.lnk = C:\Program Files (x86)\AdFender\AdFender.exe
O4 - Global Startup: Synkron.lnk = C:\Program Files (x86)\Synkron\Synkron.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\windows\SysWow64\skype4com.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: BlueSoleilCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BsHelpCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: EpsonCustomerParticipation - SEIKO EPSON CORPORATION - C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Connected Remote Service (HPConnectedRemote) - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Norton Identity Safe (NCO) - Symantec Corporation - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: WRSVC - Webroot - C:\Program Files\Webroot\WRSA.exe
--
End of file - 14042 bytes