Posted 15 July 2013 - 05:03 PM

I attempted to run OTL and the system crashed, got a blue screen and was brought to the Windows Error Recovery screen with Safe Mode, Safe Mode with Networking, Safe Mode with Command Prompt, and Start Windows Normally options.

I'm puzzled now. Was working this morning.

EDIT//////

Was able to run OTL finally after downloading it, rebooting and clicking the exe immediately upon loading. Logs:

OTL.txt

OTL logfile created on: 7/16/2013 12:54:21 AM - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Marie\Desktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.10.9200.16635)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy



3.91 Gb Total Physical Memory | 2.14 Gb Available Physical Memory | 54.78% Memory free

7.81 Gb Paging File | 5.72 Gb Available in Paging File | 73.27% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]



%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 452.47 Gb Total Space | 396.53 Gb Free Space | 87.63% Space Free | Partition Type: NTFS

Drive D: | 37.73 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS



Computer Name: MARIE-PC | User Name: Marie | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days



========== Processes (SafeList) ==========



PRC - [2013/07/16 00:53:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Marie\Desktop\OTL.exe

PRC - [2013/03/21 15:19:46 | 001,341,664 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe

PRC - [2012/06/11 16:22:16 | 000,425,040 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingBar.exe

PRC - [2012/06/11 16:22:16 | 000,267,856 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingApp.exe

PRC - [2012/06/11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE

PRC - [2012/06/11 16:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE

PRC - [2012/06/11 16:22:16 | 000,141,904 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\bingsurrogate.exe

PRC - [2012/04/04 01:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

PRC - [2012/02/01 12:50:58 | 000,968,048 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe

PRC - [2011/11/25 16:32:36 | 000,687,400 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe

PRC - [2011/10/01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

PRC - [2011/10/01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

PRC - [2011/09/22 12:14:16 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe

PRC - [2011/09/22 12:11:26 | 000,460,096 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe

PRC - [2011/09/22 12:06:12 | 001,692,480 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe

PRC - [2011/08/19 13:34:32 | 002,013,168 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe

PRC - [2011/08/19 13:34:32 | 000,096,240 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe

PRC - [2011/08/19 13:34:28 | 002,451,440 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe

PRC - [2011/07/07 19:16:00 | 000,075,064 | ---- | M] () -- C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe

PRC - [2011/06/02 16:27:58 | 000,237,568 | ---- | M] () -- C:\Program Files (x86)\DELL\DELLOSD\MediaButtons.exe

PRC - [2011/06/02 14:11:20 | 000,725,504 | ---- | M] (DELL COMPUTER INC.) -- C:\Program Files (x86)\DELL\DELLOSD\DELLOSD.exe

PRC - [2011/05/27 19:33:46 | 000,098,304 | ---- | M] () -- C:\Program Files (x86)\DELL\DELLOSD\DellOSDService.exe

PRC - [2011/04/13 12:39:14 | 000,503,942 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe

PRC - [2011/04/01 19:08:30 | 000,660,480 | ---- | M] (DELL) -- C:\Program Files (x86)\DELL\Dell KM632 Wireless Keyboard Caps Lock Indicator\IndicatorOSD.exe

PRC - [2011/03/31 11:59:16 | 000,100,352 | ---- | M] (Atheros Communication Inc.) -- C:\Program Files (x86)\Atheros Direct Connect\DCDhcpService.exe

PRC - [2011/03/31 11:56:48 | 000,583,168 | ---- | M] (Atheros Communications, Inc.) -- C:\Program Files (x86)\Atheros Direct Connect\DCWpaSupplicant.exe

PRC - [2011/02/16 07:22:42 | 000,135,168 | ---- | M] (Atheros) -- C:\Program Files (x86)\Dell Wireless\Ath_CoexAgent.exe

PRC - [2011/01/12 21:17:54 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\DELL\Dell KM632 Wireless Keyboard Caps Lock Indicator\LaunchOSDSrv.exe

PRC - [2010/12/20 16:30:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

PRC - [2010/12/20 16:30:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

PRC - [2010/12/06 17:37:54 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\DELL\DELLOSD\FastUserSwitching.exe

PRC - [2010/12/01 17:07:46 | 000,176,128 | ---- | M] (Chicony) -- C:\Program Files (x86)\DELL\Dell KM632 Wireless Keyboard Caps Lock Indicator\OSDSrv.exe

PRC - [2010/11/17 12:35:40 | 001,440,240 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\Roxio Burn.exe

PRC - [2010/11/17 12:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe

PRC - [2010/03/10 15:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe





========== Modules (No Company Name) ==========



MOD - [2013/07/13 13:26:04 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\32066405eb9ab14056b2af3115d2a6de\System.Xml.ni.dll

MOD - [2013/07/13 13:26:01 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\9e24b9ffd816c0c90efc4d3fc9fd745f\System.Configuration.ni.dll

MOD - [2013/07/13 13:26:00 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\187c13e8967097d2ed1e5f123e7d890a\System.ni.dll

MOD - [2013/07/13 13:25:54 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll

MOD - [2012/02/01 12:50:58 | 000,968,048 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe

MOD - [2012/02/01 12:44:34 | 008,151,040 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtGui4.dll

MOD - [2012/02/01 12:44:34 | 002,278,400 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtCore4.dll

MOD - [2011/09/22 12:14:16 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe

MOD - [2011/08/19 13:34:44 | 000,089,584 | ---- | M] () -- C:\Windows\SysWOW64\FAIEExtension.dll

MOD - [2011/08/19 13:34:32 | 000,059,888 | ---- | M] () -- C:\Windows\SysWOW64\FAib.dll

MOD - [2011/08/19 13:34:22 | 000,251,888 | ---- | M] () -- C:\Windows\SysWOW64\FACrashRpt.dll

MOD - [2011/07/07 19:16:00 | 000,075,064 | ---- | M] () -- C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe

MOD - [2011/06/02 16:27:58 | 000,237,568 | ---- | M] () -- C:\Program Files (x86)\DELL\DELLOSD\MediaButtons.exe

MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF

MOD - [2011/01/12 21:17:54 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\DELL\Dell KM632 Wireless Keyboard Caps Lock Indicator\LaunchOSDSrv.exe

MOD - [2010/12/06 17:37:54 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\DELL\DELLOSD\FastUserSwitching.exe

MOD - [2010/11/25 00:44:02 | 000,375,280 | ---- | M] () -- c:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SQLite352.dll

MOD - [2010/11/17 12:35:40 | 001,440,240 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\Roxio Burn.exe

MOD - [2010/11/17 12:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe

MOD - [2010/11/17 12:35:28 | 000,657,904 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\BBEngineAS.dll

MOD - [2010/10/20 15:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll





========== Services (SafeList) ==========



SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV:64bit: - [2013/03/21 15:19:46 | 001,341,664 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)

SRV:64bit: - [2010/09/22 20:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)

SRV:64bit: - [2009/11/17 16:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)

SRV - [2013/07/13 15:39:15 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2013/05/22 20:46:11 | 000,032,808 | ---- | M] (Just Develop It) [Auto | Running] -- C:\Program Files (x86)\MyPC Backup\BackupStack.exe -- (BackupStack)

SRV - [2012/12/14 02:42:10 | 000,277,616 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)

SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2012/06/11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE -- (BBUpdate)

SRV - [2012/06/11 16:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE -- (BBSvc)

SRV - [2012/04/04 01:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)

SRV - [2011/11/25 16:32:36 | 000,687,400 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)

SRV - [2011/10/26 10:58:10 | 000,162,816 | ---- | M] (Dell Products, LP.) [Auto | Stopped] -- c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe -- (DellDigitalDelivery)

SRV - [2011/10/01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)

SRV - [2011/10/01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)

SRV - [2011/09/22 12:06:12 | 001,692,480 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)

SRV - [2011/08/19 13:34:28 | 002,451,440 | ---- | M] (Sensible Vision ) [Auto | Running] -- C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe -- (FAService)

SRV - [2011/05/27 19:33:46 | 000,098,304 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\DELL\DELLOSD\DellOSDService.exe -- (Dell WMI Service)

SRV - [2011/03/31 16:08:18 | 000,077,984 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe -- (AtherosSvc)

SRV - [2011/03/31 11:59:16 | 000,100,352 | ---- | M] (Atheros Communication Inc.) [On_Demand | Running] -- C:\Program Files (x86)\Atheros Direct Connect\DCDhcpService.exe -- (DCDhcpService)

SRV - [2011/02/16 07:22:42 | 000,135,168 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Dell Wireless\Ath_CoexAgent.exe -- (Atheros Bt&Wlan Coex Agent)

SRV - [2010/12/20 16:30:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)

SRV - [2010/12/20 16:30:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)

SRV - [2010/12/01 17:07:46 | 000,176,128 | ---- | M] (Chicony) [Auto | Running] -- C:\Program Files (x86)\DELL\Dell KM632 Wireless Keyboard Caps Lock Indicator\OSDSrv.exe -- (OSDSvc)

SRV - [2010/11/25 07:34:18 | 000,219,632 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12)

SRV - [2010/11/25 07:33:18 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)

SRV - [2010/08/25 22:28:54 | 002,823,000 | ---- | M] (Dell, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe -- (NOBU)

SRV - [2010/03/18 17:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2010/03/10 15:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)

SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)





========== Driver Services (SafeList) ==========



DRV:64bit: - [2013/02/20 11:07:40 | 000,058,416 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)

DRV:64bit: - [2013/02/20 11:07:38 | 000,213,416 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)

DRV:64bit: - [2013/01/10 15:08:16 | 000,190,232 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)

DRV:64bit: - [2013/01/10 15:08:16 | 000,059,440 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EpfwLWF.sys -- (EpfwLWF)

DRV:64bit: - [2013/01/10 15:08:14 | 000,150,616 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)

DRV:64bit: - [2012/12/14 02:42:22 | 005,353,888 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)

DRV:64bit: - [2012/08/23 10:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)

DRV:64bit: - [2012/08/23 10:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)

DRV:64bit: - [2012/08/23 10:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2012/01/08 13:10:16 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2012/01/08 13:10:16 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2011/10/01 08:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)

DRV:64bit: - [2011/10/01 08:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)

DRV:64bit: - [2011/10/01 08:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)

DRV:64bit: - [2011/10/01 08:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)

DRV:64bit: - [2011/06/10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)

DRV:64bit: - [2011/03/31 18:08:30 | 000,281,248 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)

DRV:64bit: - [2011/03/31 16:08:30 | 000,298,656 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)

DRV:64bit: - [2011/03/31 16:08:30 | 000,201,376 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)

DRV:64bit: - [2011/03/31 16:08:30 | 000,154,272 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)

DRV:64bit: - [2011/03/31 16:08:30 | 000,055,456 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)

DRV:64bit: - [2011/03/31 16:08:30 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)

DRV:64bit: - [2011/03/31 16:08:30 | 000,028,832 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)

DRV:64bit: - [2011/03/15 22:09:16 | 000,311,400 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUVStor.sys -- (RSUSBVSTOR)

DRV:64bit: - [2011/02/24 09:56:44 | 002,700,288 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)

DRV:64bit: - [2011/01/20 13:20:46 | 000,176,096 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)

DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010/11/05 22:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)

DRV:64bit: - [2010/10/19 15:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)

DRV:64bit: - [2010/07/13 21:57:06 | 000,069,736 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\itecir.sys -- (itecir)

DRV:64bit: - [2010/03/19 05:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)

DRV:64bit: - [2010/02/26 21:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)

DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009/07/13 20:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)

DRV:64bit: - [2009/07/13 20:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)

DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2008/09/24 22:36:14 | 000,238,848 | ---- | M] (Sensible Vision ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\facap.sys -- (FACAP)

DRV:64bit: - [2006/11/01 14:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)

DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)





========== Standard Registry (SafeList) ==========





========== Internet Explorer ==========



IE:64bit: - HKLM\..\SearchScopes,DefaultScope =

IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE:64bit: - HKLM\..\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\..\SearchScopes,DefaultScope =

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\..\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox





IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =



IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =



IE - HKU\S-1-5-21-4288015834-3235087092-2951226452-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/

IE - HKU\S-1-5-21-4288015834-3235087092-2951226452-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-4288015834-3235087092-2951226452-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR

IE - HKU\S-1-5-21-4288015834-3235087092-2951226452-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0





========== FireFox ==========



FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin

ew_plugin

pjp2.dll (Sun Microsystems, Inc.)

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0

pctrl.dll ( Microsoft Corporation)

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files (x86)\Virtual Earth 3D\ [2012/01/08 11:36:17 | 000,000,000 | ---D | M]

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64

pDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2

pjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0

pctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files (x86)\Virtual Earth 3D\ [2012/01/08 11:36:17 | 000,000,000 | ---D | M]

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153

pGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153

pGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR

ppdf32.dll (Adobe Systems Inc.)



64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET SMART SECURITY\MOZILLA THUNDERBIRD [2013/07/13 19:29:32 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fassoxpcom@sensiblevision.com: C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso\ [2012/01/08 11:52:19 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\quickprint@hp.com: C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011/01/26 15:27:28 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013/07/13 19:29:32 | 000,000,000 | ---D | M]





O1 HOSTS File: ([2013/07/13 15:58:43 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O2:64bit: - BHO: (Face recognition web login for FastAccess) - {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\x64\FAIESSO.dll (Sensible Vision )

O2 - BHO: (no name) - {3F3C285F-B452-47FB-ADE2-02EA4387F37C} - No CLSID value found.

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)

O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)

O2 - BHO: (Face recognition web login for FastAccess) - {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll (Sensible Vision )

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)

O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe (Atheros Commnucations)

O4:64bit: - HKLM..\Run: [DCHostUI] C:\Program Files (x86)\Atheros Direct Connect\P2PUIMain.exe (Atheros Communication)

O4:64bit: - HKLM..\Run: [DellStage] C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe ()

O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)

O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [] File not found

O4 - HKLM..\Run: [AccuWeatherWidget] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe ()

O4 - HKLM..\Run: [Chicony_OSD] C:\Program Files (x86)\Dell\Dell KM632 Wireless Keyboard Caps Lock Indicator\LaunchOSDSrv.exe ()

O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\DELL\Dell Datasafe Online\NOBuClient.exe (Dell, Inc.)

O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)

O4 - HKLM..\Run: [DELLOSD] C:\Program Files (x86)\DELL\DELLOSD\FastUserSwitching.exe ()

O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()

O4 - HKLM..\Run: [FAStartup] File not found

O4 - HKLM..\Run: [FATrayAlert] C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe (Sensible Vision )

O4 - HKLM..\Run: [Iminent] C:\Program Files (x86)\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C" File not found

O4 - HKLM..\Run: [IminentMessenger] C:\Program Files (x86)\Iminent\Iminent.Messengers.exe File not found

O4 - HKLM..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey File not found

O4 - HKLM..\Run: [NeroLauncher] C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe ()

O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions)

O4 - HKLM..\Run: [SearchProtectAll] C:\Program Files (x86)\SearchProtect\bin\cltmng.exe File not found

O4 - HKLM..\Run: [StickyNotesWidget] c:\Program Files (x86)\Dell Touch Software Suite\StickyNotes

otes_startup_widgets.exe ()

O4 - HKU\S-1-5-21-4288015834-3235087092-2951226452-1000..\Run: [Adobe CSS5.1 Manager] C:\Users\Marie\AppData\Local\e1a97265-961d-443d-856d-d1f2a6f079f1ad\eaddddfaffad.exe File not found

O4 - HKU\S-1-5-21-4288015834-3235087092-2951226452-1000..\Run: [Dicomp] Rundll32.exe C:\Users\Marie\AppData\Local\Dicomp\gvrrphxe.dll,pwKkYqnXnuMXvTisgHbIfNWrILw File not found

O4 - HKU\S-1-5-21-4288015834-3235087092-2951226452-1000..\Run: [HP Photosmart 5510d series (NET)] C:\Program Files\HP\HP Photosmart 5510d series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)

O4 - HKU\S-1-5-21-4288015834-3235087092-2951226452-1000..\Run: [Internet Security] C:\Users\Marie\AppData\Roaming\mwdefender.exe File not found

O4 - HKU\S-1-5-21-4288015834-3235087092-2951226452-1000..\Run: [SearchProtect] C:\Users\Marie\AppData\Roaming\SearchProtect\bin\cltmng.exe File not found

O4 - Startup: C:\Users\Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk = C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-4288015834-3235087092-2951226452-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-4288015834-3235087092-2951226452-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-4288015834-3235087092-2951226452-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found

O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard)

O9 - Extra 'Tools' menuitem : SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard)

O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)

O13 - gopher Prefix: missing

O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)

O16:64bit: - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)

O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Reg Error: Key error.)

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 10.25.2)

O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 10.25.2)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 71.242.0.12

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E227DA08-1879-48C9-A122-8D53F7695AC7}: DhcpNameServer = 192.168.1.1 71.242.0.12

O18:64bit: - Protocol\Handler\livecall - No CLSID value found

O18:64bit: - Protocol\Handler\ms-help - No CLSID value found

O18:64bit: - Protocol\Handler\msnim - No CLSID value found

O18:64bit: - Protocol\Handler\skype4com - No CLSID value found

O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found

O18:64bit: - Protocol\Handler\wlpg - No CLSID value found

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)

O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)

O20 - Winlogon\Notify\FastAccess: DllName - (C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll) - C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll (Sensible Vision )

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)



========== Files/Folders - Created Within 30 Days ==========



[2013/07/16 00:53:21 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Marie\Desktop\OTL.exe

[2013/07/16 00:49:37 | 000,000,000 | R--D | C] -- C:\Users\Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices

[2013/07/15 17:55:25 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN

[2013/07/15 17:45:10 | 000,000,000 | --SD | C] -- C:\ComboFix

[2013/07/14 12:29:42 | 000,000,000 | ---D | C] -- C:\Users\Marie\Desktop\RK_Quarantine

[2013/07/14 11:12:25 | 000,000,000 | ---D | C] -- C:\Windows\temp

[2013/07/14 11:06:06 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe

[2013/07/14 11:06:06 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe

[2013/07/14 11:06:06 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe

[2013/07/14 11:06:02 | 000,000,000 | ---D | C] -- C:\Qoobox

[2013/07/14 11:04:59 | 005,089,088 | R--- | C] (Swearware) -- C:\Users\Marie\Desktop\ComboFix.exe

[2013/07/14 02:28:48 | 000,688,992 | R--- | C] (Swearware) -- C:\Users\Marie\Desktop\dds.com

[2013/07/14 01:11:35 | 000,000,000 | ---D | C] -- C:\FRST

[2013/07/13 19:30:28 | 000,000,000 | ---D | C] -- C:\Users\Marie\AppData\Roaming\ESET

[2013/07/13 19:30:28 | 000,000,000 | ---D | C] -- C:\Users\Marie\AppData\Local\ESET

[2013/07/13 19:29:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET

[2013/07/13 19:29:31 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET

[2013/07/13 19:29:31 | 000,000,000 | ---D | C] -- C:\Program Files\ESET

[2013/07/13 19:12:43 | 001,415,824 | ---- | C] (ESET) -- C:\Users\Marie\Desktop\eset_smart_security_live_installer.exe

[2013/07/13 15:53:44 | 000,000,000 | ---D | C] -- C:\Windows\erdnt

[2013/07/13 15:42:36 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT

[2013/07/13 15:42:03 | 000,559,441 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Marie\Desktop\JRT.exe

[2013/07/13 13:39:55 | 000,000,000 | ---D | C] -- C:\Users\Marie\AppData\Roaming\Oracle

[2013/07/13 13:39:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java

[2013/07/13 13:38:30 | 000,867,240 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64

pDeployJava1.dll

[2013/07/13 13:38:30 | 000,263,592 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe

[2013/07/13 13:38:27 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

[2013/07/13 13:21:50 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll

[2013/07/13 13:21:50 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll

[2013/07/13 13:21:50 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe

[2013/07/13 13:21:49 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll

[2013/07/13 13:21:49 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys

[2013/07/13 13:21:49 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll

[2013/07/13 13:21:49 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll

[2013/07/13 13:21:49 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll

[2013/07/13 13:21:49 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbGD.sys

[2013/07/13 13:21:49 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys

[2013/07/13 13:21:49 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll

[2013/07/13 13:21:49 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll

[2013/07/13 13:21:48 | 005,773,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll

[2013/07/13 13:21:48 | 004,916,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll

[2013/07/13 13:21:48 | 003,174,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll

[2013/07/13 13:21:48 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe

[2013/07/13 13:21:48 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe

[2013/07/13 13:21:48 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe

[2013/07/13 13:21:48 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll

[2013/07/13 13:21:48 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll

[2013/07/13 13:21:48 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll

[2013/07/13 13:21:48 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll

[2013/07/13 13:21:48 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe

[2013/07/13 13:21:48 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll

[2013/07/13 13:21:48 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll

[2013/07/13 13:17:39 | 001,448,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll

[2013/07/13 13:17:31 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll

[2013/07/13 13:17:31 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll

[2013/07/13 12:12:20 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll

[2013/07/13 12:12:19 | 001,887,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL

[2013/07/13 12:12:19 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll

[2013/07/13 12:12:18 | 001,620,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL

[2013/07/13 12:09:56 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll

[2013/07/12 21:57:33 | 000,000,000 | ---D | C] -- C:\Users\Marie\Documents\logs

[2013/07/12 21:53:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner

[2013/07/12 21:53:07 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner

[2013/07/12 19:45:39 | 000,000,000 | ---D | C] -- C:\Users\Marie\AppData\Roaming\Malwarebytes

[2013/07/12 19:45:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2013/07/12 19:45:29 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2013/07/12 19:45:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2013/07/12 19:45:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2013/07/12 19:45:11 | 000,000,000 | ---D | C] -- C:\Users\Marie\AppData\Local\Programs

[2013/07/12 19:16:44 | 000,000,000 | ---D | C] -- C:\Windows\pss

[2013/07/11 11:56:40 | 000,000,000 | ---D | C] -- C:\e345a226bb5e9544e304a08e

[2013/07/11 03:08:16 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll

[2013/07/11 03:08:16 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll

[2013/07/11 03:08:15 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll

[2013/07/11 03:08:15 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll

[2013/07/11 03:08:15 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe

[2013/07/11 03:08:15 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe

[2013/07/11 03:08:15 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll

[2013/07/11 03:08:15 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll

[2013/07/11 03:08:15 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe

[2013/07/11 03:08:15 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll

[2013/07/11 03:08:15 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll

[2013/07/11 03:08:14 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll

[2013/07/11 03:08:14 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll

[2013/07/11 03:08:14 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll

[2013/07/11 03:08:13 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll

[2013/07/08 22:19:43 | 000,000,000 | ---D | C] -- C:\Users\Marie\AppData\Local\e1a97265-961d-443d-856d-d1f2a6f079f1ad

[2013/07/02 13:15:49 | 000,000,000 | ---D | C] -- C:\Users\Marie\AppData\Local\Dicomp



========== Files - Modified Within 30 Days ==========



[2013/07/16 00:57:33 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2013/07/16 00:57:33 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2013/07/16 00:56:12 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2013/07/16 00:54:08 | 000,779,724 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2013/07/16 00:54:08 | 000,660,520 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2013/07/16 00:54:08 | 000,121,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2013/07/16 00:53:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Marie\Desktop\OTL.exe

[2013/07/16 00:49:33 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2013/07/16 00:49:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2013/07/16 00:49:17 | 3146,592,256 | -HS- | M] () -- C:\hiberfil.sys

[2013/07/15 18:03:39 | 524,401,171 | ---- | M] () -- C:\Windows\MEMORY.DMP

[2013/07/15 18:00:09 | 000,377,856 | ---- | M] () -- C:\Users\Marie\Desktop\olrzsdym.exe

[2013/07/15 17:40:30 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2013/07/15 17:33:02 | 005,089,088 | R--- | M] (Swearware) -- C:\Users\Marie\Desktop\ComboFix.exe

[2013/07/14 20:01:00 | 000,000,256 | ---- | M] () -- C:\Windows\tasks\HP Photo Creations Messager.job

[2013/07/14 12:29:17 | 003,775,488 | ---- | M] () -- C:\Users\Marie\Desktop\RogueKillerX64.exe

[2013/07/14 02:28:49 | 000,688,992 | R--- | M] (Swearware) -- C:\Users\Marie\Desktop\dds.com

[2013/07/13 19:12:43 | 001,415,824 | ---- | M] (ESET) -- C:\Users\Marie\Desktop\eset_smart_security_live_installer.exe

[2013/07/13 15:58:43 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts

[2013/07/13 15:42:03 | 000,559,441 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Marie\Desktop\JRT.exe

[2013/07/13 15:39:14 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe

[2013/07/13 15:39:14 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

[2013/07/13 15:35:02 | 000,662,345 | ---- | M] () -- C:\Users\Marie\Desktop\AdwCleaner.exe

[2013/07/13 13:38:20 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

[2013/07/13 13:38:16 | 000,263,592 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe

[2013/07/13 13:38:16 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe

[2013/07/13 13:38:16 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe

[2013/07/13 13:38:15 | 000,867,240 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64

pDeployJava1.dll

[2013/07/13 13:38:15 | 000,789,416 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll

[2013/07/13 13:24:24 | 000,524,520 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2013/07/12 21:53:10 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk

[2013/07/12 19:45:30 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2013/07/08 22:19:22 | 000,000,796 | ---- | M] () -- C:\Users\Marie\Desktop\Internet Security PRO.lnk

[2013/07/03 21:39:22 | 000,000,258 | RHS- | M] () -- C:\Users\Marie

tuser.pol

[2013/07/02 03:04:01 | 000,773,448 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2013/06/20 16:14:09 | 000,892,928 | ---- | M] () -- C:\Users\Marie\Documents\DonationList19.accdb

[2013/06/20 15:20:27 | 000,548,864 | ---- | M] () -- C:\Users\Marie\Documents\J-Marie-18-1.accdb

[2013/06/20 15:19:51 | 000,548,864 | ---- | M] () -- C:\Users\Marie\Documents\DonationsList18_Backup.accdb

[2013/06/20 15:18:09 | 000,987,136 | ---- | M] () -- C:\Users\Marie\Documents\DonationsList18.accdb

[2013/06/20 15:17:44 | 000,491,520 | ---- | M] () -- C:\Users\Marie\Documents\DonationsList19-3.accdb

[2013/06/20 15:17:39 | 000,507,904 | ---- | M] () -- C:\Users\Marie\Documents\DonationsList181.accdb

[2013/06/20 15:17:33 | 000,458,752 | ---- | M] () -- C:\Users\Marie\Documents\DonationTable17.accdb

[2013/06/20 15:17:29 | 000,425,984 | ---- | M] () -- C:\Users\Marie\Documents\DonationTable171.accdb

[2013/06/20 15:17:22 | 000,487,424 | ---- | M] () -- C:\Users\Marie\Documents\Donor Information.accdb

[2013/06/20 15:16:19 | 000,487,424 | ---- | M] () -- C:\Users\Marie\Documents\Donations193.accdb

[2013/06/19 21:09:02 | 000,487,424 | ---- | M] () -- C:\Users\Marie\Documents\Kizina_S_18-1.DonationsList18.accdb

[2013/06/19 20:54:35 | 000,491,520 | ---- | M] () -- C:\Users\Marie\Documents\Donations192.accdb

[2013/06/19 20:54:31 | 000,491,520 | ---- | M] () -- C:\Users\Marie\Documents\Donations191.accdb

[2013/06/19 20:53:16 | 000,446,464 | ---- | M] () -- C:\Users\Marie\Documents\Donation11.accdb

[2013/06/19 20:52:53 | 000,446,464 | ---- | M] () -- C:\Users\Marie\Documents\Donation1.accdb



========== Files Created - No Company Name ==========



[2013/07/15 18:03:39 | 524,401,171 | ---- | C] () -- C:\Windows\MEMORY.DMP

[2013/07/15 18:00:09 | 000,377,856 | ---- | C] () -- C:\Users\Marie\Desktop\olrzsdym.exe

[2013/07/15 17:25:46 | 000,001,103 | ---- | C] () -- C:\Users\Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk

[2013/07/14 12:29:17 | 003,775,488 | ---- | C] () -- C:\Users\Marie\Desktop\RogueKillerX64.exe

[2013/07/14 11:06:06 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe

[2013/07/14 11:06:06 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe

[2013/07/14 11:06:06 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe

[2013/07/14 11:06:06 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe

[2013/07/14 11:06:06 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe

[2013/07/13 15:35:02 | 000,662,345 | ---- | C] () -- C:\Users\Marie\Desktop\AdwCleaner.exe

[2013/07/12 21:53:10 | 000,000,824 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk

[2013/07/12 19:45:30 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2013/07/08 22:19:22 | 000,000,796 | ---- | C] () -- C:\Users\Marie\Desktop\Internet Security PRO.lnk

[2013/06/20 15:20:17 | 000,548,864 | ---- | C] () -- C:\Users\Marie\Documents\J-Marie-18-1.accdb

[2013/05/12 18:37:11 | 000,004,096 | -H-- | C] () -- C:\Users\Marie\AppData\Local\keyfile3.drm

[2013/04/08 21:32:58 | 000,000,258 | RHS- | C] () -- C:\Users\Marie

tuser.pol

[2012/12/14 02:42:30 | 000,963,452 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin

[2012/12/14 02:42:30 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll

[2012/12/14 02:42:28 | 000,272,928 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin

[2012/04/29 08:54:15 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini

[2012/02/28 21:49:43 | 000,000,126 | ---- | C] () -- C:\Windows\QUICKEN.INI

[2012/01/08 12:57:14 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin

[2012/01/08 12:57:13 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin

[2012/01/08 12:57:11 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin

[2011/08/19 13:34:44 | 000,089,584 | ---- | C] () -- C:\Windows\SysWow64\FAIEExtension.dll

[2011/08/19 13:34:32 | 000,059,888 | ---- | C] () -- C:\Windows\SysWow64\FAib.dll

[2011/08/19 13:34:22 | 000,251,888 | ---- | C] () -- C:\Windows\SysWow64\FACrashRpt.dll



========== ZeroAccess Check ==========



[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini



[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64



[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]



[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64



[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]



[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

"" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 01:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment



[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 00:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment



[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free



[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free



[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both



[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]



========== Files - Unicode (All) ==========

[2012/05/12 12:18:59 | 000,000,040 | ---- | M] ()(C:\Windows\SysNative\?¾) -- C:\Windows\SysNative\�¾

[2012/05/12 12:18:59 | 000,000,040 | ---- | C] ()(C:\Windows\SysNative\?¾) -- C:\Windows\SysNative\�¾



========== Alternate Data Streams ==========



@Alternate Data Stream - 147 bytes -> C:\ProgramData\Temp:EEB83FCA

< End of report >

Extras.txt

OTL Extras logfile created on: 7/16/2013 12:54:21 AM - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Marie\Desktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.10.9200.16635)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy



3.91 Gb Total Physical Memory | 2.14 Gb Available Physical Memory | 54.78% Memory free

7.81 Gb Paging File | 5.72 Gb Available in Paging File | 73.27% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]



%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 452.47 Gb Total Space | 396.53 Gb Free Space | 87.63% Space Free | Partition Type: NTFS

Drive D: | 37.73 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS



Computer Name: MARIE-PC | User Name: Marie | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days



========== Extra Registry (SafeList) ==========





========== File Associations ==========



64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)



[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)



========== Shell Spawning ==========



64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)

http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [Browse with Corel PaintShop Pro X4] -- "C:\Program Files (x86)\Corel\Corel PaintShop Pro X4\Corel PaintShop Pro.exe" "%L" (Corel, Inc.)

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)



[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [Browse with Corel PaintShop Pro X4] -- "C:\Program Files (x86)\Corel\Corel PaintShop Pro X4\Corel PaintShop Pro.exe" "%L" (Corel, Inc.)

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.



========== Security Center Settings ==========



64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

"FirewallDisableNotify" = 0

"AntiVirusDisableNotify" = 0

"UpdatesDisableNotify" = 0



64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]



64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0



64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]



[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]



[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]



========== System Restore Settings ==========



[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0



========== Firewall Settings ==========



64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]



64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]



64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]



[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]



[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]



[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]



[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0



[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0



[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]



[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0



========== Authorized Applications List ==========



[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]



[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]





========== Vista Active Open Ports Exception List ==========



[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{01ADCA42-0744-41C7-8916-5918E9C327F7}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\atheros direct connect\p2puimain.exe |

"{06BB7BE3-2BA5-439D-ABB7-D44127751568}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{07EB011A-9475-4B53-9E1B-4C67827AF5F8}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{11778DF5-2AC5-4C9E-88B7-932C25F51AB1}" = rport=10243 | protocol=6 | dir=out | app=system |

"{33B44C8A-220A-4D83-ADD8-C5197491E790}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

"{3546803A-8731-4E59-86EF-7783A6A82F25}" = lport=445 | protocol=6 | dir=in | app=system |

"{3C4AED97-5103-4775-B6BF-27E99B17C295}" = lport=9700 | protocol=17 | dir=in | name=syncup_udp_9700 |

"{3CA12796-6F55-495B-B798-F285C7A3D88E}" = lport=137 | protocol=17 | dir=in | app=system |

"{4E19F38E-8AF2-4612-9E8A-5ADB3F96CC3C}" = rport=138 | protocol=17 | dir=out | app=system |

"{5CBEDCD0-14A9-4BF0-808E-F3428E4C1526}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{5F6AD41A-BBF1-4219-9A82-AB7014C68B9F}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

"{61C21912-C562-4FDE-8BA4-044C9DF304D6}" = lport=9701 | protocol=6 | dir=in | name=syncup_tcp_9701 |

"{62453A46-8D7E-4788-84B5-55F387243992}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{6A0213A2-BC41-4D31-8081-658A26D3B187}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{6E8EA796-C00F-40AA-905B-EF7649F99CDD}" = rport=445 | protocol=6 | dir=out | app=system |

"{747904F4-C43A-40DC-8741-E1BAAB4E5F0C}" = lport=9700 | protocol=6 | dir=in | name=syncup_tcp_9700 |

"{74EEC510-F8AB-4EE2-8AA8-1AB5F50A5CC3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{796F21D3-A396-4000-BCFC-F2E0B5DEF38A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{994C639A-1A0A-4347-B657-9482D00BE10E}" = lport=9702 | protocol=6 | dir=in | name=syncup_tcp_9702 |

"{9DD28DE3-60BE-404F-BA9E-5D5856F98349}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{A356D9D9-57A4-47C7-A944-A8D345188EF5}" = lport=53 | protocol=17 | dir=in | app=c:\program files (x86)\atheros direct connect\dcdhcpservice.exe |

"{A8529066-5E81-43D7-9A2D-131DE1F85383}" = rport=137 | protocol=17 | dir=out | app=system |

"{A993BC22-8FCD-40E9-98F3-A31D67B6F300}" = rport=139 | protocol=6 | dir=out | app=system |

"{C4A11122-9369-487C-BA4B-84827C8ECED1}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |

"{C8BF230D-A617-4DFC-9645-AB3A0CF26807}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |

"{E95D9C26-CD48-40BC-98A0-0EF073C373BE}" = lport=139 | protocol=6 | dir=in | app=system |

"{F3EFC43F-0307-4F34-A3FF-55D12000DCB4}" = lport=138 | protocol=17 | dir=in | app=system |

"{F63AD91D-B51F-434B-B2A9-9CC885B36F78}" = lport=2869 | protocol=6 | dir=in | app=system |

"{FAF5600C-D25D-4DF4-8F9C-15B4C9202A59}" = lport=10243 | protocol=6 | dir=in | app=system |

"{FB7A402F-C70E-42B2-AC66-78CD6B1D0B5A}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |



========== Vista Active Application Exception List ==========



[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{03C70931-1771-449F-B4CD-9219AA9F2F51}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{1210B1B7-6855-43D8-A0F7-673C37CAB39F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{17953DD0-A295-4C67-A0EE-C5B7D1D0C0BB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{2458AEAB-D866-4116-B854-DD7E71514C40}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{264C654A-D23A-4BD9-94F1-85D8F3FC8229}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{309B7DEB-B265-4C31-941A-9D41467CC011}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |

"{36AF1D38-D130-4391-81BF-072025C35F63}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{418AFA0E-CBF2-4E11-8319-CBA5AC2D2BAA}" = dir=in | app=c:\program files\hp\hp photosmart 5510d series\bin\devicesetup.exe |

"{4676093D-DDED-435B-B98F-FEC2CCEE7082}" = dir=in | app=c:\program files (x86)\dell\videostage\videostage.exe |

"{4EA5A4A5-97FA-4298-A574-5278AB75A823}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{4FF38AEF-75BE-4D4C-B891-E9D20998670F}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{5788068E-F862-4EFB-845B-ADA803F5883F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{5ED0F5BF-2B3D-4F3E-A67D-B252269B58EF}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |

"{65BAFD73-9AD1-432A-8109-689D6201AD1E}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |

"{729F3F3F-97C8-4749-861B-819E1C2AD933}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |

"{775A58EA-57CB-4E5E-86BA-A7B69EE5376D}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{7FA511F3-B4DD-45FE-9717-AB992F2E67F9}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |

"{8B304447-163B-49F4-9CD9-591098807849}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{A4644455-B39C-48FC-AE00-027120B86667}" = protocol=6 | dir=out | app=system |

"{B6F55BD9-1554-408C-B2D8-732E407395DA}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |

"{B9636234-B3DA-40F0-8712-48AACF45FC59}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |

"{CBB44272-8FC5-41F0-A63E-4C03E3AFC2BE}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |

"{CC74E68A-4F1C-4A51-9DFD-63E863B22898}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{CE21B99E-61E9-450B-A6A8-4863A06B0EBA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{CE700E06-ACF7-4B0A-85F8-A17D9E33809F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |

"{CFD96470-78E7-4C4A-BF9F-9CCCCFEC2F00}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |

"{DFE7026D-9DD9-497E-9AAC-0298D526585A}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |

"{E496493F-405B-4CC0-A346-FA5F7AE82CDC}" = dir=in | app=c:\program files\hp\hp photosmart 5510d series\bin\hpnetworkcommunicator.exe |

"{EEE31861-4FA7-422E-A12E-4628AE3B48F6}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |

"{F206D9D4-0A26-47A5-AD14-AF1879FE45B2}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |



========== HKEY_LOCAL_MACHINE Uninstall List ==========



64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0015DE8E-8D9F-403E-8E5A-4098410E6125}" = PSPPro64

"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant

"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Bluetooth Win7 Suite (64)

"{26A24AE4-039D-4CA4-87B4-2F86416027FF}" = Java 6 Update 27 (64-bit)

"{4A18C875-B374-4868-B7EA-06CF2DD59FCC}" = ESET Smart Security

"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup

"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources

"{6ACE7F46-FACE-4125-AE86-672F4F2A6A28}" = Bing Maps 3D

"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended

"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer

"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010

"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010

"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010

"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst

"{B132D631-AD31-41C1-BC8A-9715104C633F}" = Face Recognition

"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector

"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter

"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client

"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service

"{F26D0153-CD17-4662-8592-DD98498DE6E4}" = HP Photosmart 5510d series Basic Device Software

"{F5551626-0E88-4399-A32D-2F6115CCDD92}" = HP Photosmart 5510d series Product Improvement Study

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"CCleaner" = CCleaner

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended

"MyPC Backup" = MyPC Backup



[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"_{00580795-581C-4587-B9F2-37320D7AB37F}" = Corel PaintShop Pro X4

"{00580795-581C-4587-B9F2-37320D7AB37F}" = ICA

"{006CAAEF-CA96-4181-AC22-FE56D61432E4}" = PSPPContent

"{00AE1A2D-7BC2-4359-A0EC-E19F36E391BB}" = Corel PaintShop Pro X4

"{00BEE329-BAAB-49FF-9B66-55E4B12B9ADD}" = IPM_PSP_COM

"{00D13418-7DDF-4D3D-A237-E297B103BB6B}" = Setup

"{00D74A7A-F7AD-4D00-ABD2-0973836292C7}" = PSPPHelp

"{01070EBF-D92B-4E09-8A5C-F33CE8B9D9D5}" = Blio

"{0A1E0BDA-5E8F-436d-8BE5-7E97C5CB899D}" = Quicken 2012

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0D98F04D-11A1-4B64-A406-43292B9EEE90}" = Dell PhotoStage

"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup

"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer

"{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}" = iSEEK AnswerWorks English Runtime

"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319

"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{21DD6041-7251-40FA-9D06-C5EB30268E0F}" = Atheros Direct Connect

"{21FCA2E1-6E2A-4B16-9B4F-D515B4E930B2}" = TURBOFloorPlan3D Home & Landscape Deluxe

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer

"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback

"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10

"{25015AF4-F435-4605-A06F-BA91C0BF6087}" = Serif CraftArtist Scrapbooks Collection

"{26A24AE4-039D-4CA4-87B4-2F83216027FF}" = Java 6 Update 27

"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25

"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Dell Bluetooth Installation

"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections

"{3250260C-7A95-4632-893B-89657EB5545B}" = PhotoShowExpress

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery

"{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}" = Microsoft XNA Framework Redistributable 3.0

"{40F06490-8C14-43AA-99D3-EEEFDBAC3CFC}" = SyncUP

"{415FA9AD-DA10-4ABE-97B6-5051D4795C90}" = HP FWUpdateEDO2

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4A5667B2-5D13-46C2-85B5-9D46A6096F61}" = Secure Download Manager

"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)

"{55586382-6704-4237-AAA7-85FF9C055022}" = Dell KM632 Wireless Keyboard Caps Lock Indicator

"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack

"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack

"{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}" = Bing Rewards Client Installer

"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components

"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update

"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10

"{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}" = Roxio Creator Starter

"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.0.0

"{6FB3428E-23AA-4CA1-BA9D-E6D5F3F692E4}" = Dell Touch Software Suite Games

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{72BF1DA0-2B00-4794-9173-159722019B74}" = CyberLink YouPaint

"{7746BFAA-2B5D-4FFD-A0E8-4558F4668105}" = Roxio Burn

"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide

"{7EC66A95-AC2D-4127-940B-0445A526AB2F}" = Dell DataSafe Online

"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger

"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform

"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert

"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{8FF90DB8-6DED-44A3-B182-244FEC09012F}" = Microsoft Touch Pack for Windows 7

"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010

"{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010

"{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010

"{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010

"{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010

"{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010

"{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010

"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010

"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010

"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUSR_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-002A-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010

"{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010

"{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010

"{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010

"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010

"{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010

"{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0116-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010

"{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English

"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010

"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{91AF2672-F5BC-42CF-8037-A9D2F92BBCC0}" = Dell MusicStage

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010

"{97486FBE-A3FC-4783-8D55-EA37E9D171CC}" = HP Update

"{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Sonic CinePlayer Decoder Pack

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh

"{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module

"{A436F67F-687E-4736-BD2B-537121A804CF}" = HP Product Detection

"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer

"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)

"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime

"{AFA1FCA1-626E-403C-9BCA-968FECB62C4D}" = CIR Registry

"{AFC08A81-D3C5-46F4-8F08-876E4BA606EA}" = Dell Digital Delivery

"{B0789AE7-70D4-454A-90D1-5BA5728E254A}" = StickyNotes

"{B0F29C6D-C7A9-40AC-9658-921961818E2B}" = DELLOSD

"{C1B148C9-FACF-45F1-8356-4E1C5E3DAA5B}" = Serif CraftArtist

"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail

"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64

"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{D92C9CCE-E5F0-4125-977A-0590F3225B74}" = SyncUP

"{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage

"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources

"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E4335E82-17B3-460F-9E70-39D9BC269DB3}" = Dell PhotoStage

"{E59ADA18-03DB-44F5-9EF5-0FA25E4D4384}" = HP Photosmart 5510d series Help

"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger

"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10

"{EF56258E-0326-48C5-A86C-3BAC26FC15DF}" = Roxio Creator Starter

"{F06B5C4C-8D2E-4B24-9D43-7A45EEC6C878}" = Roxio Creator Starter

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F47C37A4-7189-430A-B81D-739FF8A7A554}" = Consumer In-Home Service Agreement

"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic

"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials

"{FE182796-F6BA-486A-8590-89B7E8D1D60F}" = Dell Stage

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Advanced Audio FX Engine" = Advanced Audio FX Engine

"Cook'n for PC" = Cook'n for PC

"Dell Webcam Central" = Dell Webcam Central

"HP Photo Creations" = HP Photo Creations

"InstallShield_{21FCA2E1-6E2A-4B16-9B4F-D515B4E930B2}" = TURBOFloorPlan3D Home & Landscape Deluxe

"InstallShield_{72BF1DA0-2B00-4794-9173-159722019B74}" = CyberLink YouPaint

"InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300

"Monopoly" = Monopoly (remove only)

"Office14.Click2Run" = Microsoft Office Click-to-Run 2010

"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010

"Operation Mania" = Operation Mania (remove only)

"WinLiveSuite" = Windows Live Essentials



========== Last 20 Event Log Errors ==========



[ Application Events ]

Error - 7/15/2013 5:28:48 PM | Computer Name = Marie-PC | Source = WinMgmt | ID = 10

Description =



Error - 7/15/2013 5:31:30 PM | Computer Name = Marie-PC | Source = TOASTER.EXE | ID = 0

Description = An Unhandled Exception occured. Width and Height must be non-negative.

at System.Windows.Rect..ctor(Double x, Double y, Double width, Double height)

at Toaster.Core.AppBarFunctions.ABSetPos(ABEdge edge, Window appbarWindow)

at Toaster.Core.AppBarFunctions.RegisterInfo.WndProc(IntPtr hwnd, Int32 msg, IntPtr

wParam, IntPtr lParam, Boolean& handled) at System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr

hwnd, Int32 msg, IntPtr wParam, IntPtr lParam, Boolean& handled) at MS.Win32.HwndWrapper.WndProc(IntPtr

hwnd, Int32 msg, IntPtr wParam, IntPtr lParam, Boolean& handled) at MS.Win32.HwndSubclass.DispatcherCallbackOperation(Object

o) at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback,

Object args, Boolean isSingleParameter) at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object

source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler)



Error - 7/15/2013 5:33:18 PM | Computer Name = Marie-PC | Source = Application Error | ID = 1000

Description = Faulting application name: MediaButtons.exe, version: 1.0.0.9, time

stamp: 0x4de72d6c Faulting module name: MediaButtons.exe, version: 1.0.0.9, time

stamp: 0x4de72d6c Exception code: 0xc0000005 Fault offset: 0x00001355 Faulting process

id: 0x1610 Faulting application start time: 0x01ce81a258c8be47 Faulting application

path: C:\Program Files (x86)\DELL\DELLOSD\MediaButtons.exe Faulting module path:

C:\Program Files (x86)\DELL\DELLOSD\MediaButtons.exe Report Id: 29f47ef9-ed96-11e2-9b57-e4d53d76ff90



Error - 7/15/2013 5:39:08 PM | Computer Name = Marie-PC | Source = CVHSVC | ID = 100

Description = Information only. (Patch task for {90140011-0066-0409-0000-0000000FF1CE}):

DownloadLatest Failed: The server name or address could not be resolved



Error - 7/15/2013 5:55:30 PM | Computer Name = Marie-PC | Source = WinMgmt | ID = 10

Description =



Error - 7/15/2013 5:57:19 PM | Computer Name = Marie-PC | Source = TOASTER.EXE | ID = 0

Description = An Unhandled Exception occured. Width and Height must be non-negative.

at System.Windows.Rect..ctor(Double x, Double y, Double width, Double height)

at Toaster.Core.AppBarFunctions.ABSetPos(ABEdge edge, Window appbarWindow)

at Toaster.Core.AppBarFunctions.RegisterInfo.WndProc(IntPtr hwnd, Int32 msg, IntPtr

wParam, IntPtr lParam, Boolean& handled) at System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr

hwnd, Int32 msg, IntPtr wParam, IntPtr lParam, Boolean& handled) at MS.Win32.HwndWrapper.WndProc(IntPtr

hwnd, Int32 msg, IntPtr wParam, IntPtr lParam, Boolean& handled) at MS.Win32.HwndSubclass.DispatcherCallbackOperation(Object

o) at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback,

Object args, Boolean isSingleParameter) at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object

source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler)



Error - 7/15/2013 6:04:15 PM | Computer Name = Marie-PC | Source = WinMgmt | ID = 10

Description =



Error - 7/16/2013 12:50:03 AM | Computer Name = Marie-PC | Source = WinMgmt | ID = 10

Description =



Error - 7/16/2013 12:51:54 AM | Computer Name = Marie-PC | Source = Application Hang | ID = 1002

Description = The program iexplore.exe version 10.0.9200.16635 stopped interacting

with Windows and was closed. To see if more information about the problem is available,

check the problem history in the Action Center control panel. Process ID: fb0 Start

Time: 01ce81dfe82e9f18 Termination Time: 70 Application Path: C:\Program Files\Internet

Explorer\iexplore.exe Report Id: 55893383-edd3-11e2-9b35-e4d53d76ff90



Error - 7/16/2013 12:53:46 AM | Computer Name = Marie-PC | Source = TOASTER.EXE | ID = 0

Description = An Unhandled Exception occured. Width and Height must be non-negative.

at System.Windows.Rect..ctor(Double x, Double y, Double width, Double height)

at Toaster.Core.AppBarFunctions.ABSetPos(ABEdge edge, Window appbarWindow)

at Toaster.Core.AppBarFunctions.RegisterInfo.WndProc(IntPtr hwnd, Int32 msg, IntPtr

wParam, IntPtr lParam, Boolean& handled) at System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr

hwnd, Int32 msg, IntPtr wParam, IntPtr lParam, Boolean& handled) at MS.Win32.HwndWrapper.WndProc(IntPtr

hwnd, Int32 msg, IntPtr wParam, IntPtr lParam, Boolean& handled) at MS.Win32.HwndSubclass.DispatcherCallbackOperation(Object

o) at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback,

Object args, Boolean isSingleParameter) at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object

source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler)



[ System Events ]

Error - 7/15/2013 5:56:14 PM | Computer Name = Marie-PC | Source = DCOM | ID = 10016

Description =



Error - 7/15/2013 5:56:29 PM | Computer Name = Marie-PC | Source = Service Control Manager | ID = 7011

Description = A timeout (30000 milliseconds) was reached while waiting for a transaction

response from the SftService service.



Error - 7/15/2013 5:57:41 PM | Computer Name = Marie-PC | Source = Service Control Manager | ID = 7034

Description = The Dell Digital Delivery Service service terminated unexpectedly.

It has done this 1 time(s).



Error - 7/15/2013 6:03:43 PM | Computer Name = Marie-PC | Source = EventLog | ID = 6008

Description = The previous system shutdown at 6:00:03 PM on ?7/?15/?2013 was unexpected.



Error - 7/15/2013 6:03:51 PM | Computer Name = Marie-PC | Source = BugCheck | ID = 1001

Description =



Error - 7/15/2013 6:04:33 PM | Computer Name = Marie-PC | Source = Service Control Manager | ID = 7011

Description = A timeout (30000 milliseconds) was reached while waiting for a transaction

response from the SftService service.



Error - 7/15/2013 6:04:56 PM | Computer Name = Marie-PC | Source = DCOM | ID = 10016

Description =



Error - 7/15/2013 6:06:36 PM | Computer Name = Marie-PC | Source = Service Control Manager | ID = 7034

Description = The Dell Digital Delivery Service service terminated unexpectedly.

It has done this 1 time(s).



Error - 7/16/2013 12:50:28 AM | Computer Name = Marie-PC | Source = DCOM | ID = 10016

Description =



Error - 7/16/2013 12:52:30 AM | Computer Name = Marie-PC | Source = Service Control Manager | ID = 7034

Description = The Dell Digital Delivery Service service terminated unexpectedly.

It has done this 1 time(s).





< End of report >

Edited by RS4, 16 July 2013 - 12:09 AM.