Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Blue Screen Twice in the last 4 Days

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Blue Screen Twice in the last 4 Days

Unread postby lehbird » October 10th, 2014, 7:36 pm

Hello:

I have had the "Blue Screen" twice in the last 4 days. My computer generally functions, but is running very , very slow from time to time.

Below are my logs.

Thanks,

Dave


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume3
Install Date: 8/3/2013 9:03:33 AM
System Uptime: 10/10/2014 6:17:24 PM (1 hours ago)
.
Motherboard: Gateway | | DX4870
Processor: Intel(R) Core(TM) i5-2320 CPU @ 3.00GHz | SOCKET 0 | 1890/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 903 GiB total, 604.175 GiB free.
D: is FIXED (NTFS) - 149 GiB total, 32.445 GiB free.
E: is CDROM ()
F: is Removable
H: is FIXED (FAT32) - 466 GiB total, 275.514 GiB free.
I: is FIXED (NTFS) - 466 GiB total, 0.001 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: SBRE
Device ID: ROOT\LEGACY_SBRE\0000
Manufacturer:
Name: SBRE
PNP Device ID: ROOT\LEGACY_SBRE\0000
Service: SBRE
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
727-100 Base Pack 2.3
727 Freighter Expansion Model 2.3
767 Captain FREE DEMO
777 'The Modern Airliner Collection'
AccelerateTab
Active Sky Next for FSX
Adobe AIR
Adobe Flash Player 15 ActiveX
Adobe Flash Player 15 Plugin
Adobe Reader XI (11.0.08)
Aerosoft's - Airbus X Extended - FSX
Aerosoft's - DHC-6 Twin Otter X
aerosoft's - USCitiesX - Cleveland
Airbus Series Vol.2 (FS X)
Amazon Cloud Player
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArtistScope Plugin FX
B200 King Air HD SERIES FSX/P3D
Best Buy pc app
Bonjour
C-130 X-perience Pro Pack 1.3
C185 SKYWAGON FSX
C185F SKYWAGON BUSH FSX
C90B King Air HD SERIES FSX/P3D
Carbonite
Carenado C208B Grand Caravan FSX/P3D
Carenado C340 II FSX/P3D
Carenado Mooney M20J FSX
Carenado PA34 200T SENECA II FSX
Citation X (FSX)
Citrix Online Launcher
CLOUD9 Orlando FSX 1.01
Compatibility Pack for the 2007 Office system
Creative System Information
CyberLink PhotoNow
CyberLink PowerDirector
CyberLink PowerDVD 10
D3DX10
DC-8 Jetliner Series 50 to 70
E-Jets v2 World Airliners 1 (v1.1b025)
EFASS - Electronic Flight Assistant version 1.0.1714.5921
ERJ145LR American Eagle (v1.02)
Evernote v. 4.5.2
EZ Scenery Library
EZdok Camera for Microsoft Flight Simulator X
FeelThere E-Jets v.2 SP1
FeelThere ERJ v.2 SP2
Flight 1 Software Cessna 441fsx - Conquest II 2.3
Flight One Software Pilatus PC-12 fsx
Fly the MADDOG 2008
Fooz Kids
Fooz Kids Platform
FS Cabin Crew
FS Cabin Crew English Pack
FS Economy client for FSX
FSD Pilatus Porter Amphibian V2 for FS X
FSD Pilatus Porter Landplane V2 for FS X
FSD Piper Navajo V2 for FS X
FSDreamTeam Fort Lauderdale-Hollywood FSX
FSDreamTeam GSX 1.7.9.8
FSEconomy Scenery Updater Client for FSX
FSFDT FSCopilot
FSFDT FSInn
FSX Fiber Accelerator Demo
Galerie de photos Windows Live
Galería fotográfica de Windows Live
GameRanger
Gateway Recovery Management
Gateway Registration
Gateway ScreenSaver
Gateway Updater
Google Chrome
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
Ground Environment X North America
Hotkey Utility
HP LaserJet Pro MFP M127-M128
HP LaserJet Pro MFP M127-M128 Fax
HP LaserJet Pro MFP M127-M128 Fax Driver
HP LaserJet Pro MFP M127-M128 HP Device Toolbox
HP LJ M127128 Scan HP Scan
HP Product FWUpdater
HP Unified IO
HP Update
hpbDSService
hpbM128DSService
HPDXP
HPLJDXPHelper
HPLJProMFPM127M128
HPLJUTCore
HPLJUTM127_128
hppLaserJetService
hppM125LaserJetService
hpStatusAlerts
hpStatusAlertsM127-M128
iCloud
Identity Card
inSSIDer Home
Intel(R) Control Center
Intel(R) Management Engine Components
Intel(R) Rapid Storage Technology
Intel(R) USB 3.0 eXtensible Host Controller Driver
Intel® Trusted Connect Service Client
Internet Explorer (Enable DEP)
IObit Apps Toolbar v9.8
iSEEK AnswerWorks English Runtime
iTunes
Junk Mail filter update
kACARS_Free
Latin VFR MKJP FSX
LatinVFR Cayman Islands for FSX
Legacy 'The Luxury Aircraft Collection'
Level-D 767-300 for FSX
LJDXPHelperUI
Majestic MJC8Q400
MegaSceneryEarth Pennsylvania 001 2.00
MegaSceneryEarth Pennsylvania 002 2.00
MegaSceneryEarth Pennsylvania 003 2.00
MegaSceneryEarth Pennsylvania 004 2.00
MegaSceneryEarth Pennsylvania 005 2.00
MegaSceneryEarth Pennsylvania 006 2.00
MegaSceneryEarth Pennsylvania 007 2.00
MegaSceneryEarth Pennsylvania 008 2.00
MegaSceneryEarth Pennsylvania 009 2.00
MegaSceneryEarth Pennsylvania 010 2.00
MegaSceneryEarth Pennsylvania 011 2.00
MegaSceneryEarth Pennsylvania 012 2.00
MegaSceneryEarth Pennsylvania 013 2.00
MegaSceneryEarth Pennsylvania 014 2.00
MegaSceneryEarth Pennsylvania 015 2.00
MegaSceneryEarth Pennsylvania 016 2.00
MegaSceneryEarth Pennsylvania 017 2.00
MegaSceneryEarth Philadelphia Ultra Res 001 2.0
MegaSceneryEarth Philadelphia Ultra Res 002 2.0
MegaSceneryEarth Philadelphia Ultra Res 003 2.0
MegaSceneryEarth Philadelphia Ultra Res 004 2.0
MegaSceneryEarth Philadelphia Ultra Res 005 2.0
MegaSceneryEarth Philadelphia Ultra Res 006 2.0
MegaSceneryEarth Philadelphia Ultra Res 007 2.0
MegaSceneryEarth Philadelphia Ultra Res 008 2.0
MegaSceneryEarth Philadelphia Ultra Res 009 2.0
MegaSceneryEarth Philadelphia Ultra Res 010 2.0
MegaSceneryEarth Philadelphia Ultra Res 011 2.0
MegaSceneryX Las Vegas
Mesh Runtime
MetroAir ACARS 1.3.0.0
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft Flight Simulator SimConnect Client v10.0.61259.0
Microsoft Flight Simulator X
Microsoft Flight Simulator X Service Pack 1
Microsoft Flight Simulator X Service Pack 2
Microsoft Links 2003
Microsoft Office 2010
Microsoft Office Excel Viewer
Microsoft Office Word Viewer 2003
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2012 Express LocalDB
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Mozilla Firefox 32.0.3 (x86 en-US)
Mozilla Maintenance Service
Mozilla Thunderbird 24.6.0 (x86 en-US)
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
Navigraph FMS Data Manager 1.0.11.0603
Nero BackItUp 10
Nero BackItUp 10 Help (CHM)
Nero Control Center 10
Nero ControlCenter 10 Help (CHM)
Nero Core Components 10
Nero DiscSpeed 10
Nero DiscSpeed 10 Help (CHM)
Nero Express 10
Nero Express 10 Help (CHM)
Nero Multimedia Suite 10 Essentials
Nero RescueAgent 10
Nero RescueAgent 10 Help (CHM)
Nero StartSmart 10
Nero StartSmart 10 Help (CHM)
Nero Update
NVIDIA 3D Vision Controller Driver 340.50
NVIDIA 3D Vision Driver 340.52
NVIDIA Control Panel 340.52
NVIDIA GeForce Experience 2.1.1
NVIDIA Graphics Driver 340.52
NVIDIA Install Application
NVIDIA LED Visualizer 1.0
NVIDIA Network Service
NVIDIA PhysX
NVIDIA PhysX System Software 9.13.1220
NVIDIA ShadowPlay 15.3.33
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 15.3.33
NVIDIA Update Core
NVIDIA Virtual Audio 1.2.23
OpenAL
PMDG 737 8900 NGX
PMDG 747-400/400F for FSX
PMDG_744-8F_5XF
PMDG_744-8F_5YF
PMDG744XF_GE_5XF
PVACARS
PVACARS II
QualityWings Ultimate 757 Collection FSX
Quicken 2011
Quicken 2014
RAAS Professional by FS2Crew (LOCKED)
RapidShot
RapidShot (C:\Program Files (x86)\RapidShots\)
RealAir Turbine Duke
Realtek High Definition Audio Driver
Regional Jet Vol.1 - CRJ (FSX)
REX 4 - Texture Direct
REX Auto Update
REX Essential Plus
Rwy12 Library
Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)
SHIELD Streaming
Smart Defrag 3
smartCARS for Virtual United Airlines
SoftSpire DBX to MBOX Converter
Sound Blaster X-Fi Go! Pro
Tongass Fjords FSX
Ultimate Terrain X - USA
USB Video/Audio Device Driver
vAACARS
VAFS5
VAT-Spy
Ventrilo Client
VIPRE Antivirus
VIRTUALI Addon ManagerX FSX
vPilot
vUAL ACARs
WD Drive Utilities
WD Quick View
WD SmartWare
WD SmartWare Installer
Welcome Center
Windows Live
Windows Live Communications Platform
Windows Live Essentials
Windows Live Galeria de Fotos
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinRAR 4.20 (64-bit)
WinZip 17.5
Worldwide Virtual ACARS
Xilisoft MPEG to DVD Converter
.
==== Event Viewer Messages From Past Week ========
.
10/9/2014 10:25:19 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service swprv with arguments "" in order to run the server: {65EE1DBA-8FF4-4A58-AC1C-3470EE2F376A}
10/9/2014 10:25:17 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft Software Shadow Copy Provider service to connect.
10/9/2014 10:25:17 PM, Error: Service Control Manager [7000] - The Microsoft Software Shadow Copy Provider service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
10/8/2014 10:44:05 PM, Error: iaStor [9] - The device, \Device\Ide\iaStor0, did not respond within the timeout period.
10/7/2014 7:29:09 AM, Error: volsnap [14] - The shadow copies of volume C: were aborted because of an IO failure on volume C:.
10/7/2014 7:29:07 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Intel(R) Rapid Storage Technology service to connect.
10/7/2014 7:29:07 AM, Error: Service Control Manager [7000] - The Intel(R) Rapid Storage Technology service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
10/7/2014 5:58:27 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the CarboniteService service, but this action failed with the following error: An instance of the service is already running.
10/7/2014 5:57:27 PM, Error: Service Control Manager [7031] - The CarboniteService service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
10/10/2014 6:19:24 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
10/10/2014 6:18:24 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SBRE
.
==== End Of File ===========================


DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17280
Run by Owner at 19:29:40 on 2014-10-10
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8141.5953 [GMT -4:00]
.
AV: ThreatTrack Security VIPRE *Enabled/Updated* {FFE93D16-FD09-0282-C7D3-8B1731B6A051}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: ThreatTrack Security VIPRE *Enabled/Updated* {4488DCF2-DB33-0D0C-FD63-B0654A31EAEC}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe
C:\Program Files\Common Files\ArtistScope\CSHelper64.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe
C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
C:\Windows\system32\lxebcoms.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Program Files (x86)\VIPRE\SBPIMSvc.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe
C:\Windows\Explorer.EXE
C:\Users\Owner\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\System32\rundll32.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
C:\Program Files (x86)\Creative\Sound Blaster X-Fi Go Pro\Volume Panel\VolPanlu.exe
C:\Program Files (x86)\VIPRE\SBAMSvc.exe
C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Navigraph\FMS Data Manager\NGFMSAgent.exe
C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings64.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\VIPRE\SBAMTray.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\system32\vssvc.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://cnn.com/
uDefault_Page_URL = hxxp://www.bing.com/?pc=MAGW
uURLSearchHooks: IObit Apps Toolbar: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\9.8\iobitappsToolbarIE.dll
mWinlogon: Userinit = userinit.exe
BHO: IObit Apps Toolbar: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\9.8\iobitappsToolbarIE.dll
BHO: AccelerateTab: {48A789BF-F6D6-4930-9C8B-77855A63EDE1} -
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: VIPRE Search Guard Helper: {963C8283-AE7F-4AA6-9B3B-847A8FC62C5E} - C:\Program Files (x86)\VIPRE\VSG.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Adblock: {EF5F59BA-B2AB-48D8-9747-54DF806C73B8} - C:\Program Files (x86)\Secure Speed Dial\IE\ADBlock\IE\Adblock.dll
TB: VIPRE Search Guard Toolbar: {A924C17A-5E94-4E02-BED5-49720BA6F7FA} - C:\Program Files (x86)\VIPRE\VSG.dll
TB: VIPRE Search Guard Toolbar: {A924C17A-5E94-4E02-BED5-49720BA6F7FA} - C:\Program Files (x86)\VIPRE\VSG.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: IObit Apps Toolbar: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\9.8\iobitappsToolbarIE.dll
uRun: [Amazon Cloud Player] "C:\Users\Owner\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe"
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
mRun: [Hotkey Utility] C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
mRun: [SBAMTray] "C:\Program Files (x86)\VIPRE\SBAMTray.exe"
mRun: [StatusAlerts] "C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on
mRun: [VolPanel] "C:\Program Files (x86)\Creative\Sound Blaster X-Fi Go Pro\Volume Panel\VolPanlu.exe" /r
mRun: [UpdReg] C:\Windows\UpdReg.EXE
mRun: [Carbonite Backup] C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [Navigraph FMS Data Manager] C:\Program Files (x86)\Navigraph\FMS Data Manager\NGFMSAgent.exe -autostart
mRun: [SearchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
TCP: NameServer = 192.168.254.254
TCP: Interfaces\{DA8BA425-F461-452A-86DF-AC5D39266C96} : DHCPNameServer = 192.168.254.254
Handler: vipresg - {47BE2E5B-703B-444F-ABD3-05717D2191C6} - C:\Program Files (x86)\VIPRE\VSG.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-TB: IObit Apps Toolbar: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\9.8\iobitappsToolbarIE64.dll
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [Creative SB Monitoring Utility] RunDll32 sbavmon.dll,SBAVMonitor
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [ShadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-Handler: vipresg - {47BE2E5B-703B-444F-ABD3-05717D2191C6} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\w129ok8l.default\
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - hxxp://search.yahoo.com?type=902615&fr=spigot-yhp-ff
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\ArtistScope\npArtistScope.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll
FF - plugin: C:\Users\Owner\AppData\Local\Citrix\Plugins\104\npappdetector.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll
FF - ExtSQL: 2014-10-09 18:16; speeddial@instair.net; C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\w129ok8l.default\extensions\speeddial@instair.net
.
============= SERVICES / DRIVERS ===============
.
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2012-6-28 16152]
R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\System32\drivers\SmartDefragDriver.sys [2014-1-21 21184]
R2 Application Updater;Application Updater;C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe [2014-9-23 990584]
R2 CSHelper;CopySafe Helper Service;C:\Program Files\Common Files\ArtistScope\CSHelper64.exe [2013-9-7 479736]
R2 GREGService;GREGService;C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe [2012-2-29 28264]
R2 HP DS Service;HP DS Service;C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [2011-10-17 13824]
R2 HP LaserJet Service;HP LaserJet Service;C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2012-12-4 174592]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-8-3 13592]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-2-3 628448]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2013-8-3 161560]
R2 Live Updater Service;Live Updater Service;C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe [2012-6-28 255376]
R2 lxeb_device;lxeb_device;C:\Windows\System32\lxebcoms.exe -service --> C:\Windows\System32\lxebcoms.exe -service [?]
R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-3-29 598312]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-9-27 1720608]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-9-27 18956064]
R2 SBAMSvc;VIPRE Antivirus;C:\Program Files (x86)\VIPRE\SBAMSvc.exe [2013-9-5 3937472]
R2 sbapifs;sbapifs;C:\Windows\System32\drivers\sbapifs.sys [2013-6-18 88928]
R2 SBPIMSvc;SB Recovery Service;C:\Program Files (x86)\VIPRE\SBPIMSvc.exe [2013-9-5 176016]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-9-27 411936]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2013-8-3 363800]
R2 WDBackup;WD Backup;C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [2013-11-2 1042808]
R2 WDDriveService;WD Drive Manager;C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [2013-11-2 270704]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2012-6-28 355096]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2012-6-28 785688]
R3 ksaud;Creative USB Audio Driver;C:\Windows\System32\drivers\ksaud.sys [2014-1-16 1587968]
R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-9-27 20256]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2014-9-27 40392]
R3 SaiH0461;SaiH0461;C:\Windows\System32\drivers\SaiH0461.sys [2008-3-26 178432]
R3 sbwtis;sbwtis;C:\Windows\System32\drivers\sbwtis.sys [2013-4-12 88864]
R3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SecureUpdateSvc;SecureUpdate;C:\Program Files (x86)\Secure Speed Dial\IE\SecureUpdate.exe [2013-9-8 2580304]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2014-1-16 79360]
S3 gfiark;gfiark;C:\Windows\System32\drivers\gfiark.sys [2013-8-29 41032]
S3 gfiutil;gfiutil;C:\Windows\System32\drivers\gfiutil.sys [2013-8-29 31264]
S3 HP1319EWS;HP1319EWS;C:\Windows\System32\drivers\HP1319EWS.sys [2013-8-4 14848]
S3 HP1319FAX;HP1319MFP FAX;C:\Windows\System32\drivers\HP1319FAX.sys [2013-8-4 16384]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-9-12 111616]
S3 ivusb;Initio Driver for USB Default Controller;C:\Windows\System32\drivers\ivusb.sys [2010-7-29 29720]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2013-3-18 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-8-3 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2014-10-03 00:26:03 -------- d-----w- C:\Program Files\iPod
2014-10-03 00:26:02 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-10-03 00:26:02 -------- d-----w- C:\Program Files\iTunes
2014-10-01 00:07:04 519680 ----a-w- C:\Windows\SysWow64\qdvd.dll
2014-10-01 00:07:04 371712 ----a-w- C:\Windows\System32\qdvd.dll
2014-09-28 00:11:13 -------- d-----w- C:\Users\Owner\AppData\Local\NVIDIA Corporation
2014-09-28 00:11:13 -------- d-----w- C:\Users\Owner\AppData\Local\NVIDIA
2014-09-28 00:11:11 1715224 ----a-w- C:\Windows\System32\nvspbridge64.dll
2014-09-28 00:11:11 1291280 ----a-w- C:\Windows\SysWow64\nvspbridge.dll
2014-09-28 00:11:11 1283136 ----a-w- C:\Windows\System32\nvspcap64.dll
2014-09-28 00:11:11 1126480 ----a-w- C:\Windows\SysWow64\nvspcap.dll
2014-09-28 00:10:01 609240 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2014-09-28 00:09:56 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2014-09-28 00:09:45 3826628 ----a-w- C:\Windows\System32\nvcoproc.bin
2014-09-28 00:05:37 -------- d-----w- C:\NVIDIA
2014-09-25 01:19:26 -------- d-----w- C:\Program Files (x86)\IObit Apps Toolbar
2014-09-25 01:19:26 -------- d-----w- C:\Program Files (x86)\Application Updater
2014-09-23 17:27:26 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-09-23 17:27:24 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-09-18 00:19:00 -------- d-----w- C:\ProgramData\Navigraph
2014-09-18 00:18:57 -------- d-----w- C:\Program Files (x86)\Navigraph
2014-09-13 19:26:32 -------- d-----w- C:\Program Files (x86)\FS-Products
2014-09-12 23:46:07 -------- d-----w- C:\Users\Owner\AppData\Roaming\Flight One Software
2014-09-12 22:24:20 -------- d-----w- C:\Navigraph
2014-09-12 22:24:05 -------- d-----w- C:\Effects
2014-09-12 22:24:04 -------- d-----w- C:\Sound
2014-09-12 22:23:52 -------- d-----w- C:\SimObjects
2014-09-12 22:23:52 -------- d-----w- C:\Gauges
2014-09-12 22:01:20 -------- d-----w- C:\Windows\Flight1 Citation Mustang
2014-09-12 07:01:18 2777088 ----a-w- C:\Windows\System32\msmpeg2vdec.dll
2014-09-12 07:01:17 2285056 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll
2014-09-11 10:28:37 793600 ----a-w- C:\Windows\SysWow64\TSWorkspace.dll
2014-09-11 10:28:37 1031168 ----a-w- C:\Windows\System32\TSWorkspace.dll
2014-09-11 10:27:27 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2014-09-11 10:27:26 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2014-09-11 10:27:04 728064 ----a-w- C:\Windows\System32\kerberos.dll
2014-09-11 10:27:03 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-09-11 10:27:03 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-09-11 10:27:02 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-09-11 10:27:02 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-09-11 10:26:43 578048 ----a-w- C:\Windows\System32\aepdu.dll
2014-09-11 10:26:43 424448 ----a-w- C:\Windows\System32\aeinv.dll
.
==================== Find3M ====================
.
2014-09-24 15:29:11 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-09-24 15:29:11 701104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-08-23 02:07:00 404480 ----a-w- C:\Windows\System32\gdi32.dll
2014-08-23 01:45:55 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
2014-08-23 00:59:01 3163648 ----a-w- C:\Windows\System32\win32k.sys
2014-08-18 22:29:49 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-08-18 22:29:35 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-08-18 22:19:53 5833728 ----a-w- C:\Windows\System32\jscript9.dll
2014-08-18 22:15:34 547328 ----a-w- C:\Windows\System32\vbscript.dll
2014-08-18 22:15:09 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-08-18 22:14:38 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-08-18 22:14:10 83968 ----a-w- C:\Windows\System32\MshtmlDac.dll
2014-08-18 22:08:55 4232704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-08-18 22:03:47 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-08-18 22:03:37 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-08-18 22:03:01 758272 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-08-18 21:57:44 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-08-18 21:56:17 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-08-18 21:46:26 454656 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-08-18 21:45:23 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-08-18 21:45:12 72704 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-08-18 21:44:44 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-08-18 21:44:09 61952 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2014-08-18 21:36:07 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-08-18 21:35:24 597504 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-08-18 21:23:17 2104832 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-08-18 21:23:16 1249280 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-08-18 21:22:48 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-08-18 21:15:13 2310656 ----a-w- C:\Windows\System32\wininet.dll
2014-08-18 21:08:54 2014208 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-08-18 21:07:44 1068032 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-08-18 20:46:48 1812992 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-07-25 06:35:46 875688 ----a-w- C:\Windows\SysWow64\msvcr120_clr0400.dll
2014-07-25 03:47:06 869544 ----a-w- C:\Windows\System32\msvcr120_clr0400.dll
2014-07-14 02:02:45 1216000 ----a-w- C:\Windows\System32\rpcrt4.dll
2014-07-14 01:40:58 664064 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2013-12-23 21:32:30 126614 ----a-w- C:\Program Files (x86)\Uninstal.exe
2007-05-11 05:04:55 190872 ----a-w- C:\Program Files (x86)\sound.dll
2007-05-11 05:04:55 185240 ----a-w- C:\Program Files (x86)\symmap.dll
2007-05-11 05:04:54 184216 ----a-w- C:\Program Files (x86)\acontain.dll
2007-05-11 05:04:54 180120 ----a-w- C:\Program Files (x86)\simprop.dll
2007-05-11 05:04:49 177560 ----a-w- C:\Program Files (x86)\window.dll
2007-05-11 05:04:35 137112 ----a-w- C:\Program Files (x86)\gps.dll
2007-05-11 05:04:34 128920 ----a-w- C:\Program Files (x86)\livingwater.dll
2007-05-11 05:04:29 104856 ----a-w- C:\Program Files (x86)\ablscpt.dll
2007-05-11 05:04:28 94104 ----a-w- C:\Program Files (x86)\eula.dll
2007-05-11 05:04:26 90008 ----a-w- C:\Program Files (x86)\fs-traffic.dll
2007-05-11 05:04:23 79256 ----a-w- C:\Program Files (x86)\demo.dll
2007-05-11 05:04:20 41880 ----a-w- C:\Program Files (x86)\simscheduler.dll
2007-05-11 05:04:16 18840 ----a-w- C:\Program Files (x86)\activate.exe
2007-05-11 02:05:38 901016 ----a-w- C:\Program Files (x86)\terrain.dll
2006-09-09 10:15:01 797520 ----a-w- C:\Program Files (x86)\sldlext.dll
2006-09-09 10:15:01 66384 ----a-w- C:\Program Files (x86)\ace.exe
2006-09-09 10:15:01 4864848 ----a-w- C:\Program Files (x86)\mspac.dll
2006-09-09 10:15:01 314192 ----a-w- C:\Program Files (x86)\mspacres.dll
2006-09-09 10:15:01 172880 ----a-w- C:\Program Files (x86)\Kiosk.exe
2006-09-09 10:15:01 102736 ----a-w- C:\Program Files (x86)\FS9.exe
2006-09-09 10:15:01 102736 ----a-w- C:\Program Files (x86)\FS2002.exe
2006-09-09 10:15:01 102736 ----a-w- C:\Program Files (x86)\FS2000.exe
.
============= FINISH: 19:30:41.81 ===============
lehbird
Regular Member
 
Posts: 40
Joined: September 5th, 2010, 12:01 am
Advertisement
Register to Remove

Re: Blue Screen Twice in the last 4 Days

Unread postby pgmigg » October 14th, 2014, 10:27 am

Hello lehbird,

Welcome back to the forum! :)

I am pgmigg and I'll be helping you with any malware problems.

Before we begin, please read and follow these important guidelines, so things will proceed smoothly.
  1. The instructions being given are for YOUR computer and system only!
    Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable!
  2. You must have Administrator rights, permissions for this computer.
  3. DO NOT run any other fix or removal tools unless instructed to do so!
  4. DO NOT install any other software (or hardware) during the cleaning process until we are done as well as
    DO NOT Remove, or Scan with anything on your system unless I ask. This adds more items to be researched.
    Extra Additions and Removals of files make the analysis more difficult.
  5. Only post your problem at (1) one help site. Applying fixes from multiple help sites can cause problems.
  6. Print each set of instructions if possible - your Internet connection will not be available during some fix processes.
  7. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  8. Only reply to this thread, do not start another one. Please, continue responding, until I give you the "All Clean!" :cheers:
    Absence of symptoms does not mean that everything is clear.

I am currently reviewing your logs and will return, as soon as possible, with additional instructions. In the meantime...

Note: If you haven't done so already, please read this topic ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.

Please read all instructions carefully before executing and perform the steps, in the order given.
lf you have any questions or problems executing these instructions, <<STOP>> do not proceed, post back with the question or problem.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start


Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3187
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: Blue Screen Twice in the last 4 Days

Unread postby pgmigg » October 14th, 2014, 4:04 pm

Hello lehbird,

I see in your logs at least two different issues which should be resolved separately:
  1. Blue Screen related
    10/7/2014 7:29:09 AM, Error: volsnap [14] - The shadow copies of volume C: were aborted because of an IO failure on volume C:
    Most likely that this entry is a reason for your Blue Screen. Looks like you have a problem with your system disk C: - bad sectors, different disk errors, etc.
  2. Some infections cleanup.

Also your logs showed us that for some reason you don't have System Restore Points at all.

Let start and will do this consistently...

Step 1.
For safety reason (to have a good registry to restore if needed), I will ask you to create a System Restore Point (SRP) before most of my instructions sets...
Create a System Restore Point
  1. Right-click on Computer and select Properties.
  2. In the left pane under Tasks please click System protection.
    If UAC prompts for an administrator password or approval, type the password or give your "permission to continue".
  3. Select System Protection, then choose Create.
  4. In the System Restore dialog box, give the new restore point a name like "Start Fix" and then click Create again.
    A window will pop up with "The Restore Point was created successfully" confirmation message.
  5. Click OK, then close the System Restore dialog.

If you have successfully created a System Restore Point... we can proceed.
If you have NOT successfully created a System Restore Point... do not go any further!
Please post back so we can determine why it was unsuccessful.


Step 2.
Run CKScanner
  1. Please download CKScanner from Here
  2. Important: - Save it to your Desktop.
  3. Double-click CKScanner.exe and click Search For Files.
  4. After a very short time, when the cursor hourglass disappears, click Save List To File.
  5. A message box will verify the file saved.
  6. Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.

Then:
Please tell me is this computer used for any kind of business purposes and connected to a business or educational network?
I need to know it - so I can provide the proper instructions.

Please post each log separately to prevent it being cut off by the forum post size limiter.
Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections....

Please include in your next reply:
  1. Do you have any problems executing the instructions?
  2. Contents of CKFiles.txt log file
  3. Answers to my question related to type of using of your computer
  4. Do you see any changes in computer behavior?

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3187
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: Blue Screen Twice in the last 4 Days

Unread postby lehbird » October 14th, 2014, 7:00 pm

Hello:

Below is the requested CKScanner file. This is a personal computer, not business related and not part of a network.

No problems with your instructions. No issues with my computers behavor, but again, it is an issue which only manifests every coiple of days.

Thanks,

Dave

CKScanner 2.4 - Additional Security Risks - These are not necessarily bad
c:\program files (x86)\microsoft games\microsoft flight simulator x\addon scenery\flytampa-maarten\texture\concrete_cracks.dds
c:\program files (x86)\microsoft games\microsoft flight simulator x\addon scenery\flytampa-maarten\texture\concrete_cracks_lm.dds
c:\program files (x86)\microsoft games\microsoft flight simulator x\addon scenery\flytampa-maarten\texture\tarmac_cracks.dds
c:\program files (x86)\microsoft games\microsoft flight simulator x\addon scenery\flytampa-maarten\texture\tarmac_cracks_lm.dds
c:\program files (x86)\microsoft games\microsoft flight simulator x\addon scenery\kphl_sunskyjet\texture\cracked_ass2.dds
c:\program files (x86)\microsoft games\microsoft flight simulator x\addon scenery\kphl_sunskyjet\texture\cracked_ass2_lm.dds
c:\program files (x86)\microsoft games\microsoft flight simulator x\addon scenery\kphl_sunskyjet\texture\tarcracks.dds
c:\program files (x86)\microsoft games\microsoft flight simulator x\addon scenery\kphl_sunskyjet\texture\tarcracks_lm.dds
c:\program files (x86)\microsoft games\microsoft flight simulator x\fsaddon\tongass_fjords\tongass_fjords_higher_priority\scenery\papg_cracks.bgl
c:\program files (x86)\microsoft games\microsoft flight simulator x\fsaddon\tongass_fjords\tongass_fjords_higher_priority\scenery\pasi-cracks01.bgl
c:\program files (x86)\microsoft games\microsoft flight simulator x\fsaddon\tongass_fjords\tongass_fjords_higher_priority\texture\asphaltcracks01.dds
c:\program files (x86)\microsoft games\microsoft flight simulator x\orbx\ftx_au\ftxaa_orbxlibs\scenery\orbxlibs_ground_cracks_stains.bgl
c:\program files (x86)\microsoft games\microsoft flight simulator x\orbx\ftx_au\ftxaa_orbxlibs\scenery\orbx_cracks_stains.bgl
c:\program files (x86)\microsoft games\microsoft flight simulator x\orbx\ftx_au\ftxaa_orbxlibs\scenery\orbx_cracks_stains.txt
c:\program files (x86)\microsoft games\microsoft flight simulator x\orbx\ftx_au\ftxaa_orbxlibs\texture\orbx_cracks.dds
c:\users\owner\desktop\unused desktop shortcuts\x-plane 10 demo\resources\default scenery\1000 decals\cracked_dirt_and_asphalt.dcl
scanner sequence 3.IG.11.JGAAB0
----- EOF -----
lehbird
Regular Member
 
Posts: 40
Joined: September 5th, 2010, 12:01 am

Re: Blue Screen Twice in the last 4 Days

Unread postby pgmigg » October 15th, 2014, 1:21 am

Hello lehbird,

Step 1.
System File Checker
  1. Please open the Start Menu, type cmd in the search box, right click on cmd.exe (at top), and click on "Run as administrator...". The elevated command prompt opens to C:\Windows\System32
  2. In the elevated command prompt, type sfc /verifyonly, then press Enter. Please be patience - it may take a while...
  3. When the scan is complete, copy and paste the command below, and press Enter.
    Code: Select all
    findstr /c:"[SR]" %windir%\Logs\CBS\CBS.log >"%userprofile%\Desktop\sfcdetails.txt"

    This will place a sfcdetails.txt file on your Desktop
  4. Close the elevated command prompt.
  5. Open the sfcdetails.txt file on your Desktop by Notepad.
  6. Please copy and paste the contents of the sfcdetails.txt file in your next reply.

Step 2.
MiniToolBox
Please download MiniToolBox.exe ... by Farbar and save it to your Desktop.
  1. Right click MiniToolBox and select "Run As Administrator...", to run the tool.
  2. Check the following in the list:
    • List last 10 Event Viewer log
    • List Devices + All
    • List Users, Partitions and Memory size.
    • List Minidump Files
    • List Restore Points
  3. Press the Go button.
    A file name Result.txt will be created in the same location where you downloaded MiniToolBox.exe
  4. Close the MiniToolBox window.
  5. Please post the contents of the Result.txt in your next reply.

Please post each log separately to prevent it being cut off by the forum post size limiter.
Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections....

Please include in your next reply:
  1. Do you have any problems executing the instructions?
  2. Contents of sfcdetails.txt file
  3. Contents of a Result.txt log file created by MiniToolBox

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3187
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: Blue Screen Twice in the last 4 Days

Unread postby lehbird » October 15th, 2014, 5:17 pm

Hi:

Had trouble following step 3 under System File checker. Not sure where you are asking me to paste the command as I cant paste at the DOS prompt. After it completed, it directed me to output "CBS.log" ; but its 7 MB in size. Toolbox output is below.

Thanks,

Dave

MiniToolBox by Farbar Version: 21-07-2014
Ran by Owner (administrator) on 15-10-2014 at 16:39:36
Running from "C:\Users\Owner\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/15/2014 03:25:55 PM) (Source: VIPRE Internet Security) (User: )
Description: ERROR 4980 1 2014-10-15T15:25:55.1071329-04:00 SocialWatch.Authentication.FacebookProvider SocialWatch.Scanner.Providers.Facebook.FacebookProvider.<AuthenticateAndScan>b__1: System.UnauthorizedAccessException: Attempted to perform an unauthorized operation.

Error: (10/15/2014 01:25:49 PM) (Source: VIPRE Internet Security) (User: )
Description: ERROR 4980 1 2014-10-15T13:25:49.0298750-04:00 SocialWatch.Authentication.FacebookProvider SocialWatch.Scanner.Providers.Facebook.FacebookProvider.<AuthenticateAndScan>b__1: System.UnauthorizedAccessException: Attempted to perform an unauthorized operation.

Error: (10/15/2014 11:25:34 AM) (Source: VIPRE Internet Security) (User: )
Description: ERROR 4980 1 2014-10-15T11:25:34.3650025-04:00 SocialWatch.Authentication.FacebookProvider SocialWatch.Scanner.Providers.Facebook.FacebookProvider.<AuthenticateAndScan>b__1: System.UnauthorizedAccessException: Attempted to perform an unauthorized operation.

Error: (10/15/2014 09:24:50 AM) (Source: VIPRE Internet Security) (User: )
Description: ERROR 4980 1 2014-10-15T09:24:50.6412792-04:00 SocialWatch.Authentication.FacebookProvider SocialWatch.Scanner.Providers.Facebook.FacebookProvider.<AuthenticateAndScan>b__1: System.UnauthorizedAccessException: Attempted to perform an unauthorized operation.

Error: (10/15/2014 07:19:07 AM) (Source: VIPRE Internet Security) (User: )
Description: ERROR 4980 1 2014-10-15T07:19:07.2456290-04:00 SocialWatch.Authentication.FacebookProvider SocialWatch.Scanner.Providers.Facebook.FacebookProvider.<AuthenticateAndScan>b__1: System.UnauthorizedAccessException: Attempted to perform an unauthorized operation.

Error: (10/15/2014 05:19:05 AM) (Source: VIPRE Internet Security) (User: )
Description: ERROR 4980 1 2014-10-15T05:19:05.2117784-04:00 SocialWatch.Authentication.FacebookProvider SocialWatch.Scanner.Providers.Facebook.FacebookProvider.<AuthenticateAndScan>b__1: System.UnauthorizedAccessException: Attempted to perform an unauthorized operation.

Error: (10/15/2014 03:18:41 AM) (Source: VIPRE Internet Security) (User: )
Description: ERROR 4980 1 2014-10-15T03:18:41.6392902-04:00 SocialWatch.Authentication.FacebookProvider SocialWatch.Scanner.Providers.Facebook.FacebookProvider.<AuthenticateAndScan>b__1: System.UnauthorizedAccessException: Attempted to perform an unauthorized operation.

Error: (10/15/2014 01:18:27 AM) (Source: VIPRE Internet Security) (User: )
Description: ERROR 4980 1 2014-10-15T01:18:27.7700191-04:00 SocialWatch.Authentication.FacebookProvider SocialWatch.Scanner.Providers.Facebook.FacebookProvider.<AuthenticateAndScan>b__1: System.UnauthorizedAccessException: Attempted to perform an unauthorized operation.

Error: (10/14/2014 11:18:04 PM) (Source: VIPRE Internet Security) (User: )
Description: ERROR 4980 1 2014-10-14T23:18:04.4617314-04:00 SocialWatch.Authentication.FacebookProvider SocialWatch.Scanner.Providers.Facebook.FacebookProvider.<AuthenticateAndScan>b__1: System.UnauthorizedAccessException: Attempted to perform an unauthorized operation.

Error: (10/14/2014 09:18:03 PM) (Source: VIPRE Internet Security) (User: )
Description: ERROR 4980 1 2014-10-14T21:18:03.8670835-04:00 SocialWatch.Authentication.FacebookProvider SocialWatch.Scanner.Providers.Facebook.FacebookProvider.<AuthenticateAndScan>b__1: System.UnauthorizedAccessException: Attempted to perform an unauthorized operation.


System errors:
=============
Error: (10/15/2014 03:44:10 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 70. The internal error state is 105.

Error: (10/14/2014 10:16:56 PM) (Source: iaStor) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.

Error: (10/14/2014 10:16:56 PM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because of an IO failure on volume C:.

Error: (10/14/2014 10:16:55 PM) (Source: iaStor) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.

Error: (10/14/2014 10:16:54 PM) (Source: iaStor) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.

Error: (10/14/2014 10:16:53 PM) (Source: iaStor) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.

Error: (10/14/2014 10:16:52 PM) (Source: iaStor) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.

Error: (10/14/2014 10:16:51 PM) (Source: iaStor) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.

Error: (10/14/2014 10:16:50 PM) (Source: iaStor) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.

Error: (10/14/2014 10:16:49 PM) (Source: iaStor) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.


Microsoft Office Sessions:
=========================
Error: (10/15/2014 03:25:55 PM) (Source: VIPRE Internet Security)(User: )
Description: ERROR 4980 1 2014-10-15T15:25:55.1071329-04:00 SocialWatch.Authentication.FacebookProvider SocialWatch.Scanner.Providers.Facebook.FacebookProvider.<AuthenticateAndScan>b__1: System.UnauthorizedAccessException: Attempted to perform an unauthorized operation.

Error: (10/15/2014 01:25:49 PM) (Source: VIPRE Internet Security)(User: )
Description: ERROR 4980 1 2014-10-15T13:25:49.0298750-04:00 SocialWatch.Authentication.FacebookProvider SocialWatch.Scanner.Providers.Facebook.FacebookProvider.<AuthenticateAndScan>b__1: System.UnauthorizedAccessException: Attempted to perform an unauthorized operation.

Error: (10/15/2014 11:25:34 AM) (Source: VIPRE Internet Security)(User: )
Description: ERROR 4980 1 2014-10-15T11:25:34.3650025-04:00 SocialWatch.Authentication.FacebookProvider SocialWatch.Scanner.Providers.Facebook.FacebookProvider.<AuthenticateAndScan>b__1: System.UnauthorizedAccessException: Attempted to perform an unauthorized operation.

Error: (10/15/2014 09:24:50 AM) (Source: VIPRE Internet Security)(User: )
Description: ERROR 4980 1 2014-10-15T09:24:50.6412792-04:00 SocialWatch.Authentication.FacebookProvider SocialWatch.Scanner.Providers.Facebook.FacebookProvider.<AuthenticateAndScan>b__1: System.UnauthorizedAccessException: Attempted to perform an unauthorized operation.

Error: (10/15/2014 07:19:07 AM) (Source: VIPRE Internet Security)(User: )
Description: ERROR 4980 1 2014-10-15T07:19:07.2456290-04:00 SocialWatch.Authentication.FacebookProvider SocialWatch.Scanner.Providers.Facebook.FacebookProvider.<AuthenticateAndScan>b__1: System.UnauthorizedAccessException: Attempted to perform an unauthorized operation.

Error: (10/15/2014 05:19:05 AM) (Source: VIPRE Internet Security)(User: )
Description: ERROR 4980 1 2014-10-15T05:19:05.2117784-04:00 SocialWatch.Authentication.FacebookProvider SocialWatch.Scanner.Providers.Facebook.FacebookProvider.<AuthenticateAndScan>b__1: System.UnauthorizedAccessException: Attempted to perform an unauthorized operation.

Error: (10/15/2014 03:18:41 AM) (Source: VIPRE Internet Security)(User: )
Description: ERROR 4980 1 2014-10-15T03:18:41.6392902-04:00 SocialWatch.Authentication.FacebookProvider SocialWatch.Scanner.Providers.Facebook.FacebookProvider.<AuthenticateAndScan>b__1: System.UnauthorizedAccessException: Attempted to perform an unauthorized operation.

Error: (10/15/2014 01:18:27 AM) (Source: VIPRE Internet Security)(User: )
Description: ERROR 4980 1 2014-10-15T01:18:27.7700191-04:00 SocialWatch.Authentication.FacebookProvider SocialWatch.Scanner.Providers.Facebook.FacebookProvider.<AuthenticateAndScan>b__1: System.UnauthorizedAccessException: Attempted to perform an unauthorized operation.

Error: (10/14/2014 11:18:04 PM) (Source: VIPRE Internet Security)(User: )
Description: ERROR 4980 1 2014-10-14T23:18:04.4617314-04:00 SocialWatch.Authentication.FacebookProvider SocialWatch.Scanner.Providers.Facebook.FacebookProvider.<AuthenticateAndScan>b__1: System.UnauthorizedAccessException: Attempted to perform an unauthorized operation.

Error: (10/14/2014 09:18:03 PM) (Source: VIPRE Internet Security)(User: )
Description: ERROR 4980 1 2014-10-14T21:18:03.8670835-04:00 SocialWatch.Authentication.FacebookProvider SocialWatch.Scanner.Providers.Facebook.FacebookProvider.<AuthenticateAndScan>b__1: System.UnauthorizedAccessException: Attempted to perform an unauthorized operation.


========================= Devices: ================================

Name: WAN Miniport (Network Monitor)
Description: WAN Miniport (Network Monitor)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan

Name: Null
Description: Null
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Null

Name: Intel(R) 7 Series/C216 Chipset Family SATA AHCI Controller
Description: Intel(R) 7 Series/C216 Chipset Family SATA AHCI Controller
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: iaStor

Name: Intel(R) 82801 PCI Bridge - 244E
Description: Intel(R) 82801 PCI Bridge - 244E
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci

Name: KSecPkg
Description: KSecPkg
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: KSecPkg

Name: CopySafe Support Driver
Description: CopySafe Support Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: CSDriver

Name: Saitek Aviator Stick (USB)
Description: Saitek Aviator Stick (USB)
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Saitek
Service: HidUsb

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: ACPI Thermal Zone
Description: ACPI Thermal Zone
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: NvStreamKms
Description: NvStreamKms
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NvStreamKms

Name: WAN Miniport (IP)
Description: WAN Miniport (IP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan

Name: F:\
Description: Multi-Card
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic-
Service: WUDFRd

Name: Link-Layer Topology Discovery Mapper I/O Driver
Description: Link-Layer Topology Discovery Mapper I/O Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: lltdio

Name: USB Composite Device
Description: USB Composite Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbccgp

Name: Microsoft ACPI-Compliant System
Description: Microsoft ACPI-Compliant System
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: ACPI

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: WAN Miniport (IPv6)
Description: WAN Miniport (IPv6)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan

Name: HID-compliant consumer control device
Description: HID-compliant consumer control device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Microsoft
Service:

Name: Performance Counters for Windows Driver
Description: Performance Counters for Windows Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: pcw

Name: Intel(R) 82802 Firmware Hub Device
Description: Intel(R) 82802 Firmware Hub Device
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap

Name: WD 5000BEV External USB Device
Description: Disk drive
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard disk drives)
Service: disk

Name: Generic PnP Monitor
Description: Generic PnP Monitor
Class Guid: {4d36e96e-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard monitor types)
Service: monitor

Name: System Attribute Cache
Description: System Attribute Cache
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: discache

Name: High Definition Audio Controller
Description: High Definition Audio Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HDAudBus

Name: Saitek Aviator Stick (HID)
Description: Saitek Aviator Stick (HID)
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Saitek
Service: SaiH0461

Name: WAN Miniport (PPPOE)
Description: WAN Miniport (PPPOE)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasPppoe

Name: PEAUTH
Description: PEAUTH
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: PEAUTH

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: USB Mass Storage Device
Description: USB Mass Storage Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Compatible USB storage device
Service: USBSTOR

Name: Mount Point Manager
Description: Mount Point Manager
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mountmgr

Name: LDDM Graphics Subsystem
Description: LDDM Graphics Subsystem
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: DXGKrnl

Name: HID Keyboard Device
Description: HID Keyboard Device
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: kbdhid

Name: TCP/IP Protocol Driver
Description: TCP/IP Protocol Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Tcpip

Name: QoS Packet Scheduler
Description: QoS Packet Scheduler
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Psched

Name: WAN Miniport (PPTP)
Description: WAN Miniport (PPTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: PptpMiniport

Name: USB Composite Device
Description: USB Composite Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbccgp

Name: Programmable interrupt controller
Description: Programmable interrupt controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Windows Firewall Authorization Driver
Description: Windows Firewall Authorization Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mpsdrv

Name: ACPI Fixed Feature Button
Description: ACPI Fixed Feature Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap

Name: TCP/IP Registry Compatibility
Description: TCP/IP Registry Compatibility
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: tcpipreg

Name: Intel(R) 7 Series/C216 Chipset Family SMBus Host Controller - 1E22
Description: Intel(R) 7 Series/C216 Chipset Family SMBus Host Controller - 1E22
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:

Name: USB Input Device
Description: USB Input Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: HidUsb

Name: WAN Miniport (SSTP)
Description: WAN Miniport (SSTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasSstp

Name: System timer
Description: System timer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: USB Mass Storage Device
Description: USB Mass Storage Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Compatible USB storage device
Service: USBSTOR

Name: WD My Passport 0748 USB Device
Description: Disk drive
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard disk drives)
Service: disk

Name: RDPCDD
Description: RDPCDD
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RDPCDD

Name: Intel(R) Core(TM) i5-2320 CPU @ 3.00GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm

Name: USB Composite Device
Description: USB Composite Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbccgp

Name: NetIO Legacy TDI Support Driver
Description: NetIO Legacy TDI Support Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: tdx

Name: Terminal Server Keyboard Driver
Description: Terminal Server Keyboard Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: TermDD

Name: High precision event timer
Description: High precision event timer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: USB Audio Device
Description: USB Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: (Generic USB Audio)
Service: usbaudio

Name: RDP Encoder Mirror Driver
Description: RDP Encoder Mirror Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RDPENCDD

Name: Terminal Server Mouse Driver
Description: Terminal Server Mouse Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: TermDD

Name: Direct memory access controller
Description: Direct memory access controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: ATAPI DVD A DH16ACSH
Description: CD-ROM Drive
Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard CD-ROM drives)
Service: cdrom

Name: Intel(R) 7 Series/C216 Chipset Family USB Enhanced Host Controller - 1E26
Description: Intel(R) 7 Series/C216 Chipset Family USB Enhanced Host Controller - 1E26
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbehci

Name: HID-compliant mouse
Description: HID-compliant mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: mouhid

Name: USB Input Device
Description: USB Input Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: HidUsb

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap

Name: Plug and Play Software Device Enumerator
Description: Plug and Play Software Device Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: swenum

Name: VgaSave
Description: VgaSave
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: VgaSave

Name: Generic- Multi-Card USB Device
Description: Disk drive
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard disk drives)
Service: disk

Name: Reflector Display Driver used to gain access to graphics data
Description: Reflector Display Driver used to gain access to graphics data
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RDPREFMP

Name: PCI bus
Description: PCI bus
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: pci

Name: Microsoft ISATAP Adapter
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel

Name: Intel(R) USB 3.0 Root Hub
Description: Intel(R) USB 3.0 Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel(R) Corporation
Service: iusb3hub

Name: UMBus Root Bus Enumerator
Description: UMBus Root Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: umbus

Name: msahci
Description: msahci
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: msahci

Name: WD SES Device
Description: WD SES Device
Class Guid: {8496e87e-c0a1-4102-9d8d-bd9a9b8b07a9}
Manufacturer: Western Digital Technologies
Service: WDC_SAM

Name: System CMOS/real time clock
Description: System CMOS/real time clock
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: IPBusEnum Root Enumerator
Description: UMBus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: umbus

Name: HP LaserJet Pro MFP M127-M128 PCLmS
Description: HP LaserJet Pro MFP M127-M128 PCLmS
Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett Packard
Service:

Name: HP LJ M127128 Scan Drv
Description: HP LJ M127128 Scan Drv
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Hewlett-Packard
Service: usbscan

Name: Dynamic Volume Manager
Description: Dynamic Volume Manager
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: volmgrx

Name: Link-Layer Topology Discovery Responder
Description: Link-Layer Topology Discovery Responder
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: rspndr

Name: NVIDIA Virtual Audio Device (Wave Extensible) (WDM)
Description: NVIDIA Virtual Audio Device (Wave Extensible) (WDM)
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: nvvad_WaveExtensible

Name: Microsoft ISATAP Adapter #2
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel

Name: USB Mass Storage Device
Description: USB Mass Storage Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Compatible USB storage device
Service: USBSTOR

Name: NVIDIA GeForce GTS 250
Description: NVIDIA GeForce GTS 250
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: nvlddmkm

Name: HID-compliant consumer control device
Description: HID-compliant consumer control device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Microsoft
Service:

Name: Intel(R) 7 Series/C216 Chipset Family USB Enhanced Host Controller - 1E2D
Description: Intel(R) 7 Series/C216 Chipset Family USB Enhanced Host Controller - 1E2D
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbehci

Name: System board
Description: System board
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Intel(R) Core(TM) i5-2320 CPU @ 3.00GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm

Name: Storage volumes
Description: Storage volumes
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: volsnap

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel

Name: UMBus Enumerator
Description: UMBus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: umbus

Name: Microsoft Virtual Drive Enumerator Driver
Description: Microsoft Virtual Drive Enumerator Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: vdrvroot

Name: msisadrv
Description: msisadrv
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: msisadrv

Name: Realtek High Definition Audio
Description: Realtek High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: IntcAzAudAddService

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap

Name: USB Printing Support
Description: USB Printing Support
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Microsoft
Service: usbprint

Name: ACPI x64-based PC
Description: ACPI x64-based PC
Class Guid: {4d36e966-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard computers)
Service: \Driver\ACPI_HAL

Name: Remote Access IPv6 ARP Driver
Description: Remote Access IPv6 ARP Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Wanarpv6

Name: Generic USB Hub
Description: Generic USB Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Generic USB Hub)
Service: usbhub

Name: Volume Manager
Description: Volume Manager
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: volmgr

Name: SBRE
Description: SBRE
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SBRE
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: File as Volume Driver
Description: File as Volume Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: blbdrive

Name: UMBus Enumerator
Description: UMBus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: umbus

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Kernel Mode Driver Frameworks service
Description: Kernel Mode Driver Frameworks service
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Wdf01000

Name: 2nd Generation Intel(R) Core(TM) Processor Family DRAM Controller - 0100
Description: 2nd Generation Intel(R) Core(TM) Processor Family DRAM Controller - 0100
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:

Name: Intel(R) USB 3.0 eXtensible Host Controller
Description: Intel(R) USB 3.0 eXtensible Host Controller
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel(R) Corporation
Service: iusb3xhc

Name: NDIS System Driver
Description: NDIS System Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NDIS

Name: Composite Bus Enumerator
Description: Composite Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: CompositeBus

Name: HP Printer (Fax)
Description: HP Printer (Fax)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Hewlett-Packard
Service: usbscan

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Bitlocker Drive Encryption Filter Driver
Description: Bitlocker Drive Encryption Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: fvevol

Name: sbwtis
Description: sbwtis
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: sbwtis

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap

Name: WFP Lightweight Filter
Description: WFP Lightweight Filter
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: WfpLwf

Name: MAXTOR STM3160815AS
Description: Disk drive
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard disk drives)
Service: disk

Name: NDProxy
Description: NDProxy
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NDProxy

Name: Numeric data processor
Description: Numeric data processor
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Ancillary Function Driver for Winsock
Description: Ancillary Function Driver for Winsock
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AFD

Name: HID-compliant consumer control device
Description: HID-compliant consumer control device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Microsoft
Service:

Name: Intel(R) Core(TM) i5-2320 CPU @ 3.00GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm

Name: USB Input Device
Description: USB Input Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: HidUsb

Name: Security Driver
Description: Security Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: secdrv

Name: Generic USB Hub
Description: Generic USB Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Generic USB Hub)
Service: usbhub

Name: USB Composite Device
Description: USB Composite Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbccgp

Name: IDE Channel
Description: IDE Channel
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: atapi

Name: HP Printer (LEDM)
Description: HP Printer (LEDM)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Hewlett-Packard
Service: usbscan

Name: ACPI Fan
Description: ACPI Fan
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Xeon E3-1200/2nd Generation Intel(R) Core(TM) Processor Family PCI Express Root Port - 0101
Description: Xeon E3-1200/2nd Generation Intel(R) Core(TM) Processor Family PCI Express Root Port - 0101
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci

Name: USB Input Device
Description: USB Input Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: HidUsb

Name: gfiutil
Description: gfiutil
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: gfiutil

Name: Intel(R) Management Engine Interface
Description: Intel(R) Management Engine Interface
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: MEIx64

Name: SmartDefragDriver
Description: SmartDefragDriver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SmartDefragDriver

Name: ACPI Fan
Description: ACPI Fan
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: User Mode Driver Frameworks Platform Driver
Description: User Mode Driver Frameworks Platform Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: WudfPf

Name: Generic USB Hub
Description: Generic USB Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Generic USB Hub)
Service: usbhub

Name: Beep
Description: Beep
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Beep

Name: SB X-Fi Go! Pro
Description: SB X-Fi Go! Pro
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Creative Technology Ltd.
Service: ksaud

Name: NETBT
Description: NETBT
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NetBT

Name: HID-compliant device
Description: HID-compliant device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service:

Name: HTTP
Description: HTTP
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: HTTP

Name: ACPI Fan
Description: ACPI Fan
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap

Name: Microsoft System Management BIOS Driver
Description: Microsoft System Management BIOS Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: mssmbios

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr

Name: ACPI Fan
Description: ACPI Fan
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Hardware Policy Driver
Description: Hardware Policy Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: hwpolicy

Name: Generic USB Hub
Description: Generic USB Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Generic USB Hub)
Service: usbhub

Name: WAN Miniport (IKEv2)
Description: WAN Miniport (IKEv2)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasAgileVpn

Name: Intel(R) 82579V Gigabit Network Connection
Description: Intel(R) 82579V Gigabit Network Connection
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: e1cexpress

Name: Intel(R) B75 Express Chipset LPC Controller - 1E49
Description: Intel(R) B75 Express Chipset LPC Controller - 1E49
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: msisadrv

Name: ACPI Fan
Description: ACPI Fan
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: USB Input Device
Description: USB Input Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: HidUsb

Name: NSI proxy service driver.
Description: NSI proxy service driver.
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: nsiproxy

Name: Intel(R) Core(TM) i5-2320 CPU @ 3.00GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm

Name: Intel AHCI Controller
Description: Intel AHCI Controller
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: iaStor

Name: ACPI Power Button
Description: ACPI Power Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: HID-compliant device
Description: HID-compliant device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service:

Name: Common Log (CLFS)
Description: Common Log (CLFS)
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: CLFS

Name: WAN Miniport (L2TP)
Description: WAN Miniport (L2TP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: Rasl2tp

Name: Microsoft Windows Management Interface for ACPI
Description: Microsoft Windows Management Interface for ACPI
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: WmiAcpi

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap

Name: KSecDD
Description: KSecDD
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: KSecDD

Name: CNG
Description: CNG
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: CNG

Name: ST1000DM003-1CH162
Description: Disk drive
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard disk drives)
Service: disk

Name: ACPI Thermal Zone
Description: ACPI Thermal Zone
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:


========================= Memory info: ===================================

Percentage of memory in use: 51%
Total physical RAM: 8140.59 MB
Available physical RAM: 3909.04 MB
Total Pagefile: 16279.37 MB
Available Pagefile: 12967.64 MB
Total Virtual: 4095.88 MB
Available Virtual: 3983.67 MB

========================= Partitions: =====================================

1 Drive c: (Gateway) (Fixed) (Total:903.39 GB) (Free:600.84 GB) NTFS
2 Drive d: (New Volume) (Fixed) (Total:149.05 GB) (Free:32.45 GB) NTFS
5 Drive h: (My Passport) (Fixed) (Total:465.65 GB) (Free:275.51 GB) FAT32
6 Drive i: (My Passport) (Fixed) (Total:465.73 GB) (Free:0 GB) NTFS

========================= Users: ========================================

User accounts for \\OWNER-PC

Administrator Dave Guest
Owner

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================


**** End of log ****
lehbird
Regular Member
 
Posts: 40
Joined: September 5th, 2010, 12:01 am

Re: Blue Screen Twice in the last 4 Days

Unread postby lehbird » October 15th, 2014, 5:39 pm

OK; just learned you can paste to a DOS Prompt :-)

Here is the SFC Log:

2014-10-15 16:11:40, Info CSI 00000009 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:11:40, Info CSI 0000000a [SR] Beginning Verify and Repair transaction
2014-10-15 16:11:42, Info CSI 0000000c [SR] Verify complete
2014-10-15 16:11:42, Info CSI 0000000d [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:11:42, Info CSI 0000000e [SR] Beginning Verify and Repair transaction
2014-10-15 16:11:44, Info CSI 00000010 [SR] Verify complete
2014-10-15 16:11:45, Info CSI 00000011 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:11:45, Info CSI 00000012 [SR] Beginning Verify and Repair transaction
2014-10-15 16:11:47, Info CSI 00000014 [SR] Verify complete
2014-10-15 16:11:47, Info CSI 00000015 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:11:47, Info CSI 00000016 [SR] Beginning Verify and Repair transaction
2014-10-15 16:11:49, Info CSI 00000018 [SR] Verify complete
2014-10-15 16:11:49, Info CSI 00000019 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:11:49, Info CSI 0000001a [SR] Beginning Verify and Repair transaction
2014-10-15 16:11:51, Info CSI 0000001c [SR] Verify complete
2014-10-15 16:11:51, Info CSI 0000001d [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:11:51, Info CSI 0000001e [SR] Beginning Verify and Repair transaction
2014-10-15 16:11:53, Info CSI 00000020 [SR] Verify complete
2014-10-15 16:11:53, Info CSI 00000021 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:11:53, Info CSI 00000022 [SR] Beginning Verify and Repair transaction
2014-10-15 16:11:55, Info CSI 00000024 [SR] Verify complete
2014-10-15 16:11:55, Info CSI 00000025 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:11:55, Info CSI 00000026 [SR] Beginning Verify and Repair transaction
2014-10-15 16:11:57, Info CSI 00000028 [SR] Verify complete
2014-10-15 16:11:57, Info CSI 00000029 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:11:57, Info CSI 0000002a [SR] Beginning Verify and Repair transaction
2014-10-15 16:11:58, Info CSI 0000002c [SR] Verify complete
2014-10-15 16:11:58, Info CSI 0000002d [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:11:58, Info CSI 0000002e [SR] Beginning Verify and Repair transaction
2014-10-15 16:12:00, Info CSI 00000030 [SR] Verify complete
2014-10-15 16:12:00, Info CSI 00000031 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:12:00, Info CSI 00000032 [SR] Beginning Verify and Repair transaction
2014-10-15 16:12:04, Info CSI 00000034 [SR] Verify complete
2014-10-15 16:12:04, Info CSI 00000035 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:12:04, Info CSI 00000036 [SR] Beginning Verify and Repair transaction
2014-10-15 16:12:07, Info CSI 00000038 [SR] Verify complete
2014-10-15 16:12:07, Info CSI 00000039 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:12:07, Info CSI 0000003a [SR] Beginning Verify and Repair transaction
2014-10-15 16:12:11, Info CSI 0000003c [SR] Verify complete
2014-10-15 16:12:11, Info CSI 0000003d [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:12:11, Info CSI 0000003e [SR] Beginning Verify and Repair transaction
2014-10-15 16:12:14, Info CSI 00000040 [SR] Verify complete
2014-10-15 16:12:15, Info CSI 00000041 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:12:15, Info CSI 00000042 [SR] Beginning Verify and Repair transaction
2014-10-15 16:12:18, Info CSI 00000044 [SR] Verify complete
2014-10-15 16:12:18, Info CSI 00000045 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:12:18, Info CSI 00000046 [SR] Beginning Verify and Repair transaction
2014-10-15 16:12:20, Info CSI 00000048 [SR] Verify complete
2014-10-15 16:12:20, Info CSI 00000049 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:12:20, Info CSI 0000004a [SR] Beginning Verify and Repair transaction
2014-10-15 16:12:22, Info CSI 0000004c [SR] Verify complete
2014-10-15 16:12:22, Info CSI 0000004d [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:12:22, Info CSI 0000004e [SR] Beginning Verify and Repair transaction
2014-10-15 16:12:30, Info CSI 00000050 [SR] Verify complete
2014-10-15 16:12:30, Info CSI 00000051 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:12:30, Info CSI 00000052 [SR] Beginning Verify and Repair transaction
2014-10-15 16:12:38, Info CSI 00000054 [SR] Verify complete
2014-10-15 16:12:38, Info CSI 00000055 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:12:38, Info CSI 00000056 [SR] Beginning Verify and Repair transaction
2014-10-15 16:12:49, Info CSI 00000058 [SR] Verify complete
2014-10-15 16:12:49, Info CSI 00000059 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:12:49, Info CSI 0000005a [SR] Beginning Verify and Repair transaction
2014-10-15 16:12:59, Info CSI 0000005c [SR] Verify complete
2014-10-15 16:12:59, Info CSI 0000005d [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:12:59, Info CSI 0000005e [SR] Beginning Verify and Repair transaction
2014-10-15 16:13:10, Info CSI 00000061 [SR] Verify complete
2014-10-15 16:13:10, Info CSI 00000062 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:13:10, Info CSI 00000063 [SR] Beginning Verify and Repair transaction
2014-10-15 16:13:21, Info CSI 00000068 [SR] Verify complete
2014-10-15 16:13:21, Info CSI 00000069 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:13:21, Info CSI 0000006a [SR] Beginning Verify and Repair transaction
2014-10-15 16:13:29, Info CSI 0000006d [SR] Verify complete
2014-10-15 16:13:29, Info CSI 0000006e [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:13:29, Info CSI 0000006f [SR] Beginning Verify and Repair transaction
2014-10-15 16:13:37, Info CSI 00000071 [SR] Verify complete
2014-10-15 16:13:37, Info CSI 00000072 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:13:37, Info CSI 00000073 [SR] Beginning Verify and Repair transaction
2014-10-15 16:13:45, Info CSI 00000095 [SR] Verify complete
2014-10-15 16:13:46, Info CSI 00000096 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:13:46, Info CSI 00000097 [SR] Beginning Verify and Repair transaction
2014-10-15 16:13:54, Info CSI 0000009c [SR] Verify complete
2014-10-15 16:13:54, Info CSI 0000009d [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:13:54, Info CSI 0000009e [SR] Beginning Verify and Repair transaction
2014-10-15 16:14:04, Info CSI 000000a0 [SR] Verify complete
2014-10-15 16:14:04, Info CSI 000000a1 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:14:04, Info CSI 000000a2 [SR] Beginning Verify and Repair transaction
2014-10-15 16:14:11, Info CSI 000000a4 [SR] Verify complete
2014-10-15 16:14:11, Info CSI 000000a5 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:14:11, Info CSI 000000a6 [SR] Beginning Verify and Repair transaction
2014-10-15 16:14:19, Info CSI 000000a8 [SR] Verify complete
2014-10-15 16:14:19, Info CSI 000000a9 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:14:19, Info CSI 000000aa [SR] Beginning Verify and Repair transaction
2014-10-15 16:14:27, Info CSI 000000ac [SR] Verify complete
2014-10-15 16:14:27, Info CSI 000000ad [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:14:27, Info CSI 000000ae [SR] Beginning Verify and Repair transaction
2014-10-15 16:14:39, Info CSI 000000b0 [SR] Verify complete
2014-10-15 16:14:39, Info CSI 000000b1 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:14:39, Info CSI 000000b2 [SR] Beginning Verify and Repair transaction
2014-10-15 16:15:07, Info CSI 000000d5 [SR] Verify complete
2014-10-15 16:15:07, Info CSI 000000d6 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:15:07, Info CSI 000000d7 [SR] Beginning Verify and Repair transaction
2014-10-15 16:15:21, Info CSI 000000d9 [SR] Verify complete
2014-10-15 16:15:21, Info CSI 000000da [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:15:21, Info CSI 000000db [SR] Beginning Verify and Repair transaction
2014-10-15 16:15:54, Info CSI 000000dd [SR] Verify complete
2014-10-15 16:15:54, Info CSI 000000de [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:15:54, Info CSI 000000df [SR] Beginning Verify and Repair transaction
2014-10-15 16:16:01, Info CSI 000000e3 [SR] Verify complete
2014-10-15 16:16:01, Info CSI 000000e4 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:16:01, Info CSI 000000e5 [SR] Beginning Verify and Repair transaction
2014-10-15 16:16:03, Info CSI 000000e7 [SR] Verify complete
2014-10-15 16:16:03, Info CSI 000000e8 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:16:03, Info CSI 000000e9 [SR] Beginning Verify and Repair transaction
2014-10-15 16:16:05, Info CSI 000000eb [SR] Verify complete
2014-10-15 16:16:05, Info CSI 000000ec [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:16:05, Info CSI 000000ed [SR] Beginning Verify and Repair transaction
2014-10-15 16:16:13, Info CSI 000000fa [SR] Verify complete
2014-10-15 16:16:13, Info CSI 000000fb [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:16:13, Info CSI 000000fc [SR] Beginning Verify and Repair transaction
2014-10-15 16:16:19, Info CSI 00000104 [SR] Verify complete
2014-10-15 16:16:19, Info CSI 00000105 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:16:19, Info CSI 00000106 [SR] Beginning Verify and Repair transaction
2014-10-15 16:16:22, Info CSI 00000108 [SR] Verify complete
2014-10-15 16:16:22, Info CSI 00000109 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:16:22, Info CSI 0000010a [SR] Beginning Verify and Repair transaction
2014-10-15 16:16:27, Info CSI 0000010c [SR] Verify complete
2014-10-15 16:16:28, Info CSI 0000010d [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:16:28, Info CSI 0000010e [SR] Beginning Verify and Repair transaction
2014-10-15 16:16:32, Info CSI 00000110 [SR] Verify complete
2014-10-15 16:16:32, Info CSI 00000111 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:16:32, Info CSI 00000112 [SR] Beginning Verify and Repair transaction
2014-10-15 16:16:38, Info CSI 00000113 [SR] Repairing corrupted file [ml:520{260},l:90{45}]"\??\C:\Program Files\Internet Explorer\images"\[l:16{8}]"bing.ico" from store
2014-10-15 16:16:39, Info CSI 00000116 [SR] Verify complete
2014-10-15 16:16:39, Info CSI 00000117 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:16:39, Info CSI 00000118 [SR] Beginning Verify and Repair transaction
2014-10-15 16:16:47, Info CSI 0000011b [SR] Verify complete
2014-10-15 16:16:48, Info CSI 0000011c [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:16:48, Info CSI 0000011d [SR] Beginning Verify and Repair transaction
2014-10-15 16:16:49, Info CSI 0000011f [SR] Verify complete
2014-10-15 16:16:50, Info CSI 00000120 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:16:50, Info CSI 00000121 [SR] Beginning Verify and Repair transaction
2014-10-15 16:16:52, Info CSI 00000123 [SR] Verify complete
2014-10-15 16:16:52, Info CSI 00000124 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:16:52, Info CSI 00000125 [SR] Beginning Verify and Repair transaction
2014-10-15 16:17:01, Info CSI 00000127 [SR] Verify complete
2014-10-15 16:17:01, Info CSI 00000128 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:17:01, Info CSI 00000129 [SR] Beginning Verify and Repair transaction
2014-10-15 16:17:05, Info CSI 0000012b [SR] Verify complete
2014-10-15 16:17:05, Info CSI 0000012c [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:17:05, Info CSI 0000012d [SR] Beginning Verify and Repair transaction
2014-10-15 16:17:13, Info CSI 0000012f [SR] Verify complete
2014-10-15 16:17:13, Info CSI 00000130 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:17:13, Info CSI 00000131 [SR] Beginning Verify and Repair transaction
2014-10-15 16:17:23, Info CSI 00000149 [SR] Verify complete
2014-10-15 16:17:23, Info CSI 0000014a [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:17:23, Info CSI 0000014b [SR] Beginning Verify and Repair transaction
2014-10-15 16:17:28, Info CSI 0000014d [SR] Verify complete
2014-10-15 16:17:29, Info CSI 0000014e [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:17:29, Info CSI 0000014f [SR] Beginning Verify and Repair transaction
2014-10-15 16:17:45, Info CSI 00000151 [SR] Verify complete
2014-10-15 16:17:45, Info CSI 00000152 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:17:45, Info CSI 00000153 [SR] Beginning Verify and Repair transaction
2014-10-15 16:17:55, Info CSI 00000156 [SR] Verify complete
2014-10-15 16:17:55, Info CSI 00000157 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:17:55, Info CSI 00000158 [SR] Beginning Verify and Repair transaction
2014-10-15 16:18:01, Info CSI 0000015a [SR] Verify complete
2014-10-15 16:18:01, Info CSI 0000015b [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:18:01, Info CSI 0000015c [SR] Beginning Verify and Repair transaction
2014-10-15 16:18:06, Info CSI 0000015e [SR] Verify complete
2014-10-15 16:18:07, Info CSI 0000015f [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:18:07, Info CSI 00000160 [SR] Beginning Verify and Repair transaction
2014-10-15 16:18:12, Info CSI 00000162 [SR] Verify complete
2014-10-15 16:18:12, Info CSI 00000163 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:18:12, Info CSI 00000164 [SR] Beginning Verify and Repair transaction
2014-10-15 16:18:16, Info CSI 00000168 [SR] Verify complete
2014-10-15 16:18:17, Info CSI 00000169 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:18:17, Info CSI 0000016a [SR] Beginning Verify and Repair transaction
2014-10-15 16:18:23, Info CSI 0000016c [SR] Verify complete
2014-10-15 16:18:23, Info CSI 0000016d [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:18:23, Info CSI 0000016e [SR] Beginning Verify and Repair transaction
2014-10-15 16:18:48, Info CSI 00000170 [SR] Verify complete
2014-10-15 16:18:48, Info CSI 00000171 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:18:48, Info CSI 00000172 [SR] Beginning Verify and Repair transaction
2014-10-15 16:18:55, Info CSI 00000175 [SR] Verify complete
2014-10-15 16:18:55, Info CSI 00000176 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:18:55, Info CSI 00000177 [SR] Beginning Verify and Repair transaction
2014-10-15 16:19:00, Info CSI 0000017a [SR] Verify complete
2014-10-15 16:19:01, Info CSI 0000017b [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:19:01, Info CSI 0000017c [SR] Beginning Verify and Repair transaction
2014-10-15 16:19:09, Info CSI 0000017e [SR] Verify complete
2014-10-15 16:19:09, Info CSI 0000017f [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:19:09, Info CSI 00000180 [SR] Beginning Verify and Repair transaction
2014-10-15 16:19:25, Info CSI 00000183 [SR] Verify complete
2014-10-15 16:19:25, Info CSI 00000184 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:19:25, Info CSI 00000185 [SR] Beginning Verify and Repair transaction
2014-10-15 16:19:33, Info CSI 00000187 [SR] Verify complete
2014-10-15 16:19:33, Info CSI 00000188 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:19:33, Info CSI 00000189 [SR] Beginning Verify and Repair transaction
2014-10-15 16:19:41, Info CSI 0000018b [SR] Verify complete
2014-10-15 16:19:42, Info CSI 0000018c [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:19:42, Info CSI 0000018d [SR] Beginning Verify and Repair transaction
2014-10-15 16:19:50, Info CSI 0000018f [SR] Verify complete
2014-10-15 16:19:50, Info CSI 00000190 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:19:50, Info CSI 00000191 [SR] Beginning Verify and Repair transaction
2014-10-15 16:20:00, Info CSI 00000194 [SR] Verify complete
2014-10-15 16:20:01, Info CSI 00000195 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:20:01, Info CSI 00000196 [SR] Beginning Verify and Repair transaction
2014-10-15 16:20:05, Info CSI 00000198 [SR] Verify complete
2014-10-15 16:20:05, Info CSI 00000199 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:20:05, Info CSI 0000019a [SR] Beginning Verify and Repair transaction
2014-10-15 16:20:12, Info CSI 0000019d [SR] Verify complete
2014-10-15 16:20:12, Info CSI 0000019e [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:20:12, Info CSI 0000019f [SR] Beginning Verify and Repair transaction
2014-10-15 16:20:24, Info CSI 000001a1 [SR] Verify complete
2014-10-15 16:20:24, Info CSI 000001a2 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:20:24, Info CSI 000001a3 [SR] Beginning Verify and Repair transaction
2014-10-15 16:20:32, Info CSI 000001a7 [SR] Verify complete
2014-10-15 16:20:32, Info CSI 000001a8 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:20:32, Info CSI 000001a9 [SR] Beginning Verify and Repair transaction
2014-10-15 16:20:42, Info CSI 000001ab [SR] Verify complete
2014-10-15 16:20:43, Info CSI 000001ac [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:20:43, Info CSI 000001ad [SR] Beginning Verify and Repair transaction
2014-10-15 16:20:53, Info CSI 000001b0 [SR] Verify complete
2014-10-15 16:20:53, Info CSI 000001b1 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:20:53, Info CSI 000001b2 [SR] Beginning Verify and Repair transaction
2014-10-15 16:21:01, Info CSI 000001b4 [SR] Verify complete
2014-10-15 16:21:02, Info CSI 000001b5 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:21:02, Info CSI 000001b6 [SR] Beginning Verify and Repair transaction
2014-10-15 16:21:04, Info CSI 000001b8 [SR] Verify complete
2014-10-15 16:21:05, Info CSI 000001b9 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:21:05, Info CSI 000001ba [SR] Beginning Verify and Repair transaction
2014-10-15 16:21:11, Info CSI 000001bc [SR] Verify complete
2014-10-15 16:21:11, Info CSI 000001bd [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:21:11, Info CSI 000001be [SR] Beginning Verify and Repair transaction
2014-10-15 16:21:19, Info CSI 000001c0 [SR] Verify complete
2014-10-15 16:21:20, Info CSI 000001c1 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:21:20, Info CSI 000001c2 [SR] Beginning Verify and Repair transaction
2014-10-15 16:21:28, Info CSI 000001c4 [SR] Verify complete
2014-10-15 16:21:28, Info CSI 000001c5 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:21:28, Info CSI 000001c6 [SR] Beginning Verify and Repair transaction
2014-10-15 16:21:33, Info CSI 000001c8 [SR] Verify complete
2014-10-15 16:21:34, Info CSI 000001c9 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:21:34, Info CSI 000001ca [SR] Beginning Verify and Repair transaction
2014-10-15 16:21:42, Info CSI 000001cc [SR] Verify complete
2014-10-15 16:21:43, Info CSI 000001cd [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:21:43, Info CSI 000001ce [SR] Beginning Verify and Repair transaction
2014-10-15 16:22:03, Info CSI 000001d0 [SR] Verify complete
2014-10-15 16:22:03, Info CSI 000001d1 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:22:03, Info CSI 000001d2 [SR] Beginning Verify and Repair transaction
2014-10-15 16:22:38, Info CSI 000001d4 [SR] Verify complete
2014-10-15 16:22:39, Info CSI 000001d5 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:22:39, Info CSI 000001d6 [SR] Beginning Verify and Repair transaction
2014-10-15 16:22:48, Info CSI 000001d8 [SR] Verify complete
2014-10-15 16:22:48, Info CSI 000001d9 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:22:48, Info CSI 000001da [SR] Beginning Verify and Repair transaction
2014-10-15 16:22:57, Info CSI 000001dc [SR] Verify complete
2014-10-15 16:22:57, Info CSI 000001dd [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:22:57, Info CSI 000001de [SR] Beginning Verify and Repair transaction
2014-10-15 16:22:59, Info CSI 000001e0 [SR] Verify complete
2014-10-15 16:23:00, Info CSI 000001e1 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:23:00, Info CSI 000001e2 [SR] Beginning Verify and Repair transaction
2014-10-15 16:23:06, Info CSI 000001e4 [SR] Verify complete
2014-10-15 16:23:06, Info CSI 000001e5 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:23:06, Info CSI 000001e6 [SR] Beginning Verify and Repair transaction
2014-10-15 16:23:15, Info CSI 000001e8 [SR] Verify complete
2014-10-15 16:23:16, Info CSI 000001e9 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:23:16, Info CSI 000001ea [SR] Beginning Verify and Repair transaction
2014-10-15 16:23:19, Info CSI 000001ec [SR] Verify complete
2014-10-15 16:23:19, Info CSI 000001ed [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:23:19, Info CSI 000001ee [SR] Beginning Verify and Repair transaction
2014-10-15 16:23:20, Info CSI 000001f0 [SR] Verify complete
2014-10-15 16:23:20, Info CSI 000001f1 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:23:20, Info CSI 000001f2 [SR] Beginning Verify and Repair transaction
2014-10-15 16:23:25, Info CSI 000001fa [SR] Verify complete
2014-10-15 16:23:26, Info CSI 000001fb [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:23:26, Info CSI 000001fc [SR] Beginning Verify and Repair transaction
2014-10-15 16:24:26, Info CSI 000001fe [SR] Verify complete
2014-10-15 16:24:26, Info CSI 000001ff [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:24:26, Info CSI 00000200 [SR] Beginning Verify and Repair transaction
2014-10-15 16:25:24, Info CSI 00000202 [SR] Verify complete
2014-10-15 16:25:25, Info CSI 00000203 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:25:25, Info CSI 00000204 [SR] Beginning Verify and Repair transaction
2014-10-15 16:25:31, Info CSI 00000206 [SR] Verify complete
2014-10-15 16:25:32, Info CSI 00000207 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:25:32, Info CSI 00000208 [SR] Beginning Verify and Repair transaction
2014-10-15 16:25:38, Info CSI 0000020a [SR] Verify complete
2014-10-15 16:25:39, Info CSI 0000020b [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:25:39, Info CSI 0000020c [SR] Beginning Verify and Repair transaction
2014-10-15 16:25:47, Info CSI 0000020f [SR] Verify complete
2014-10-15 16:25:48, Info CSI 00000210 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:25:48, Info CSI 00000211 [SR] Beginning Verify and Repair transaction
2014-10-15 16:25:52, Info CSI 00000213 [SR] Verify complete
2014-10-15 16:25:52, Info CSI 00000214 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:25:52, Info CSI 00000215 [SR] Beginning Verify and Repair transaction
2014-10-15 16:25:55, Info CSI 00000217 [SR] Verify complete
2014-10-15 16:25:55, Info CSI 00000218 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:25:55, Info CSI 00000219 [SR] Beginning Verify and Repair transaction
2014-10-15 16:26:07, Info CSI 0000021c [SR] Verify complete
2014-10-15 16:26:07, Info CSI 0000021d [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:26:07, Info CSI 0000021e [SR] Beginning Verify and Repair transaction
2014-10-15 16:26:24, Info CSI 00000222 [SR] Verify complete
2014-10-15 16:26:25, Info CSI 00000223 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:26:25, Info CSI 00000224 [SR] Beginning Verify and Repair transaction
2014-10-15 16:26:31, Info CSI 00000229 [SR] Verify complete
2014-10-15 16:26:32, Info CSI 0000022a [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:26:32, Info CSI 0000022b [SR] Beginning Verify and Repair transaction
2014-10-15 16:26:39, Info CSI 00000233 [SR] Verify complete
2014-10-15 16:26:40, Info CSI 00000234 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:26:40, Info CSI 00000235 [SR] Beginning Verify and Repair transaction
2014-10-15 16:26:49, Info CSI 0000023f [SR] Verify complete
2014-10-15 16:26:49, Info CSI 00000240 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:26:49, Info CSI 00000241 [SR] Beginning Verify and Repair transaction
2014-10-15 16:26:55, Info CSI 00000243 [SR] Verify complete
2014-10-15 16:26:56, Info CSI 00000244 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:26:56, Info CSI 00000245 [SR] Beginning Verify and Repair transaction
2014-10-15 16:27:02, Info CSI 00000249 [SR] Verify complete
2014-10-15 16:27:02, Info CSI 0000024a [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:27:02, Info CSI 0000024b [SR] Beginning Verify and Repair transaction
2014-10-15 16:27:07, Info CSI 0000024d [SR] Verify complete
2014-10-15 16:27:07, Info CSI 0000024e [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:27:07, Info CSI 0000024f [SR] Beginning Verify and Repair transaction
2014-10-15 16:27:15, Info CSI 00000274 [SR] Verify complete
2014-10-15 16:27:15, Info CSI 00000275 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:27:15, Info CSI 00000276 [SR] Beginning Verify and Repair transaction
2014-10-15 16:27:21, Info CSI 00000278 [SR] Verify complete
2014-10-15 16:27:21, Info CSI 00000279 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:27:21, Info CSI 0000027a [SR] Beginning Verify and Repair transaction
2014-10-15 16:27:26, Info CSI 0000027c [SR] Verify complete
2014-10-15 16:27:27, Info CSI 0000027d [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:27:27, Info CSI 0000027e [SR] Beginning Verify and Repair transaction
2014-10-15 16:27:34, Info CSI 00000280 [SR] Verify complete
2014-10-15 16:27:34, Info CSI 00000281 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:27:34, Info CSI 00000282 [SR] Beginning Verify and Repair transaction
2014-10-15 16:27:40, Info CSI 00000290 [SR] Verify complete
2014-10-15 16:27:40, Info CSI 00000291 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:27:40, Info CSI 00000292 [SR] Beginning Verify and Repair transaction
2014-10-15 16:27:51, Info CSI 00000294 [SR] Verify complete
2014-10-15 16:27:51, Info CSI 00000295 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:27:51, Info CSI 00000296 [SR] Beginning Verify and Repair transaction
2014-10-15 16:27:57, Info CSI 000002a3 [SR] Verify complete
2014-10-15 16:27:57, Info CSI 000002a4 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:27:57, Info CSI 000002a5 [SR] Beginning Verify and Repair transaction
2014-10-15 16:28:02, Info CSI 000002a8 [SR] Verify complete
2014-10-15 16:28:03, Info CSI 000002a9 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:28:03, Info CSI 000002aa [SR] Beginning Verify and Repair transaction
2014-10-15 16:28:07, Info CSI 000002ac [SR] Verify complete
2014-10-15 16:28:07, Info CSI 000002ad [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:28:07, Info CSI 000002ae [SR] Beginning Verify and Repair transaction
2014-10-15 16:28:16, Info CSI 000002b1 [SR] Verify complete
2014-10-15 16:28:16, Info CSI 000002b2 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:28:16, Info CSI 000002b3 [SR] Beginning Verify and Repair transaction
2014-10-15 16:28:18, Info CSI 000002b5 [SR] Verify complete
2014-10-15 16:28:19, Info CSI 000002b6 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:28:19, Info CSI 000002b7 [SR] Beginning Verify and Repair transaction
2014-10-15 16:28:28, Info CSI 000002b9 [SR] Verify complete
2014-10-15 16:28:28, Info CSI 000002ba [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:28:28, Info CSI 000002bb [SR] Beginning Verify and Repair transaction
2014-10-15 16:28:35, Info CSI 000002bd [SR] Verify complete
2014-10-15 16:28:35, Info CSI 000002be [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:28:35, Info CSI 000002bf [SR] Beginning Verify and Repair transaction
2014-10-15 16:28:40, Info CSI 000002c1 [SR] Verify complete
2014-10-15 16:28:40, Info CSI 000002c2 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:28:40, Info CSI 000002c3 [SR] Beginning Verify and Repair transaction
2014-10-15 16:28:48, Info CSI 000002dd [SR] Verify complete
2014-10-15 16:28:49, Info CSI 000002de [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:28:49, Info CSI 000002df [SR] Beginning Verify and Repair transaction
2014-10-15 16:29:15, Info CSI 000002e1 [SR] Verify complete
2014-10-15 16:29:16, Info CSI 000002e2 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:29:16, Info CSI 000002e3 [SR] Beginning Verify and Repair transaction
2014-10-15 16:29:20, Info CSI 000002e5 [SR] Verify complete
2014-10-15 16:29:21, Info CSI 000002e6 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:29:21, Info CSI 000002e7 [SR] Beginning Verify and Repair transaction
2014-10-15 16:29:26, Info CSI 000002e9 [SR] Verify complete
2014-10-15 16:29:26, Info CSI 000002ea [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:29:26, Info CSI 000002eb [SR] Beginning Verify and Repair transaction
2014-10-15 16:29:30, Info CSI 000002ef [SR] Verify complete
2014-10-15 16:29:30, Info CSI 000002f0 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:29:30, Info CSI 000002f1 [SR] Beginning Verify and Repair transaction
2014-10-15 16:29:36, Info CSI 000002f3 [SR] Verify complete
2014-10-15 16:29:36, Info CSI 000002f4 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:29:36, Info CSI 000002f5 [SR] Beginning Verify and Repair transaction
2014-10-15 16:29:42, Info CSI 000002f7 [SR] Verify complete
2014-10-15 16:29:42, Info CSI 000002f8 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:29:42, Info CSI 000002f9 [SR] Beginning Verify and Repair transaction
2014-10-15 16:29:47, Info CSI 000002fb [SR] Verify complete
2014-10-15 16:29:48, Info CSI 000002fc [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:29:48, Info CSI 000002fd [SR] Beginning Verify and Repair transaction
2014-10-15 16:29:54, Info CSI 00000300 [SR] Verify complete
2014-10-15 16:29:54, Info CSI 00000301 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:29:54, Info CSI 00000302 [SR] Beginning Verify and Repair transaction
2014-10-15 16:29:59, Info CSI 00000304 [SR] Verify complete
2014-10-15 16:29:59, Info CSI 00000305 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:29:59, Info CSI 00000306 [SR] Beginning Verify and Repair transaction
2014-10-15 16:30:07, Info CSI 00000308 [SR] Verify complete
2014-10-15 16:30:08, Info CSI 00000309 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:30:08, Info CSI 0000030a [SR] Beginning Verify and Repair transaction
2014-10-15 16:30:15, Info CSI 0000030c [SR] Verify complete
2014-10-15 16:30:15, Info CSI 0000030d [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:30:15, Info CSI 0000030e [SR] Beginning Verify and Repair transaction
2014-10-15 16:30:23, Info CSI 00000311 [SR] Verify complete
2014-10-15 16:30:23, Info CSI 00000312 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:30:23, Info CSI 00000313 [SR] Beginning Verify and Repair transaction
2014-10-15 16:30:30, Info CSI 00000315 [SR] Verify complete
2014-10-15 16:30:31, Info CSI 00000316 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:30:31, Info CSI 00000317 [SR] Beginning Verify and Repair transaction
2014-10-15 16:30:37, Info CSI 00000319 [SR] Verify complete
2014-10-15 16:30:37, Info CSI 0000031a [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:30:37, Info CSI 0000031b [SR] Beginning Verify and Repair transaction
2014-10-15 16:30:44, Info CSI 0000031d [SR] Verify complete
2014-10-15 16:30:44, Info CSI 0000031e [SR] Verifying 92 (0x000000000000005c) components
2014-10-15 16:30:44, Info CSI 0000031f [SR] Beginning Verify and Repair transaction
2014-10-15 16:30:51, Info CSI 00000321 [SR] Verify complete
lehbird
Regular Member
 
Posts: 40
Joined: September 5th, 2010, 12:01 am

Re: Blue Screen Twice in the last 4 Days

Unread postby pgmigg » October 16th, 2014, 1:22 am

Hello Dave,

Had trouble following step 3 under System File checker. Not sure where you are asking me to paste the command as I cant paste at the DOS prompt. After it completed, it directed me to output "CBS.log" ; but its 7 MB in size. Toolbox output is below.
My apologies! :oops: Will fix my instruction...
Good job anyway! :D Let continue...

Step 1.
System File Checker - Scan and Repair
  1. Please open the Start Menu, type cmd in the search box, right click on cmd.exe (at top), and click on "Run as administrator...". The elevated command prompt opens to C:\Windows\System32
  2. In the elevated command prompt (DOS prompt), type sfc /scannow, then press Enter. Please be patience - it may take a while...
  3. When the scan is complete, copy and paste the command below to opened elevated command prompt (DOS prompt), and press Enter.
    Code: Select all
    findstr /c:"[SR]" %windir%\Logs\CBS\CBS.log >"%userprofile%\Desktop\sfcdetails.txt"

    This will place a sfcresults.txt file on your Desktop
  4. Close the elevated command prompt.
  5. Open the sfcresults.txt file on your Desktop by Notepad.
  6. Please copy and paste the contents of the sfcresults.txt file in your next reply.

Step 2.
Remove Program(s)
  1. Click on Start, then click the Start Search box on the Start Menu.
  2. Copy and paste the value below without into the open text entry box:
    (Do not include the words Code: Select all - instead of it please click the Select all button next to Code: to select the entire script.)
    Code: Select all
     appwiz.cpl 
    and press Enter - the Unistall or change a program list will be opened.
  3. Click each Entry, as follows, one by one, if it exists, choose Uninstall, and give permission to Continue:
    AccelerateTab
    Best Buy pc app
    IObit Apps Toolbar v9.8
    Smart Defrag 3
  4. Take extra care in answering questions posed by any Uninstaller.
  5. When the program(s) have been uninstalled, please close Control Panel.

Step 3.
OTL - Download
Please download OTL.exe by Old Timer and save it to your Desktop.

OTL - Scan
Important! Close all applications and windows so that you have nothing open and are at your Desktop.
  1. Right click on OTL.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  2. Under Output, ensure that Standard Output is selected.
  3. Check the boxes labeled:
    • Include 64 bit scans
    • Scan All Users
    • LOP check
    • Purity check
    • Extra Registry > Use SafeList
  4. Click on Run Scan at the top left hand corner.
  5. When done, two Notepad files will open.
    • OTL.txt <-- Will be opened, maximized
    • Extras.txt <-- Will be minimized on task bar.
  6. Please post the contents of both OTL.txt and Extras.txt files in your next reply.

Then:
Please tell me - did you ever had Lavasoft AdAware installed on your computer?

Please post each log separately to prevent it being cut off by the forum post size limiter.
Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections....

Please include in your next reply:
  1. Do you have any problems executing the instructions?
  2. Contents of sfcresults.txt file
  3. Contents of a OTL.txt log file
  4. Contents of a Extras.txt log file
  5. Answer for my question about AdAware
  6. Do you see any changes in computer behavior?

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3187
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: Blue Screen Twice in the last 4 Days

Unread postby lehbird » October 16th, 2014, 9:40 pm

Hello:



Do you have any problems executing the instructions? No
Contents of sfcresults.txt file- I actually had figured this out previously and the output is directly ABOVE this one.
Contents of a OTL.txt log file- Below
Contents of a Extras.txt log file- Below
Answer for my question about AdAware- I do not believe I have had Adaware installed on this PC; but am not 100% sure.
Do you see any changes in computer behavior? - No; other than the fact I have not had any blue screen crashes.


Thanks,

Dave
lehbird
Regular Member
 
Posts: 40
Joined: September 5th, 2010, 12:01 am

Re: Blue Screen Twice in the last 4 Days

Unread postby lehbird » October 16th, 2014, 9:40 pm

OTL Extras logfile created on: 10/16/2014 9:28:41 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Owner\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17358)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.95 Gb Total Physical Memory | 5.76 Gb Available Physical Memory | 72.41% Memory free
15.90 Gb Paging File | 13.38 Gb Available in Paging File | 84.15% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 903.39 Gb Total Space | 604.09 Gb Free Space | 66.87% Space Free | Partition Type: NTFS
Drive D: | 149.05 Gb Total Space | 32.45 Gb Free Space | 21.77% Space Free | Partition Type: NTFS
Drive H: | 465.65 Gb Total Space | 275.51 Gb Free Space | 59.17% Space Free | Partition Type: FAT32
Drive I: | 465.73 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: NTFS

Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = OperaStable] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = OperaStable] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-1198750336-2114330506-812848513-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1"
https [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1"
https [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{16650CB2-0223-4605-BE05-9C0F47F533A2}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1903F27F-C42F-4455-8352-85FA10C15C96}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{255291E5-C07E-44C9-8320-9AFA6983B3C7}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2F10BC57-60C8-4373-B3F2-F257FD0DDAED}" = lport=2869 | protocol=6 | dir=in | app=system |
"{32C303EC-3F4A-4366-92C4-2DEBF04C6AEA}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{3F9AA66B-C813-4C1E-85CD-E003EDB27FF7}" = lport=10243 | protocol=6 | dir=in | app=system |
"{424FFFC9-42F9-47F2-9AFE-536F1DBA52C2}" = rport=10243 | protocol=6 | dir=out | app=system |
"{43C3083E-C3AC-4E89-B03A-7E7F3EAC4769}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{65A2B3F3-A4D0-4E47-9738-158CF30B22A9}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{67C629A6-F0B8-458D-8652-B1705D02BC58}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{706F35C3-0A17-4DCF-9DAB-0FDF25600D30}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{73A64035-C62E-426B-9112-6E2C1CF6C08E}" = lport=139 | protocol=6 | dir=in | app=system |
"{7518762F-D64D-4BF4-A6F7-FC35BDD29F72}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{8306127B-EABB-4FEC-9195-AFE5DC0AAC02}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{89D3CF3F-5B41-4085-A947-348B9D1C1414}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A09FB7B0-649B-4298-B6DB-ACB6A17B73B8}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B387C549-6CD6-4877-82F9-4EE2CBC17CF0}" = rport=138 | protocol=17 | dir=out | app=system |
"{B59EED2F-28EA-4B83-9277-9443BE99184E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{B8558296-A6F3-4E0C-9FA2-18E695418029}" = lport=137 | protocol=17 | dir=in | app=system |
"{B8DAE2A4-7940-4D1B-B15E-4D970321F15B}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{BC2FB2E0-0FFC-4A73-A871-C40735DDBD47}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{C0FD7379-3B0C-4AB6-8515-BBF35970E61A}" = rport=445 | protocol=6 | dir=out | app=system |
"{C253D7FE-DB13-46FE-9712-E0346C294461}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C2BEE02B-9627-4258-999F-74937A0DF6E6}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{C86966DD-104C-49AB-B8DF-20B7ECC90FEF}" = lport=138 | protocol=17 | dir=in | app=system |
"{CAE2023E-ADA8-4A86-80E1-85AB1B8B235B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D9D11371-5400-4923-B7F7-6443C3DBE9AD}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F0DD02F0-FB2E-4184-AAF3-093CCF55C137}" = rport=137 | protocol=17 | dir=out | app=system |
"{F2D64C00-A033-4D61-BCD4-C60C2DFC4505}" = rport=139 | protocol=6 | dir=out | app=system |
"{F5C00DC3-20F3-455C-908A-732CF712BD70}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F990C853-7D18-43A5-9959-EB5217545158}" = lport=445 | protocol=6 | dir=in | app=system |
"{FBE28AAA-DCCF-4B4D-9EB4-C5FB96C0A93F}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0466D0FB-3129-4606-872F-747EF9A07804}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{04717589-8A08-437E-8EB8-7DA85A4856C9}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr8.exe |
"{06A78A83-A75D-4E32-9E04-526F3F1D1DAC}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{07E51FE4-3A4B-4514-9112-5502DBEC1466}" = dir=in | app=c:\rex auto update\updater.exe |
"{1048F7B8-072A-4753-B096-7CE3DA76E15A}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{23B1601D-3A15-4E4B-B6E9-16AAC039DBF4}" = dir=in | app=c:\program files\hp\hp laserjet pro mfp m127-m128\bin\faxprinterutility.exe |
"{2BC8E09F-DFF1-44F1-85C2-189ADA1735D3}" = protocol=6 | dir=in | app=c:\program files (x86)\ventrilo\ventrilo.exe |
"{2C67E6BD-FD79-4A89-AF39-900C52A6CDA7}" = protocol=6 | dir=in | app=c:\rex essential plus\rexrepairdb.exe |
"{3261DEE1-3A25-4587-9588-866DFE8D8218}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3593F469-F0AB-4D34-BF8A-4BB16B124522}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe |
"{35AA924A-D2FC-42E2-B9F9-F58B9370BA7C}" = dir=in | app=c:\program files\hp\hp laserjet pro mfp m127-m128\bin\sendafax.exe |
"{38864ADA-8EAA-4E31-A2C2-088410786B70}" = protocol=6 | dir=in | app=c:\rex essential plus\rex.exe |
"{3B0335D3-B0FF-40FC-A76E-37480A623A50}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{3E361099-7DA3-4CD4-BFCC-AB206618F446}" = protocol=17 | dir=in | app=c:\users\owner\appdata\local\temp\piper navajo version 2\prodact.exe |
"{459001D1-23CA-4647-98AE-CFA10641BEB6}" = protocol=6 | dir=out | app=system |
"{5311A437-E9A2-45E5-B799-97CC56922BC0}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{57219F77-E694-472D-BC3C-994A26F13385}" = protocol=17 | dir=in | app=d:2\downloads\flight zips\fsd\prodact.exe |
"{5812899E-FCCD-40F8-B44B-38FB09E64C0B}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{59E2D3D4-0EE2-40AA-8960-BC1DD6BF1DCA}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5D2DF6B4-0964-4772-A469-5F957C4C6CED}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{6874C3B1-C03A-4632-98A8-EE1A0ABA4C7D}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{6ADE43CE-ECE5-4105-8C9F-AEA5374925E5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{748C9DC1-0733-4CC6-9674-AE35642E43CF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7B65F9D9-AD68-43EE-894D-5AC803D89F58}" = protocol=17 | dir=in | app=c:\program files (x86)\ventrilo\ventrilo.exe |
"{7F788DAF-44CF-4094-AE4B-16DB17B9175A}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{806D92F6-A7D9-46B5-8AD7-DD38C0C4F8FC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{8229A2C9-91C9-414B-8E4C-883A7159CE23}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{844891A5-EB36-4CD0-BCB4-770A45814084}" = dir=in | app=c:\program files (x86)\hp\hp laserjet pro mfp m127-m128\bin\faxapplications.exe |
"{89A9BC5E-920B-4CBA-851F-AF6C0EF4B8F0}" = protocol=17 | dir=in | app=c:\rex essential plus\rex.exe |
"{987855A3-CDE5-43D4-97B9-EA0B37D3FFDF}" = protocol=6 | dir=in | app=d:2\downloads\flight zips\fsd\prodact.exe |
"{991CCD4D-9EFD-48E0-94A8-257F992C7F07}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{99590721-13D1-4064-AB6E-FA2100369873}" = dir=in | app=c:\program files\hp\hp laserjet pro mfp m127-m128\bin\hpnetworkcommunicatorcom.exe |
"{A66D3658-6F0D-4B3F-AD9C-9D1B945C6761}" = dir=in | app=c:\program files (x86)\hp\hp laserjet pro mfp m127-m128\bin\ewsproxy.exe |
"{AB156A5E-534A-4748-8715-699FA15D0C41}" = dir=in | app=c:\rex auto update\rexappupdater.exe |
"{ABF656C8-F3A0-4055-BE21-A06CB0EB8EC0}" = protocol=17 | dir=in | app=c:\rex essential plus\rexrepairdb.exe |
"{B83B6ADC-95B2-4235-8EE0-E4BF99A96E34}" = protocol=6 | dir=in | app=c:\users\owner\appdata\local\temp\piper navajo version 2\prodact.exe |
"{C833A0B7-1551-4554-8239-A708E4919007}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CB01262E-619B-4579-AC63-6E2590B5BF07}" = dir=in | app=c:\program files (x86)\hp\hp laserjet pro mfp m127-m128\bin\hpnetworkcommunicatorcom.exe |
"{CBA3B721-268F-4E23-B5C1-DA1598019BB3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D8548344-97FC-49E2-8277-B733C1D68BE6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D952BDAF-520F-4C25-852F-F0C2E10DBE27}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E2770683-525C-4E7E-99A8-635A8FDADF25}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{E4798FC1-D29D-4772-B48C-C0D4AB370F92}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{E7051FA1-2247-4A76-9F78-039DC5E128AA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EF3D36C0-490E-44CC-9147-11544812B62F}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F58A01F5-043C-447A-939E-3FA6DFDC0675}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{F9DAD7EE-E0AC-4FDD-B3D5-B2AA0121C9F3}" = dir=in | app=c:\windows\system32\lxebcoms.exe |
"{FBBBE5A8-0213-443A-94DF-5564570A7B03}" = dir=in | app=c:\rex texture direct\rextexturedirect.exe |
"{FEB9E440-04C4-4AF2-8EB4-706315FBECC2}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"TCP Query User{1704327E-FD2B-403D-B1B2-73C77BC7C1CA}C:\users\owner\appdata\local\temp\g2_1470\g2viewer.exe" = protocol=6 | dir=in | app=c:\users\owner\appdata\local\temp\g2_1470\g2viewer.exe |
"TCP Query User{3AC32DCD-FA9A-4331-A8AF-B907F7FA07ED}C:\program files (x86)\fsfdt\control panel\fsfdtcp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\fsfdt\control panel\fsfdtcp.exe |
"TCP Query User{5B135299-2362-4107-AB48-D93A7AC521CD}C:\users\owner\appdata\local\temp\g2_1337\g2viewer.exe" = protocol=6 | dir=in | app=c:\users\owner\appdata\local\temp\g2_1337\g2viewer.exe |
"TCP Query User{8C7D4AF8-B4D2-4059-A675-3B295F118CA0}C:\program files (x86)\fsfdt\fwinn\fwinn.exe" = protocol=6 | dir=in | app=c:\program files (x86)\fsfdt\fwinn\fwinn.exe |
"TCP Query User{99F9A503-B100-4DAC-8630-84A16D2E92CA}C:\users\owner\appdata\roaming\gameranger\gameranger\gameranger.exe" = protocol=6 | dir=in | app=c:\users\owner\appdata\roaming\gameranger\gameranger\gameranger.exe |
"TCP Query User{9C26F40D-1EFB-42EC-B032-3081EB742370}C:\program files (x86)\microsoft games\microsoft flight simulator x\fsx.exe" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\microsoft flight simulator x\fsx.exe |
"TCP Query User{A3F48473-CC58-479A-9014-2BFD1AD66615}C:\program files (x86)\microsoft games\microsoft flight simulator x\aerosoft\airbus x extended\airbusxconnectextended.exe" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\microsoft flight simulator x\aerosoft\airbus x extended\airbusxconnectextended.exe |
"TCP Query User{A5DFC2CD-C8AD-421C-A80E-62E409A0E319}C:\program files (x86)\microsoft games\microsoft flight simulator x\maddog2008\mdcp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\microsoft flight simulator x\maddog2008\mdcp.exe |
"TCP Query User{A8FD6F3D-B861-48B9-B438-37C1C6C89232}C:\program files (x86)\internet download manager\idman.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet download manager\idman.exe |
"TCP Query User{E2C713BC-2D89-4A1B-B7BE-68B17CEEAE77}C:\users\owner\appdata\local\temp\g2_943\g2viewer.exe" = protocol=6 | dir=in | app=c:\users\owner\appdata\local\temp\g2_943\g2viewer.exe |
"TCP Query User{EE6716F4-8AD9-40D6-870C-36714D4FE7DA}C:\program files (x86)\microsoft games\links 2003\linksmmiii.exe" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\links 2003\linksmmiii.exe |
"TCP Query User{F3A937C7-964C-40D2-A5BF-5184F9839A34}C:\users\owner\appdata\local\vpilot\vpilot.exe" = protocol=6 | dir=in | app=c:\users\owner\appdata\local\vpilot\vpilot.exe |
"UDP Query User{0CC655A2-7B74-4BD5-B51D-8DBD419E4972}C:\program files (x86)\microsoft games\microsoft flight simulator x\maddog2008\mdcp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\microsoft flight simulator x\maddog2008\mdcp.exe |
"UDP Query User{0EB2834E-CD54-4CF0-A8ED-9F4518701C12}C:\users\owner\appdata\local\vpilot\vpilot.exe" = protocol=17 | dir=in | app=c:\users\owner\appdata\local\vpilot\vpilot.exe |
"UDP Query User{192C30F2-F4B3-4779-9FBC-1BB7CCE3D068}C:\program files (x86)\microsoft games\microsoft flight simulator x\aerosoft\airbus x extended\airbusxconnectextended.exe" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\microsoft flight simulator x\aerosoft\airbus x extended\airbusxconnectextended.exe |
"UDP Query User{365C9617-6FAF-43F9-8216-ADAF473D3D92}C:\program files (x86)\microsoft games\microsoft flight simulator x\fsx.exe" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\microsoft flight simulator x\fsx.exe |
"UDP Query User{51A786FB-4186-4663-9C01-A041DECFC8ED}C:\program files (x86)\fsfdt\control panel\fsfdtcp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\fsfdt\control panel\fsfdtcp.exe |
"UDP Query User{5CAFB344-668F-4014-857A-90A9265D6DCB}C:\users\owner\appdata\local\temp\g2_1470\g2viewer.exe" = protocol=17 | dir=in | app=c:\users\owner\appdata\local\temp\g2_1470\g2viewer.exe |
"UDP Query User{67C751DE-E2D2-4170-81BF-627C2E046B2E}C:\users\owner\appdata\roaming\gameranger\gameranger\gameranger.exe" = protocol=17 | dir=in | app=c:\users\owner\appdata\roaming\gameranger\gameranger\gameranger.exe |
"UDP Query User{95052D16-0B24-40A6-84F6-56F4312FF62D}C:\users\owner\appdata\local\temp\g2_1337\g2viewer.exe" = protocol=17 | dir=in | app=c:\users\owner\appdata\local\temp\g2_1337\g2viewer.exe |
"UDP Query User{AE9B50C5-4193-4CD5-A5FF-0DF11954CD78}C:\program files (x86)\fsfdt\fwinn\fwinn.exe" = protocol=17 | dir=in | app=c:\program files (x86)\fsfdt\fwinn\fwinn.exe |
"UDP Query User{BDB1FC96-FD68-4D18-A237-C55E6A0B2795}C:\program files (x86)\microsoft games\links 2003\linksmmiii.exe" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\links 2003\linksmmiii.exe |
"UDP Query User{D61F9E64-1075-451B-ACB6-86062B2720AB}C:\program files (x86)\internet download manager\idman.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet download manager\idman.exe |
"UDP Query User{F563A596-0EAC-4996-AA0E-704C0F272B3C}C:\users\owner\appdata\local\temp\g2_943\g2viewer.exe" = protocol=17 | dir=in | app=c:\users\owner\appdata\local\temp\g2_943\g2viewer.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{09536BA1-E498-4CC3-B834-D884A67D7E34}" = Intel® Trusted Connect Service Client
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{30E20E5D-5E4E-4874-A35A-952DB3582C29}" = HP Unified IO
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6096C0CC-7E19-4355-87F0-627EC5AA146D}" = iCloud
"{65072E52-F51B-4280-9DA6-EA5F1EE72C3A}" = HP LaserJet Pro MFP M127-M128 Fax Driver
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A508D5A2-3AC1-4594-A718-A663D6D3CF11}" = Windows Live Remote Service Resources
"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources
"{A7C403DA-B8D9-4CA0-93D9-6C7F00772240}" = WD SmartWare
"{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb" = Internet Explorer (Enable DEP)
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.1.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 340.50
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.13.1220
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 15.3.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 15.3.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.23
"{B678797F-DF38-4556-8A31-8B818E261868}" = Apple Mobile Device Support
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{C5835004-643A-4EB6-A280-706F9F62F985}" = HP LaserJet Pro MFP M127-M128 Fax
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240DD}" = WinZip 17.5
"{CFF3C688-2198-4BC3-A399-598226949C39}" = Windows Live Remote Client Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E75776B2-EAE5-42F9-A800-0A10763DEDF0}" = Microsoft SQL Server 2012 Express LocalDB
"{F46AA0F1-E284-4878-A462-5F11B9166C0E}" = iTunes
"{FBBC4667-2521-4E78-B1BD-8706F774549B}" = Best Buy pc app
"WinRAR archiver" = WinRAR 4.20 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{0877F595-254F-45F4-991D-3F72E86B17CE}" = Quicken 2014
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail
"{178F0383-A2F1-427C-9881-6EACB8728C76}" = hppLaserJetService
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}" = iSEEK AnswerWorks English Runtime
"{18D5B189-DBDD-4E57-A84B-58C7700E9BB0}" = hppM125LaserJetService
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20708FD5-E94D-4097-A21E-E28564CDBC06}" = PMDG 737 8900 NGX
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2C886751-51BD-4A8C-B33A-B4C513AB5B9A}" = HPLJUTM127_128
"{2F518061-89DB-4AF0-9A7A-2BF73B60E6F0}" = HP LJ M127128 Scan HP Scan
"{30DD7187-F392-4D83-8AED-D9A2DC64EF15}" = HPLJUTCore
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3717C4F2-7412-4793-9BB8-D73D2817B3D6}" = USB Video/Audio Device Driver
"{37A5C624-2CDB-4FFF-A403-184B0F13E06F}" = DC-8 Jetliner Series 50 to 70
"{39E82AED-424D-40B2-B815-5AB148A99AEA}" = PMDG_744-8F_5XF
"{3A8DED06-80E7-4555-AA1F-FF4A2A4D353C}" = Aerosoft's - DHC-6 Twin Otter X
"{3b050369-8d19-413d-9dec-84ff278472eb}" = HP LaserJet Pro MFP M127-M128
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}" = Microsoft ASP.NET MVC 4 Runtime
"{43B43577-2514-4CE0-B14A-7E85C17C0453}" = Windows Live Essentials
"{4664ED39-C80A-48F7-93CD-EBDCAFAB6CC5}" = Windows Live Writer Resources
"{4847BBB9-EADD-4C92-90BF-4223B0892FF6}" = Microsoft Flight Simulator X Service Pack 2
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{507B1304-194A-4204-A9D9-9BAAF51EF760}" = WD Quick View
"{522D9652-EA10-455F-B8C5-31D82763D463}" = FS Cabin Crew
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{56EF51F0-07F5-4852-9C22-B2E7043C3D0B}" = smartCARS for Virtual United Airlines
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{587B7A6F-CA1F-4639-9083-16F9BB2363B4}" = Sound Blaster X-Fi Go! Pro
"{5ABA58A2-8962-4C74-A07E-2D01AD834BB3}" = aerosoft's - USCitiesX - Cleveland
"{5C1C996E-9CC9-ACD8-B688-03FEED4E4767}" = Fooz Kids
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{5E4DD8C2-A906-4F1B-94B6-4F6A51D625B2}" = HPLJDXPHelper
"{5FE545A1-D215-4216-9189-E7B39C9D1CC1}" = Quicken 2011
"{612631AC-0D84-4116-9D8A-D2D63467B7BF}" = HP LaserJet Pro MFP M127-M128 HP Device Toolbox
"{62022DCB-BA92-4EC2-AE03-9B946E4DBF12}" = hpbDSService
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{62BF4BD3-B1F6-4FA2-8388-CC0647ACBF86}" = Nero Multimedia Suite 10 Essentials
"{644063FA-ABA3-42AC-A8AC-3EDC0706018B}" = Windows Live Mesh
"{6470E292-3B55-41DC-B5EB-91C34C5ACB5D}" = hpStatusAlerts
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
"{68AFA3A7-9265-4ABD-994A-ACA413E3715C}" = Nero Multimedia Suite 10 Essentials
"{6B1F09C0-85C2-4C7B-90F0-D02D32A739A1}_is1" = EFASS - Electronic Flight Assistant version 1.0.1714.5921
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{6EFDC00B-38D1-47FD-8127-5F5120B9BF51}" = PVACARS
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72E40002-8CEC-47C1-A099-83AC8E173BF0}" = WD Drive Utilities
"{75B8A55E-0762-4676-AAC0-6FDF025B034B}" = Citrix Online Launcher
"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack
"{78002155-F025-4070-85B3-7C0453561701}" = Apple Application Support
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{7E4D5716-374A-4DB6-90CF-D2AEB67362CE}_is1" = Navigraph FMS Data Manager 1.0.11.0603
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Gateway Recovery Management
"{80407BA7-7763-4395-AB98-5233F1B34E65}" = NVIDIA PhysX
"{81E4F98A-075E-418A-80A1-28A96F2EA979}" = FS Cabin Crew English Pack
"{822DE07E-BD3D-462C-BA2D-B9185679DD12}" = REX Auto Update
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{87C84B9E-85AA-4CDE-ADE3-1C413901AD94}" = PMDG_744-8F_5YF
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8D68CE08-9A14-4B7B-9857-3C646A2F34C7}" = Fooz Kids Platform
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FF3891F-01B5-4A71-BFCD-20761890471C}" = Windows Live Messenger
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{912D30CF-F39E-4B31-AD9A-123C6B794EE2}" = HP Update
"{92374A19-CD4A-498F-92CB-26473EF31FB3}" = hpStatusAlertsM127-M128
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93A32543-0107-4885-A754-70B687522AF4}" = VIPRE Antivirus
"{95120000-003F-0409-0000-0000000FF1CE}" = Microsoft Office Excel Viewer
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DA3F03B-2CEE-4344-838E-117861E61FAF}" = Windows Live Mail
"{9E54E4AE-B67A-4925-8E92-0E1F9817FD73}" = inSSIDer Home
"{9EEBFB87-4FE5-0FB3-FD43-5195C7A9ECFB}" = FSX Fiber Accelerator Demo
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A199DB88-E22D-4CE7-90AC-B8BE396D7BF4}" = Windows Live Movie Maker
"{A3F10A1D-6CAB-4072-B498-22CE4D51AC76}" = PVACARS II
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A484CDF7-6B53-4191-95D8-17C6259A965B}" = HP Product FWUpdater
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.08)
"{AF27296B-E0F5-4135-B12A-9C112A8E0B52}" = smartCARS for Virtual United Airlines
"{AF45AC4A-170D-4044-AD0B-E8A2FB434941}" = Worldwide Virtual ACARS
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B1CB7E99-4685-45CB-867E-2FB58EDA0A39}" = HP Unified IO
"{B33B61FE-701F-425F-98AB-2B85725CBF68}" = Windows Live Photo Common
"{B3BE54A4-8DFE-4593-8E66-56AB7133B812}" = Windows Live Writer
"{B5409C23-DE0C-4B48-8C8A-50AE38694955}" = HPLJProMFPM127M128
"{ba99df5b-3e46-419e-81e2-544352772fda}" = WD SmartWare Installer
"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
"{C1D1FC57-3EB9-4B21-BCA3-F1C927508200}" = VIPRE Antivirus
"{C331926D-5708-4DDF-ABCE-8A812720D2EE}" = vUAL ACARs
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{C9E1343D-E21E-4508-A1BE-04A089EC137D}" = Windows Live Messenger
"{CACCC25C-70B5-4FD1-AF01-10D11B87DED8}" = REX 4 - Texture Direct
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D61CA184-3F6D-4A50-B2CC-7A18447D6A8D}" = Microsoft Flight Simulator SimConnect Client v10.0.61259.0
"{D6D05534-9904-4951-9C80-11D24C5926D2}" = REX Essential Plus
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DF71ABBB-B834-41C0-BB58-80B0545D754C}" = Windows Live UX Platform Language Pack
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{E45EC4EA-CE0C-4F1C-9DA4-908A5860CDBA}" = PMDG744XF_GE_5XF
"{E55079D6-0CC0-4AFD-A69A-7BF538492433}" = REX Auto Update
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{EAECD0D7-F27D-4F13-8312-A9C0B5C5F1B7}" = LJDXPHelperUI
"{EB7C076C-719C-4030-8864-AB20F326E714}" = kACARS_Free
"{EDCEE320-0FB3-4197-9F86-8C1CCF2278FB}" = PMDG 747-400/400F for FSX
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Gateway Updater
"{EF292659-1504-4F78-A737-471E50D8E0A1}" = HPDXP
"{F08687B3-BB9A-4CBC-AE6B-BDF4B642E7BA}" = hpbM128DSService
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1AE1E08-5094-46AD-AA4D-670C482723B2}_is1" = Active Sky Next for FSX
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{F77EF646-19EB-11E1-9A9E-984BE15F174E}" = Evernote v. 4.5.2
"{F7A46527-DF1F-4B0F-9637-98547E189442}" = Windows Live Galeria de Fotos
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FAE97B40-E8E2-4B52-9A9E-219C3CCC0107}" = HP LaserJet Pro MFP M127-M128 Fax
"{FBBC4667-2521-4E78-B1BD-8706F774549B}" = Best Buy pc app
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FED35768-B947-44EB-92CC-A17D24B8439A}" = CLOUD9 Orlando FSX 1.01
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"309E6243-31FB-434E-9FF5-9AFEB1542DAD" = VAFS5
"441_conquestfsx" = Flight 1 Software Cessna 441fsx - Conquest II 2.3
"721PRO_FSX" = 727-100 Base Pack 2.3
"727F_FSX" = 727 Freighter Expansion Model 2.3
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 15 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 15 Plugin
"Airbus X Extended - FSX" = Aerosoft's - Airbus X Extended - FSX
"ArtistScope Plugin FX" = ArtistScope Plugin FX
"B200 King Air HD SERIES FSX/P3D" = B200 King Air HD SERIES FSX/P3D
"C130XPRO" = C-130 X-perience Pro Pack 1.3
"C185 SKYWAGON FSX" = C185 SKYWAGON FSX
"C185F SKYWAGON BUSH FSX" = C185F SKYWAGON BUSH FSX
"C90B King Air HD SERIES FSX/P3D" = C90B King Air HD SERIES FSX/P3D
"Carbonite Backup" = Carbonite
"Carenado C208B Grand Caravan FSX/P3D" = Carenado C208B Grand Caravan FSX/P3D
"Carenado C340 II FSX/P3D" = Carenado C340 II FSX/P3D
"DEMO" = 767 Captain FREE DEMO
"EZ Scenery Library" = EZ Scenery Library
"EZdok Camera for Microsoft Flight Simulator X" = EZdok Camera for Microsoft Flight Simulator X
"Fly the MADDOG 2008" = Fly the MADDOG 2008
"FoozKids" = Fooz Kids
"FSD Pilatus Porter Amphibian V 2 for FS X" = FSD Pilatus Porter Amphibian V2 for FS Xn\Uninstall\FoozKids
"FSD Pilatus Porter Landplane V 2 for FS X" = FSD Pilatus Porter Landplane V2 for FS X
"FSD Piper Navajo Version for FS X" = FSD Piper Navajo V2 for FS X
"FSDreamTeam Fort Lauderdale-Hollywood FSX_is1" = FSDreamTeam Fort Lauderdale-Hollywood FSX
"FSDreamTeam GSX_is1" = FSDreamTeam GSX 1.7.9.8
"FSFDT FSCopilot" = FSFDT FSCopilot
"FSFDT FSInn" = FSFDT FSInn
"Gateway Registration" = Gateway Registration
"Gateway Screensaver" = Gateway ScreenSaver
"Gateway Welcome Center" = Welcome Center
"Google Chrome" = Google Chrome
"Ground Environment X North America" = Ground Environment X North America
"Hotkey Utility" = Hotkey Utility
"Identity Card" = Identity Card
"InstallShield_{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"LatinVFR Cayman Islands for FSX" = LatinVFR Cayman Islands for FSX
"LatinVFRMKJPFSX_is1" = Latin VFR MKJP FSX
"Legacy 'The Luxury Aircraft Collection'" = Legacy 'The Luxury Aircraft Collection'
"Links 2003 1.0" = Microsoft Links 2003
"MegaSceneryEarth Pennsylvania 001 2.00" = MegaSceneryEarth Pennsylvania 001 2.00
"MegaSceneryEarth Pennsylvania 002 2.00" = MegaSceneryEarth Pennsylvania 002 2.00
"MegaSceneryEarth Pennsylvania 003 2.00" = MegaSceneryEarth Pennsylvania 003 2.00
"MegaSceneryEarth Pennsylvania 004 2.00" = MegaSceneryEarth Pennsylvania 004 2.00
"MegaSceneryEarth Pennsylvania 005 2.00" = MegaSceneryEarth Pennsylvania 005 2.00
"MegaSceneryEarth Pennsylvania 006 2.00" = MegaSceneryEarth Pennsylvania 006 2.00
"MegaSceneryEarth Pennsylvania 007 2.00" = MegaSceneryEarth Pennsylvania 007 2.00
"MegaSceneryEarth Pennsylvania 008 2.00" = MegaSceneryEarth Pennsylvania 008 2.00
"MegaSceneryEarth Pennsylvania 009 2.00" = MegaSceneryEarth Pennsylvania 009 2.00
"MegaSceneryEarth Pennsylvania 010 2.00" = MegaSceneryEarth Pennsylvania 010 2.00
"MegaSceneryEarth Pennsylvania 011 2.00" = MegaSceneryEarth Pennsylvania 011 2.00
"MegaSceneryEarth Pennsylvania 012 2.00" = MegaSceneryEarth Pennsylvania 012 2.00
"MegaSceneryEarth Pennsylvania 013 2.00" = MegaSceneryEarth Pennsylvania 013 2.00
"MegaSceneryEarth Pennsylvania 014 2.00" = MegaSceneryEarth Pennsylvania 014 2.00
"MegaSceneryEarth Pennsylvania 015 2.00" = MegaSceneryEarth Pennsylvania 015 2.00
"MegaSceneryEarth Pennsylvania 016 2.00" = MegaSceneryEarth Pennsylvania 016 2.00
"MegaSceneryEarth Pennsylvania 017 2.00" = MegaSceneryEarth Pennsylvania 017 2.00
"MegaSceneryEarth Philadelphia Ultra Res 001 2.0" = MegaSceneryEarth Philadelphia Ultra Res 001 2.0
"MegaSceneryEarth Philadelphia Ultra Res 002 2.0" = MegaSceneryEarth Philadelphia Ultra Res 002 2.0
"MegaSceneryEarth Philadelphia Ultra Res 003 2.0" = MegaSceneryEarth Philadelphia Ultra Res 003 2.0
"MegaSceneryEarth Philadelphia Ultra Res 004 2.0" = MegaSceneryEarth Philadelphia Ultra Res 004 2.0
"MegaSceneryEarth Philadelphia Ultra Res 005 2.0" = MegaSceneryEarth Philadelphia Ultra Res 005 2.0
"MegaSceneryEarth Philadelphia Ultra Res 006 2.0" = MegaSceneryEarth Philadelphia Ultra Res 006 2.0
"MegaSceneryEarth Philadelphia Ultra Res 007 2.0" = MegaSceneryEarth Philadelphia Ultra Res 007 2.0
"MegaSceneryEarth Philadelphia Ultra Res 008 2.0" = MegaSceneryEarth Philadelphia Ultra Res 008 2.0
"MegaSceneryEarth Philadelphia Ultra Res 009 2.0" = MegaSceneryEarth Philadelphia Ultra Res 009 2.0
"MegaSceneryEarth Philadelphia Ultra Res 010 2.0" = MegaSceneryEarth Philadelphia Ultra Res 010 2.0
"MegaSceneryEarth Philadelphia Ultra Res 011 2.0" = MegaSceneryEarth Philadelphia Ultra Res 011 2.0
"MegaSceneryX Las Vegas_is1" = MegaSceneryX Las Vegas
"MetroAir ACARS" = MetroAir ACARS 1.3.0.0
"MJC8Q400" = Majestic MJC8Q400
"Mozilla Firefox 32.0.3 (x86 en-US)" = Mozilla Firefox 32.0.3 (x86 en-US)
"Mozilla Thunderbird 24.6.0 (x86 en-US)" = Mozilla Thunderbird 24.6.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"pc12_FSX" = Flight One Software Pilatus PC-12 fsx
"QualityWings Ultimate 757 Collection FSX_is1" = QualityWings Ultimate 757 Collection FSX
"RAAS Professional by FS2Crew (LOCKED)" = RAAS Professional by FS2Crew (LOCKED)
"REX Auto Update 1.0.2013.0808" = REX Auto Update
"REX Essential Plus 3.2.2013.0415" = REX Essential Plus
"Rwy12 Library" = Rwy12 Library
"SoftSpire DBX to MBOX Converter - Trial Version v2.3_is1" = SoftSpire DBX to MBOX Converter
"SP1_9527A496-5DF9-412A-ADC7-168BA5379CA6" = Microsoft Flight Simulator X Service Pack 1
"ST6UNST #1" = RapidShot
"ST6UNST #2" = RapidShot (C:\Program Files (x86)\RapidShots\)
"SysInfo" = Creative System Information
"Tongass_Fjords_is1" = Tongass Fjords FSX
"Turbine Duke07.1.20.09" = RealAir Turbine Duke
"VATSpy" = VAT-Spy
"VIRTUALI Addon ManagerX FSX_is1" = VIRTUALI Addon ManagerX FSX
"WinLiveSuite" = Windows Live Essentials
"Xilisoft MPEG to DVD Converter" = Xilisoft MPEG to DVD Converter

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1198750336-2114330506-812848513-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"2dc89d59ad2a4151" = FS Economy client for FSX
"777 'The Modern Airliner Collection'" = 777 'The Modern Airliner Collection'
"Airbus Series Vol.2 (FS X)" = Airbus Series Vol.2 (FS X)
"Amazon Amazon Cloud Player" = Amazon Cloud Player
"Carenado Mooney M20J FSX" = Carenado Mooney M20J FSX
"Carenado PA34 200T SENECA II FSX" = Carenado PA34 200T SENECA II FSX
"Citation X (FSX)" = Citation X (FSX)
"E-Jets v2 World Airliners 1 (v1.1b025)" = E-Jets v2 World Airliners 1 (v1.1b025)
"ERJ145LR American Eagle (v1.02)" = ERJ145LR American Eagle (v1.02)
"FeelThere E-Jets v.2 SP1" = FeelThere E-Jets v.2 SP1
"FeelThere ERJ v.2 SP2" = FeelThere ERJ v.2 SP2
"FSEconomy Scenery Updater Client for FSX" = FSEconomy Scenery Updater Client for FSX
"GameRanger" = GameRanger
"Level-D 767-300 for FSX" = Level-D 767-300 for FSX
"Regional Jet Vol.1 - CRJ (FSX)" = Regional Jet Vol.1 - CRJ (FSX)
"Ultimate Terrain X - USA" = Ultimate Terrain X - USA
"vAACARS" = vAACARS
"vPilot" = vPilot

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 10/15/2014 9:26:04 PM | Computer Name = Owner-PC | Source = VIPRE Internet Security | ID = 0
Description = ERROR 4980 1 2014-10-15T21:26:04.9228373-04:00 SocialWatch.Authentication.FacebookProvider SocialWatch.Scanner.Providers.Facebook.FacebookProvider.<AuthenticateAndScan>b__1: System.UnauthorizedAccessException:
Attempted to perform an unauthorized operation.

Error - 10/15/2014 11:26:06 PM | Computer Name = Owner-PC | Source = VIPRE Internet Security | ID = 0
Description = ERROR 4980 1 2014-10-15T23:26:06.7937607-04:00 SocialWatch.Authentication.FacebookProvider SocialWatch.Scanner.Providers.Facebook.FacebookProvider.<AuthenticateAndScan>b__1: System.UnauthorizedAccessException:
Attempted to perform an unauthorized operation.

Error - 10/16/2014 1:27:15 AM | Computer Name = Owner-PC | Source = VIPRE Internet Security | ID = 0
Description = ERROR 4980 1 2014-10-16T01:27:12.1293141-04:00 SocialWatch.Authentication.FacebookProvider SocialWatch.Scanner.Providers.Facebook.FacebookProvider.<AuthenticateAndScan>b__1: System.UnauthorizedAccessException:
Attempted to perform an unauthorized operation.

Error - 10/16/2014 3:27:45 AM | Computer Name = Owner-PC | Source = VIPRE Internet Security | ID = 0
Description = ERROR 4980 1 2014-10-16T03:27:45.5940447-04:00 SocialWatch.Authentication.FacebookProvider SocialWatch.Scanner.Providers.Facebook.FacebookProvider.<AuthenticateAndScan>b__1: System.UnauthorizedAccessException:
Attempted to perform an unauthorized operation.

Error - 10/16/2014 6:05:15 AM | Computer Name = Owner-PC | Source = WinMgmt | ID = 10
Description =

Error - 10/16/2014 7:24:35 AM | Computer Name = Owner-PC | Source = SideBySide | ID = 16842761
Description = Activation context generation failed for "C:\Program Files\WinZip\adxloader.dll.Manifest".Error
in manifest or policy file "C:\Program Files\WinZip\adxloader.dll.Manifest" on
line 2. The manifest file root element must be assembly.

Error - 10/16/2014 9:07:49 PM | Computer Name = Owner-PC | Source = Best Buy pc app | ID = 0
Description = ClickOnceUninstaller: Uninstall dialog not found while trying to automatically
select the remove option.

Error - 10/16/2014 9:07:49 PM | Computer Name = Owner-PC | Source = Best Buy pc app | ID = 0
Description = ClickOnceUninstaller: Remove option not found and button not clicked.

Error - 10/16/2014 9:08:02 PM | Computer Name = Owner-PC | Source = Best Buy pc app | ID = 0
Description = ClickOnceUninstaller: Uninstall dialog not found while trying to automatically
push the OK button.

Error - 10/16/2014 9:08:02 PM | Computer Name = Owner-PC | Source = Best Buy pc app | ID = 0
Description = ClickOnceUninstaller: Uninstall OK button not found and not automatically
clicked.

[ System Events ]
Error - 2/5/2014 9:39:58 PM | Computer Name = Owner-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 8:38:20 PM on ?2/?5/?2014 was unexpected.

Error - 2/5/2014 9:40:37 PM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SBRE

Error - 2/5/2014 9:41:26 PM | Computer Name = Owner-PC | Source = DCOM | ID = 10016
Description =

Error - 2/5/2014 9:41:36 PM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7034
Description = The SecureUpdate service terminated unexpectedly. It has done this
1 time(s).

Error - 2/5/2014 9:46:06 PM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7034
Description = The Application Updater service terminated unexpectedly. It has done
this 1 time(s).

Error - 2/5/2014 9:47:16 PM | Computer Name = Owner-PC | Source = DCOM | ID = 10010
Description =

Error - 2/5/2014 9:49:39 PM | Computer Name = Owner-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 8:47:52 PM on ?2/?5/?2014 was unexpected.

Error - 2/5/2014 9:49:57 PM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SBRE

Error - 2/5/2014 9:50:56 PM | Computer Name = Owner-PC | Source = DCOM | ID = 10016
Description =

Error - 2/5/2014 9:51:01 PM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7034
Description = The SecureUpdate service terminated unexpectedly. It has done this
1 time(s).


< End of report >
lehbird
Regular Member
 
Posts: 40
Joined: September 5th, 2010, 12:01 am

Re: Blue Screen Twice in the last 4 Days

Unread postby lehbird » October 16th, 2014, 9:41 pm

OTL logfile created on: 10/16/2014 9:28:41 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Owner\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17358)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.95 Gb Total Physical Memory | 5.76 Gb Available Physical Memory | 72.41% Memory free
15.90 Gb Paging File | 13.38 Gb Available in Paging File | 84.15% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 903.39 Gb Total Space | 604.09 Gb Free Space | 66.87% Space Free | Partition Type: NTFS
Drive D: | 149.05 Gb Total Space | 32.45 Gb Free Space | 21.77% Space Free | Partition Type: NTFS
Drive H: | 465.65 Gb Total Space | 275.51 Gb Free Space | 59.17% Space Free | Partition Type: FAT32
Drive I: | 465.73 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: NTFS

Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/10/16 21:27:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
PRC - [2014/09/26 17:42:45 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014/07/25 10:02:45 | 002,403,104 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014/07/25 10:02:40 | 001,720,608 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2014/06/27 14:27:12 | 001,056,976 | R--- | M] (Carbonite, Inc.) -- C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe
PRC - [2014/06/17 08:55:33 | 000,230,792 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
PRC - [2014/06/03 14:21:08 | 001,006,576 | ---- | M] (Navigraph) -- C:\Program Files (x86)\Navigraph\FMS Data Manager\NGFMSAgent.exe
PRC - [2014/05/08 13:26:34 | 003,145,536 | ---- | M] () -- C:\Users\Owner\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
PRC - [2013/12/21 02:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/11/02 16:01:42 | 001,042,808 | R--- | M] (Western Digital Technologies, Inc.) -- C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
PRC - [2013/11/02 15:54:34 | 000,270,704 | R--- | M] (Western Digital Technologies, Inc.) -- C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
PRC - [2013/09/05 22:33:44 | 003,216,272 | ---- | M] (ThreatTrack Security, Inc.) -- C:\Program Files (x86)\VIPRE\SBAMTray.exe
PRC - [2013/09/05 22:32:46 | 003,937,472 | ---- | M] (ThreatTrack Security, Inc.) -- C:\Program Files (x86)\VIPRE\SBAMSvc.exe
PRC - [2013/09/05 22:32:42 | 000,176,016 | ---- | M] (ThreatTrack Security, Inc.) -- C:\Program Files (x86)\VIPRE\SBPIMSvc.exe
PRC - [2013/08/14 07:59:52 | 005,537,136 | R--- | M] (Western Digital Technologies, Inc.) -- C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
PRC - [2013/04/18 07:57:32 | 000,313,656 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
PRC - [2013/01/18 08:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/12/04 11:52:22 | 000,174,592 | ---- | M] (HP) -- C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
PRC - [2012/02/29 09:49:06 | 000,028,264 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe
PRC - [2012/02/07 22:05:03 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012/02/07 22:05:02 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012/02/07 22:04:43 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/02/06 22:17:54 | 000,636,520 | ---- | M] () -- C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe
PRC - [2012/02/06 20:54:04 | 000,255,376 | ---- | M] (Acer Incorporated) -- C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
PRC - [2011/12/04 14:14:28 | 000,291,096 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2011/11/29 23:04:56 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011/10/17 16:51:54 | 000,013,824 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
PRC - [2011/03/29 18:33:08 | 000,598,312 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2010/02/18 19:27:40 | 000,241,789 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Sound Blaster X-Fi Go Pro\Volume Panel\VolPanlu.exe
PRC - [2010/02/11 22:23:12 | 000,286,720 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
PRC - [2010/02/03 03:08:56 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe


========== Modules (No Company Name) ==========

MOD - [2014/10/16 06:21:16 | 000,047,104 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SocialWatch62ba68af#\0cd243f4f938fd85a1d1c6fcdacda11e\SocialWatch.Configuration.Facebook.ni.dll
MOD - [2014/10/16 06:21:11 | 000,091,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SocialWatcha4e6253f#\2cab2c2357cfe7be464a6964ea0c85e6\SocialWatch.Authentication.Facebook.ni.dll
MOD - [2014/10/16 06:21:10 | 000,748,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\log4net\e1d0bbf631bfb26db9097dd4153fff34\log4net.ni.dll
MOD - [2014/10/16 06:21:10 | 000,481,280 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Facebook\11618971e2a4fba94d6fc037e60e463e\Facebook.ni.dll
MOD - [2014/10/16 06:21:09 | 000,192,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SocialWatchd4ea2be5#\962d7ab75dd1033784e31e671af4f20d\SocialWatch.Scanner.Providers.Facebook.ni.dll
MOD - [2014/10/16 06:21:09 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SocialWatcha57243a5#\ea29541bb5c7829151bc3349b41457d0\SocialWatch.Plugins.Facebook.ni.dll
MOD - [2014/10/16 06:10:11 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\a229c5bed4a12b5db6ca55d223ada6df\System.ServiceProcess.ni.dll
MOD - [2014/10/16 06:10:02 | 011,922,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\b4001d722e320fa42cd87b04b5249b2d\System.Web.ni.dll
MOD - [2014/10/16 06:09:58 | 000,774,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b3011370dcbf33751d3b9dce8091c6c6\System.Runtime.Remoting.ni.dll
MOD - [2014/10/16 06:09:38 | 000,310,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\91eb4f41130c65ef17f0fee1d3ab48fb\System.Runtime.Serialization.Formatters.Soap.ni.dll
MOD - [2014/10/16 06:09:37 | 012,435,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1453d9e9a4989833ef3db4b22549ba1a\System.Windows.Forms.ni.dll
MOD - [2014/10/16 06:09:32 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\836e10dfd0811b303553216f5cb092ef\System.Drawing.ni.dll
MOD - [2014/10/16 06:09:31 | 001,812,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\3255feb104f23880ebda5e530e6f07dc\System.Deployment.ni.dll
MOD - [2014/10/16 06:09:28 | 005,467,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49908aa93a23c84847b1f8b1b667860\System.Xml.ni.dll
MOD - [2014/10/16 06:09:25 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\237d509a79aeef6e4635b09450d98f2a\System.Configuration.ni.dll
MOD - [2014/10/16 06:09:11 | 007,991,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\908ba9e296e92b4e14bdc2437edac603\System.ni.dll
MOD - [2014/10/16 05:07:34 | 000,394,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Dynamic\ca4c249f93c83f6ba34a23a1c95f9ce8\System.Dynamic.ni.dll
MOD - [2014/10/16 05:07:28 | 001,632,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.CSharp\65d775712d5410b4af3c5b243a4f2c29\Microsoft.CSharp.ni.dll
MOD - [2014/10/16 05:07:08 | 001,046,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Compba577418#\cc7bb025e7cca401787cec5893c2cb67\System.ComponentModel.Composition.ni.dll
MOD - [2014/10/16 05:07:07 | 007,668,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\7147fa233a070283dba824da40089bf1\System.Xml.ni.dll
MOD - [2014/10/16 05:06:54 | 006,990,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\691c1ad89d16f49d80e84fa06a79089a\System.Core.ni.dll
MOD - [2014/10/16 05:06:54 | 000,794,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\35d3a1b878542de59cb4fc0593992404\System.ServiceModel.Internals.ni.dll
MOD - [2014/10/16 05:06:51 | 000,122,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\046058f81b039ab6fd839e03e67595f8\SMDiagnostics.ni.dll
MOD - [2014/10/16 05:06:44 | 002,822,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f9f13cd8fe1cefaad78579a7c3a41464\System.Runtime.Serialization.ni.dll
MOD - [2014/10/16 05:06:37 | 010,100,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\17a393b77ae757f0768501fb95ff5af6\System.ni.dll
MOD - [2014/10/16 05:06:37 | 000,976,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\0648dbecb7e3fb9523565107e04a5caf\System.Configuration.ni.dll
MOD - [2014/09/26 17:42:44 | 003,715,184 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2014/09/12 03:40:40 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll
MOD - [2014/09/12 03:20:22 | 000,020,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Infrastructure\7e76793e3c441fa5cd6777736affea53\Infrastructure.ni.dll
MOD - [2014/09/12 03:20:21 | 000,019,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SocialWatch8579869f#\31d8914fabd78506da7bc3ea3f01f0f9\SocialWatch.Scanner.Serialization.ni.dll
MOD - [2014/05/08 13:26:34 | 003,145,536 | ---- | M] () -- C:\Users\Owner\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
MOD - [2014/02/27 04:06:12 | 000,010,240 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SocialWatchb96ca80f#\cd91ef9519349b8d7c6f3af47154604a\SocialWatch.Engine.Interfaces.ni.dll
MOD - [2014/02/27 04:06:11 | 000,015,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SocialWatch3fe684a7#\07949961cf2d259a637571048d3ccace\SocialWatch.Scanner.Interfaces.ni.dll
MOD - [2014/02/27 04:06:11 | 000,013,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SocialWatche3fb5e81#\12aac18b2b0ca8e80a29e5b84745a145\SocialWatch.Authentication.Interfaces.ni.dll
MOD - [2014/02/27 04:06:11 | 000,011,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SocialWatcha583c611#\578ab452c4e8577b859a83cf90512d39\SocialWatch.Configuration.Interfaces.ni.dll
MOD - [2014/02/27 04:03:43 | 016,953,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll
MOD - [2014/02/12 20:58:32 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/02/12 20:58:10 | 001,044,808 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2014/01/23 17:40:18 | 000,268,968 | ---- | M] () -- C:\Windows\SysWOW64\sqlite3.dll
MOD - [2013/12/08 21:32:06 | 000,854,016 | ---- | M] () -- C:\Program Files (x86)\Navigraph\FMS Data Manager\platforms\qwindows.dll
MOD - [2013/12/08 21:31:36 | 000,021,504 | ---- | M] () -- C:\Program Files (x86)\Navigraph\FMS Data Manager\imageformats\qico.dll
MOD - [2013/12/08 21:23:42 | 000,047,104 | ---- | M] () -- C:\Program Files (x86)\Navigraph\FMS Data Manager\libEGL.dll
MOD - [2013/12/08 21:23:28 | 000,732,160 | ---- | M] () -- C:\Program Files (x86)\Navigraph\FMS Data Manager\libGLESv2.dll
MOD - [2012/02/06 22:18:04 | 000,151,656 | ---- | M] () -- C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyHook.dll
MOD - [2012/02/06 22:17:54 | 000,636,520 | ---- | M] () -- C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe
MOD - [2010/07/22 17:45:00 | 000,181,760 | ---- | M] () -- C:\Windows\SysWOW64\APOMngr.DLL
MOD - [2009/12/29 17:50:00 | 000,073,728 | ---- | M] () -- C:\Windows\SysWOW64\CmdRtr.DLL


========== Services (SafeList) ==========

SRV:64bit: - [2014/09/18 21:25:49 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/07/25 10:02:38 | 018,956,064 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2014/06/27 14:15:52 | 007,641,296 | R--- | M] (Carbonite, Inc. (www.carbonite.com)) [Auto | Running] -- C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe -- (CarboniteService)
SRV:64bit: - [2013/09/07 15:01:03 | 000,479,736 | ---- | M] (ArtistScope Pty Ltd) [Auto | Running] -- C:\Program Files\Common Files\ArtistScope\CSHelper64.exe -- (CSHelper)
SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012/02/06 20:54:04 | 000,255,376 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe -- (Live Updater Service)
SRV:64bit: - [2012/02/03 01:29:52 | 000,628,448 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:64bit: - [2010/09/22 21:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/04/14 19:56:24 | 001,052,328 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxebcoms.exe -- (lxeb_device)
SRV - [2014/09/26 17:42:44 | 000,114,288 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/09/24 11:29:12 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/07/25 10:02:40 | 001,720,608 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2014/05/28 16:46:02 | 002,580,304 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Secure Speed Dial\IE\SecureUpdate.exe -- (SecureUpdateSvc)
SRV - [2014/03/20 18:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2014/01/16 22:01:33 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2013/12/21 02:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/11/02 16:01:42 | 001,042,808 | R--- | M] (Western Digital Technologies, Inc.) [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe -- (WDBackup)
SRV - [2013/11/02 15:54:34 | 000,270,704 | R--- | M] (Western Digital Technologies, Inc.) [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe -- (WDDriveService)
SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/09/05 22:32:46 | 003,937,472 | ---- | M] (ThreatTrack Security, Inc.) [Auto | Running] -- C:\Program Files (x86)\VIPRE\SBAMSvc.exe -- (SBAMSvc)
SRV - [2013/09/05 22:32:42 | 000,176,016 | ---- | M] (ThreatTrack Security, Inc.) [Auto | Running] -- C:\Program Files (x86)\VIPRE\SBPIMSvc.exe -- (SBPIMSvc)
SRV - [2013/08/18 16:44:57 | 001,044,816 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2013/01/18 08:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/12/04 11:52:22 | 000,174,592 | ---- | M] (HP) [Auto | Running] -- C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe -- (HP LaserJet Service)
SRV - [2012/02/29 09:49:06 | 000,028,264 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe -- (GREGService)
SRV - [2012/02/07 22:05:03 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/02/07 22:05:02 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/02/07 22:04:43 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2011/11/29 23:04:56 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011/10/17 16:51:54 | 000,013,824 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe -- (HP DS Service)
SRV - [2011/03/29 18:33:08 | 000,598,312 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010/02/11 22:23:12 | 000,286,720 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2014/07/25 10:02:38 | 000,020,256 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:64bit: - [2014/03/31 12:42:44 | 000,040,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2013/09/07 15:01:03 | 000,048,632 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\Common Files\ArtistScope\CSDriver64.sys -- (CSDriver)
DRV:64bit: - [2013/09/04 14:57:42 | 000,031,264 | ---- | M] (ThreatTrack Security) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gfiutil.sys -- (gfiutil)
DRV:64bit: - [2013/06/18 22:02:34 | 000,088,928 | ---- | M] (ThreatTrack Security, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\sbapifs.sys -- (sbapifs)
DRV:64bit: - [2013/05/23 08:39:23 | 000,041,032 | ---- | M] (ThreatTrack Security) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gfiark.sys -- (gfiark)
DRV:64bit: - [2013/04/12 15:43:56 | 000,088,864 | ---- | M] (GFI Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sbwtis.sys -- (sbwtis)
DRV:64bit: - [2013/03/18 16:51:08 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/12/04 14:13:24 | 000,785,688 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2011/12/04 14:13:24 | 000,355,096 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2011/12/04 14:13:24 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2011/11/30 03:09:34 | 000,358,576 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress)
DRV:64bit: - [2011/11/29 22:40:32 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/11/10 05:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2011/07/14 01:35:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/07/14 01:35:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/06 20:26:12 | 000,683,136 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emBDA64.sys -- (USB28xxBGA)
DRV:64bit: - [2011/03/06 20:25:18 | 001,189,504 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emOEM64.sys -- (USB28xxOEM)
DRV:64bit: - [2010/11/20 23:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 23:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/08/11 10:51:48 | 001,587,968 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ksaud.sys -- (ksaud)
DRV:64bit: - [2010/07/29 01:25:10 | 000,029,720 | ---- | M] (Initio Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ivusb.sys -- (ivusb)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/11/10 05:08:00 | 000,016,384 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HP1319FAX.sys -- (HP1319FAX)
DRV:64bit: - [2008/11/10 05:07:58 | 000,014,848 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HP1319EWS.sys -- (HP1319EWS)
DRV:64bit: - [2008/05/06 16:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2008/03/26 10:45:52 | 000,178,432 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SaiH0461.sys -- (SaiH0461)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=AGWTDF&pc=MAGW&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=AGWTDF&pc=MAGW&src=IE-SearchBox


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1198750336-2114330506-812848513-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com/?pc=MAGW
IE - HKU\S-1-5-21-1198750336-2114330506-812848513-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://cnn.com/
IE - HKU\S-1-5-21-1198750336-2114330506-812848513-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1198750336-2114330506-812848513-1000\..\SearchScopes\{70E84F06-B2DD-44B8-82C3-967012999C81}: "URL" = http://search.yahoo.com/search?fr=chr-g ... =902615&p={searchTerms}
IE - HKU\S-1-5-21-1198750336-2114330506-812848513-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1198750336-2114330506-812848513-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.startup.homepage: "http://search.yahoo.com?type=902615&fr=spigot-yhp-ff"
FF - prefs.js..extensions.enabledAddons: speeddial%40instair.net:1.4.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:32.0.3
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll (Best Buy)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@artistscope.com/ArtistScope Plugin: C:\Program Files (x86)\Common Files\ArtistScope\npArtistScope.dll (ArtistScope Pty Ltd)
FF - HKLM\Software\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll (Best Buy)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@artistscope.com/ArtistScope Plugin: C:\Program Files (x86)\Common Files\ArtistScope\npArtistScope.dll (ArtistScope Pty Ltd)
FF - HKCU\Software\MozillaPlugins\@citrixonline.com/appdetectorplugin: C:\Users\Owner\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 32.0.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 32.0.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/09/26 17:42:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.6.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.6.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Owner\AppData\Roaming\IDM\idmmzcc3

[2013/08/04 14:21:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Extensions
[2014/10/16 21:26:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\w129ok8l.default\extensions
[2014/10/09 22:16:36 | 000,000,000 | ---D | M] (AccelerateTab) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\w129ok8l.default\extensions\speeddial@instair.net
[2013/09/08 10:51:07 | 000,000,904 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\w129ok8l.default\searchplugins\yahoo.xml
[2014/09/26 17:42:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/09/26 17:42:45 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2011/07/28 02:00:19 | 000,532,480 | ---- | M] (ArtistScope Pty Ltd) -- C:\Program Files (x86)\mozilla firefox\plugins\npArtistScope5.dll

========== Chrome ==========

CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Error reading preferences file
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5019_0\
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: Ebay Shopping Assistant by Spigot = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj\1.1_0\
CHR - Extension: Domain Error Assistant = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_1\
CHR - Extension: AccelerateTab = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgjafhkemfjfgdmjcmhofijphjmaanak\1.2.8_0\
CHR - Extension: Slick Savings = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.5_0\
CHR - Extension: Google Wallet = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Amazon Shopping Assistant by Spigot = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_0\

O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (AccelerateTab) - {48A789BF-F6D6-4930-9C8B-77855A63EDE1} - C:\PROGRA~2\SECURE~1\IE\SPEEDD~1.DLL File not found
O2 - BHO: (VIPRE Search Guard Helper) - {963C8283-AE7F-4AA6-9B3B-847A8FC62C5E} - C:\Program Files (x86)\VIPRE\VSG.dll ()
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (VIPRE Search Guard Toolbar) - {A924C17A-5E94-4E02-BED5-49720BA6F7FA} - C:\Program Files (x86)\VIPRE\VSG.dll ()
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-1198750336-2114330506-812848513-1000\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKU\S-1-5-21-1198750336-2114330506-812848513-1000\..\Toolbar\WebBrowser: (VIPRE Search Guard Toolbar) - {A924C17A-5E94-4E02-BED5-49720BA6F7FA} - C:\Program Files (x86)\VIPRE\VSG.dll ()
O4:64bit: - HKLM..\Run: [Creative SB Monitoring Utility] C:\Windows\SysNative\SBAVMon.dll (Creative Technology Ltd.)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [Carbonite Backup] C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.)
O4 - HKLM..\Run: [Hotkey Utility] C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe ()
O4 - HKLM..\Run: [Navigraph FMS Data Manager] C:\Program Files (x86)\Navigraph\FMS Data Manager\NGFMSAgent.exe (Navigraph)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SBAMTray] C:\Program Files (x86)\VIPRE\SBAMTray.exe (ThreatTrack Security, Inc.)
O4 - HKLM..\Run: [StatusAlerts] C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKLM..\Run: [VolPanel] C:\Program Files (x86)\Creative\Sound Blaster X-Fi Go Pro\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe (Western Digital Technologies, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1198750336-2114330506-812848513-1000..\Run: [Amazon Cloud Player] C:\Users\Owner\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk = C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk = C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-1198750336-2114330506-812848513-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKU\S-1-5-21-1198750336-2114330506-812848513-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1198750336-2114330506-812848513-1000\..Trusted Domains: localhost ([]* in Local intranet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.254.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DA8BA425-F461-452A-86DF-AC5D39266C96}: DhcpNameServer = 192.168.254.254
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\vipresg - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\vipresg {47BE2E5B-703B-444F-ABD3-05717D2191C6} - C:\Program Files (x86)\VIPRE\VSG.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/08/14 00:17:28 | 000,000,000 | ---D | M] - H:\autorun -- [ FAT32 ]
O32 - AutoRun File - [2008/02/25 10:30:42 | 000,000,054 | RHS- | M] () - H:\autorun.in_2.org -- [ FAT32 ]
O33 - MountPoints2\{6c73f0b4-8071-11e3-91a7-4c72b92e3e25}\Shell - "" = AutoRun
O33 - MountPoints2\{6c73f0b4-8071-11e3-91a7-4c72b92e3e25}\Shell\AutoRun\command - "" = G:\MotoCastSetup.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/10/16 21:27:16 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2014/10/16 04:17:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft ASP.NET
[2014/10/15 18:06:22 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/10/15 18:06:22 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/10/15 18:06:22 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/10/15 18:06:21 | 000,710,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/10/15 18:06:21 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/10/15 18:06:21 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/10/15 18:06:20 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014/10/15 18:06:20 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/10/15 18:06:20 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/10/15 18:06:18 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/10/15 18:06:17 | 002,017,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/10/15 18:06:16 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/10/15 18:06:14 | 000,731,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/10/15 18:06:14 | 000,446,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/10/15 18:06:14 | 000,440,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/10/15 18:06:14 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/10/15 18:06:13 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/10/15 18:06:12 | 002,108,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/10/15 18:06:11 | 001,068,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014/10/15 18:06:11 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/10/15 18:06:10 | 000,678,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/10/15 18:06:09 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/10/15 18:06:09 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014/10/15 18:06:07 | 000,595,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/10/15 18:06:07 | 000,289,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/10/15 18:06:06 | 001,249,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014/10/15 18:06:06 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/10/15 18:06:05 | 005,829,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/10/15 18:06:05 | 000,758,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/10/15 18:06:05 | 000,547,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/10/15 18:06:05 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/10/15 18:06:04 | 000,775,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/10/15 18:06:03 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/10/15 18:06:03 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014/10/15 18:06:02 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014/10/15 18:03:09 | 001,943,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll
[2014/10/15 18:03:09 | 001,131,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2014/10/15 18:03:09 | 000,156,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscorier.dll
[2014/10/15 18:03:09 | 000,156,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscorier.dll
[2014/10/15 18:03:09 | 000,081,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscories.dll
[2014/10/15 18:03:09 | 000,073,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscories.dll
[2014/10/15 18:02:53 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2014/10/15 18:02:52 | 000,507,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014/10/15 18:02:51 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014/10/15 17:57:56 | 003,241,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2014/10/15 17:57:45 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rastls.dll
[2014/10/15 17:57:45 | 000,372,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rastls.dll
[2014/10/15 17:57:28 | 003,722,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2014/10/15 17:57:28 | 003,221,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2014/10/15 17:57:26 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2014/10/15 17:57:24 | 001,051,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2014/10/15 17:57:23 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsta.dll
[2014/10/15 17:57:21 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2014/10/15 17:57:20 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2014/10/15 17:57:19 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2014/10/15 17:56:42 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2014/10/15 17:56:42 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2014/10/15 16:37:30 | 000,401,920 | ---- | C] (Farbar) -- C:\Users\Owner\Desktop\MiniToolBox.exe
[2014/10/10 19:29:02 | 000,688,992 | R--- | C] (Swearware) -- C:\Users\Owner\Desktop\dds.scr
[2014/10/02 20:29:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
[2014/10/02 20:26:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014/10/02 20:26:03 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2014/10/02 20:26:02 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2014/10/02 20:26:02 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2014/09/30 20:07:04 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2014/09/30 20:07:04 | 000,371,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2014/09/27 20:11:13 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\NVIDIA Corporation
[2014/09/27 20:11:13 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\NVIDIA
[2014/09/27 20:11:11 | 001,715,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspbridge64.dll
[2014/09/27 20:11:11 | 001,291,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspbridge.dll
[2014/09/27 20:11:11 | 001,283,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll
[2014/09/27 20:11:11 | 001,126,480 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll
[2014/09/27 20:10:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2014/09/27 20:09:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2014/09/27 20:07:35 | 000,040,392 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[2014/09/27 20:07:35 | 000,037,320 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvaudcap64v.dll
[2014/09/27 20:07:35 | 000,034,760 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
[2014/09/27 20:07:34 | 001,890,080 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6434052.dll
[2014/09/27 20:07:34 | 001,539,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6434052.dll
[2014/09/27 20:07:34 | 000,944,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2014/09/27 20:07:34 | 000,907,096 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2014/09/27 20:07:34 | 000,903,624 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2014/09/27 20:07:34 | 000,869,152 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2014/09/27 20:05:37 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2014/09/26 17:42:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/09/17 20:19:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navigraph FMS Data Manager
[2014/09/17 20:19:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Navigraph
[2014/09/17 20:18:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Navigraph
[2007/05/11 01:05:49 | 002,737,560 | ---- | C] (Microsoft Corp.) -- C:\Program Files (x86)\fsx.exe
[2007/05/11 01:05:44 | 001,470,872 | ---- | C] (Microsoft Corp.) -- C:\Program Files (x86)\fsui.dll
[2007/05/11 01:05:43 | 001,364,376 | ---- | C] (Microsoft Corp.) -- C:\Program Files (x86)\api.dll
[2007/05/11 01:05:43 | 001,072,536 | ---- | C] (Microsoft Corp.) -- C:\Program Files (x86)\fe.dll
[2007/05/11 01:05:39 | 000,980,376 | ---- | C] (Microsoft Corp.) -- C:\Program Files (x86)\main.dll
[2007/05/11 01:05:35 | 000,880,536 | ---- | C] (Microsoft Corp.) -- C:\Program Files (x86)\ui.dll
[2007/05/11 01:05:34 | 000,855,960 | ---- | C] (Microsoft Corp.) -- C:\Program Files (x86)\g3d.dll
[2007/05/11 01:05:33 | 000,832,408 | ---- | C] (Microsoft Corp.) -- C:\Program Files (x86)\simpropace.dll
[2007/05/11 01:05:32 | 000,804,760 | ---- | C] (Microsoft Corp.) -- C:\Program Files (x86)\multiplayer.dll
[2007/05/11 01:05:28 | 000,796,568 | ---- | C] (Microsoft Corp.) -- C:\Program Files (x86)\sim1.dll
[2007/05/11 01:05:25 | 000,652,696 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\xuipc.dll
[2007/05/11 01:05:22 | 000,464,280 | ---- | C] (Microsoft Corp.) -- C:\Program Files (x86)\language.dll
[2007/05/11 01:05:19 | 000,452,504 | ---- | C] (Microsoft Corp.) -- C:\Program Files (x86)\panels.dll
[2007/05/11 01:05:19 | 000,439,192 | ---- | C] (Microsoft Corp.) -- C:\Program Files (x86)\flight.dll
[2007/05/11 01:05:18 | 000,405,400 | ---- | C] (Microsoft Corp.) -- C:\Program Files (x86)\atc.dll
[2007/05/11 01:05:18 | 000,366,488 | ---- | C] (Microsoft Corp.) -- C:\Program Files (x86)\g2d.dll
[2007/05/11 01:05:13 | 000,330,648 | ---- | C] (Microsoft Corp.) -- C:\Program Files (x86)\weather.dll
[2007/05/11 01:05:09 | 000,272,792 | ---- | C] (Microsoft Corp.) -- C:\Program Files (x86)\facilities.dll
[2007/05/11 01:05:09 | 000,256,920 | ---- | C] (Microsoft Corp.) -- C:\Program Files (x86)\ai_player.dll
[2007/05/11 01:05:05 | 000,242,584 | ---- | C] (Microsoft Corp.) -- C:\Program Files (x86)\controls.dll
[2007/05/11 01:05:04 | 000,235,416 | ---- | C] (Microsoft Corp.) -- C:\Program Files (x86)\util.dll
[2007/05/11 01:05:00 | 000,208,280 | ---- | C] (Microsoft Corp.) -- C:\Program Files (x86)\visualfx.dll
[2007/05/11 01:05:00 | 000,197,528 | ---- | C] (Microsoft Corp.) -- C:\Program Files (x86)\simpropext.dll
[2007/05/11 01:04:55 | 000,190,872 | ---- | C] (Microsoft Corp.) -- C:\Program Files (x86)\sound.dll
[2007/05/11 01:04:55 | 000,185,240 | ---- | C] (Microsoft Corp.) -- C:\Program Files (x86)\symmap.dll
[2007/05/11 01:04:54 | 000,184,216 | ---- | C] (Microsoft Corp.) -- C:\Program Files (x86)\acontain.dll
[2007/05/11 01:04:54 | 000,180,120 | ---- | C] (Microsoft Corp.) -- C:\Program Files (x86)\simprop.dll
[2007/05/11 01:04:49 | 000,177,560 | ---- | C] (Microsoft Corp.) -- C:\Program Files (x86)\window.dll
[2007/05/11 01:04:35 | 000,137,112 | ---- | C] (Microsoft Corp.) -- C:\Program Files (x86)\gps.dll
[2007/05/11 01:04:34 | 000,128,920 | ---- | C] (Microsoft Corp.) -- C:\Program Files (x86)\livingwater.dll
[2007/05/11 01:04:29 | 000,104,856 | ---- | C] (Microsoft Corp.) -- C:\Program Files (x86)\ablscpt.dll
[2007/05/11 01:04:28 | 000,094,104 | ---- | C] (Microsoft Corp.) -- C:\Program Files (x86)\eula.dll
[2007/05/11 01:04:26 | 000,090,008 | ---- | C] (Microsoft Corp.) -- C:\Program Files (x86)\fs-traffic.dll
[2007/05/11 01:04:23 | 000,079,256 | ---- | C] (Microsoft Corp.) -- C:\Program Files (x86)\demo.dll
[2007/05/11 01:04:20 | 000,041,880 | ---- | C] (Microsoft Corp.) -- C:\Program Files (x86)\simscheduler.dll
[2007/05/10 22:05:38 | 000,901,016 | ---- | C] (Microsoft Corp.) -- C:\Program Files (x86)\terrain.dll
[2006/09/09 06:15:01 | 004,864,848 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\mspac.dll
[2006/09/09 06:15:01 | 000,797,520 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\sldlext.dll
[2006/09/09 06:15:01 | 000,314,192 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\mspacres.dll
[2006/09/09 06:15:01 | 000,172,880 | ---- | C] (Microsoft Corp.) -- C:\Program Files (x86)\Kiosk.exe
[2006/09/09 06:15:01 | 000,102,736 | ---- | C] (Microsoft Corp.) -- C:\Program Files (x86)\FS9.exe
[2006/09/09 06:15:01 | 000,102,736 | ---- | C] (Microsoft Corp.) -- C:\Program Files (x86)\FS2002.exe
[2006/09/09 06:15:01 | 000,102,736 | ---- | C] (Microsoft Corp.) -- C:\Program Files (x86)\FS2000.exe
[2006/09/09 06:15:01 | 000,066,384 | ---- | C] (Microsoft Corp.) -- C:\Program Files (x86)\ace.exe
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Owner\Documents\*.tmp files -> C:\Users\Owner\Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/10/16 21:29:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/10/16 21:27:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2014/10/16 21:00:23 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/10/16 20:46:05 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/10/16 08:09:12 | 000,024,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/10/16 08:09:12 | 000,024,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/10/16 06:04:39 | 000,008,192 | ---- | M] () -- C:\Windows\SysWow64\WDPABKP.dat
[2014/10/16 06:04:16 | 000,291,072 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/10/16 06:04:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/10/16 06:03:22 | 2107,056,127 | -HS- | M] () -- C:\hiberfil.sys
[2014/10/15 16:37:31 | 000,401,920 | ---- | M] (Farbar) -- C:\Users\Owner\Desktop\MiniToolBox.exe
[2014/10/14 18:48:55 | 000,468,480 | ---- | M] () -- C:\Users\Owner\Desktop\CKScanner.exe
[2014/10/10 19:29:03 | 000,688,992 | R--- | M] (Swearware) -- C:\Users\Owner\Desktop\dds.scr
[2014/10/09 22:05:59 | 000,276,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2014/10/09 22:05:42 | 000,507,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014/10/09 22:00:38 | 000,424,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014/10/07 07:32:19 | 000,782,470 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/10/07 07:32:19 | 000,662,384 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/10/07 07:32:19 | 000,122,252 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/10/02 20:26:43 | 000,001,790 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/09/25 18:46:19 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/09/25 18:32:04 | 002,017,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/09/25 18:31:02 | 002,108,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/09/24 22:08:38 | 000,371,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2014/09/24 21:40:50 | 000,519,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2014/09/24 11:29:11 | 000,701,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/09/24 11:29:11 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/09/19 21:39:37 | 000,001,914 | ---- | M] () -- C:\Users\Owner\Desktop\vPilot.lnk
[2014/09/18 21:55:49 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/09/18 21:40:43 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/09/18 21:40:03 | 000,547,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/09/18 21:39:58 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/09/18 21:38:27 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014/09/18 21:36:57 | 005,829,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/09/18 21:30:58 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/09/18 21:27:09 | 000,595,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/09/18 21:26:00 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/09/18 21:25:49 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/09/18 21:25:09 | 000,758,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/09/18 21:18:02 | 000,940,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014/09/18 21:14:28 | 000,446,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/09/18 21:06:47 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014/09/18 21:01:47 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/09/18 21:01:46 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/09/18 21:01:03 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/09/18 21:00:45 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/09/18 20:59:40 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014/09/18 20:58:03 | 000,289,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/09/18 20:53:52 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/09/18 20:51:24 | 000,440,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/09/18 20:50:16 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/09/18 20:49:31 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/09/18 20:42:57 | 000,731,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/09/18 20:42:56 | 000,710,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/09/18 20:40:12 | 001,249,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014/09/18 20:36:23 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/09/18 20:32:50 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/09/18 20:18:55 | 001,068,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014/09/18 19:59:26 | 000,775,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/09/18 19:52:24 | 000,678,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/09/17 22:00:42 | 003,241,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2014/09/17 20:21:58 | 000,001,218 | ---- | M] () -- C:\Users\Public\Desktop\Navigraph FMS Data Manager.lnk
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Owner\Documents\*.tmp files -> C:\Users\Owner\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/10/14 18:48:54 | 000,468,480 | ---- | C] () -- C:\Users\Owner\Desktop\CKScanner.exe
[2014/10/02 20:26:43 | 000,001,790 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/09/27 20:09:45 | 003,826,628 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
[2014/09/17 20:19:00 | 000,001,218 | ---- | C] () -- C:\Users\Public\Desktop\Navigraph FMS Data Manager.lnk
[2014/08/03 14:30:44 | 000,000,268 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2014/01/16 22:04:07 | 000,181,760 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2014/01/16 22:04:07 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2014/01/16 22:03:20 | 000,003,077 | ---- | C] () -- C:\ProgramData\cfSB1290.ini
[2014/01/03 20:39:12 | 000,774,592 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/12/23 17:30:41 | 000,126,614 | ---- | C] () -- C:\Program Files (x86)\Uninstal.exe
[2013/12/10 00:18:08 | 000,002,472 | ---- | C] () -- C:\ProgramData\regid.2010-12.com.tfdidesign_E667EDC4-FD82-432E-8E03-67094584EF20.swidtag
[2013/11/29 14:39:35 | 000,000,181 | ---- | C] () -- C:\Users\Owner\FSDreamTeam_KFLL.reg
[2013/11/29 14:37:29 | 000,000,190 | ---- | C] () -- C:\Users\Owner\Cloud9_Orlando International.reg
[2013/09/08 14:59:53 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\WDPABKP.dat
[2013/09/08 10:51:14 | 000,268,968 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll
[2013/08/18 15:45:14 | 000,000,061 | -HS- | C] () -- C:\Windows\cnerolf.bin
[2013/08/18 10:17:14 | 000,040,960 | ---- | C] () -- C:\Windows\SysWow64\dbxkit.dll
[2013/08/04 14:08:03 | 000,417,792 | ---- | C] () -- C:\Windows\ZSM1319.EXE
[2013/08/04 13:20:28 | 000,000,126 | ---- | C] () -- C:\Windows\QUICKEN.INI
[2013/01/18 22:15:39 | 000,006,171 | ---- | C] () -- C:\Users\Owner\fsx.cfg
[2013/01/17 21:19:33 | 002,101,200 | ---- | C] () -- C:\Users\Owner\qdata2 121411OFXOLD.DAT
[2013/01/17 21:19:33 | 000,184,416 | ---- | C] () -- C:\Users\Owner\qdata2 121411OFXLOG.DAT
[2013/01/15 23:02:28 | 057,203,259 | ---- | C] () -- C:\Users\Owner\qdata2 121411.QDF
[2012/11/08 13:52:09 | 000,552,960 | ---- | C] () -- C:\Windows\SysWow64\RAASAUDIO32.dll
[2007/05/11 01:04:16 | 000,018,840 | ---- | C] () -- C:\Program Files (x86)\activate.exe
[2007/04/14 17:49:33 | 000,032,367 | ---- | C] () -- C:\Program Files (x86)\display.cfg
[2007/03/15 21:18:54 | 000,000,430 | ---- | C] () -- C:\Program Files (x86)\Elumens.cfg
[2007/03/14 23:02:37 | 000,052,962 | ---- | C] () -- C:\Program Files (x86)\ThermalDescriptions.xml
[2007/01/30 00:02:48 | 000,150,671 | ---- | C] () -- C:\Program Files (x86)\terrain.cfg
[2006/09/09 06:15:01 | 002,359,352 | ---- | C] () -- C:\Program Files (x86)\bkg.bmp
[2006/09/09 06:15:01 | 000,928,836 | ---- | C] () -- C:\Program Files (x86)\stars.dat
[2006/09/09 06:15:01 | 000,525,175 | ---- | C] () -- C:\Program Files (x86)\kiosk.rtf
[2006/09/09 06:15:01 | 000,198,025 | ---- | C] () -- C:\Program Files (x86)\credits.rtf
[2006/09/09 06:15:01 | 000,173,427 | ---- | C] () -- C:\Program Files (x86)\Standard.xml
[2006/09/09 06:15:01 | 000,156,282 | ---- | C] () -- C:\Program Files (x86)\LWcfg.spb
[2006/09/09 06:15:01 | 000,132,056 | ---- | C] () -- C:\Program Files (x86)\privacy statement.rtf
[2006/09/09 06:15:01 | 000,005,672 | ---- | C] () -- C:\Program Files (x86)\cameras.cfg
[2006/09/09 06:15:01 | 000,002,430 | ---- | C] () -- C:\Program Files (x86)\AirObjectVisuals.xml
[2006/09/09 06:15:01 | 000,001,659 | ---- | C] () -- C:\Program Files (x86)\suneffect.cfg
[2006/09/09 06:15:01 | 000,000,984 | ---- | C] () -- C:\Program Files (x86)\KioskSettings.cfg
[2006/09/09 06:15:01 | 000,000,120 | ---- | C] () -- C:\Program Files (x86)\airlines.cfg

========== ZeroAccess Check ==========

[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/06/24 22:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/06/24 21:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/12/19 22:11:22 | 000,000,000 | ---D | M] -- C:\Users\Dave\AppData\Roaming\GFI Software
[2013/12/19 22:11:22 | 000,000,000 | ---D | M] -- C:\Users\Dave\AppData\Roaming\VIPRE
[2013/12/19 22:11:22 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\VIPRE
[2013/12/19 22:11:22 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\VIPRE
[2013/12/19 22:12:00 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\deb27c1a-00e6-4263-94b2-8b78ea4d32ae
[2014/03/01 15:43:22 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\DMCache
[2014/07/26 21:13:04 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\ec249d2d-e85b-4179-b373-a2f22546f686
[2014/01/18 23:12:17 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\EZCA
[2014/09/12 19:46:07 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Flight One Software
[2013/12/29 13:59:39 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\fscabincrew
[2013/09/08 10:50:22 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\GameRanger
[2013/12/19 22:11:22 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\GFI Software
[2014/01/12 19:25:53 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Hifi
[2014/03/01 15:43:57 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\IDM
[2014/01/21 15:29:44 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\IObit
[2013/08/31 13:42:52 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Lockheed Martin
[2013/08/03 13:52:31 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\OEM
[2013/08/04 14:25:35 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Opera Mail
[2013/08/04 14:22:04 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Opera Software
[2014/01/03 00:14:58 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\RAASPRO
[2014/01/21 23:38:16 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\REX Game Studios, LLC
[2013/08/18 09:48:44 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Thunderbird
[2013/09/01 08:52:31 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\VAT-Spy
[2013/12/19 22:11:22 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\VIPRE
[2014/01/10 20:22:06 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Virtuali
[2013/12/28 11:13:09 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Xilisoft

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 140 bytes -> C:\ProgramData\Temp:00934A10
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:74603393

< End of report >
lehbird
Regular Member
 
Posts: 40
Joined: September 5th, 2010, 12:01 am

Re: Blue Screen Twice in the last 4 Days

Unread postby pgmigg » October 17th, 2014, 1:27 am

Hello Dave,

Contents of sfcresults.txt file- I actually had figured this out previously and the output is directly ABOVE this one.
It is definitely my fault - I made a mistake and the sfcdetails.txt was created again instead of sfcresults.txt.
Anyway I need information inside and does not matter how it called - please find on your desktop the sfcdetails.txt (it should be the new one - overwritten), open it by Notepad and copy and paste in content to your next reply.

Step 1.
OTL - Run Fix Script
You should still have OTL.exe on your desktop.
Important! Close all applications and windows so that you have nothing open and are at your Desktop.
  1. Right click on OTL.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  2. Underneath Output at the top, make sure Standard Output is selected.
  3. Highlight and copy the following entries: into the Image text box.
    (Do not include the words Code: Select all - instead of it please click the Select all button next to Code: to select the entire script.)
    Code: Select all
    :Commands
    [createrestorepoint]
    
    :OTL
    IE - HKU\S-1-5-21-1198750336-2114330506-812848513-1000\..\SearchScopes\{70E84F06-B2DD-44B8-82C3-967012999C81}: "URL" = http://search.yahoo.com/search?fr=chr-g ... =902615&p= {searchTerms}
    FF - prefs.js..browser.startup.homepage: "http://search.yahoo.com?type=902615&fr=spigot-yhp-ff"
    FF:64bit: - HKLM\Software\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll (Best Buy)
    FF - HKLM\Software\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll (Best Buy)
    [2013/09/08 10:51:07 | 000,000,904 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\w129ok8l.default\searchplugins\yahoo.xml
    O2 - BHO: (AccelerateTab) - {48A789BF-F6D6-4930-9C8B-77855A63EDE1} - C:\PROGRA~2\SECURE~1\IE\SPEEDD~1.DLL File not found
    O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKU\S-1-5-21-1198750336-2114330506-812848513-1000\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
    [2014/01/21 15:29:44 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\IObit
    
    :Files
    C:\Windows\SysWow64\*.tmp
    C:\Windows\*.tmp
    C:\Users\Owner\Documents\*.tmp
    @C:\ProgramData\Temp:00934A10
    @C:\ProgramData\Temp:74603393
    ipconfig /flushdns /c
    
    :Commands
    [emptyflash]
    [emptyjava]
    [emptytemp]
    
  4. Click under the Custom Scan/Fixes box and paste the copied text.
  5. Click the Run Fix button. If prompted... click OK.
  6. OTL may ask to reboot the machine. Please do so if asked.
  7. Let the program run unhindered and reboot the PC when it is done.
    When the computer reboots, and you start your usual account, a Notepad text file will appear.
  8. Copy the contents of that file and post it in your next reply. The log can also be found, based on the date/time it was created, as C:\_OTL\MovedFiles\MMDDYYYY_HHMMSS.log

Step 2.
Remove Broken Device
  1. Please open the Device Manager: open Start Menu, type Device Manager in the search box, right click on Device Manager (at top), and click on "Open".
    If you're prompted for an administrator password or confirmation, type the password or provide confirmation.
  2. Check in the Device Manager for the Device entry with SBRE.
    Note: If you are unable to find any device with any marks then check by enabling hidden devices:
    • In the Device Manager click on View and later click on Show hidden devices. Then check if you find any device with exclamation mark and uninstall it.
  3. To uninstall device, please right click on it and select Uninstall

Step 3.
AdwCleaner
Please download AdwCleaner by Xplode onto your desktop.
  1. Close all open programs and internet browsers.
  2. Right click on adwcleaner.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  3. Click on Scan. When the scan finishes, you'll see a message on the product window: "Pending. Please uncheck elements you don't want to remove."
  4. Press the Clean button.
  5. A log file C:\AdwCleaner[Sn].txt will automatically open. ([Sn] n = number of run)
  6. Please post the content of the C:\AdwCleaner[Sn].txt log file in your next reply.

Step 4.
Image Junkware Removal Tool
  1. Please download Junkware Removal Tool and save JRT.exe to your Desktop.
  2. Shut down your protection software as shown in This topic now to avoid potential conflicts.
  3. Right click on JRT.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  4. Please be patient as this can take a while to complete depending on your system's specifications.
  5. On completion, a log file JRT.txt is saved to your desktop and will automatically open.
  6. Please post the contents of JRT.txt into your next reply.

Step 5.
SystemLook
Please download SystemLook_x64.exe by jpshortstuff and save it to your Desktop.
  1. Right click on SystemLook_x64.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
    If you receive an "Open file - security warning"... asking "Do you want to run this file?", press the Run button.
  2. Highlight and copy the following entries: into SystemLook's main text entry window.
    (Do not include the words Code: Select all - instead of it please click the Select all button next to Code: to select the entire script.)
    Code: Select all
    :filefind
    *AccelerateTab*
    *AskToolbar*
    *Ask.com*
    *Bandoo*
    *Babylon*
    *Conduit*
    *crossrider*
    *datamngr*
    *dealshark*
    *filescout*
    *iLivid*
    *IObit*
    *pricegong*
    *SafeGuard*
    *smartbar*
    *searchab*
    *sprotector*
    *superfish*
    *Tarma*
    *trolltech*
    *vshare*
    *wajam*
    *whitesmoke*
    *Yontoo*
    
    :folderfind
    *AccelerateTab*
    *AskToolbar*
    *Ask.com*
    *Babylon*
    *Bandoo*
    *Conduit*
    *crossrider*
    *dealshark*
    *datamngr*
    *smartbar*
    *filescout*
    *iLivid*
    *IObit*
    *pricegong*
    *SafeGuard*
    *searchab*
    *sprotector*
    *superfish*
    *Tarma*
    *trolltech*
    *vshare*
    *wajam*
    *whitesmoke*
    *Yontoo*
    
    :Regfind
    AccelerateTab
    AskToolbar
    Ask.com
    Babylon
    Bandoo
    crossrider
    Conduit
    datamngr
    dealshark
    filescout
    iLivid
    IObit
    pricegong
    SafeGuard
    searchab
    smartbar
    sprotector
    superfish
    Tarma
    trolltech
    vshare
    whitesmoke
    wajam
    Yontoo
    
  3. Press the Look button to start the scan. Please be patient - it may take a while...
    When finished, a Notepad window will open with the results of the scan.
    A file will be created (on your Desktop) with the results of the scan, named SystemLook.txt
  4. Please post the contents of the SystemLook.txt file in your next reply.

Please post each log separately to prevent it being cut off by the forum post size limiter.
Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections....

Please include in your next reply:
  1. Do you have any problems executing the instructions?
  2. Contents of sfcdetails.txt file
  3. Contents of the C:\_OTL\MovedFiles\MMDDYYYY_HHMMSS.log log file after OTL FixScript run
  4. Contents of the AdwCleaner[Sn].txt log file
  5. Contents of the JRT.txt log file
  6. Contents of the SystemLook.txt log file
  7. Do you see any changes in computer behavior?

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3187
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: Blue Screen Twice in the last 4 Days

Unread postby lehbird » October 17th, 2014, 7:23 pm

Hello Again!!

No problems with instructions. My logs follow:


2014-10-15 16:11:40, Info CSI 00000009 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:11:40, Info CSI 0000000a [SR] Beginning Verify and Repair transaction
2014-10-15 16:11:42, Info CSI 0000000c [SR] Verify complete
2014-10-15 16:11:42, Info CSI 0000000d [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:11:42, Info CSI 0000000e [SR] Beginning Verify and Repair transaction
2014-10-15 16:11:44, Info CSI 00000010 [SR] Verify complete
2014-10-15 16:11:45, Info CSI 00000011 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:11:45, Info CSI 00000012 [SR] Beginning Verify and Repair transaction
2014-10-15 16:11:47, Info CSI 00000014 [SR] Verify complete
2014-10-15 16:11:47, Info CSI 00000015 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:11:47, Info CSI 00000016 [SR] Beginning Verify and Repair transaction
2014-10-15 16:11:49, Info CSI 00000018 [SR] Verify complete
2014-10-15 16:11:49, Info CSI 00000019 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:11:49, Info CSI 0000001a [SR] Beginning Verify and Repair transaction
2014-10-15 16:11:51, Info CSI 0000001c [SR] Verify complete
2014-10-15 16:11:51, Info CSI 0000001d [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:11:51, Info CSI 0000001e [SR] Beginning Verify and Repair transaction
2014-10-15 16:11:53, Info CSI 00000020 [SR] Verify complete
2014-10-15 16:11:53, Info CSI 00000021 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:11:53, Info CSI 00000022 [SR] Beginning Verify and Repair transaction
2014-10-15 16:11:55, Info CSI 00000024 [SR] Verify complete
2014-10-15 16:11:55, Info CSI 00000025 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:11:55, Info CSI 00000026 [SR] Beginning Verify and Repair transaction
2014-10-15 16:11:57, Info CSI 00000028 [SR] Verify complete
2014-10-15 16:11:57, Info CSI 00000029 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:11:57, Info CSI 0000002a [SR] Beginning Verify and Repair transaction
2014-10-15 16:11:58, Info CSI 0000002c [SR] Verify complete
2014-10-15 16:11:58, Info CSI 0000002d [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:11:58, Info CSI 0000002e [SR] Beginning Verify and Repair transaction
2014-10-15 16:12:00, Info CSI 00000030 [SR] Verify complete
2014-10-15 16:12:00, Info CSI 00000031 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:12:00, Info CSI 00000032 [SR] Beginning Verify and Repair transaction
2014-10-15 16:12:04, Info CSI 00000034 [SR] Verify complete
2014-10-15 16:12:04, Info CSI 00000035 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:12:04, Info CSI 00000036 [SR] Beginning Verify and Repair transaction
2014-10-15 16:12:07, Info CSI 00000038 [SR] Verify complete
2014-10-15 16:12:07, Info CSI 00000039 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:12:07, Info CSI 0000003a [SR] Beginning Verify and Repair transaction
2014-10-15 16:12:11, Info CSI 0000003c [SR] Verify complete
2014-10-15 16:12:11, Info CSI 0000003d [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:12:11, Info CSI 0000003e [SR] Beginning Verify and Repair transaction
2014-10-15 16:12:14, Info CSI 00000040 [SR] Verify complete
2014-10-15 16:12:15, Info CSI 00000041 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:12:15, Info CSI 00000042 [SR] Beginning Verify and Repair transaction
2014-10-15 16:12:18, Info CSI 00000044 [SR] Verify complete
2014-10-15 16:12:18, Info CSI 00000045 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:12:18, Info CSI 00000046 [SR] Beginning Verify and Repair transaction
2014-10-15 16:12:20, Info CSI 00000048 [SR] Verify complete
2014-10-15 16:12:20, Info CSI 00000049 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:12:20, Info CSI 0000004a [SR] Beginning Verify and Repair transaction
2014-10-15 16:12:22, Info CSI 0000004c [SR] Verify complete
2014-10-15 16:12:22, Info CSI 0000004d [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:12:22, Info CSI 0000004e [SR] Beginning Verify and Repair transaction
2014-10-15 16:12:30, Info CSI 00000050 [SR] Verify complete
2014-10-15 16:12:30, Info CSI 00000051 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:12:30, Info CSI 00000052 [SR] Beginning Verify and Repair transaction
2014-10-15 16:12:38, Info CSI 00000054 [SR] Verify complete
2014-10-15 16:12:38, Info CSI 00000055 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:12:38, Info CSI 00000056 [SR] Beginning Verify and Repair transaction
2014-10-15 16:12:49, Info CSI 00000058 [SR] Verify complete
2014-10-15 16:12:49, Info CSI 00000059 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:12:49, Info CSI 0000005a [SR] Beginning Verify and Repair transaction
2014-10-15 16:12:59, Info CSI 0000005c [SR] Verify complete
2014-10-15 16:12:59, Info CSI 0000005d [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:12:59, Info CSI 0000005e [SR] Beginning Verify and Repair transaction
2014-10-15 16:13:10, Info CSI 00000061 [SR] Verify complete
2014-10-15 16:13:10, Info CSI 00000062 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:13:10, Info CSI 00000063 [SR] Beginning Verify and Repair transaction
2014-10-15 16:13:21, Info CSI 00000068 [SR] Verify complete
2014-10-15 16:13:21, Info CSI 00000069 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:13:21, Info CSI 0000006a [SR] Beginning Verify and Repair transaction
2014-10-15 16:13:29, Info CSI 0000006d [SR] Verify complete
2014-10-15 16:13:29, Info CSI 0000006e [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:13:29, Info CSI 0000006f [SR] Beginning Verify and Repair transaction
2014-10-15 16:13:37, Info CSI 00000071 [SR] Verify complete
2014-10-15 16:13:37, Info CSI 00000072 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:13:37, Info CSI 00000073 [SR] Beginning Verify and Repair transaction
2014-10-15 16:13:45, Info CSI 00000095 [SR] Verify complete
2014-10-15 16:13:46, Info CSI 00000096 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:13:46, Info CSI 00000097 [SR] Beginning Verify and Repair transaction
2014-10-15 16:13:54, Info CSI 0000009c [SR] Verify complete
2014-10-15 16:13:54, Info CSI 0000009d [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:13:54, Info CSI 0000009e [SR] Beginning Verify and Repair transaction
2014-10-15 16:14:04, Info CSI 000000a0 [SR] Verify complete
2014-10-15 16:14:04, Info CSI 000000a1 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:14:04, Info CSI 000000a2 [SR] Beginning Verify and Repair transaction
2014-10-15 16:14:11, Info CSI 000000a4 [SR] Verify complete
2014-10-15 16:14:11, Info CSI 000000a5 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:14:11, Info CSI 000000a6 [SR] Beginning Verify and Repair transaction
2014-10-15 16:14:19, Info CSI 000000a8 [SR] Verify complete
2014-10-15 16:14:19, Info CSI 000000a9 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:14:19, Info CSI 000000aa [SR] Beginning Verify and Repair transaction
2014-10-15 16:14:27, Info CSI 000000ac [SR] Verify complete
2014-10-15 16:14:27, Info CSI 000000ad [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:14:27, Info CSI 000000ae [SR] Beginning Verify and Repair transaction
2014-10-15 16:14:39, Info CSI 000000b0 [SR] Verify complete
2014-10-15 16:14:39, Info CSI 000000b1 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:14:39, Info CSI 000000b2 [SR] Beginning Verify and Repair transaction
2014-10-15 16:15:07, Info CSI 000000d5 [SR] Verify complete
2014-10-15 16:15:07, Info CSI 000000d6 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:15:07, Info CSI 000000d7 [SR] Beginning Verify and Repair transaction
2014-10-15 16:15:21, Info CSI 000000d9 [SR] Verify complete
2014-10-15 16:15:21, Info CSI 000000da [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:15:21, Info CSI 000000db [SR] Beginning Verify and Repair transaction
2014-10-15 16:15:54, Info CSI 000000dd [SR] Verify complete
2014-10-15 16:15:54, Info CSI 000000de [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:15:54, Info CSI 000000df [SR] Beginning Verify and Repair transaction
2014-10-15 16:16:01, Info CSI 000000e3 [SR] Verify complete
2014-10-15 16:16:01, Info CSI 000000e4 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:16:01, Info CSI 000000e5 [SR] Beginning Verify and Repair transaction
2014-10-15 16:16:03, Info CSI 000000e7 [SR] Verify complete
2014-10-15 16:16:03, Info CSI 000000e8 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:16:03, Info CSI 000000e9 [SR] Beginning Verify and Repair transaction
2014-10-15 16:16:05, Info CSI 000000eb [SR] Verify complete
2014-10-15 16:16:05, Info CSI 000000ec [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:16:05, Info CSI 000000ed [SR] Beginning Verify and Repair transaction
2014-10-15 16:16:13, Info CSI 000000fa [SR] Verify complete
2014-10-15 16:16:13, Info CSI 000000fb [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:16:13, Info CSI 000000fc [SR] Beginning Verify and Repair transaction
2014-10-15 16:16:19, Info CSI 00000104 [SR] Verify complete
2014-10-15 16:16:19, Info CSI 00000105 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:16:19, Info CSI 00000106 [SR] Beginning Verify and Repair transaction
2014-10-15 16:16:22, Info CSI 00000108 [SR] Verify complete
2014-10-15 16:16:22, Info CSI 00000109 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:16:22, Info CSI 0000010a [SR] Beginning Verify and Repair transaction
2014-10-15 16:16:27, Info CSI 0000010c [SR] Verify complete
2014-10-15 16:16:28, Info CSI 0000010d [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:16:28, Info CSI 0000010e [SR] Beginning Verify and Repair transaction
2014-10-15 16:16:32, Info CSI 00000110 [SR] Verify complete
2014-10-15 16:16:32, Info CSI 00000111 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:16:32, Info CSI 00000112 [SR] Beginning Verify and Repair transaction
2014-10-15 16:16:38, Info CSI 00000113 [SR] Repairing corrupted file [ml:520{260},l:90{45}]"\??\C:\Program Files\Internet Explorer\images"\[l:16{8}]"bing.ico" from store
2014-10-15 16:16:39, Info CSI 00000116 [SR] Verify complete
2014-10-15 16:16:39, Info CSI 00000117 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:16:39, Info CSI 00000118 [SR] Beginning Verify and Repair transaction
2014-10-15 16:16:47, Info CSI 0000011b [SR] Verify complete
2014-10-15 16:16:48, Info CSI 0000011c [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:16:48, Info CSI 0000011d [SR] Beginning Verify and Repair transaction
2014-10-15 16:16:49, Info CSI 0000011f [SR] Verify complete
2014-10-15 16:16:50, Info CSI 00000120 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:16:50, Info CSI 00000121 [SR] Beginning Verify and Repair transaction
2014-10-15 16:16:52, Info CSI 00000123 [SR] Verify complete
2014-10-15 16:16:52, Info CSI 00000124 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:16:52, Info CSI 00000125 [SR] Beginning Verify and Repair transaction
2014-10-15 16:17:01, Info CSI 00000127 [SR] Verify complete
2014-10-15 16:17:01, Info CSI 00000128 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:17:01, Info CSI 00000129 [SR] Beginning Verify and Repair transaction
2014-10-15 16:17:05, Info CSI 0000012b [SR] Verify complete
2014-10-15 16:17:05, Info CSI 0000012c [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:17:05, Info CSI 0000012d [SR] Beginning Verify and Repair transaction
2014-10-15 16:17:13, Info CSI 0000012f [SR] Verify complete
2014-10-15 16:17:13, Info CSI 00000130 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:17:13, Info CSI 00000131 [SR] Beginning Verify and Repair transaction
2014-10-15 16:17:23, Info CSI 00000149 [SR] Verify complete
2014-10-15 16:17:23, Info CSI 0000014a [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:17:23, Info CSI 0000014b [SR] Beginning Verify and Repair transaction
2014-10-15 16:17:28, Info CSI 0000014d [SR] Verify complete
2014-10-15 16:17:29, Info CSI 0000014e [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:17:29, Info CSI 0000014f [SR] Beginning Verify and Repair transaction
2014-10-15 16:17:45, Info CSI 00000151 [SR] Verify complete
2014-10-15 16:17:45, Info CSI 00000152 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:17:45, Info CSI 00000153 [SR] Beginning Verify and Repair transaction
2014-10-15 16:17:55, Info CSI 00000156 [SR] Verify complete
2014-10-15 16:17:55, Info CSI 00000157 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:17:55, Info CSI 00000158 [SR] Beginning Verify and Repair transaction
2014-10-15 16:18:01, Info CSI 0000015a [SR] Verify complete
2014-10-15 16:18:01, Info CSI 0000015b [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:18:01, Info CSI 0000015c [SR] Beginning Verify and Repair transaction
2014-10-15 16:18:06, Info CSI 0000015e [SR] Verify complete
2014-10-15 16:18:07, Info CSI 0000015f [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:18:07, Info CSI 00000160 [SR] Beginning Verify and Repair transaction
2014-10-15 16:18:12, Info CSI 00000162 [SR] Verify complete
2014-10-15 16:18:12, Info CSI 00000163 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:18:12, Info CSI 00000164 [SR] Beginning Verify and Repair transaction
2014-10-15 16:18:16, Info CSI 00000168 [SR] Verify complete
2014-10-15 16:18:17, Info CSI 00000169 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:18:17, Info CSI 0000016a [SR] Beginning Verify and Repair transaction
2014-10-15 16:18:23, Info CSI 0000016c [SR] Verify complete
2014-10-15 16:18:23, Info CSI 0000016d [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:18:23, Info CSI 0000016e [SR] Beginning Verify and Repair transaction
2014-10-15 16:18:48, Info CSI 00000170 [SR] Verify complete
2014-10-15 16:18:48, Info CSI 00000171 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:18:48, Info CSI 00000172 [SR] Beginning Verify and Repair transaction
2014-10-15 16:18:55, Info CSI 00000175 [SR] Verify complete
2014-10-15 16:18:55, Info CSI 00000176 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:18:55, Info CSI 00000177 [SR] Beginning Verify and Repair transaction
2014-10-15 16:19:00, Info CSI 0000017a [SR] Verify complete
2014-10-15 16:19:01, Info CSI 0000017b [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:19:01, Info CSI 0000017c [SR] Beginning Verify and Repair transaction
2014-10-15 16:19:09, Info CSI 0000017e [SR] Verify complete
2014-10-15 16:19:09, Info CSI 0000017f [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:19:09, Info CSI 00000180 [SR] Beginning Verify and Repair transaction
2014-10-15 16:19:25, Info CSI 00000183 [SR] Verify complete
2014-10-15 16:19:25, Info CSI 00000184 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:19:25, Info CSI 00000185 [SR] Beginning Verify and Repair transaction
2014-10-15 16:19:33, Info CSI 00000187 [SR] Verify complete
2014-10-15 16:19:33, Info CSI 00000188 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:19:33, Info CSI 00000189 [SR] Beginning Verify and Repair transaction
2014-10-15 16:19:41, Info CSI 0000018b [SR] Verify complete
2014-10-15 16:19:42, Info CSI 0000018c [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:19:42, Info CSI 0000018d [SR] Beginning Verify and Repair transaction
2014-10-15 16:19:50, Info CSI 0000018f [SR] Verify complete
2014-10-15 16:19:50, Info CSI 00000190 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:19:50, Info CSI 00000191 [SR] Beginning Verify and Repair transaction
2014-10-15 16:20:00, Info CSI 00000194 [SR] Verify complete
2014-10-15 16:20:01, Info CSI 00000195 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:20:01, Info CSI 00000196 [SR] Beginning Verify and Repair transaction
2014-10-15 16:20:05, Info CSI 00000198 [SR] Verify complete
2014-10-15 16:20:05, Info CSI 00000199 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:20:05, Info CSI 0000019a [SR] Beginning Verify and Repair transaction
2014-10-15 16:20:12, Info CSI 0000019d [SR] Verify complete
2014-10-15 16:20:12, Info CSI 0000019e [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:20:12, Info CSI 0000019f [SR] Beginning Verify and Repair transaction
2014-10-15 16:20:24, Info CSI 000001a1 [SR] Verify complete
2014-10-15 16:20:24, Info CSI 000001a2 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:20:24, Info CSI 000001a3 [SR] Beginning Verify and Repair transaction
2014-10-15 16:20:32, Info CSI 000001a7 [SR] Verify complete
2014-10-15 16:20:32, Info CSI 000001a8 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:20:32, Info CSI 000001a9 [SR] Beginning Verify and Repair transaction
2014-10-15 16:20:42, Info CSI 000001ab [SR] Verify complete
2014-10-15 16:20:43, Info CSI 000001ac [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:20:43, Info CSI 000001ad [SR] Beginning Verify and Repair transaction
2014-10-15 16:20:53, Info CSI 000001b0 [SR] Verify complete
2014-10-15 16:20:53, Info CSI 000001b1 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:20:53, Info CSI 000001b2 [SR] Beginning Verify and Repair transaction
2014-10-15 16:21:01, Info CSI 000001b4 [SR] Verify complete
2014-10-15 16:21:02, Info CSI 000001b5 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:21:02, Info CSI 000001b6 [SR] Beginning Verify and Repair transaction
2014-10-15 16:21:04, Info CSI 000001b8 [SR] Verify complete
2014-10-15 16:21:05, Info CSI 000001b9 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:21:05, Info CSI 000001ba [SR] Beginning Verify and Repair transaction
2014-10-15 16:21:11, Info CSI 000001bc [SR] Verify complete
2014-10-15 16:21:11, Info CSI 000001bd [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:21:11, Info CSI 000001be [SR] Beginning Verify and Repair transaction
2014-10-15 16:21:19, Info CSI 000001c0 [SR] Verify complete
2014-10-15 16:21:20, Info CSI 000001c1 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:21:20, Info CSI 000001c2 [SR] Beginning Verify and Repair transaction
2014-10-15 16:21:28, Info CSI 000001c4 [SR] Verify complete
2014-10-15 16:21:28, Info CSI 000001c5 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:21:28, Info CSI 000001c6 [SR] Beginning Verify and Repair transaction
2014-10-15 16:21:33, Info CSI 000001c8 [SR] Verify complete
2014-10-15 16:21:34, Info CSI 000001c9 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:21:34, Info CSI 000001ca [SR] Beginning Verify and Repair transaction
2014-10-15 16:21:42, Info CSI 000001cc [SR] Verify complete
2014-10-15 16:21:43, Info CSI 000001cd [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:21:43, Info CSI 000001ce [SR] Beginning Verify and Repair transaction
2014-10-15 16:22:03, Info CSI 000001d0 [SR] Verify complete
2014-10-15 16:22:03, Info CSI 000001d1 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:22:03, Info CSI 000001d2 [SR] Beginning Verify and Repair transaction
2014-10-15 16:22:38, Info CSI 000001d4 [SR] Verify complete
2014-10-15 16:22:39, Info CSI 000001d5 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:22:39, Info CSI 000001d6 [SR] Beginning Verify and Repair transaction
2014-10-15 16:22:48, Info CSI 000001d8 [SR] Verify complete
2014-10-15 16:22:48, Info CSI 000001d9 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:22:48, Info CSI 000001da [SR] Beginning Verify and Repair transaction
2014-10-15 16:22:57, Info CSI 000001dc [SR] Verify complete
2014-10-15 16:22:57, Info CSI 000001dd [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:22:57, Info CSI 000001de [SR] Beginning Verify and Repair transaction
2014-10-15 16:22:59, Info CSI 000001e0 [SR] Verify complete
2014-10-15 16:23:00, Info CSI 000001e1 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:23:00, Info CSI 000001e2 [SR] Beginning Verify and Repair transaction
2014-10-15 16:23:06, Info CSI 000001e4 [SR] Verify complete
2014-10-15 16:23:06, Info CSI 000001e5 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:23:06, Info CSI 000001e6 [SR] Beginning Verify and Repair transaction
2014-10-15 16:23:15, Info CSI 000001e8 [SR] Verify complete
2014-10-15 16:23:16, Info CSI 000001e9 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:23:16, Info CSI 000001ea [SR] Beginning Verify and Repair transaction
2014-10-15 16:23:19, Info CSI 000001ec [SR] Verify complete
2014-10-15 16:23:19, Info CSI 000001ed [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:23:19, Info CSI 000001ee [SR] Beginning Verify and Repair transaction
2014-10-15 16:23:20, Info CSI 000001f0 [SR] Verify complete
2014-10-15 16:23:20, Info CSI 000001f1 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:23:20, Info CSI 000001f2 [SR] Beginning Verify and Repair transaction
2014-10-15 16:23:25, Info CSI 000001fa [SR] Verify complete
2014-10-15 16:23:26, Info CSI 000001fb [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:23:26, Info CSI 000001fc [SR] Beginning Verify and Repair transaction
2014-10-15 16:24:26, Info CSI 000001fe [SR] Verify complete
2014-10-15 16:24:26, Info CSI 000001ff [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:24:26, Info CSI 00000200 [SR] Beginning Verify and Repair transaction
2014-10-15 16:25:24, Info CSI 00000202 [SR] Verify complete
2014-10-15 16:25:25, Info CSI 00000203 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:25:25, Info CSI 00000204 [SR] Beginning Verify and Repair transaction
2014-10-15 16:25:31, Info CSI 00000206 [SR] Verify complete
2014-10-15 16:25:32, Info CSI 00000207 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:25:32, Info CSI 00000208 [SR] Beginning Verify and Repair transaction
2014-10-15 16:25:38, Info CSI 0000020a [SR] Verify complete
2014-10-15 16:25:39, Info CSI 0000020b [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:25:39, Info CSI 0000020c [SR] Beginning Verify and Repair transaction
2014-10-15 16:25:47, Info CSI 0000020f [SR] Verify complete
2014-10-15 16:25:48, Info CSI 00000210 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:25:48, Info CSI 00000211 [SR] Beginning Verify and Repair transaction
2014-10-15 16:25:52, Info CSI 00000213 [SR] Verify complete
2014-10-15 16:25:52, Info CSI 00000214 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:25:52, Info CSI 00000215 [SR] Beginning Verify and Repair transaction
2014-10-15 16:25:55, Info CSI 00000217 [SR] Verify complete
2014-10-15 16:25:55, Info CSI 00000218 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:25:55, Info CSI 00000219 [SR] Beginning Verify and Repair transaction
2014-10-15 16:26:07, Info CSI 0000021c [SR] Verify complete
2014-10-15 16:26:07, Info CSI 0000021d [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:26:07, Info CSI 0000021e [SR] Beginning Verify and Repair transaction
2014-10-15 16:26:24, Info CSI 00000222 [SR] Verify complete
2014-10-15 16:26:25, Info CSI 00000223 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:26:25, Info CSI 00000224 [SR] Beginning Verify and Repair transaction
2014-10-15 16:26:31, Info CSI 00000229 [SR] Verify complete
2014-10-15 16:26:32, Info CSI 0000022a [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:26:32, Info CSI 0000022b [SR] Beginning Verify and Repair transaction
2014-10-15 16:26:39, Info CSI 00000233 [SR] Verify complete
2014-10-15 16:26:40, Info CSI 00000234 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:26:40, Info CSI 00000235 [SR] Beginning Verify and Repair transaction
2014-10-15 16:26:49, Info CSI 0000023f [SR] Verify complete
2014-10-15 16:26:49, Info CSI 00000240 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:26:49, Info CSI 00000241 [SR] Beginning Verify and Repair transaction
2014-10-15 16:26:55, Info CSI 00000243 [SR] Verify complete
2014-10-15 16:26:56, Info CSI 00000244 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:26:56, Info CSI 00000245 [SR] Beginning Verify and Repair transaction
2014-10-15 16:27:02, Info CSI 00000249 [SR] Verify complete
2014-10-15 16:27:02, Info CSI 0000024a [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:27:02, Info CSI 0000024b [SR] Beginning Verify and Repair transaction
2014-10-15 16:27:07, Info CSI 0000024d [SR] Verify complete
2014-10-15 16:27:07, Info CSI 0000024e [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:27:07, Info CSI 0000024f [SR] Beginning Verify and Repair transaction
2014-10-15 16:27:15, Info CSI 00000274 [SR] Verify complete
2014-10-15 16:27:15, Info CSI 00000275 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:27:15, Info CSI 00000276 [SR] Beginning Verify and Repair transaction
2014-10-15 16:27:21, Info CSI 00000278 [SR] Verify complete
2014-10-15 16:27:21, Info CSI 00000279 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:27:21, Info CSI 0000027a [SR] Beginning Verify and Repair transaction
2014-10-15 16:27:26, Info CSI 0000027c [SR] Verify complete
2014-10-15 16:27:27, Info CSI 0000027d [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:27:27, Info CSI 0000027e [SR] Beginning Verify and Repair transaction
2014-10-15 16:27:34, Info CSI 00000280 [SR] Verify complete
2014-10-15 16:27:34, Info CSI 00000281 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:27:34, Info CSI 00000282 [SR] Beginning Verify and Repair transaction
2014-10-15 16:27:40, Info CSI 00000290 [SR] Verify complete
2014-10-15 16:27:40, Info CSI 00000291 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:27:40, Info CSI 00000292 [SR] Beginning Verify and Repair transaction
2014-10-15 16:27:51, Info CSI 00000294 [SR] Verify complete
2014-10-15 16:27:51, Info CSI 00000295 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:27:51, Info CSI 00000296 [SR] Beginning Verify and Repair transaction
2014-10-15 16:27:57, Info CSI 000002a3 [SR] Verify complete
2014-10-15 16:27:57, Info CSI 000002a4 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:27:57, Info CSI 000002a5 [SR] Beginning Verify and Repair transaction
2014-10-15 16:28:02, Info CSI 000002a8 [SR] Verify complete
2014-10-15 16:28:03, Info CSI 000002a9 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:28:03, Info CSI 000002aa [SR] Beginning Verify and Repair transaction
2014-10-15 16:28:07, Info CSI 000002ac [SR] Verify complete
2014-10-15 16:28:07, Info CSI 000002ad [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:28:07, Info CSI 000002ae [SR] Beginning Verify and Repair transaction
2014-10-15 16:28:16, Info CSI 000002b1 [SR] Verify complete
2014-10-15 16:28:16, Info CSI 000002b2 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:28:16, Info CSI 000002b3 [SR] Beginning Verify and Repair transaction
2014-10-15 16:28:18, Info CSI 000002b5 [SR] Verify complete
2014-10-15 16:28:19, Info CSI 000002b6 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:28:19, Info CSI 000002b7 [SR] Beginning Verify and Repair transaction
2014-10-15 16:28:28, Info CSI 000002b9 [SR] Verify complete
2014-10-15 16:28:28, Info CSI 000002ba [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:28:28, Info CSI 000002bb [SR] Beginning Verify and Repair transaction
2014-10-15 16:28:35, Info CSI 000002bd [SR] Verify complete
2014-10-15 16:28:35, Info CSI 000002be [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:28:35, Info CSI 000002bf [SR] Beginning Verify and Repair transaction
2014-10-15 16:28:40, Info CSI 000002c1 [SR] Verify complete
2014-10-15 16:28:40, Info CSI 000002c2 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:28:40, Info CSI 000002c3 [SR] Beginning Verify and Repair transaction
2014-10-15 16:28:48, Info CSI 000002dd [SR] Verify complete
2014-10-15 16:28:49, Info CSI 000002de [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:28:49, Info CSI 000002df [SR] Beginning Verify and Repair transaction
2014-10-15 16:29:15, Info CSI 000002e1 [SR] Verify complete
2014-10-15 16:29:16, Info CSI 000002e2 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:29:16, Info CSI 000002e3 [SR] Beginning Verify and Repair transaction
2014-10-15 16:29:20, Info CSI 000002e5 [SR] Verify complete
2014-10-15 16:29:21, Info CSI 000002e6 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:29:21, Info CSI 000002e7 [SR] Beginning Verify and Repair transaction
2014-10-15 16:29:26, Info CSI 000002e9 [SR] Verify complete
2014-10-15 16:29:26, Info CSI 000002ea [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:29:26, Info CSI 000002eb [SR] Beginning Verify and Repair transaction
2014-10-15 16:29:30, Info CSI 000002ef [SR] Verify complete
2014-10-15 16:29:30, Info CSI 000002f0 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:29:30, Info CSI 000002f1 [SR] Beginning Verify and Repair transaction
2014-10-15 16:29:36, Info CSI 000002f3 [SR] Verify complete
2014-10-15 16:29:36, Info CSI 000002f4 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:29:36, Info CSI 000002f5 [SR] Beginning Verify and Repair transaction
2014-10-15 16:29:42, Info CSI 000002f7 [SR] Verify complete
2014-10-15 16:29:42, Info CSI 000002f8 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:29:42, Info CSI 000002f9 [SR] Beginning Verify and Repair transaction
2014-10-15 16:29:47, Info CSI 000002fb [SR] Verify complete
2014-10-15 16:29:48, Info CSI 000002fc [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:29:48, Info CSI 000002fd [SR] Beginning Verify and Repair transaction
2014-10-15 16:29:54, Info CSI 00000300 [SR] Verify complete
2014-10-15 16:29:54, Info CSI 00000301 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:29:54, Info CSI 00000302 [SR] Beginning Verify and Repair transaction
2014-10-15 16:29:59, Info CSI 00000304 [SR] Verify complete
2014-10-15 16:29:59, Info CSI 00000305 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:29:59, Info CSI 00000306 [SR] Beginning Verify and Repair transaction
2014-10-15 16:30:07, Info CSI 00000308 [SR] Verify complete
2014-10-15 16:30:08, Info CSI 00000309 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:30:08, Info CSI 0000030a [SR] Beginning Verify and Repair transaction
2014-10-15 16:30:15, Info CSI 0000030c [SR] Verify complete
2014-10-15 16:30:15, Info CSI 0000030d [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:30:15, Info CSI 0000030e [SR] Beginning Verify and Repair transaction
2014-10-15 16:30:23, Info CSI 00000311 [SR] Verify complete
2014-10-15 16:30:23, Info CSI 00000312 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:30:23, Info CSI 00000313 [SR] Beginning Verify and Repair transaction
2014-10-15 16:30:30, Info CSI 00000315 [SR] Verify complete
2014-10-15 16:30:31, Info CSI 00000316 [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:30:31, Info CSI 00000317 [SR] Beginning Verify and Repair transaction
2014-10-15 16:30:37, Info CSI 00000319 [SR] Verify complete
2014-10-15 16:30:37, Info CSI 0000031a [SR] Verifying 100 (0x0000000000000064) components
2014-10-15 16:30:37, Info CSI 0000031b [SR] Beginning Verify and Repair transaction
2014-10-15 16:30:44, Info CSI 0000031d [SR] Verify complete
2014-10-15 16:30:44, Info CSI 0000031e [SR] Verifying 92 (0x000000000000005c) components
2014-10-15 16:30:44, Info CSI 0000031f [SR] Beginning Verify and Repair transaction
2014-10-15 16:30:51, Info CSI 00000321 [SR] Verify complete
lehbird
Regular Member
 
Posts: 40
Joined: September 5th, 2010, 12:01 am

Re: Blue Screen Twice in the last 4 Days

Unread postby lehbird » October 17th, 2014, 7:24 pm

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
Registry key HKEY_USERS\S-1-5-21-1198750336-2114330506-812848513-1000\Software\Microsoft\Internet Explorer\SearchScopes\{70E84F06-B2DD-44B8-82C3-967012999C81}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{70E84F06-B2DD-44B8-82C3-967012999C81}\ not found.
Prefs.js: "http://search.yahoo.com?type=902615&fr=spigot-yhp-ff" removed from browser.startup.homepage
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0\ deleted successfully.
C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0\ deleted successfully.
File C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll not found.
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\w129ok8l.default\searchplugins\yahoo.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{48A789BF-F6D6-4930-9C8B-77855A63EDE1}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48A789BF-F6D6-4930-9C8B-77855A63EDE1}\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1198750336-2114330506-812848513-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ not found.
C:\Users\Owner\AppData\Roaming\IObit\Smart Defrag 3 folder moved successfully.
C:\Users\Owner\AppData\Roaming\IObit\Advanced SystemCare V6\Log folder moved successfully.
C:\Users\Owner\AppData\Roaming\IObit\Advanced SystemCare V6\Boottime folder moved successfully.
C:\Users\Owner\AppData\Roaming\IObit\Advanced SystemCare V6\Backup folder moved successfully.
C:\Users\Owner\AppData\Roaming\IObit\Advanced SystemCare V6 folder moved successfully.
C:\Users\Owner\AppData\Roaming\IObit folder moved successfully.
========== FILES ==========
C:\Windows\SysWow64\tmp6683.tmp moved successfully.
C:\Windows\SysWow64\tmp6684.tmp moved successfully.
C:\Windows\msdownld.tmp folder moved successfully.
C:\Users\Owner\Documents\PDRMUSIC.TMP folder moved successfully.
ADS C:\ProgramData\Temp:00934A10 deleted successfully.
ADS C:\ProgramData\Temp:74603393 deleted successfully.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Owner\Desktop\cmd.bat deleted successfully.
C:\Users\Owner\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYFLASH]

User: Administrator

User: All Users

User: Dave
->Flash cache emptied: 57484 bytes

User: David N. Leh

User: Default
->Flash cache emptied: 56466 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Owner
->Flash cache emptied: 57184 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb


[EMPTYJAVA]

User: Administrator

User: All Users

User: Dave

User: David N. Leh

User: Default

User: Default User

User: Owner

User: Public

Total Java Files Cleaned = 0.00 mb


[EMPTYTEMP]

User: Administrator

User: All Users

User: Dave
->Temp folder emptied: 55396932 bytes
->Temporary Internet Files folder emptied: 7988817 bytes
->Flash cache emptied: 0 bytes

User: David N. Leh

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Owner
->Temp folder emptied: 1996936072 bytes
->Temporary Internet Files folder emptied: 136544743 bytes
->FireFox cache emptied: 5848382 bytes
->Google Chrome cache emptied: 20786818 bytes
->Flash cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 6272378286 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50461 bytes
RecycleBin emptied: 5605827320 bytes

Total Files Cleaned = 13,448.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 10172014_174150

Files\Folders moved on Reboot...
C:\Users\Owner\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Users\Owner\AppData\Local\Temp\~DF0BF3ADEB09012D95.TMP not found!
File\Folder C:\Users\Owner\AppData\Local\Temp\~DF78208FA876F6F572.TMP not found!
File\Folder C:\Users\Owner\AppData\Local\Temp\~DF8258D629EE1C5875.TMP not found!
File\Folder C:\Users\Owner\AppData\Local\Temp\~DFDB72B835C8191EA9.TMP not found!
C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\4A72F430-B40C-4D36-A068-CE33ADA5ADF9.dat moved successfully.
C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VPO0O3V3\skeleton[1].js moved successfully.
C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VPO0O3V3\widgetEvent[1].json moved successfully.
C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VI2407OO\ca-pub-8494067626122848[1].js moved successfully.
C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VI2407OO\widgetEvent[1].json moved successfully.
C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UOF6122S\ca-pub-7439281311086140[1].js moved successfully.
C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UOF6122S\widgetEvent[1].json moved successfully.
C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R8XZHZXS\site=cnn&cnn_pagetype=main&cnn_position=1x1_top&cnn_rollup=homepage&page.allowcompete=no&Params.User[1].js moved successfully.
C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R8FKK4UE\site=cnn&cnn_pagetype=main&cnn_position=BG_Skin&cnn_rollup=homepage&page.allowcompete=no&Params.User[1].js moved successfully.
C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q5FWCMI8\ads[1].htm moved successfully.
C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q5FWCMI8\ads[2].htm moved successfully.
C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q5FWCMI8\css[1].css moved successfully.
C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q5FWCMI8\widgetEvent[1].json moved successfully.
C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q5FWCMI8\zrt_lookup[1].htm moved successfully.
C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LU18QRFW\DroidSans[1].woff moved successfully.
C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LU18QRFW\optout_check[1].js moved successfully.
C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CXTOOQE4\si[1].htm moved successfully.
C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BLJCHWO5\ads[1].htm moved successfully.
C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A3H8C6ZX\97[3].js moved successfully.
C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\93OOO8XT\si[1].htm moved successfully.
C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\93OOO8XT\si[2].htm moved successfully.
C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\93OOO8XT\viewtopic[2].htm moved successfully.
C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\60S2QOSG\3[1].js moved successfully.
C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\60S2QOSG\Hgo13k-tfSpn0qi1SFdUfT8E0i7KZn-EPnyo3HZu7kw[1].woff moved successfully.
C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\60S2QOSG\Hgo13k-tfSpn0qi1SFdUfT8E0i7KZn-EPnyo3HZu7kw[2].woff moved successfully.
C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\60S2QOSG\Hgo13k-tfSpn0qi1SFdUfT8E0i7KZn-EPnyo3HZu7kw[3].woff moved successfully.
C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
lehbird
Regular Member
 
Posts: 40
Joined: September 5th, 2010, 12:01 am

Re: Blue Screen Twice in the last 4 Days

Unread postby lehbird » October 17th, 2014, 7:24 pm

# AdwCleaner v4.000 - Report created 17/10/2014 at 18:24:23
# DB v2014-10-17.9
# Updated 12/10/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Owner - OWNER-PC
# Running from : C:\Users\Owner\Downloads\adwcleaner_4.000.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : SecureUpdateSvc

***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Dave\AppData\LocalLow\Search Settings
Folder Deleted : C:\Program Files (x86)\Secure Speed Dial
Folder Deleted : C:\Program Files (x86)\Common Files\Spigot
Folder Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\w129ok8l.default\Extensions\speeddial@instair.net
Folder Deleted : C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\glmfgahfleepmdfffonfckpmkondpdkg
Folder Deleted : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Folder Deleted : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Folder Deleted : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Folder Deleted : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp
[!] Folder Deleted : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
[!] Folder Deleted : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj
[!] Folder Deleted : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp
File Deleted : C:\Program Files (x86)\main.dll

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchSettings_RASAPI32
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17344


-\\ Mozilla Firefox v32.0.3 (x86 en-US)


-\\ Google Chrome v37.0.2062.124


*************************

AdwCleaner[R0].txt - [3852 octets] - [17/10/2014 18:20:07]
AdwCleaner[S0].txt - [3501 octets] - [17/10/2014 18:24:23]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3561 octets] ##########
lehbird
Regular Member
 
Posts: 40
Joined: September 5th, 2010, 12:01 am
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 73 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware