OTL.txt
OTL logfile created on: 3/6/2014 12:49:39 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Road Runner\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16518)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.87 Gb Total Physical Memory | 1.67 Gb Available Physical Memory | 43.23% Memory free
7.73 Gb Paging File | 5.41 Gb Available in Paging File | 70.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 917.74 Gb Total Space | 837.83 Gb Free Space | 91.29% Space Free | Partition Type: NTFS
Computer Name: ROADRUNNER-PC | User Name: Road Runner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2014/03/06 12:07:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Road Runner\Downloads\OTL.exe
PRC - [2014/02/20 14:46:57 | 001,863,560 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
PRC - [2014/02/15 14:12:32 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/04/04 14:50:32 | 000,887,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2013/02/25 10:59:30 | 000,225,280 | ---- | M] (Alcatel-Lucent) -- C:\Program Files (x86)\Common Files\Motive\pcContextHookShim.exe
PRC - [2013/02/25 10:59:28 | 000,342,528 | ---- | M] (Alcatel-Lucent) -- C:\Program Files (x86)\Common Files\Motive\pcServiceHost.exe
PRC - [2012/11/13 13:08:12 | 003,487,240 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
PRC - [2012/11/13 13:08:08 | 003,825,176 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
PRC - [2012/11/13 13:07:24 | 000,168,384 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2012/11/13 13:07:20 | 001,369,624 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2012/11/13 13:07:16 | 001,103,392 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2012/11/01 04:31:42 | 000,369,152 | ---- | M] (Alcatel-Lucent) -- C:\Program Files (x86)\Common Files\Motive\pcCMService.exe
PRC - [2012/10/19 13:46:22 | 000,144,896 | ---- | M] (Motorola Mobility Inc.) -- C:\Program Files (x86)\Motorola Mobility\MotoCast\MotoCast.exe
PRC - [2012/10/19 13:46:00 | 000,240,056 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\MotoCast-thumbnailer.exe
PRC - [2012/10/02 12:45:22 | 000,120,728 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
PRC - [2012/10/02 12:41:02 | 000,694,168 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
PRC - [2012/09/07 20:36:46 | 000,087,992 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe
PRC - [2012/08/23 12:37:16 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
PRC - [2011/09/02 15:06:38 | 000,065,657 | ---- | M] (Motorola) -- C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
PRC - [2011/04/16 18:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccsvchst.exe
PRC - [2010/08/23 19:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
PRC - [2010/07/01 10:38:26 | 000,083,512 | ---- | M] (ArcSoft, Inc.) -- C:\Users\Road Runner\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe
PRC - [2010/03/25 20:29:36 | 000,563,744 | ---- | M] () -- C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe
PRC - [2010/01/28 17:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
PRC - [2009/12/17 18:50:18 | 000,976,832 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
PRC - [2009/12/09 03:24:16 | 000,076,320 | ---- | M] () -- C:\OEM\USBDECTION\USBS3S4Detection.exe
PRC - [2009/12/03 00:00:00 | 000,847,872 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
PRC - [2009/11/25 19:42:26 | 000,095,632 | ---- | M] (OLYMPUS IMAGING CORP.) -- C:\Program Files (x86)\OLYMPUS\OLYMPUS Master 2\MMonitor.exe
PRC - [2009/08/28 03:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe
PRC - [2009/07/20 15:07:10 | 000,124,416 | ---- | M] (IOI) -- C:\Program Files (x86)\Gateway Photo Frame\ButtonMonitor.exe
PRC - [2008/01/03 17:28:08 | 001,392,640 | R--- | M] (PalmSource, Inc) -- C:\Program Files (x86)\Palm\Hotsync.exe
PRC - [2006/12/19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
PRC - [2006/12/18 17:13:04 | 002,465,792 | ---- | M] (Cyberlink) -- C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe
========== Modules (No Company Name) ========== MOD - [2014/03/06 12:06:30 | 000,160,256 | ---- | M] () -- C:\Users\Road Runner\AppData\Local\Temp\ZumoLocalGateway.dll5898964042787406362.lib
MOD - [2014/03/06 12:06:20 | 000,314,368 | ---- | M] () -- C:\Users\Road Runner\AppData\Local\Temp\WindowsFolderWatcher.dll8417510631856937812.lib
MOD - [2014/03/06 12:05:13 | 000,205,824 | ---- | M] () -- C:\Users\Road Runner\AppData\Local\Temp\WindowsAPI.dll5660753041223384223.lib
MOD - [2014/02/25 11:52:52 | 000,099,872 | ---- | M] () -- C:\Users\Road Runner\AppData\Roaming\Mozilla\Firefox\Profiles\xd8p6706.default\extensions\{e45b560e-6db0-142c-46f5-2130b1d106ec}\components\SmartbarFireFoxRemotePlugin_27.dll
MOD - [2014/02/20 14:46:57 | 016,265,096 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll
MOD - [2014/02/15 14:12:32 | 003,578,992 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2014/02/13 03:47:08 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\8bc548587e91ecf0552a40e47bbf99cc\System.Windows.Forms.ni.dll
MOD - [2014/02/13 03:47:02 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5c24d3b0041ebf4f48a93615b9fa3de9\System.Drawing.ni.dll
MOD - [2014/02/13 03:46:46 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\217ece46920546d718414291d463bb1c\System.Xml.ni.dll
MOD - [2014/02/13 03:46:43 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b3a78269847005365001c33870cd121f\System.ni.dll
MOD - [2014/02/13 03:46:43 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\5b6ddf934128d538cd5cd77bf4209b93\System.Configuration.ni.dll
MOD - [2014/02/13 03:46:36 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll
MOD - [2014/02/06 00:52:52 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/02/06 00:52:32 | 001,044,808 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012/11/13 13:06:32 | 000,158,624 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
MOD - [2012/11/13 13:06:30 | 000,108,960 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2012/11/13 13:06:28 | 000,554,400 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl
MOD - [2012/11/13 13:06:28 | 000,528,288 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\JSDialogPack150.bpl
MOD - [2012/11/13 13:06:28 | 000,416,160 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
MOD - [2012/10/19 13:46:20 | 000,075,776 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstvideoscale.dll
MOD - [2012/10/19 13:46:20 | 000,061,952 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgsttypefindfunctions.dll
MOD - [2012/10/19 13:46:20 | 000,059,904 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstvideobox.dll
MOD - [2012/10/19 13:46:20 | 000,054,784 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstsmpte.dll
MOD - [2012/10/19 13:46:20 | 000,053,760 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstvorbis.dll
MOD - [2012/10/19 13:46:20 | 000,051,712 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstsubparse.dll
MOD - [2012/10/19 13:46:20 | 000,050,688 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstwavpack.dll
MOD - [2012/10/19 13:46:20 | 000,042,496 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstwavparse.dll
MOD - [2012/10/19 13:46:20 | 000,034,304 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstvolume.dll
MOD - [2012/10/19 13:46:20 | 000,032,768 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstvideocrop.dll
MOD - [2012/10/19 13:46:20 | 000,024,576 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstvideorate.dll
MOD - [2012/10/19 13:46:20 | 000,013,312 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgsty4menc.dll
MOD - [2012/10/19 13:46:18 | 000,531,968 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflumpeg4video.dll
MOD - [2012/10/19 13:46:18 | 000,363,008 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflumpeg2video.dll
MOD - [2012/10/19 13:46:18 | 000,276,480 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstisomp4.dll
MOD - [2012/10/19 13:46:18 | 000,207,872 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmatroska.dll
MOD - [2012/10/19 13:46:18 | 000,150,528 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmpegdemux.dll
MOD - [2012/10/19 13:46:18 | 000,132,608 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstogg.dll
MOD - [2012/10/19 13:46:18 | 000,119,296 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflumpegdemux.dll
MOD - [2012/10/19 13:46:18 | 000,075,776 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflv.dll
MOD - [2012/10/19 13:46:18 | 000,059,904 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstjpeg.dll
MOD - [2012/10/19 13:46:18 | 000,047,616 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmpegaudioparse.dll
MOD - [2012/10/19 13:46:18 | 000,039,936 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmpegtsmux.dll
MOD - [2012/10/19 13:46:18 | 000,037,888 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstgio.dll
MOD - [2012/10/19 13:46:18 | 000,035,840 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstinterleave.dll
MOD - [2012/10/19 13:46:18 | 000,035,328 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstreplaygain.dll
MOD - [2012/10/19 13:46:18 | 000,034,304 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstid3tag.dll
MOD - [2012/10/19 13:46:18 | 000,032,256 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstid3demux.dll
MOD - [2012/10/19 13:46:18 | 000,029,696 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstgdp.dll
MOD - [2012/10/19 13:46:18 | 000,029,184 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstpng.dll
MOD - [2012/10/19 13:46:18 | 000,025,088 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmultipart.dll
MOD - [2012/10/19 13:46:18 | 000,024,576 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmpegvideoparse.dll
MOD - [2012/10/19 13:46:18 | 000,020,480 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmultifile.dll
MOD - [2012/10/19 13:46:18 | 000,019,456 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstlevel.dll
MOD - [2012/10/19 13:46:18 | 000,015,360 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmulaw.dll
MOD - [2012/10/19 13:46:18 | 000,011,264 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstshift.dll
MOD - [2012/10/19 13:46:16 | 001,563,136 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflump3enc.dll
MOD - [2012/10/19 13:46:16 | 001,376,256 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflump3dec.dll
MOD - [2012/10/19 13:46:16 | 000,088,064 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflummssrc.dll
MOD - [2012/10/19 13:46:16 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflumch264enc.dll
MOD - [2012/10/19 13:46:16 | 000,033,280 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflumcaacenc.dll
MOD - [2012/10/19 13:46:14 | 002,009,600 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstfluh264dec.dll
MOD - [2012/10/19 13:46:14 | 001,694,208 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstfluaacdec.dll
MOD - [2012/10/19 13:46:14 | 000,122,880 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstfluasfdemux.dll
MOD - [2012/10/19 13:46:12 | 000,187,904 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstffmpegcolorspace.dll
MOD - [2012/10/19 13:46:12 | 000,073,216 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstdshowsrcwrapper.dll
MOD - [2012/10/19 13:46:12 | 000,069,120 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflac.dll
MOD - [2012/10/19 13:46:12 | 000,026,624 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstequalizer.dll
MOD - [2012/10/19 13:46:10 | 000,212,480 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstcoreelements.dll
MOD - [2012/10/19 13:46:10 | 000,123,904 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstavi.dll
MOD - [2012/10/19 13:46:10 | 000,091,136 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstdshowdecwrapper.dll
MOD - [2012/10/19 13:46:10 | 000,086,016 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstdecodebin2.dll
MOD - [2012/10/19 13:46:10 | 000,078,848 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstaudioconvert.dll
MOD - [2012/10/19 13:46:10 | 000,052,224 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstaudioresample.dll
MOD - [2012/10/19 13:46:10 | 000,032,256 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstautoconvert.dll
MOD - [2012/10/19 13:46:10 | 000,029,184 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstautodetect.dll
MOD - [2012/10/19 13:46:10 | 000,020,480 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstaudiorate.dll
MOD - [2012/10/19 13:46:10 | 000,020,480 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstamrnb.dll
MOD - [2012/10/19 13:46:10 | 000,019,456 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstauparse.dll
MOD - [2012/10/19 13:46:10 | 000,016,896 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstcutter.dll
MOD - [2012/10/19 13:46:10 | 000,015,360 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstapetag.dll
MOD - [2012/10/19 13:46:10 | 000,014,848 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstamrwbdec.dll
MOD - [2012/10/19 13:46:10 | 000,011,776 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstcoreindexers.dll
MOD - [2012/10/19 13:46:08 | 001,520,128 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libvorbisenc-2.dll
MOD - [2012/10/19 13:46:08 | 001,396,736 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libxml2-2.dll
MOD - [2012/10/19 13:46:08 | 000,196,608 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libwavpack-1.dll
MOD - [2012/10/19 13:46:08 | 000,085,504 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\z.dll
MOD - [2012/10/19 13:46:08 | 000,048,640 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstalpha.dll
MOD - [2012/10/19 13:46:08 | 000,038,400 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstaiff.dll
MOD - [2012/10/19 13:46:08 | 000,030,208 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstadder.dll
MOD - [2012/10/19 13:46:08 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstalaw.dll
MOD - [2012/10/19 13:46:08 | 000,017,920 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstalphacolor.dll
MOD - [2012/10/19 13:46:08 | 000,014,848 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstadpcmdec.dll
MOD - [2012/10/19 13:46:06 | 000,471,552 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\liborc-0.4-0.dll
MOD - [2012/10/19 13:46:06 | 000,190,976 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libpng14-14.dll
MOD - [2012/10/19 13:46:06 | 000,162,304 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libvorbis-0.dll
MOD - [2012/10/19 13:46:06 | 000,123,947 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libopencore-amrwb.0.1.1.dll
MOD - [2012/10/19 13:46:04 | 000,699,392 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstreamer-0.10.dll
MOD - [2012/10/19 13:46:04 | 000,276,992 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libjpeg-8.dll
MOD - [2012/10/19 13:46:04 | 000,253,440 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstbase-0.10.dll
MOD - [2012/10/19 13:46:04 | 000,248,352 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libopencore-amrnb.0.1.1.dll
MOD - [2012/10/19 13:46:04 | 000,133,120 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgsttag-0.10.dll
MOD - [2012/10/19 13:46:04 | 000,126,976 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstcontroller-0.10.dll
MOD - [2012/10/19 13:46:04 | 000,098,304 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstpbutils-0.10.dll
MOD - [2012/10/19 13:46:04 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstrtp-0.10.dll
MOD - [2012/10/19 13:46:04 | 000,053,760 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstinterfaces-0.10.dll
MOD - [2012/10/19 13:46:04 | 000,041,984 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstriff-0.10.dll
MOD - [2012/10/19 13:46:04 | 000,038,912 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstvideo-0.10.dll
MOD - [2012/10/19 13:46:04 | 000,023,552 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libogg-0.dll
MOD - [2012/10/19 13:46:04 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstdataprotocol-0.10.dll
MOD - [2012/10/19 13:46:02 | 000,109,568 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstaudio-0.10.dll
MOD - [2012/10/19 13:46:00 | 000,331,264 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libFLAC-8.dll
MOD - [2012/10/19 13:46:00 | 000,240,056 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\MotoCast-thumbnailer.exe
MOD - [2012/10/02 12:41:02 | 000,694,168 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
MOD - [2012/06/04 12:20:22 | 000,509,440 | ---- | M] () -- C:\Users\Road Runner\AppData\Local\Temp\sqlite-3.6.20-sqlitejdbc.dll
MOD - [2010/03/25 20:29:36 | 000,563,744 | ---- | M] () -- C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe
MOD - [2010/03/25 20:29:36 | 000,154,144 | ---- | M] () -- C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyHook.dll
MOD - [2009/06/12 17:37:38 | 000,032,768 | ---- | M] () -- C:\Program Files (x86)\Gateway Photo Frame\IOIUSBLib.dll
MOD - [2009/06/12 17:37:36 | 000,025,088 | ---- | M] () -- C:\Program Files (x86)\Gateway Photo Frame\IOIHIDLib.dll
MOD - [2007/01/12 17:09:10 | 001,689,136 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\P2GRC.dll
========== Services (SafeList) ========== SRV:
64bit: - [2014/02/06 04:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:
64bit: - [2013/09/06 10:32:06 | 000,288,776 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe -- (McComponentHostService)
SRV:
64bit: - [2013/05/26 23:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:
64bit: - [2012/11/01 05:45:20 | 000,460,288 | ---- | M] (Alcatel-Lucent) [Auto | Running] -- C:\Program Files\Common Files\Motive\pcCMService.exe -- (pcCMService64)
SRV:
64bit: - [2010/01/28 17:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe -- (Updater Service)
SRV - [2014/02/20 14:46:59 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/02/15 14:12:32 | 000,118,896 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/02/25 10:59:28 | 000,342,528 | ---- | M] (Alcatel-Lucent) [Auto | Running] -- C:\Program Files (x86)\Common Files\Motive\pcServiceHost.exe -- (pcServiceHost)
SRV - [2013/02/25 10:23:04 | 000,319,488 | ---- | M] (Alcatel-Lucent) [Auto | Stopped] -- C:\Program Files (x86)\ATT\8.2.1.6\ma\bin\MAHostService.exe -- (ATT MAHostService)
SRV - [2012/11/01 04:31:42 | 000,369,152 | ---- | M] (Alcatel-Lucent) [Auto | Running] -- C:\Program Files (x86)\Common Files\Motive\pcCMService.exe -- (pcCMService)
SRV - [2012/10/02 12:45:22 | 000,120,728 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe -- (Motorola Device Manager)
SRV - [2012/09/07 20:36:46 | 000,087,992 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe -- (DeviceMonitorService)
SRV - [2012/08/23 12:37:16 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2011/09/02 15:06:38 | 000,065,657 | ---- | M] (Motorola) [Auto | Running] -- C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe -- (PST Service)
SRV - [2011/04/16 18:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe -- (N360)
SRV - [2010/08/23 19:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2010/07/01 10:38:26 | 000,083,512 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Users\Road Runner\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe -- (BackupService)
SRV - [2010/01/15 15:08:38 | 000,935,208 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009/12/09 03:24:16 | 000,076,320 | ---- | M] () [Auto | Running] -- C:\OEM\USBDECTION\USBS3S4Detection.exe -- (USBS3S4Detection)
SRV - [2009/10/09 20:59:08 | 000,238,328 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Gateway Games\Gateway Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009/08/28 03:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe -- (Greg_Service)
SRV - [2009/06/10 15:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2006/12/19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService)
========== Driver Services (SafeList) ========== DRV:
64bit: - [2013/05/30 10:12:56 | 000,073,984 | ---- | M] (Identive) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\S3XXx64.sys -- (S3XXx64)
DRV:
64bit: - [2013/02/25 10:59:52 | 000,040,960 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Motive\MRESP50a64.sys -- (MRESP50a64)
DRV:
64bit: - [2013/02/25 10:59:46 | 000,043,008 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50a64.sys -- (MREMP50a64)
DRV:
64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:
64bit: - [2012/03/01 00:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:
64bit: - [2011/06/28 19:44:52 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:
64bit: - [2011/04/20 19:37:49 | 000,386,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\symnets.sys -- (SymNetS)
DRV:
64bit: - [2011/03/30 21:00:09 | 000,744,568 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\srtsp64.sys -- (SRTSP)
DRV:
64bit: - [2011/03/30 21:00:09 | 000,040,568 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\srtspx64.sys -- (SRTSPX)
DRV:
64bit: - [2011/03/14 20:31:23 | 000,912,504 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\symefa64.sys -- (SymEFA)
DRV:
64bit: - [2011/03/11 00:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:
64bit: - [2011/03/11 00:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:
64bit: - [2011/01/27 00:47:10 | 000,450,680 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\symds64.sys -- (SymDS)
DRV:
64bit: - [2011/01/26 23:07:06 | 000,171,128 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\ironx64.sys -- (SymIRON)
DRV:
64bit: - [2010/11/20 07:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:
64bit: - [2010/11/20 05:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:
64bit: - [2010/08/25 18:36:04 | 010,611,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:
64bit: - [2010/06/30 02:27:08 | 000,035,840 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BVRPMPR5a64.SYS -- (BVRPMPR5a64)
DRV:
64bit: - [2010/03/04 07:43:00 | 000,346,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:
64bit: - [2010/01/07 13:51:38 | 000,271,872 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:
64bit: - [2009/12/09 03:39:52 | 000,537,624 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:
64bit: - [2009/10/11 16:42:24 | 000,763,904 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:
64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:
64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:
64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:
64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:
64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:
64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:
64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2013/02/25 10:59:34 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2013/02/25 10:59:32 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2012/06/13 18:06:38 | 000,488,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20120613.007\IDSviA64.sys -- (IDSVia64)
DRV - [2012/06/02 08:43:44 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2012/06/02 08:43:44 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/05/19 13:23:41 | 002,068,600 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20120616.009\EX64.SYS -- (NAVEX15)
DRV - [2012/05/19 13:23:41 | 000,120,440 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20120616.009\ENG64.SYS -- (NAVENG)
DRV - [2012/04/02 17:38:04 | 001,160,824 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20120531.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2009/07/13 19:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:
64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:
64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:
64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://homepage.gateway.com/rdr.aspx?b= ... 5k4691r42oIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
http://www.google.comIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.google.comIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
http://www.google.comIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.bing.com/?pc=U162GIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
http://www.bing.com/?pc=U162GIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://www.google.comIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.comIE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" =
http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACGW_enUS437
IE - HKCU\..\SearchScopes\1ED7B0970EB34B52A12EF96D650810B8: "URL" =
http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACGW_enUS437
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;192.168.*.*
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" =
========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Bing "
FF - prefs.js..browser.search.order.3: "Bing "
FF - prefs.js..browser.search.selectedEngine: "Bing "
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: %7Be45b560e-6db0-142c-46f5-2130b1d106ec%7D:1.1
FF - prefs.js..extensions.enabledAddons: 13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f%40cf5065af-ca24-464a-a637-af7582a82514.com:0.93.9
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0.1
FF - prefs.js..keyword.URL: "http://www.bing.com/search?FORM=U162GD&PC=U162G&q="
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:
64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:
64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:
64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files (x86)\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
FF - HKLM\Software\MozillaPlugins\@Motive.com/npMotiveRequest,version=1.0: C:\Program Files (x86)\Common Files\Motive\npMotiveRequest.dll (Alcatel-Lucent)
FF - HKLM\Software\MozillaPlugins\@palmsource.com/installer,version=1.0: C:\PROGRA~2\Palm\PACKAG~1\NPInstal.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Road Runner\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Road Runner\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Road Runner\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Road Runner\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Road Runner\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\IPSFFPlgn\ [2011/10/06 10:20:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\coFFPlgn_2011_7_13_2 [2014/03/06 12:05:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1C43BAF1-00C2-40A8-A09E-F84CFD79546D}: C:\Program Files (x86)\Coupons.com CouponBar\firefox\{1C43BAF1-00C2-40A8-A09E-F84CFD79546D}\Coupons.com.xpi
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/03/04 09:31:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/03/04 09:31:08 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/03/04 09:31:08 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/03/04 09:31:08 | 000,000,000 | ---D | M]
[2011/06/22 11:33:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Road Runner\AppData\Roaming\Mozilla\Extensions
[2014/03/04 10:16:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Road Runner\AppData\Roaming\Mozilla\Firefox\Profiles\xd8p6706.default\extensions
[2014/03/01 11:35:55 | 000,000,000 | ---D | M] (Coupon Server) -- C:\Users\Road Runner\AppData\Roaming\Mozilla\Firefox\Profiles\xd8p6706.default\extensions\{3C2422B0-C421-8DCF-B2EB-70B9B2B71607}
[2014/03/01 11:37:31 | 000,000,000 | ---D | M] ("Muvic") -- C:\Users\Road Runner\AppData\Roaming\Mozilla\Firefox\Profiles\xd8p6706.default\extensions\{e45b560e-6db0-142c-46f5-2130b1d106ec}
[2014/03/04 10:16:06 | 000,000,000 | ---D | M] ("HQ-Video-Profession-1.3") -- C:\Users\Road Runner\AppData\Roaming\Mozilla\Firefox\Profiles\xd8p6706.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com
[2014/03/04 10:19:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Road Runner\AppData\Roaming\Mozilla\Firefox\Profiles\xd8p6706.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData
[2014/03/04 10:19:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Road Runner\AppData\Roaming\Mozilla\Firefox\Profiles\xd8p6706.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins
[2014/03/04 10:19:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Road Runner\AppData\Roaming\Mozilla\Firefox\Profiles\xd8p6706.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\userCode
[2013/12/13 12:09:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/12/13 12:09:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/02/15 14:12:32 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
O1 HOSTS File: ([2014/03/04 10:04:35 | 000,450,639 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1
www.007guard.comO1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1
www.008k.comO1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1
www.00hq.comO1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1
www.032439.comO1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1
www.0scan.comO1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1
www.1000gratisproben.comO1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1
www.1001namen.comO1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1
www.100888290cs.comO1 - Hosts: 127.0.0.1
www.100sexlinks.comO1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1
www.10sek.comO1 - Hosts: 127.0.0.1
www.1-2005-search.comO1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 123fporn.info
O1 - Hosts: 15467 more lines...
O2:
64bit: - BHO: (HQ-Video-Profession-1.3) - {11111111-1111-1111-1111-110511151178} - C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-bho64.dll File not found
O2:
64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:
64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:
64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2:
64bit: - BHO: (Coupon Server BHO) - {F791D8AE-47E8-40A5-A913-EB2D2AF29602} - C:\Program Files (x86)\Coupon Server\FrameworkBHO64.dll File not found
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:
64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:
64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Coupons.com CouponBar) - {8660E5B3-6C41-44DE-8503-98D99BBECD41} - C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dll File not found
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:
64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\coieplg.dll (Symantec Corporation)
O4:
64bit: - HKLM..\Run: [ATT-SST_McciTrayApp] C:\Program Files\ATT-SST\pcTrayApp.exe (Alcatel-Lucent)
O4:
64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:
64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:
64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:
64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [FUFAXSTM] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [Gateway Photo Frame] C:\Program Files (x86)\Gateway Photo Frame\ButtonMonitor.exe (IOI)
O4 - HKLM..\Run: [Hotkey Utility] C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe ()
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)
O4 - HKLM..\Run: [OM2_Monitor] C:\Program Files (x86)\OLYMPUS\OLYMPUS Master 2\FirstStart.exe (OLYMPUS IMAGING CORP.)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [MotoCast] C:\Program Files (x86)\Motorola Mobility\MotoCast\MotoLauncher.lnk ()
O4 - HKCU..\Run: [OM2_Monitor] C:\Program Files (x86)\OLYMPUS\OLYMPUS Master 2\MMonitor.exe (OLYMPUS IMAGING CORP.)
O4 - HKCU..\Run: [Power2GoExpress] C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe (Cyberlink)
O4 - HKCU..\Run: [WorkForce 630(Network)] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGBA.EXE /FU "C:\Windows\TEMP\E_S9500.tmp" /EF "HKCU" File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O10:
64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13
64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: $talisma_url$ ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O15 - HKCU\..Trusted Domains: sentrilock.com ([alt] http in Trusted sites)
O15 - HKCU\..Trusted Domains: sentrilock.com ([delb] http in Trusted sites)
O15 - HKCU\..Trusted Domains: sentrilock.com ([lb] http in Trusted sites)
O15 - HKCU\..Trusted Domains: sentrilock.com ([lbtest] http in Trusted sites)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4}
http://trial.trymicrosoftoffice.com/tri ... /wrc32.ocx (WRC Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3ADEDCF5-2916-4917-91B9-04B508C382F2}: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{475DBF2A-A864-4E4D-B8D1-73AABDF71136}: DhcpNameServer = 192.168.1.254
O18:
64bit: - Protocol\Handler\livecall - No CLSID value found
O18:
64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:
64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:
64bit: - Protocol\Handler\msnim - No CLSID value found
O18:
64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O20:
64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:
64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:
64bit: - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21:
64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{38c16029-6a92-11e1-b11e-90fba6887233}\Shell - "" = AutoRun
O33 - MountPoints2\{38c16029-6a92-11e1-b11e-90fba6887233}\Shell\AutoRun\command - "" = G:\HPLauncher.exe
O33 - MountPoints2\{71c86ddb-e472-11e0-88d3-90fba6887233}\Shell - "" = AutoRun
O33 - MountPoints2\{71c86ddb-e472-11e0-88d3-90fba6887233}\Shell\AutoRun\command - "" = G:\setup.exe -a
O33 - MountPoints2\{7d18a6db-a256-11e1-8dfc-90fba6887233}\Shell - "" = AutoRun
O33 - MountPoints2\{7d18a6db-a256-11e1-8dfc-90fba6887233}\Shell\AutoRun\command - "" = G:\MotoCastSetup.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:
64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ========== [2014/03/06 11:58:57 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/03/06 11:12:31 | 000,000,000 | ---D | C] -- C:\Users\Road Runner\AppData\Roaming\Malwarebytes
[2014/03/06 11:11:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014/03/06 11:11:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/03/06 11:11:57 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/03/06 11:11:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2014/03/06 10:42:03 | 000,000,000 | ---D | C] -- C:\RegBackup
[2014/03/06 10:41:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
[2014/03/06 10:39:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tweaking.com
[2014/03/05 12:58:53 | 000,000,000 | R--D | C] -- C:\Users\Road Runner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014/03/04 12:05:56 | 000,000,000 | --SD | C] -- C:\Users\Road Runner\Documents\My Data Sources
[2014/03/04 08:55:39 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014/03/01 11:32:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2014/03/01 11:30:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014/03/01 11:23:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/03/01 11:23:35 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2014/02/25 03:01:35 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2014/02/24 14:16:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014/02/24 14:15:14 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2014/02/24 14:15:13 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2014/02/24 14:15:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2014/02/24 14:15:13 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013/12/14 20:33:00 | 000,116,224 | ---- | C] (Flexera Software) -- C:\Users\Road Runner\BrokerMetrics.exe
[2013/12/14 20:32:59 | 000,116,224 | ---- | C] (Flexera Software) -- C:\Users\Road Runner\Uninstall BrokerMetrics.exe
[2013/12/14 20:32:59 | 000,116,224 | ---- | C] (Flexera Software) -- C:\Users\Road Runner\BrokerMetricsApp.exe
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2014/03/06 12:45:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/03/06 12:37:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/03/06 12:13:25 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/03/06 12:13:25 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/03/06 12:07:00 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1274063648-197077832-4221889169-1000UA.job
[2014/03/06 12:07:00 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1274063648-197077832-4221889169-1000Core.job
[2014/03/06 12:04:32 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/03/06 12:03:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/03/06 12:03:27 | 3113,570,304 | -HS- | M] () -- C:\hiberfil.sys
[2014/03/06 11:11:58 | 000,001,140 | ---- | M] () -- C:\Users\Road Runner\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2014/03/06 11:11:58 | 000,001,116 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/03/06 11:03:10 | 000,000,207 | ---- | M] () -- C:\Windows\tweaking.com-regbackup-ROADRUNNER-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
[2014/03/06 10:41:36 | 000,002,242 | ---- | M] () -- C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
[2014/03/06 10:34:21 | 000,782,510 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/03/06 10:34:21 | 000,662,400 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/03/06 10:34:21 | 000,122,268 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/03/04 13:38:31 | 000,001,510 | ---- | M] () -- C:\Users\Road Runner\.JavaPowUpload.ser
[2014/03/04 13:31:53 | 000,000,283 | ---- | M] () -- C:\Users\Road Runner\.JavaPowUpload.properties
[2014/03/04 10:21:14 | 000,000,352 | ---- | M] () -- C:\Windows\wininit.ini
[2014/03/04 10:04:35 | 000,450,639 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014/03/04 09:44:22 | 000,450,639 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20140304-100435.backup
[2014/03/01 12:56:40 | 000,001,078 | ---- | M] () -- C:\Users\Road Runner\Desktop\Continue VuuPC Installation.lnk
[2014/03/01 06:53:01 | 000,000,258 | RHS- | M] () -- C:\Users\Road Runner\ntuser.pol
[2014/02/27 03:01:24 | 000,774,632 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/02/24 14:16:01 | 000,001,790 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files Created - No Company Name ========== [2014/03/06 11:11:58 | 000,001,140 | ---- | C] () -- C:\Users\Road Runner\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2014/03/06 11:11:58 | 000,001,116 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/03/06 11:03:10 | 000,000,207 | ---- | C] () -- C:\Windows\tweaking.com-regbackup-ROADRUNNER-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
[2014/03/06 10:41:35 | 000,002,242 | ---- | C] () -- C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
[2014/03/04 10:21:02 | 000,000,352 | ---- | C] () -- C:\Windows\wininit.ini
[2014/03/01 11:49:19 | 000,001,078 | ---- | C] () -- C:\Users\Road Runner\Desktop\Continue VuuPC Installation.lnk
[2014/03/01 11:42:48 | 000,001,510 | ---- | C] () -- C:\Users\Road Runner\.JavaPowUpload.ser
[2014/03/01 11:42:08 | 000,000,283 | ---- | C] () -- C:\Users\Road Runner\.JavaPowUpload.properties
[2014/02/25 03:03:17 | 000,774,632 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/02/24 14:16:01 | 000,001,790 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/12/14 20:33:07 | 000,003,670 | ---- | C] () -- C:\Users\Road Runner\installvariables.properties
[2013/12/14 20:33:00 | 005,187,780 | ---- | C] () -- C:\Users\Road Runner\metrics-client.jar
[2013/12/14 20:33:00 | 005,000,359 | ---- | C] () -- C:\Users\Road Runner\jbossall-client.jar
[2013/12/14 20:33:00 | 002,635,773 | ---- | C] () -- C:\Users\Road Runner\jasperreports.jar
[2013/12/14 20:33:00 | 001,922,913 | ---- | C] () -- C:\Users\Road Runner\poi.jar
[2013/12/14 20:33:00 | 001,654,318 | ---- | C] () -- C:\Users\Road Runner\metrics-client-reporting.jar
[2013/12/14 20:33:00 | 001,415,701 | ---- | C] () -- C:\Users\Road Runner\metrics-client-resources.jar
[2013/12/14 20:33:00 | 001,050,691 | ---- | C] () -- C:\Users\Road Runner\itext.jar
[2013/12/14 20:33:00 | 000,575,389 | ---- | C] () -- C:\Users\Road Runner\commons-collections.jar
[2013/12/14 20:33:00 | 000,514,914 | ---- | C] () -- C:\Users\Road Runner\terradatum-model.jar
[2013/12/14 20:33:00 | 000,452,068 | ---- | C] () -- C:\Users\Road Runner\metrics-common.jar
[2013/12/14 20:33:00 | 000,387,689 | ---- | C] () -- C:\Users\Road Runner\mail.jar
[2013/12/14 20:33:00 | 000,355,751 | ---- | C] () -- C:\Users\Road Runner\log4j.jar
[2013/12/14 20:33:00 | 000,334,987 | ---- | C] () -- C:\Users\Road Runner\update.jar
[2013/12/14 20:33:00 | 000,308,044 | ---- | C] () -- C:\Users\Road Runner\jcommon.jar
[2013/12/14 20:33:00 | 000,211,458 | ---- | C] () -- C:\Users\Road Runner\terradatum-gui-util.jar
[2013/12/14 20:33:00 | 000,148,783 | ---- | C] () -- C:\Users\Road Runner\commons-digester.jar
[2013/12/14 20:33:00 | 000,096,529 | ---- | C] () -- C:\Users\Road Runner\commons-javaflow.jar
[2013/12/14 20:33:00 | 000,088,620 | ---- | C] () -- C:\Users\Road Runner\forms.jar
[2013/12/14 20:33:00 | 000,062,388 | ---- | C] () -- C:\Users\Road Runner\rowset.jar
[2013/12/14 20:33:00 | 000,038,015 | ---- | C] () -- C:\Users\Road Runner\commons-logging.jar
[2013/12/14 20:33:00 | 000,025,676 | ---- | C] () -- C:\Users\Road Runner\foxtrot.jar
[2013/12/14 20:33:00 | 000,023,404 | ---- | C] () -- C:\Users\Road Runner\terradatum-util-file.jar
[2013/12/14 20:33:00 | 000,012,926 | ---- | C] () -- C:\Users\Road Runner\terradatum-util.jar
[2013/12/14 20:33:00 | 000,011,546 | ---- | C] () -- C:\Users\Road Runner\terradatum-marketdynamics-client.jar
[2013/12/14 20:33:00 | 000,008,975 | ---- | C] () -- C:\Users\Road Runner\terradatum-mlslistings-client.jar
[2013/12/14 20:33:00 | 000,008,846 | ---- | C] () -- C:\Users\Road Runner\terradatum-pricing-client.jar
[2013/12/14 20:33:00 | 000,007,333 | ---- | C] () -- C:\Users\Road Runner\terradatum-report-client.jar
[2013/12/14 20:33:00 | 000,004,311 | ---- | C] () -- C:\Users\Road Runner\metrics-logging.jar
[2013/12/14 20:33:00 | 000,003,972 | ---- | C] () -- C:\Users\Road Runner\BrokerMetrics.lax
[2013/12/14 20:33:00 | 000,003,409 | ---- | C] () -- C:\Users\Road Runner\update.lax
[2013/12/14 20:33:00 | 000,000,919 | ---- | C] () -- C:\Users\Road Runner\product.app.pu.properties
[2013/12/14 20:33:00 | 000,000,512 | ---- | C] () -- C:\Users\Road Runner\logging.properties
[2013/12/14 20:32:59 | 001,685,947 | ---- | C] () -- C:\Users\Road Runner\uninstaller.jar
[2013/12/14 20:32:59 | 001,368,681 | ---- | C] () -- C:\Users\Road Runner\jfreechart.jar
[2013/12/14 20:32:59 | 000,053,795 | ---- | C] () -- C:\Users\Road Runner\lax.jar
[2013/12/14 20:32:59 | 000,024,799 | ---- | C] () -- C:\Users\Road Runner\InstallScript.iap_xml
[2013/12/14 20:32:59 | 000,004,098 | ---- | C] () -- C:\Users\Road Runner\BrokerMetricsApp.lax
[2013/12/14 20:32:59 | 000,003,590 | ---- | C] () -- C:\Users\Road Runner\Uninstall BrokerMetrics.lax
[2013/12/14 20:32:59 | 000,000,846 | ---- | C] () -- C:\Users\Road Runner\powerupdate.app.pu.properties
[2013/12/14 20:32:58 | 000,014,659 | ---- | C] () -- C:\Users\Road Runner\.com.zerog.registry.xml
[2013/05/01 23:43:06 | 000,000,188 | ---- | C] () -- C:\ProgramData\LockFilePath.ini
[2013/03/15 09:42:11 | 000,000,258 | RHS- | C] () -- C:\Users\Road Runner\ntuser.pol
[2012/03/20 02:21:11 | 000,000,000 | ---- | C] () -- C:\Windows\EEventManager.INI
[2012/03/19 09:36:31 | 000,000,629 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2012/03/09 18:49:58 | 000,073,220 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat
[2012/03/09 18:49:58 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat
[2012/03/09 18:49:58 | 000,029,114 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat
[2012/03/09 18:49:58 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat
[2012/03/09 18:49:58 | 000,021,021 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat
[2012/03/09 18:49:58 | 000,015,670 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat
[2012/03/09 18:49:58 | 000,013,280 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat
[2012/03/09 18:49:58 | 000,010,673 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat
[2012/03/09 18:49:58 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat
[2012/03/09 18:49:58 | 000,001,140 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat
[2012/03/09 18:49:58 | 000,001,140 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat
[2012/03/09 18:49:58 | 000,001,137 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat
[2012/03/09 18:49:58 | 000,001,130 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat
[2012/03/09 18:49:58 | 000,001,130 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat
[2012/03/09 18:49:58 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat
[2012/03/09 18:49:58 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini
[2012/03/09 18:41:45 | 000,000,079 | ---- | C] () -- C:\Windows\EWF630.ini
[2012/01/17 00:05:57 | 000,000,200 | ---- | C] () -- C:\Users\Road Runner\.packettracer
[2011/10/22 11:43:36 | 000,000,000 | ---- | C] () -- C:\Users\Road Runner\AppData\Local\{F756846E-44A9-4F8F-9817-27B0F3498D19}
[2011/06/28 21:13:06 | 000,001,424 | ---- | C] () -- C:\Users\Road Runner\AppData\Roaming\wklnhst.dat
[2011/06/17 23:01:08 | 000,001,940 | ---- | C] () -- C:\Users\Road Runner\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
========== ZeroAccess Check ========== [2009/07/13 22:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 20:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 19:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 19:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 06:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 19:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ========== [2013/11/17 00:21:58 | 000,000,000 | ---D | M] -- C:\Users\Road Runner\AppData\Roaming\Avery
[2011/07/19 12:07:03 | 000,000,000 | ---D | M] -- C:\Users\Road Runner\AppData\Roaming\Barnes & Noble
[2012/09/10 08:06:06 | 000,000,000 | ---D | M] -- C:\Users\Road Runner\AppData\Roaming\Epson
[2013/05/28 10:25:12 | 000,000,000 | ---D | M] -- C:\Users\Road Runner\AppData\Roaming\Faerie Solitaire
[2011/06/22 11:41:18 | 000,000,000 | ---D | M] -- C:\Users\Road Runner\AppData\Roaming\HotSync
[2012/03/09 18:58:54 | 000,000,000 | ---D | M] -- C:\Users\Road Runner\AppData\Roaming\Leadertech
[2014/03/06 12:06:19 | 000,000,000 | ---D | M] -- C:\Users\Road Runner\AppData\Roaming\MotoCast
[2012/06/04 12:19:49 | 000,000,000 | ---D | M] -- C:\Users\Road Runner\AppData\Roaming\Motorola
[2013/07/23 12:12:39 | 000,000,000 | ---D | M] -- C:\Users\Road Runner\AppData\Roaming\Motorola Mobility
[2011/06/17 12:29:31 | 000,000,000 | ---D | M] -- C:\Users\Road Runner\AppData\Roaming\OEM
[2011/06/28 21:13:17 | 000,000,000 | ---D | M] -- C:\Users\Road Runner\AppData\Roaming\Template
[2013/05/22 23:36:16 | 000,000,000 | ---D | M] -- C:\Users\Road Runner\AppData\Roaming\WildTangent
[2012/07/06 09:31:29 | 000,000,000 | ---D | M] -- C:\Users\Road Runner\AppData\Roaming\WindSolutions
========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:D346F792
< End of report >
_____________________________________________________________________________________________________
Extras.txt
OTL Extras logfile created on: 3/6/2014 12:49:39 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Road Runner\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16518)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.87 Gb Total Physical Memory | 1.67 Gb Available Physical Memory | 43.23% Memory free
7.73 Gb Paging File | 5.41 Gb Available in Paging File | 70.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 917.74 Gb Total Space | 837.83 Gb Free Space | 91.29% Space Free | Partition Type: NTFS
Computer Name: ROADRUNNER-PC | User Name: Road Runner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0606C04B-474B-42C7-A84C-0CB8131EEBE3}" = lport=138 | protocol=17 | dir=in | app=system |
"{0D4B8B90-EB4A-45D1-99E3-29AACBC6BD6D}" = rport=138 | protocol=17 | dir=out | app=system |
"{16DF9DEB-CCBA-48B2-8CE5-CF740D00B558}" = rport=445 | protocol=6 | dir=out | app=system |
"{1933D7EB-F86E-46BD-B604-41DA37CED174}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1C8C94C5-B11F-45C0-8956-527CB002C012}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss |
name=@firewallapi.dll,-28539 |
"{249C9840-B807-4176-AD71-9E7228C65C3F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2DFD2F75-C326-4C09-B485-352359B3E318}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\common files\intuit\update service v4\intuitupdateservice.exe |
"{4B8B2B6A-3E33-43F1-B2CB-EFA326E8062A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4C1CC75E-4626-49D6-AAAE-A5509CBF7801}" = lport=137 | protocol=17 | dir=in | app=system |
"{57A8209B-B5FB-479F-ABF5-D1E6D371FD11}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{65019F0C-178B-43C0-AA12-53E739381141}" = rport=10243 | protocol=6 | dir=out | app=system |
"{82626474-B6FF-4585-A709-DD4359190198}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8C07C680-906E-476D-9FA2-632391E5CF79}" = rport=137 | protocol=17 | dir=out | app=system |
"{998C3181-D6CF-40A6-90D5-7AD81FF3E47B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A4B4130E-63E0-4461-8B27-65F818C03EE0}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\common files\intuit\update service\intuitupdater.exe |
"{A5254026-0D56-4D0E-BF44-77938112685E}" = lport=139 | protocol=6 | dir=in | app=system |
"{A9B68C3F-4226-40E5-BFA9-56044D8DE02B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B5E9E191-CE5E-499E-9FB0-7941F646D432}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\common files\intuit\update service v4\intuitupdater.exe |
"{B6F8139E-6129-47D2-8BE4-EA2477F06045}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{BEC056BE-F35E-460D-A99D-52A6671DC3F8}" = rport=139 | protocol=6 | dir=out | app=system |
"{C1DB5D01-C0AC-4E0A-A3C2-947677BF4B9C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C46AC635-7B0B-4C5B-82C9-F469FBC9832D}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CC3C76C0-0AD7-4B70-A15D-173590D5C83D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CC6BC092-72BF-4406-86CC-269A664A31DA}" = lport=445 | protocol=6 | dir=in | app=system |
"{CF1D8FA6-6E83-425B-8316-6F5765799810}" = lport=10243 | protocol=6 | dir=in | app=system |
"{D2227E69-50A7-4BD7-8C82-4A621C026149}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E1E8E509-56B7-47B6-861A-120A75ADF481}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\common files\intuit\update service\intuitupdateservice.exe |
"{EF35DC8A-ABAC-430A-9F47-A44AB658BC67}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F80E4A03-27FC-4ED4-951E-5EDCC51C4BE1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{096120BE-A343-46DA-98E7-EDDCF6E3E2E2}" = protocol=1 | dir=in |
name=@firewallapi.dll,-28543 |
"{117C6D33-41C9-4887-A021-7739AC5CE2F6}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{123B1D4F-DDC3-4C1D-90A8-62C344E4C151}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{148AAD0C-2AB1-4C40-B721-C672801C841A}" = protocol=58 | dir=in |
name=@firewallapi.dll,-28545 |
"{16BB5983-10E1-4416-8389-AE426F6CB25F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{1849A2A8-C4C1-40C1-88D3-7B77E59A32E9}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\motive\pcservicehost.exe |
"{19389B3E-3F8E-426F-BE7D-651CED63D974}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\motive\pcservicehost.exe |
"{1E952353-13F2-4EF0-8275-09087A1AADD9}" = protocol=1 | dir=out |
name=@firewallapi.dll,-28544 |
"{23894E05-8881-4487-80FB-8385D9B34E27}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{2D1BA85C-A835-4D4D-A477-F65B9450C117}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{2D651F21-BEC2-491B-92E4-4FB95C404A16}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{307A545F-A017-4AE9-A6F3-68EF05F68931}" = dir=out | app=c:\program files (x86)\motorola mobility\motocast\motocast.exe |
"{3A7F88B7-475B-4B8D-91AC-47CB22020CB6}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{3B898601-70AB-4C23-8599-71AC9CA401AD}" = dir=in | app=c:\program files (x86)\motorola media link\lite\mml.exe |
"{3E53BB6F-41D8-4048-9D2D-E559E5A1D60C}" = protocol=6 | dir=out | app=system |
"{40C3812C-A697-4E6E-BF4C-BF7577E9E659}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{47F1B92C-5ADC-404A-9841-571C9A8283F3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{56F14489-5AD8-423A-872D-67E6F93E7209}" = protocol=17 | dir=in | app=c:\program files (x86)\epsonnet\epsonnet setup\tool10\eneasyapp.exe |
"{583FD0E3-5338-4DDE-AC7D-29D112CCEE38}" = protocol=6 | dir=in | app=c:\program files (x86)\epsonnet\epsonnet setup\tool10\eneasyapp.exe |
"{5BBDD7BC-AD41-4A06-B0E4-37F2BF96CAB6}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{5CD0BB2F-8FC5-4664-A43E-F0C73AE5AF39}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{61DA18BF-881E-4881-A514-7B5B0ED44699}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{620566EB-BB25-4780-8268-C0B325D2A3A7}" = dir=out | app=c:\program files (x86)\motorola mobility\motocast\bin\motocast-thumbnailer.exe |
"{62BE0B64-D43F-4352-8550-E61D8D174FFA}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{6685C673-91F9-446C-B63D-BF0849DED38E}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\motive\pcservicehost.exe |
"{69797D52-3C1B-43F6-8CBB-EC3609B05BE7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6DEE1D9D-3594-4DE2-97A7-8180CA5F4147}" = protocol=17 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
"{73F7CC0A-FD0E-4F45-8188-B845000EC915}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{74407DC5-93A2-4726-A198-1573FD347900}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7A1BC726-001A-445C-B434-9A3A9D8F906B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7EC1101A-101B-49E7-B116-98568D9D19FD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8AAA8FE1-6E4A-484B-8ED1-091FECB6774C}" = protocol=58 | dir=out |
name=@firewallapi.dll,-28546 |
"{9131B52C-9B92-417E-8DD0-B3EA2527001A}" = protocol=6 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
"{A482B733-54C5-4A61-A809-C638A4B6EB10}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A54C3AD3-9093-40B8-A18F-3F32F717906B}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B2BD0D5A-5C0D-4BD3-BC79-2F427797AD05}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{B80F76E3-5B08-4315-9CFF-191C026F22EF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C645B86B-BCE2-4B4C-B2F2-4F02D55B2065}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\motive\pcservicehost.exe |
"{CF1A737E-8454-48C2-8BFF-76279E57CA25}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D2A6A218-4DCD-49A5-B03A-6C36A07DBDB7}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd9.exe |
"{D90B1E89-A3DC-4AFB-9CFF-6B81CBE89D3A}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{E063F882-42EE-4BC3-8592-D6ED79A9A4DD}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F4506DE2-1C1B-4B4A-8DF3-803715F784A6}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{F6FF94BA-1A32-4259-AFB5-4849F2A585AE}" = dir=in | app=c:\program files (x86)\motorola mobility\motocast\bin\motocast-thumbnailer.exe |
"{FF2B361D-2480-4C45-A8D7-2A4D1A5D4FD1}" = dir=in | app=c:\program files (x86)\motorola mobility\motocast\motocast.exe |
"TCP Query User{74540C02-3460-45CB-9EA2-CF1B8A9A2709}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
"TCP Query User{BEE62B1F-BB01-4E46-8924-A5275D29BF18}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{24CC55AF-841D-457B-B863-F6DD1C875529}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{B2D77802-AE79-4A52-94A6-BD17B7F012F0}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{26A24AE4-039D-4CA4-87B4-2F86417051FF}" = Java 7 Update 51 (64-bit)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4E7CCB76-687B-4C53-9A5E-08780AF3A551}" = Motorola Mobile Drivers Installation 5.9.0
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96B53CA8-5ABB-49D8-96F1-F6C0D73A76C6}" = iTunes
"{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}" = Apple Mobile Device Support
"42AA4899E0A82979DC25D6266FA00B3491A245A0" = Windows Driver Package - SCM Microsystems Inc. (S3XXx64) SmartCardReader (05/30/2013 4.64.00.00)
"EPSON WorkForce 630 Series" = EPSON WorkForce 630 Series Printer Uninstall
"McAfee Security Scan" = McAfee Security Scan Plus
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Tweaking.com - Registry Backup" = Tweaking.com - Registry Backup
========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BrokerMetrics" = BrokerMetrics
"CopyTrans Suite" = CopyTrans Suite Remove Only
========== Last 20 Event Log Errors ========== [ Application Events ]
Error - 3/4/2014 4:55:16 PM | Computer Name = RoadRunner-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 3/4/2014 4:55:16 PM | Computer Name = RoadRunner-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 209837
Error - 3/4/2014 4:55:16 PM | Computer Name = RoadRunner-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 209837
Error - 3/4/2014 4:55:17 PM | Computer Name = RoadRunner-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 3/4/2014 4:55:17 PM | Computer Name = RoadRunner-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 210851
Error - 3/4/2014 4:55:17 PM | Computer Name = RoadRunner-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 210851
Error - 3/4/2014 4:55:18 PM | Computer Name = RoadRunner-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 3/4/2014 4:55:18 PM | Computer Name = RoadRunner-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 211850
Error - 3/4/2014 4:55:18 PM | Computer Name = RoadRunner-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 211850
Error - 3/4/2014 4:55:19 PM | Computer Name = RoadRunner-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 3/4/2014 4:55:19 PM | Computer Name = RoadRunner-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 212848
[ System Events ]
Error - 8/9/2013 1:15:36 AM | Computer Name = RoadRunner-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the N360 service.
Error - 8/9/2013 1:16:06 AM | Computer Name = RoadRunner-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the N360 service.
Error - 8/9/2013 1:16:36 AM | Computer Name = RoadRunner-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the N360 service.
Error - 8/9/2013 1:17:06 AM | Computer Name = RoadRunner-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the N360 service.
Error - 8/9/2013 1:17:36 AM | Computer Name = RoadRunner-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the N360 service.
Error - 8/9/2013 1:18:06 AM | Computer Name = RoadRunner-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the N360 service.
Error - 8/9/2013 1:18:36 AM | Computer Name = RoadRunner-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the N360 service.
Error - 8/9/2013 1:24:02 AM | Computer Name = RoadRunner-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the N360 service.
Error - 8/9/2013 10:24:25 AM | Computer Name = RoadRunner-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the N360 service.
Error - 8/9/2013 10:41:11 AM | Computer Name = RoadRunner-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the N360 service.
< End of report >