Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

My cursor keeps moving to the right of the screen by itself

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

My cursor keeps moving to the right of the screen by itself

Unread postby rmscholbe » January 14th, 2014, 8:08 pm

1. My cursor keeps moving to the right of the screen by itself. Disconnected the mouse and keyboard and it still keeps moving.
2. Welcome screen flashes twice after entering password and clicking the Enter Key.
3. Have to refresh display to see changes to some files on the desktop.
4. Window scroll bar goes to the bottom of the page sometimes and stays there when trying to scroll back to the top of a page.

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16384 BrowserJavaVersion: 10.45.2
Run by Roger at 17:57:57 on 2014-01-14
Microsoft Windows 8.1 Pro with Media Center 6.3.9600.0.1252.1.1033.18.4094.2209 [GMT -6:00]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\system32\nvvsvc.exe
C:\WINDOWS\system32\nvvsvc.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
C:\Program Files (x86)\Stardock\Start8\Start8_64.exe
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
C:\WINDOWS\system32\dashost.exe
C:\WINDOWS\system32\EscSvc64.exe
c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\taskhostex.exe
C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\LiveComm.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Windows\System32\skydrive.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\spool\drivers\x64\3\E_IATILAE.EXE
C:\Users\Roger\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
C:\Program Files (x86)\Browny02\BrYNSvc.exe
C:\WINDOWS\system32\taskhost.exe
C:\Windows\System32\SettingSyncHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Roger\Desktop\Scanner\OTL.exe
C:\Program Files\Windows Defender\MpCmdRun.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:Tabs
uSearch Bar = Preserve
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cndt
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: af0.Adblock.BHO: {90EFF544-3981-4d46-85C9-C0361D0931D6} -
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>
EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>
uRun: [8D61D16F694ECA70FC12DE3FFBEB2A9088500AC8._service_run] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [EPLTarget\P0000000000000000] C:\WINDOWS\System32\spool\DRIVERS\x64\3\E_IATILAE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-410 Series"
uRun: [Amazon Cloud Player] "C:\Users\Roger\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe"
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
dRun: [EPLTarget\P0000000000000000] C:\WINDOWS\System32\spool\DRIVERS\x64\3\E_IATILAE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-410 Series"
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {2AB1C516-D654-4D3A-B3D6-2185BBCEB409} - hxxps://vpn.usace.army.mil/+CSCOL+/relayp.cab
DPF: {55963676-2F5E-4BAF-AC28-CF26AA587566} - hxxps://vpn.usace.army.mil/CACHE/stc/4/ ... vpnweb.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxps://us.shop.popcap.com//tools/popcaploader_v10.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{016F717A-5994-4ADF-9816-B67B47E4ACAC} : NameServer = 206.40.99.2,206.40.99.3
TCP: Interfaces\{016F717A-5994-4ADF-9816-B67B47E4ACAC} : DHCPNameServer = 192.168.0.1
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cndt
x64-mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cndt
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} -
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [Logitech Download Assistant] C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\LogiLDA.dll,LogiFetch
x64-Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
x64-Run: [Fences] "C:\Program Files (x86)\Stardock\Fences\Fences.exe" /startup
x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
x64-SSODL: WebCheck - <orphaned>
x64-STS: FencesShlExt Class - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Roger\AppData\Roaming\Mozilla\Firefox\Profiles\r1xpa9jz.default-1365792316197\
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=U039DF& ... =072013&q=
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\LastPass\nplastpass.dll
FF - plugin: C:\Program Files (x86)\LastPass\nplastpass64.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Roger\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
.
============= SERVICES / DRIVERS ===============
.
R0 DLACDBHE;DLACDBHE;C:\WINDOWS\System32\drivers\DLACDBHE.SYS [2010-5-23 17776]
R0 DRVECDB;DRVECDB;C:\WINDOWS\System32\drivers\DRVECDB.SYS [2010-5-23 124112]
R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2013-12-14 39768]
R0 PxHlpa64;PxHlpa64;C:\WINDOWS\System32\drivers\PxHlpa64.sys [2010-5-23 55024]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2013-8-22 76800]
R1 DLARTL_E;DLARTL_E;C:\WINDOWS\System32\drivers\DLARTL_E.SYS [2010-5-23 41072]
R2 DLABMFSE;DLABMFSE;C:\WINDOWS\System32\drivers\DLABMFSE.SYS [2010-5-23 46448]
R2 DLABOIOE;DLABOIOE;C:\WINDOWS\System32\drivers\DLABOIOE.SYS [2010-5-23 42352]
R2 DLADResE;DLADResE;C:\WINDOWS\System32\drivers\DLADResE.SYS [2010-5-23 9968]
R2 DLAIFS_E;DLAIFS_E;C:\WINDOWS\System32\drivers\DLAIFS_E.SYS [2010-5-23 146672]
R2 DLAOPIOE;DLAOPIOE;C:\WINDOWS\System32\drivers\DLAOPIOE.SYS [2010-5-23 35056]
R2 DLAPoolE;DLAPoolE;C:\WINDOWS\System32\drivers\DLAPoolE.SYS [2010-5-23 19824]
R2 DLAUDF_E;DLAUDF_E;C:\WINDOWS\System32\drivers\DLAUDF_E.SYS [2010-5-23 144112]
R2 DLAUDFAE;DLAUDFAE;C:\WINDOWS\System32\drivers\DLAUDFAE.SYS [2010-5-23 135152]
R2 DRVEDDM;DRVEDDM;C:\WINDOWS\System32\drivers\DRVEDDM.SYS [2010-5-23 63984]
R2 EpsonCustomerParticipation;EpsonCustomerParticipation;C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe [2013-9-20 654400]
R2 EpsonScanSvc;Epson Scanner Service;C:\WINDOWS\System32\escsvc64.exe [2013-10-15 144560]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-8-30 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-8-30 701512]
R2 RtNdPt60;Realtek NDIS Protocol Driver;C:\WINDOWS\System32\drivers\RtNdPt60.sys [2009-6-10 26624]
R2 Start8;Stardock Start8;C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [2013-10-14 142960]
R3 BrYNSvc;BrYNSvc;C:\Program Files (x86)\Browny02\BrYNSvc.exe [2013-11-1 266240]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;C:\WINDOWS\System32\drivers\LEqdUsb.sys [2013-5-23 77592]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;C:\WINDOWS\System32\drivers\LHidEqd.sys [2013-5-23 13080]
R3 MBAMProtector;MBAMProtector;C:\WINDOWS\System32\drivers\mbam.sys [2013-8-30 25928]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2013-8-22 37768]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2013-8-22 16384]
R3 RTL8168;Realtek 8168 NT Driver;C:\WINDOWS\System32\drivers\Rt630x64.sys [2013-8-22 591360]
R3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2013-8-22 124256]
R3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2013-8-22 346872]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2013-8-22 230912]
S3 ABB3410;Abbott Labs USB Cable Driver;C:\WINDOWS\System32\drivers\abbttusb.sys [2010-9-2 56832]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2013-8-22 782176]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2013-8-22 37768]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2013-8-22 37768]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2013-8-22 17624]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudbus.sys [2013-10-28 107288]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2013-8-22 24568]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2013-8-22 99320]
S3 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2013-8-22 651248]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\WINDOWS\System32\ieetwcollector.exe [2013-11-13 111616]
S3 kbldfltr;kbldfltr;C:\WINDOWS\System32\drivers\kbldfltr.sys [2013-9-29 22272]
S3 LcUvcUpper;LcUvcUpper Service;C:\WINDOWS\System32\drivers\LcUvcUpper.sys [2013-9-27 34408]
S3 lfsvc;Windows Location Framework Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2013-8-22 37768]
S3 LSI_SAS3;LSI_SAS3;C:\WINDOWS\System32\drivers\lsi_sas3.sys [2013-8-22 81760]
S3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;C:\WINDOWS\System32\drivers\nx6000.sys [2010-12-13 36720]
S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc63.sys [2013-8-22 87040]
S3 ReFS;ReFS;C:\WINDOWS\System32\drivers\refs.sys [2013-8-22 924512]
S3 rt70x64;Linksys Home Wireless-G USB Adaptor Driver;C:\WINDOWS\System32\drivers\netr7064.sys [2010-4-27 388448]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2013-8-22 37768]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2013-12-14 146776]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2013-8-22 37768]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudmdm.sys [2013-10-28 204568]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2013-11-16 57176]
S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2013-8-22 26976]
S3 vmbusr;Virtual Machine Bus Provider;C:\WINDOWS\System32\drivers\vmbusr.sys [2013-9-29 129536]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2013-8-22 37768]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2013-8-22 37768]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService [2013-8-22 37768]
S4 MsKeyboardFilter;Microsoft Keyboard Filter;C:\WINDOWS\System32\svchost.exe -k netsvcs [2013-8-22 37768]
.
=============== File Associations ===============
.
FileExt: .inf: inffile=C:\WINDOWS\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2014-01-14 23:56:57 688992 ------r- C:\dds.scr
2014-01-14 23:08:42 10315576 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{39B44D25-6C65-438A-AE2D-BE613E5802AA}\mpengine.dll
2014-01-14 22:07:37 -------- d-----w- C:\ProgramData\HitmanPro
2014-01-13 15:48:13 -------- d-----w- C:\Users\Roger\AppData\Roaming\.minecraft
2014-01-13 14:05:45 10315576 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2014-01-09 19:41:45 2401112 ----a-w- C:\WINDOWS\System32\D3DX9_43.dll
2014-01-09 19:41:45 1998168 ----a-w- C:\WINDOWS\SysWow64\D3DX9_43.dll
2014-01-09 19:27:17 -------- d-----w- C:\Program Files\Microsoft LifeCam
2014-01-09 19:27:17 -------- d-----w- C:\Program Files (x86)\Microsoft LifeCam
2014-01-09 19:24:55 -------- d-----w- C:\WINDOWS\LastGood.Tmp
2014-01-09 16:23:00 872352 ----a-w- C:\Program Files (x86)\Mozilla Firefox\updated\uninstall\helper.exe
2014-01-09 16:23:00 276592 ----a-w- C:\Program Files (x86)\Mozilla Firefox\updated\updater.exe
2014-01-09 16:23:00 22370928 ----a-w- C:\Program Files (x86)\Mozilla Firefox\updated\xul.dll
2014-01-09 16:23:00 170960 ----a-w- C:\Program Files (x86)\Mozilla Firefox\updated\webapp-uninstaller.exe
2014-01-09 16:23:00 153712 ----a-w- C:\Program Files (x86)\Mozilla Firefox\updated\softokn3.dll
2014-01-09 16:23:00 108144 ----a-w- C:\Program Files (x86)\Mozilla Firefox\updated\webapprt-stub.exe
2014-01-05 20:31:55 -------- d-----w- C:\Program Files (x86)\SDA
2014-01-05 17:33:44 -------- d-----w- C:\Program Files (x86)\EaseUS
2014-01-05 16:54:01 -------- d--h--w- C:\$WINDOWS.~BT
2014-01-02 18:00:15 -------- d-----w- C:\Users\Roger\AppData\Roaming\MyHeritage
2014-01-02 18:00:15 -------- d-----w- C:\ProgramData\MyHeritage
2014-01-02 18:00:10 608448 ----a-w- C:\WINDOWS\SysWow64\comctl32.ocx
2014-01-02 18:00:10 258352 ----a-w- C:\WINDOWS\SysWow64\unicows.dll
2014-01-02 18:00:10 137000 ----a-w- C:\WINDOWS\SysWow64\msmapi32.ocx
2014-01-02 17:59:40 -------- d-----w- C:\Program Files (x86)\MyHeritage
2013-12-29 15:53:53 736952 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll
2013-12-29 15:53:39 2876528 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2013-12-29 15:53:13 42168 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2013-12-27 14:42:31 236208 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10229.bin
.
==================== Find3M ====================
.
2013-12-04 00:05:48 693240 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2013-12-04 00:05:48 105464 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2013-11-26 08:35:02 5769216 ----a-w- C:\WINDOWS\System32\jscript9.dll
2013-11-26 08:16:12 4243968 ----a-w- C:\WINDOWS\SysWow64\jscript9.dll
2013-11-26 08:02:16 1995264 ----a-w- C:\WINDOWS\System32\inetcpl.cpl
2013-11-26 07:32:06 1928192 ----a-w- C:\WINDOWS\SysWow64\inetcpl.cpl
2013-11-26 07:07:57 2334208 ----a-w- C:\WINDOWS\System32\wininet.dll
2013-11-26 06:33:33 1820160 ----a-w- C:\WINDOWS\SysWow64\wininet.dll
2013-11-23 04:34:43 393216 ----a-w- C:\WINDOWS\System32\WMPhoto.dll
2013-11-23 04:13:51 348160 ----a-w- C:\WINDOWS\SysWow64\WMPhoto.dll
2013-11-23 03:32:09 4105728 ----a-w- C:\WINDOWS\System32\SyncEngine.dll
2013-11-23 03:10:49 568832 ----a-w- C:\WINDOWS\System32\SkyDrive.exe
2013-11-19 10:30:34 267936 ------w- C:\WINDOWS\System32\MpSigStub.exe
2013-11-13 13:08:45 2724864 ----a-w- C:\WINDOWS\SysWow64\mshtml.tlb
2013-11-13 13:08:43 2724864 ----a-w- C:\WINDOWS\System32\mshtml.tlb
2013-11-11 23:41:31 189952 ----a-w- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-11-11 23:40:06 249856 ----a-w- C:\WINDOWS\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-11-11 23:27:10 701440 ----a-w- C:\WINDOWS\SysWow64\WSShared.dll
2013-11-11 23:24:12 840704 ----a-w- C:\WINDOWS\System32\WSShared.dll
2013-11-11 02:48:41 39768 -c--a-w- C:\WINDOWS\System32\drivers\intelpep.sys
2013-11-09 11:55:11 325464 -c--a-w- C:\WINDOWS\System32\drivers\USBXHCI.SYS
2013-11-09 06:55:17 303104 ----a-w- C:\WINDOWS\apppatch\apppatch64\AcGenral.dll
2013-11-09 06:37:45 1756160 ----a-w- C:\WINDOWS\System32\WMPDMC.exe
2013-11-09 06:34:14 615936 ----a-w- C:\WINDOWS\System32\MDMAgent.exe
2013-11-09 06:34:01 287744 ----a-w- C:\WINDOWS\System32\mdmregistration.dll
2013-11-09 06:13:07 442880 ----a-w- C:\WINDOWS\apppatch\AcSpecfc.dll
2013-11-09 06:05:53 2415104 ----a-w- C:\WINDOWS\apppatch\AcGenral.dll
2013-11-09 05:56:15 1391104 ----a-w- C:\WINDOWS\SysWow64\WMPDMC.exe
2013-11-09 05:52:04 240128 ----a-w- C:\WINDOWS\SysWow64\mdmregistration.dll
2013-11-09 05:09:32 156672 ----a-w- C:\WINDOWS\System32\wbem\MDMAppProv.dll
2013-11-09 04:56:32 414720 ----a-w- C:\WINDOWS\System32\wbem\MDMSettingsProv.dll
2013-11-08 10:26:23 358896 ----a-w- C:\WINDOWS\System32\dcomp.dll
2013-11-08 07:21:59 4191744 ----a-w- C:\WINDOWS\System32\win32k.sys
2013-11-08 05:23:30 449024 ----a-w- C:\WINDOWS\System32\appmgr.dll
2013-11-08 04:43:45 254464 ----a-w- C:\WINDOWS\System32\AppXDeploymentClient.dll
2013-11-08 04:42:52 366080 ----a-w- C:\WINDOWS\SysWow64\appmgr.dll
2013-11-08 04:28:40 13177344 ----a-w- C:\WINDOWS\System32\twinui.dll
2013-11-08 04:26:19 11674624 ----a-w- C:\WINDOWS\SysWow64\twinui.dll
2013-11-08 04:16:46 225792 ----a-w- C:\WINDOWS\SysWow64\dcomp.dll
2013-11-08 04:15:35 198656 ----a-w- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll
2013-11-08 04:07:34 115712 ----a-w- C:\WINDOWS\System32\winbici.dll
2013-11-08 03:41:17 1302528 ----a-w- C:\WINDOWS\System32\AppXDeploymentServer.dll
2013-11-08 03:14:58 922624 ----a-w- C:\WINDOWS\System32\AppXDeploymentExtensions.dll
2013-11-07 01:30:23 12744192 ----a-w- C:\Program Files (x86)\Common Files\lpuninstall.exe
2013-11-05 16:20:05 13925888 ----a-w- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
2013-11-05 16:11:46 18577408 ----a-w- C:\WINDOWS\System32\Windows.UI.Xaml.dll
2013-11-05 14:19:16 566784 ----a-w- C:\WINDOWS\System32\wpncore.dll
2013-11-05 14:03:43 637952 ----a-w- C:\WINDOWS\System32\SettingSyncHost.exe
2013-11-05 13:57:39 479744 ----a-w- C:\WINDOWS\SysWow64\SettingSyncHost.exe
2013-11-05 13:33:44 584192 ----a-w- C:\WINDOWS\SysWow64\SettingSyncCore.dll
2013-11-05 13:32:04 744448 ----a-w- C:\WINDOWS\System32\SettingSyncCore.dll
2013-11-04 17:13:19 382808 ----a-w- C:\WINDOWS\System32\drivers\dxgmms1.sys
2013-11-04 17:13:19 1530200 ----a-w- C:\WINDOWS\System32\drivers\dxgkrnl.sys
2013-11-04 13:07:05 1843712 ----a-w- C:\WINDOWS\System32\Display.dll
2013-11-04 11:50:18 2143744 ----a-w- C:\WINDOWS\System32\dwmcore.dll
2013-11-04 10:32:53 2570240 ----a-w- C:\WINDOWS\System32\SettingsHandlers.dll
2013-11-04 09:38:51 872840 ----a-w- C:\WINDOWS\System32\mfplat.dll
2013-11-04 09:38:51 698232 ----a-w- C:\WINDOWS\SysWow64\mfplat.dll
2013-11-04 09:38:38 977408 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.Streaming.dll
2013-11-04 09:38:38 294400 ----a-w- C:\WINDOWS\System32\Windows.Devices.Sensors.dll
2013-11-04 09:38:38 225792 ----a-w- C:\WINDOWS\SysWow64\Windows.Devices.Sensors.dll
2013-11-04 09:38:38 1286552 ----a-w- C:\WINDOWS\System32\msctf.dll
2013-11-04 09:38:38 1217024 ----a-w- C:\WINDOWS\System32\Windows.Media.Streaming.dll
2013-11-04 09:38:38 1018960 ----a-w- C:\WINDOWS\SysWow64\msctf.dll
2013-11-04 07:43:18 18960 ----a-w- C:\WINDOWS\System32\drivers\LNonPnP.sys
2013-11-04 02:28:40 1816576 ----a-w- C:\WINDOWS\SysWow64\Display.dll
2013-11-04 01:30:33 1765376 ----a-w- C:\WINDOWS\SysWow64\dwmcore.dll
2013-11-01 11:39:53 86872 ----a-w- C:\WINDOWS\System32\drivers\pdc.sys
2013-11-01 06:08:59 747008 ----a-w- C:\WINDOWS\System32\wlidcli.dll
2013-11-01 05:57:11 544768 ----a-w- C:\WINDOWS\SysWow64\wlidcli.dll
2013-10-31 00:58:59 372568 -c--a-w- C:\WINDOWS\System32\drivers\spaceport.sys
2013-10-31 00:42:16 7399256 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe
2013-10-31 00:33:52 1642016 ----a-w- C:\WINDOWS\System32\winload.efi
2013-10-31 00:33:52 1506680 ----a-w- C:\WINDOWS\System32\winload.exe
2013-10-31 00:33:52 1476184 ----a-w- C:\WINDOWS\System32\winresume.efi
2013-10-31 00:33:52 1345536 ----a-w- C:\WINDOWS\System32\winresume.exe
2013-10-28 07:12:12 204568 ----a-w- C:\WINDOWS\System32\drivers\ssudmdm.sys
2013-10-28 07:12:10 107288 ----a-w- C:\WINDOWS\System32\drivers\ssudbus.sys
2013-10-26 01:54:32 146776 ----a-w- C:\WINDOWS\System32\drivers\SerCx2.sys
2013-10-24 09:31:11 30208 ----a-w- C:\WINDOWS\System32\CredentialMigrationHandler.dll
2013-10-24 09:12:58 27136 ----a-w- C:\WINDOWS\SysWow64\CredentialMigrationHandler.dll
2013-10-23 11:29:02 44936 ----a-w- C:\WINDOWS\System32\wldp.dll
2013-10-23 11:21:01 155480 -c--a-w- C:\WINDOWS\System32\drivers\usbccgp.sys
2013-10-23 11:13:34 171864 ----a-w- C:\WINDOWS\System32\kd_02_8086.dll
2013-10-23 08:20:08 6669600 ----a-w- C:\WINDOWS\System32\nvcpl.dll
2013-10-23 08:20:07 3489568 ----a-w- C:\WINDOWS\System32\nvsvc64.dll
2013-10-23 08:20:05 922912 ----a-w- C:\WINDOWS\System32\nvvsvc.exe
2013-10-23 08:20:05 63776 ----a-w- C:\WINDOWS\System32\nvshext.dll
2013-10-23 08:20:05 2559776 ----a-w- C:\WINDOWS\System32\nvsvcr.dll
2013-10-23 08:20:05 219424 ----a-w- C:\WINDOWS\System32\nvmctray.dll
2013-10-22 18:00:16 96168 ----a-w- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll
2013-10-22 08:18:16 96088 ----a-w- C:\WINDOWS\System32\embeddedapplauncher.exe
2013-10-22 07:55:27 2328872 ----a-w- C:\WINDOWS\explorer.exe
2013-10-22 06:03:47 2065448 ----a-w- C:\WINDOWS\SysWow64\explorer.exe
2013-10-22 05:15:38 558080 ----a-w- C:\WINDOWS\System32\apphelp.dll
2013-10-22 04:04:03 618496 ----a-w- C:\WINDOWS\SysWow64\apphelp.dll
2013-10-22 03:56:17 186880 ----a-w- C:\WINDOWS\System32\WorkFoldersShell.dll
2013-10-22 03:44:06 761856 ----a-w- C:\WINDOWS\System32\WorkfoldersControl.dll
2013-10-22 02:38:12 1362944 ----a-w- C:\WINDOWS\SysWow64\user32.dll
2013-10-22 02:22:39 381952 ----a-w- C:\WINDOWS\System32\WUSettingsProvider.dll
.
============= FINISH: 17:58:27.39 ===============
rmscholbe
Active Member
 
Posts: 12
Joined: January 14th, 2014, 6:45 pm
Advertisement
Register to Remove

Re: My cursor keeps moving to the right of the screen by its

Unread postby wannabeageek » January 17th, 2014, 10:32 pm

Hello rmscholbe, and Welcome to MalWare Removal forums!

My name is wannabeageek and I'll be helping you with any malware problems.

Before we begin, please read and follow these important guidelines, so things will proceed smoothly.
  1. The instructions being given are for YOUR computer and system only!
    Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable!
  2. You must have Administrator rights, permissions for this computer.
  3. DO NOT run any other fix or removal tools unless instructed to do so!
  4. DO NOT install any other software (or hardware) during the cleaning process. This adds more items to be researched.
  5. Only post your problem at (1) one help site. Applying fixes from multiple help sites can cause problems.
  6. Print each set of instructions if possible - your Internet connection will not be available during some fix processes.
  7. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  8. Only reply to this thread, do not start another one. Please, continue responding, until I give you the "All Clean!" :cheers:

    Absence of symptoms does not mean that everything is clear.

I am currently reviewing your logs and will return, as soon as possible, with additional instructions. In the meantime...

Note: If you haven't done so already, please read this topic ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.

Please read all instructions carefully before executing and perform the steps, in the order given.
lf you have any questions or problems executing these instructions, <<STOP>> do not proceed, post back with the question or problem.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start


Step 1.
Please move the following programs to your desktop: DDS.SCR and OTL.exe
Here arew their locations according to your posted log:
C:\Users\Roger\Desktop\Scanner\OTL.exe
C:\dds.scr

Step 2.
After moving these programs to your desktop, please rerun DDS.SCR
Please post both the DDS.txt and Attach.txt files in your next reply.
wannabeageek
MRU Master
MRU Master
 
Posts: 1871
Joined: November 23rd, 2009, 10:21 pm
Location: California

Re: My cursor keeps moving to the right of the screen by its

Unread postby rmscholbe » January 17th, 2014, 10:44 pm

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16384 BrowserJavaVersion: 10.45.2
Run by Roger at 20:38:30 on 2014-01-17
Microsoft Windows 8.1 Pro with Media Center 6.3.9600.0.1252.1.1033.18.4094.2068 [GMT -6:00]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\nvvsvc.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
C:\WINDOWS\system32\dashost.exe
C:\WINDOWS\system32\EscSvc64.exe
c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
C:\Program Files (x86)\Browny02\BrYNSvc.exe
C:\WINDOWS\System32\dwm.exe
C:\Program Files (x86)\Stardock\Start8\Start8_64.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\WINDOWS\system32\nvvsvc.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\WINDOWS\Explorer.EXE
C:\Windows\System32\skydrive.exe
C:\WINDOWS\system32\taskhostex.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Windows\System32\rundll32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\spool\drivers\x64\3\E_IATILAE.EXE
C:\Users\Roger\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
C:\Windows\System32\SettingSyncHost.exe
C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe
C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe
C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\taskhost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uSearch Bar = Preserve
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: af0.Adblock.BHO: {90EFF544-3981-4d46-85C9-C0361D0931D6} -
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>
EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>
uRun: [8D61D16F694ECA70FC12DE3FFBEB2A9088500AC8._service_run] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [EPLTarget\P0000000000000000] C:\WINDOWS\System32\spool\DRIVERS\x64\3\E_IATILAE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-410 Series"
uRun: [Amazon Cloud Player] "C:\Users\Roger\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe"
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
mRun: [AmazonGSDownloaderTray] C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe
dRun: [EPLTarget\P0000000000000000] C:\WINDOWS\System32\spool\DRIVERS\x64\3\E_IATILAE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-410 Series"
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{016F717A-5994-4ADF-9816-B67B47E4ACAC} : NameServer = 206.40.99.2,206.40.99.3
TCP: Interfaces\{016F717A-5994-4ADF-9816-B67B47E4ACAC} : DHCPNameServer = 192.168.0.1
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cndt
x64-mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cndt
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} -
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [Logitech Download Assistant] C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\LogiLDA.dll,LogiFetch
x64-Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
x64-Run: [Fences] "C:\Program Files (x86)\Stardock\Fences\Fences.exe" /startup
x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
x64-SSODL: WebCheck - <orphaned>
x64-STS: FencesShlExt Class - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Roger\AppData\Roaming\Mozilla\Firefox\Profiles\r1xpa9jz.default-1365792316197\
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=U039DF& ... =072013&q=
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\LastPass\nplastpass.dll
FF - plugin: C:\Program Files (x86)\LastPass\nplastpass64.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Users\Roger\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
.
============= SERVICES / DRIVERS ===============
.
R0 DLACDBHE;DLACDBHE;C:\WINDOWS\System32\drivers\DLACDBHE.SYS [2010-5-23 17776]
R0 DRVECDB;DRVECDB;C:\WINDOWS\System32\drivers\DRVECDB.SYS [2010-5-23 124112]
R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2013-12-14 39768]
R0 PxHlpa64;PxHlpa64;C:\WINDOWS\System32\drivers\PxHlpa64.sys [2010-5-23 55024]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2013-8-22 76800]
R1 DLARTL_E;DLARTL_E;C:\WINDOWS\System32\drivers\DLARTL_E.SYS [2010-5-23 41072]
R2 Amazon Download Agent;Amazon Download Agent;C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe [2014-1-17 401920]
R2 DLABMFSE;DLABMFSE;C:\WINDOWS\System32\drivers\DLABMFSE.SYS [2010-5-23 46448]
R2 DLABOIOE;DLABOIOE;C:\WINDOWS\System32\drivers\DLABOIOE.SYS [2010-5-23 42352]
R2 DLADResE;DLADResE;C:\WINDOWS\System32\drivers\DLADResE.SYS [2010-5-23 9968]
R2 DLAIFS_E;DLAIFS_E;C:\WINDOWS\System32\drivers\DLAIFS_E.SYS [2010-5-23 146672]
R2 DLAOPIOE;DLAOPIOE;C:\WINDOWS\System32\drivers\DLAOPIOE.SYS [2010-5-23 35056]
R2 DLAPoolE;DLAPoolE;C:\WINDOWS\System32\drivers\DLAPoolE.SYS [2010-5-23 19824]
R2 DLAUDF_E;DLAUDF_E;C:\WINDOWS\System32\drivers\DLAUDF_E.SYS [2010-5-23 144112]
R2 DLAUDFAE;DLAUDFAE;C:\WINDOWS\System32\drivers\DLAUDFAE.SYS [2010-5-23 135152]
R2 DRVEDDM;DRVEDDM;C:\WINDOWS\System32\drivers\DRVEDDM.SYS [2010-5-23 63984]
R2 EpsonCustomerParticipation;EpsonCustomerParticipation;C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe [2013-9-20 654400]
R2 EpsonScanSvc;Epson Scanner Service;C:\WINDOWS\System32\escsvc64.exe [2013-10-15 144560]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-8-30 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-8-30 701512]
R2 RtNdPt60;Realtek NDIS Protocol Driver;C:\WINDOWS\System32\drivers\RtNdPt60.sys [2009-6-10 26624]
R2 Start8;Stardock Start8;C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [2013-10-14 142960]
R3 BrYNSvc;BrYNSvc;C:\Program Files (x86)\Browny02\BrYNSvc.exe [2013-11-1 266240]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;C:\WINDOWS\System32\drivers\LEqdUsb.sys [2013-5-23 77592]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;C:\WINDOWS\System32\drivers\LHidEqd.sys [2013-5-23 13080]
R3 MBAMProtector;MBAMProtector;C:\WINDOWS\System32\drivers\mbam.sys [2013-8-30 25928]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2013-8-22 37768]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2013-8-22 16384]
R3 RTL8168;Realtek 8168 NT Driver;C:\WINDOWS\System32\drivers\Rt630x64.sys [2013-8-22 591360]
R3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2013-8-22 124256]
R3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2013-8-22 346872]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2013-8-22 230912]
S3 ABB3410;Abbott Labs USB Cable Driver;C:\WINDOWS\System32\drivers\abbttusb.sys [2010-9-2 56832]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2013-8-22 782176]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2013-8-22 37768]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2013-8-22 37768]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2013-8-22 17624]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudbus.sys [2013-10-28 107288]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2013-8-22 24568]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2013-8-22 99320]
S3 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2013-8-22 651248]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\WINDOWS\System32\ieetwcollector.exe [2013-11-13 111616]
S3 kbldfltr;kbldfltr;C:\WINDOWS\System32\drivers\kbldfltr.sys [2013-9-29 22272]
S3 LcUvcUpper;LcUvcUpper Service;C:\WINDOWS\System32\drivers\LcUvcUpper.sys [2013-9-27 34408]
S3 lfsvc;Windows Location Framework Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2013-8-22 37768]
S3 LSI_SAS3;LSI_SAS3;C:\WINDOWS\System32\drivers\lsi_sas3.sys [2013-8-22 81760]
S3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;C:\WINDOWS\System32\drivers\nx6000.sys [2010-12-13 36720]
S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc63.sys [2013-8-22 87040]
S3 ReFS;ReFS;C:\WINDOWS\System32\drivers\refs.sys [2013-8-22 924512]
S3 rt70x64;Linksys Home Wireless-G USB Adaptor Driver;C:\WINDOWS\System32\drivers\netr7064.sys [2010-4-27 388448]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2013-8-22 37768]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2013-12-14 146776]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2013-8-22 37768]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudmdm.sys [2013-10-28 204568]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2013-11-16 57176]
S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2013-8-22 26976]
S3 vmbusr;Virtual Machine Bus Provider;C:\WINDOWS\System32\drivers\vmbusr.sys [2013-9-29 129536]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2013-8-22 37768]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2013-8-22 37768]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService [2013-8-22 37768]
S4 MsKeyboardFilter;Microsoft Keyboard Filter;C:\WINDOWS\System32\svchost.exe -k netsvcs [2013-8-22 37768]
.
=============== File Associations ===============
.
FileExt: .inf: inffile=C:\WINDOWS\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2014-01-17 14:47:03 10315576 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AE89861E-0B34-4307-BBCB-C32DF0F66B08}\mpengine.dll
2014-01-16 22:17:57 10315576 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2014-01-16 21:02:57 -------- d-----w- C:\_OTL
2014-01-16 19:39:00 -------- d-----w- C:\Users\Roger\AppData\Roaming\ScanSpyware
2014-01-16 19:31:13 -------- d-sh--w- C:\$RECYCLE.BIN
2014-01-16 19:16:16 -------- d-----w- C:\FRST
2014-01-16 18:49:55 688992 ------r- C:\dds.scr
2014-01-16 18:09:25 -------- d-----w- C:\AdwCleaner
2014-01-15 13:41:04 -------- d-----w- C:\WINDOWS\ERUNT
2014-01-15 13:40:07 848384 ----a-w- C:\WINDOWS\System32\WSShared.dll
2014-01-15 13:40:07 695808 ----a-w- C:\WINDOWS\SysWow64\WSShared.dll
2014-01-15 13:40:07 3395920 ----a-w- C:\WINDOWS\System32\WSService.dll
2014-01-15 13:40:07 249856 ----a-w- C:\WINDOWS\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-15 13:40:07 189952 ----a-w- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-15 13:40:06 84480 ----a-w- C:\WINDOWS\System32\WSCollect.exe
2014-01-15 13:40:06 206336 ----a-w- C:\WINDOWS\System32\WSClient.dll
2014-01-15 13:40:06 174592 ----a-w- C:\WINDOWS\SysWow64\WSClient.dll
2014-01-15 13:40:06 138240 ----a-w- C:\WINDOWS\System32\OEMLicense.dll
2014-01-15 13:40:06 103936 ----a-w- C:\WINDOWS\SysWow64\OEMLicense.dll
2014-01-15 13:39:39 787968 ----a-w- C:\WINDOWS\System32\uDWM.dll
2014-01-15 00:25:22 -------- d-----w- C:\rmscholbe
2014-01-14 22:07:37 -------- d-----w- C:\ProgramData\HitmanPro
2014-01-13 15:48:13 -------- d-----w- C:\Users\Roger\AppData\Roaming\.minecraft
2014-01-09 19:41:45 2401112 ----a-w- C:\WINDOWS\System32\D3DX9_43.dll
2014-01-09 19:41:45 1998168 ----a-w- C:\WINDOWS\SysWow64\D3DX9_43.dll
2014-01-09 19:27:17 -------- d-----w- C:\Program Files\Microsoft LifeCam
2014-01-09 19:27:17 -------- d-----w- C:\Program Files (x86)\Microsoft LifeCam
2014-01-09 16:23:00 872352 ----a-w- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
2014-01-09 16:23:00 276592 ----a-w- C:\Program Files (x86)\Mozilla Firefox\updater.exe
2014-01-09 16:23:00 22370928 ----a-w- C:\Program Files (x86)\Mozilla Firefox\xul.dll
2014-01-09 16:23:00 170960 ----a-w- C:\Program Files (x86)\Mozilla Firefox\webapp-uninstaller.exe
2014-01-09 16:23:00 153712 ----a-w- C:\Program Files (x86)\Mozilla Firefox\softokn3.dll
2014-01-09 16:23:00 108144 ----a-w- C:\Program Files (x86)\Mozilla Firefox\webapprt-stub.exe
2014-01-05 20:31:55 -------- d-----w- C:\Program Files (x86)\SDA
2014-01-05 17:33:44 -------- d-----w- C:\Program Files (x86)\EaseUS
2014-01-05 16:54:01 -------- d--h--w- C:\$WINDOWS.~BT
2014-01-02 18:00:15 -------- d-----w- C:\Users\Roger\AppData\Roaming\MyHeritage
2014-01-02 18:00:15 -------- d-----w- C:\ProgramData\MyHeritage
2014-01-02 18:00:10 608448 ----a-w- C:\WINDOWS\SysWow64\comctl32.ocx
2014-01-02 18:00:10 258352 ----a-w- C:\WINDOWS\SysWow64\unicows.dll
2014-01-02 18:00:10 137000 ----a-w- C:\WINDOWS\SysWow64\msmapi32.ocx
2014-01-02 17:59:40 -------- d-----w- C:\Program Files (x86)\MyHeritage
2013-12-29 15:53:53 736952 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll
2013-12-29 15:53:39 2876528 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2013-12-29 15:53:13 42168 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2013-12-27 14:42:31 236208 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10229.bin
.
==================== Find3M ====================
.
2014-01-06 22:31:05 693240 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2014-01-06 22:31:05 105464 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2013-11-26 08:35:02 5769216 ----a-w- C:\WINDOWS\System32\jscript9.dll
2013-11-26 08:16:12 4243968 ----a-w- C:\WINDOWS\SysWow64\jscript9.dll
2013-11-26 08:02:16 1995264 ----a-w- C:\WINDOWS\System32\inetcpl.cpl
2013-11-26 07:32:06 1928192 ----a-w- C:\WINDOWS\SysWow64\inetcpl.cpl
2013-11-26 07:07:57 2334208 ----a-w- C:\WINDOWS\System32\wininet.dll
2013-11-26 06:33:33 1820160 ----a-w- C:\WINDOWS\SysWow64\wininet.dll
2013-11-23 04:34:43 393216 ----a-w- C:\WINDOWS\System32\WMPhoto.dll
2013-11-23 04:13:51 348160 ----a-w- C:\WINDOWS\SysWow64\WMPhoto.dll
2013-11-23 03:32:09 4105728 ----a-w- C:\WINDOWS\System32\SyncEngine.dll
2013-11-23 03:10:49 568832 ----a-w- C:\WINDOWS\System32\SkyDrive.exe
2013-11-19 10:30:34 267936 ------w- C:\WINDOWS\System32\MpSigStub.exe
2013-11-13 13:08:45 2724864 ----a-w- C:\WINDOWS\SysWow64\mshtml.tlb
2013-11-13 13:08:43 2724864 ----a-w- C:\WINDOWS\System32\mshtml.tlb
2013-11-11 02:48:41 39768 -c--a-w- C:\WINDOWS\System32\drivers\intelpep.sys
2013-11-09 11:55:11 325464 -c--a-w- C:\WINDOWS\System32\drivers\USBXHCI.SYS
2013-11-09 06:55:17 303104 ----a-w- C:\WINDOWS\apppatch\apppatch64\AcGenral.dll
2013-11-09 06:37:45 1756160 ----a-w- C:\WINDOWS\System32\WMPDMC.exe
2013-11-09 06:34:14 615936 ----a-w- C:\WINDOWS\System32\MDMAgent.exe
2013-11-09 06:34:01 287744 ----a-w- C:\WINDOWS\System32\mdmregistration.dll
2013-11-09 06:13:07 442880 ----a-w- C:\WINDOWS\apppatch\AcSpecfc.dll
2013-11-09 06:05:53 2415104 ----a-w- C:\WINDOWS\apppatch\AcGenral.dll
2013-11-09 05:56:15 1391104 ----a-w- C:\WINDOWS\SysWow64\WMPDMC.exe
2013-11-09 05:52:04 240128 ----a-w- C:\WINDOWS\SysWow64\mdmregistration.dll
2013-11-09 05:09:32 156672 ----a-w- C:\WINDOWS\System32\wbem\MDMAppProv.dll
2013-11-09 04:56:32 414720 ----a-w- C:\WINDOWS\System32\wbem\MDMSettingsProv.dll
2013-11-08 10:26:23 358896 ----a-w- C:\WINDOWS\System32\dcomp.dll
2013-11-08 07:21:59 4191744 ----a-w- C:\WINDOWS\System32\win32k.sys
2013-11-08 05:23:30 449024 ----a-w- C:\WINDOWS\System32\appmgr.dll
2013-11-08 04:43:45 254464 ----a-w- C:\WINDOWS\System32\AppXDeploymentClient.dll
2013-11-08 04:42:52 366080 ----a-w- C:\WINDOWS\SysWow64\appmgr.dll
2013-11-08 04:28:40 13177344 ----a-w- C:\WINDOWS\System32\twinui.dll
2013-11-08 04:26:19 11674624 ----a-w- C:\WINDOWS\SysWow64\twinui.dll
2013-11-08 04:16:46 225792 ----a-w- C:\WINDOWS\SysWow64\dcomp.dll
2013-11-08 04:15:35 198656 ----a-w- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll
2013-11-08 04:07:34 115712 ----a-w- C:\WINDOWS\System32\winbici.dll
2013-11-08 03:41:17 1302528 ----a-w- C:\WINDOWS\System32\AppXDeploymentServer.dll
2013-11-08 03:14:58 922624 ----a-w- C:\WINDOWS\System32\AppXDeploymentExtensions.dll
2013-11-07 01:30:23 12744192 ----a-w- C:\Program Files (x86)\Common Files\lpuninstall.exe
2013-11-05 16:20:05 13925888 ----a-w- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
2013-11-05 16:11:46 18577408 ----a-w- C:\WINDOWS\System32\Windows.UI.Xaml.dll
2013-11-05 14:19:16 566784 ----a-w- C:\WINDOWS\System32\wpncore.dll
2013-11-05 14:03:43 637952 ----a-w- C:\WINDOWS\System32\SettingSyncHost.exe
2013-11-05 13:57:39 479744 ----a-w- C:\WINDOWS\SysWow64\SettingSyncHost.exe
2013-11-05 13:33:44 584192 ----a-w- C:\WINDOWS\SysWow64\SettingSyncCore.dll
2013-11-05 13:32:04 744448 ----a-w- C:\WINDOWS\System32\SettingSyncCore.dll
2013-11-04 17:13:19 382808 ----a-w- C:\WINDOWS\System32\drivers\dxgmms1.sys
2013-11-04 17:13:19 1530200 ----a-w- C:\WINDOWS\System32\drivers\dxgkrnl.sys
2013-11-04 13:07:05 1843712 ----a-w- C:\WINDOWS\System32\Display.dll
2013-11-04 11:50:18 2143744 ----a-w- C:\WINDOWS\System32\dwmcore.dll
2013-11-04 10:32:53 2570240 ----a-w- C:\WINDOWS\System32\SettingsHandlers.dll
2013-11-04 09:38:51 872840 ----a-w- C:\WINDOWS\System32\mfplat.dll
2013-11-04 09:38:51 698232 ----a-w- C:\WINDOWS\SysWow64\mfplat.dll
2013-11-04 09:38:38 977408 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.Streaming.dll
2013-11-04 09:38:38 294400 ----a-w- C:\WINDOWS\System32\Windows.Devices.Sensors.dll
2013-11-04 09:38:38 225792 ----a-w- C:\WINDOWS\SysWow64\Windows.Devices.Sensors.dll
2013-11-04 09:38:38 1286552 ----a-w- C:\WINDOWS\System32\msctf.dll
2013-11-04 09:38:38 1217024 ----a-w- C:\WINDOWS\System32\Windows.Media.Streaming.dll
2013-11-04 09:38:38 1018960 ----a-w- C:\WINDOWS\SysWow64\msctf.dll
2013-11-04 07:43:18 18960 ----a-w- C:\WINDOWS\System32\drivers\LNonPnP.sys
2013-11-04 02:28:40 1816576 ----a-w- C:\WINDOWS\SysWow64\Display.dll
2013-11-04 01:30:33 1765376 ----a-w- C:\WINDOWS\SysWow64\dwmcore.dll
2013-11-01 11:39:53 86872 ----a-w- C:\WINDOWS\System32\drivers\pdc.sys
2013-11-01 06:08:59 747008 ----a-w- C:\WINDOWS\System32\wlidcli.dll
2013-11-01 05:57:11 544768 ----a-w- C:\WINDOWS\SysWow64\wlidcli.dll
2013-10-31 00:58:59 372568 -c--a-w- C:\WINDOWS\System32\drivers\spaceport.sys
2013-10-31 00:42:16 7399256 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe
2013-10-31 00:33:52 1642016 ----a-w- C:\WINDOWS\System32\winload.efi
2013-10-31 00:33:52 1506680 ----a-w- C:\WINDOWS\System32\winload.exe
2013-10-31 00:33:52 1476184 ----a-w- C:\WINDOWS\System32\winresume.efi
2013-10-31 00:33:52 1345536 ----a-w- C:\WINDOWS\System32\winresume.exe
2013-10-28 07:12:12 204568 ----a-w- C:\WINDOWS\System32\drivers\ssudmdm.sys
2013-10-28 07:12:10 107288 ----a-w- C:\WINDOWS\System32\drivers\ssudbus.sys
2013-10-26 01:54:32 146776 ----a-w- C:\WINDOWS\System32\drivers\SerCx2.sys
2013-10-24 09:31:11 30208 ----a-w- C:\WINDOWS\System32\CredentialMigrationHandler.dll
2013-10-24 09:12:58 27136 ----a-w- C:\WINDOWS\SysWow64\CredentialMigrationHandler.dll
2013-10-23 11:29:02 44936 ----a-w- C:\WINDOWS\System32\wldp.dll
2013-10-23 11:21:01 155480 -c--a-w- C:\WINDOWS\System32\drivers\usbccgp.sys
2013-10-23 11:13:34 171864 ----a-w- C:\WINDOWS\System32\kd_02_8086.dll
2013-10-23 08:20:08 6669600 ----a-w- C:\WINDOWS\System32\nvcpl.dll
2013-10-23 08:20:07 3489568 ----a-w- C:\WINDOWS\System32\nvsvc64.dll
2013-10-23 08:20:05 922912 ----a-w- C:\WINDOWS\System32\nvvsvc.exe
2013-10-23 08:20:05 63776 ----a-w- C:\WINDOWS\System32\nvshext.dll
2013-10-23 08:20:05 2559776 ----a-w- C:\WINDOWS\System32\nvsvcr.dll
2013-10-23 08:20:05 219424 ----a-w- C:\WINDOWS\System32\nvmctray.dll
2013-10-22 18:00:16 96168 ----a-w- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll
2013-10-22 08:18:16 96088 ----a-w- C:\WINDOWS\System32\embeddedapplauncher.exe
2013-10-22 07:55:27 2328872 ----a-w- C:\WINDOWS\explorer.exe
2013-10-22 06:03:47 2065448 ----a-w- C:\WINDOWS\SysWow64\explorer.exe
2013-10-22 05:15:38 558080 ----a-w- C:\WINDOWS\System32\apphelp.dll
2013-10-22 04:04:03 618496 ----a-w- C:\WINDOWS\SysWow64\apphelp.dll
2013-10-22 03:56:17 186880 ----a-w- C:\WINDOWS\System32\WorkFoldersShell.dll
2013-10-22 03:44:06 761856 ----a-w- C:\WINDOWS\System32\WorkfoldersControl.dll
2013-10-22 02:38:12 1362944 ----a-w- C:\WINDOWS\SysWow64\user32.dll
2013-10-22 02:22:39 381952 ----a-w- C:\WINDOWS\System32\WUSettingsProvider.dll
2013-10-22 02:13:33 1704448 ----a-w- C:\WINDOWS\System32\wucltux.dll
2013-10-22 02:07:57 2617344 ----a-w- C:\WINDOWS\System32\authui.dll
2013-10-22 01:53:47 1584128 ----a-w- C:\WINDOWS\System32\workfolderssvc.dll
2013-10-22 01:47:12 2295808 ----a-w- C:\WINDOWS\SysWow64\authui.dll
.
============= FINISH: 20:39:22.70 ===============
rmscholbe
Active Member
 
Posts: 12
Joined: January 14th, 2014, 6:45 pm

Re: My cursor keeps moving to the right of the screen by its

Unread postby rmscholbe » January 17th, 2014, 10:53 pm

Hi wannabeageek,

I attached a zipped copy of my attach.txt file as requested.
You do not have the required permissions to view the files attached to this post.
rmscholbe
Active Member
 
Posts: 12
Joined: January 14th, 2014, 6:45 pm

Re: My cursor keeps moving to the right of the screen by its

Unread postby rmscholbe » January 17th, 2014, 10:54 pm

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 8.1 Pro with Media Center
Boot Device: \Device\HarddiskVolume1
Install Date: 11/4/2013 2:13:05 AM
System Uptime: 1/16/2014 3:27:06 PM (29 hours ago)
.
Motherboard: MSI | | Boston
Processor: Pentium(R) Dual-Core CPU E5300 @ 2.60GHz | Socket 775 | 2600/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 584 GiB total, 465.272 GiB free.
D: is FIXED (NTFS) - 12 GiB total, 2.102 GiB free.
E: is FIXED (NTFS) - 233 GiB total, 157.596 GiB free.
F: is CDROM ()
G: is Removable
H: is Removable
S: is FIXED (NTFS) - 0 GiB total, 0.064 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP16: 1/2/2014 11:54:48 AM - Happy New Year
RP17: 1/5/2014 2:31:27 PM - Installed SDFormatter.
RP18: 1/9/2014 1:41:22 PM - Installed DirectX
RP19: 1/14/2014 4:34:52 PM - OTL Restore Point - 1/14/2014 4:34:48 PM
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
64 Bit HP CIO Components Installer
7-Zip 4.42
Abbott USB Data Cable Installation
AceMoney
AdblockIE
Adobe Acrobat 9 Pro - English, Français, Deutsch
Adobe Acrobat 9.5.5 - CPSID_83708
Adobe AIR
Adobe Flash Player 11 Plugin
Advanced PDF Password Recovery (remove only)
Amazon Cloud Player
Amazon Games & Software Downloader
Amazon Music Importer
Amazon.com Kindle Fire
Angry Birds
Apple Application Support
Apple Software Update
ArcSoft MediaImpression for Kodak
Bejeweled 2 Deluxe
Classic Menu 4.x for Office 2007
Compatibility Pack for the 2007 Office system
COWON Media Center - jetAudio Plus VX
CuteFTP 5.0 XP
CyberLink DVD Suite Deluxe
DirectX for Managed Code Update (Summer 2004)
Epson Connect Printer Setup
EPSON Connect version 1.0
Epson Customer Participation
Epson Event Manager
EPSON Scan
EPSON XP-410 Series Printer Uninstall
Epson XP-410 User's Guide version 1.0
EpsonNet Print
eReg
Garmin BaseCamp
Garmin USB Drivers
Google Chrome
Google Drive
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
gSyncit
Heatsoft ADCS
HL-2270DW
HP Customer Experience Enhancements
HP Odometer
HP Support Information
Image Resizer for Windows
Image Resizer for Windows (64 bit)
Java 7 Update 45
Java Auto Updater
LabelPrint
LastPass (uninstall only)
LightScribe System Software
Logitech SetPoint 6.61
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft Application Error Reporting
Microsoft Corporation
Microsoft Money 2005
Microsoft Money Shared Libraries
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SkyDrive
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Mobipocket Creator 4.2
Mozilla Firefox 26.0 (x86 en-US)
Mozilla Maintenance Service
Mp3tag v2.56
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NetworkView Version 2.03
NetworkView Version 3.62
NirSoft VideoCacheView
NVIDIA 3D Vision Controller Driver
NVIDIA 3D Vision Controller Driver 275.33
NVIDIA Control Panel 331.65
NVIDIA Graphics Driver 305.93
NVIDIA HD Audio Driver 1.3.18.0
NVIDIA Install Application
NVIDIA PhysX
NVIDIA PhysX System Software 9.10.0514
NVIDIA Update 1.10.8
NVIDIA Update Components
OpenSC (64bit)
Paint Shop Pro 5.01
PictureMover
Power2Go
PowerDirector
PowerRecover
PreReq
PrintProjects
QuickTime
Realtek High Definition Audio Driver
Registry Crawler
Roxio Activation Module
Roxio Creator Audio
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Drag-to-Disc
Roxio Express Labeler 3
Roxio Update Manager
Samsung Mobile phone USB driver Drive Software
Samsung PC Studio 3 USB Driver Installer
SAMSUNG USB Driver for Mobile Phones
SDFormatter
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2817641) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2837615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office Outlook 2007 (KB2825644) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2837617) 32-Bit Edition
Software Updater
Sonic CinePlayer Decoder Pack
Stardock Fences 2
Stardock Start8
Start8
System Requirements Lab
Unity Web Player
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VLC media player 2.0.8
Windows Driver Package - Amazon.com (WinUSB) KindleFireUsbDeviceClass (12/03/2012 1.2.0000.00000)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0)
Windows Media Player Firefox Plugin
WinZip
.
==== Event Viewer Messages From Past Week ========
.
1/16/2014 8:22:17 PM, Error: Microsoft-Windows-Kernel-Power [137] - The system firmware has changed the processor's memory type range registers (MTRRs) across a sleep state transition (S5). This can result in reduced resume performance.
1/16/2014 3:30:34 PM, Error: Service Control Manager [7038] - The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: The password for this account has expired. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
1/16/2014 3:30:34 PM, Error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The service did not start due to a logon failure.
1/16/2014 3:02:57 PM, Error: Service Control Manager [7031] - The Stardock Start8 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 2000 milliseconds: Restart the service.
.
==== End Of File ===========================
rmscholbe
Active Member
 
Posts: 12
Joined: January 14th, 2014, 6:45 pm

Re: My cursor keeps moving to the right of the screen by its

Unread postby wannabeageek » January 18th, 2014, 8:55 pm

Hi rmscholbe,

Please tell me how did you obtain Microsoft Office Enterprise 2007?

If you were getting assistance from another malware site, post the link and the reason you left.
RP19: 1/14/2014 4:34:52 PM - OTL Restore Point - 1/14/2014 4:34:48 PM
2014-01-16 21:02:57 -------- d-----w- C:\_OTL
2014-01-16 19:16:16 -------- d-----w- C:\FRST
2014-01-16 18:09:25 -------- d-----w- C:\AdwCleaner


Last of all please post all logs from the above 3 folders where you used OTL, FRST, and AdwCleaner. There may be something in those logs that can help me assist you with this issue you are having.
wannabeageek
MRU Master
MRU Master
 
Posts: 1871
Joined: November 23rd, 2009, 10:21 pm
Location: California

Re: My cursor keeps moving to the right of the screen by its

Unread postby rmscholbe » January 18th, 2014, 9:15 pm

Hello Wantabeageek,

I got it through a home Use program.

I was not getting help from any malware site. I have a degree in networking and I was running those programs, trying to fix my machine. Decided that things have changed to much and asked for help from this forum.

I deleted the logs from AdwCleaner.

I will post the logs from OTL & FRST.
rmscholbe
Active Member
 
Posts: 12
Joined: January 14th, 2014, 6:45 pm

Re: My cursor keeps moving to the right of the screen by its

Unread postby rmscholbe » January 18th, 2014, 9:17 pm

OTL logfile created on: 1/16/2014 2:40:20 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Roger\Desktop\Scanner
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16476)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.43 Gb Available Physical Memory | 60.78% Memory free
10.00 Gb Paging File | 8.32 Gb Available in Paging File | 83.28% Paging File free
Paging file location(s): c:\pagefile.sys 6141 6141 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 584.25 Gb Total Space | 463.63 Gb Free Space | 79.35% Space Free | Partition Type: NTFS
Drive D: | 11.83 Gb Total Space | 2.10 Gb Free Space | 17.78% Space Free | Partition Type: NTFS
Drive E: | 232.88 Gb Total Space | 158.18 Gb Free Space | 67.92% Space Free | Partition Type: NTFS
Drive S: | 100.00 Mb Total Space | 65.50 Mb Free Space | 65.50% Space Free | Partition Type: NTFS

Computer Name: ROGER-PC | User Name: Roger | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/01/16 14:39:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Roger\Desktop\Scanner\OTL.exe
PRC - [2014/01/11 04:29:23 | 000,866,584 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/12/12 13:56:14 | 003,145,536 | ---- | M] () -- C:\Users\Roger\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
PRC - [2013/12/06 07:22:48 | 000,223,112 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
PRC - [2013/04/04 13:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 13:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013/03/19 13:08:23 | 000,142,960 | ---- | M] (Stardock Software, Inc) -- C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
PRC - [2012/06/06 14:31:56 | 003,076,096 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
PRC - [2012/06/05 14:56:28 | 000,266,240 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Browny02\BrYNSvc.exe
PRC - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe


========== Modules (No Company Name) ==========

MOD - [2014/01/11 04:29:21 | 000,399,640 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ppgooglenaclpluginchrome.dll
MOD - [2014/01/11 04:29:17 | 004,055,320 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\pdf.dll
MOD - [2014/01/11 04:28:11 | 001,634,584 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ffmpegsumo.dll
MOD - [2013/12/12 13:56:14 | 003,145,536 | ---- | M] () -- C:\Users\Roger\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
MOD - [2009/02/27 15:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/11/27 09:36:30 | 003,395,920 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2013/11/07 21:41:17 | 001,302,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2013/10/21 19:53:47 | 001,584,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2013/10/18 23:37:49 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/10/04 02:10:59 | 000,533,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2013/09/29 22:14:34 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2013/09/29 22:14:33 | 001,555,456 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013/09/29 22:14:32 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2013/09/29 22:14:32 | 000,261,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2013/09/29 21:55:00 | 000,183,296 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2013/09/29 21:54:59 | 000,090,464 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\KeyboardFilterSvc.dll -- (MsKeyboardFilter)
SRV:64bit: - [2013/09/20 15:30:00 | 000,654,400 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe -- (EpsonCustomerParticipation)
SRV:64bit: - [2013/08/22 06:32:01 | 000,346,872 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2013/08/22 06:32:00 | 000,023,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013/08/22 06:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2013/08/22 05:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013/08/22 05:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013/08/22 05:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013/08/22 05:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013/08/22 05:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/08/22 04:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013/08/22 04:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013/08/22 04:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013/08/22 04:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013/08/22 04:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013/08/22 04:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013/08/22 04:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013/08/22 04:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013/08/22 04:04:53 | 000,716,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2013/08/22 04:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013/08/22 03:59:26 | 000,832,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2013/08/22 03:58:42 | 000,280,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/08/22 03:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013/08/22 03:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013/08/22 03:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/08/22 03:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/22 03:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013/08/22 03:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013/08/22 03:40:14 | 000,398,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2013/08/22 03:39:33 | 000,198,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013/08/22 03:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/08/22 03:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2013/06/13 13:31:10 | 000,357,144 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2012/05/16 23:00:00 | 000,144,560 | ---- | M] (Seiko Epson Corporation) [Auto | Running] -- C:\Windows\SysNative\escsvc64.exe -- (EpsonScanSvc)
SRV - [2014/01/09 10:23:21 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/12/10 12:18:28 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/09/29 22:14:30 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2013/08/22 06:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013/08/21 21:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/21 20:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2013/04/04 13:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/03/19 13:08:23 | 000,142,960 | ---- | M] (Stardock Software, Inc) [Auto | Running] -- C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe -- (Start8)
SRV - [2012/10/15 17:42:58 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/06/05 14:56:28 | 000,266,240 | ---- | M] (Brother Industries, Ltd.) [On_Demand | Running] -- C:\Program Files (x86)\Browny02\BrYNSvc.exe -- (BrYNSvc)
SRV - [2010/03/20 06:52:43 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/11/10 20:48:41 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2013/11/09 05:55:11 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013/11/01 05:39:53 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013/10/30 18:58:59 | 000,372,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013/10/28 01:12:12 | 000,204,568 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2013/10/28 01:12:10 | 000,107,288 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2013/10/27 09:12:42 | 000,196,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2013/10/25 19:54:32 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2013/10/12 20:48:34 | 000,136,536 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2013/10/05 09:25:54 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013/09/29 22:14:29 | 000,467,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013/09/29 22:14:29 | 000,236,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013/09/29 22:14:29 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013/09/29 21:55:05 | 000,022,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\kbldfltr.sys -- (kbldfltr)
DRV:64bit: - [2013/09/29 21:55:00 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013/09/29 21:54:43 | 000,129,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmbusr.sys -- (vmbusr)
DRV:64bit: - [2013/09/29 21:54:43 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013/09/29 21:54:42 | 000,220,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Vid.sys -- (Vid)
DRV:64bit: - [2013/09/29 21:54:42 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\storvsp.sys -- (storvsp)
DRV:64bit: - [2013/09/29 21:54:42 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpcivsp.sys -- (vpcivsp)
DRV:64bit: - [2013/09/27 02:53:50 | 000,034,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LcUvcUpper.sys -- (LcUvcUpper)
DRV:64bit: - [2013/08/22 07:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 07:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 06:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/22 06:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 06:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 06:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 06:43:48 | 000,146,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2013/08/22 06:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 06:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 06:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 06:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 06:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 06:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 06:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 06:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 06:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 06:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 06:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 06:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 06:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 06:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 06:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 06:43:33 | 000,189,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2013/08/22 06:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 06:43:32 | 000,078,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2013/08/22 06:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 06:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 06:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 06:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 06:41:08 | 000,054,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2013/08/22 06:39:44 | 000,377,696 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2013/08/22 06:39:15 | 000,924,512 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2013/08/22 06:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 06:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013/08/22 06:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 06:34:22 | 000,265,056 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013/08/22 06:34:22 | 000,124,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2013/08/22 06:31:28 | 000,034,760 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013/08/22 05:39:58 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2013/08/22 05:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013/08/22 05:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 05:39:28 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2013/08/22 05:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 05:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 05:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 05:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 05:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 05:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 05:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 05:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 05:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 05:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 05:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/08/22 05:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013/08/22 05:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 05:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 05:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 05:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013/08/22 05:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 05:36:17 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2013/08/22 05:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013/08/22 05:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013/08/22 02:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/12 17:25:46 | 000,017,624 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/09 18:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/07/30 12:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/25 13:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/06/18 08:46:17 | 000,591,360 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2013/05/23 00:12:52 | 000,059,160 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2013/05/23 00:12:50 | 000,076,568 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2013/05/23 00:12:48 | 000,077,592 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LEqdUsb.sys -- (LEqdUsb)
DRV:64bit: - [2013/05/23 00:12:48 | 000,013,080 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidEqd.sys -- (LHidEqd)
DRV:64bit: - [2013/04/04 13:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013/01/03 02:17:48 | 000,114,568 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LMouKE.Sys -- (LMouKE)
DRV:64bit: - [2013/01/03 02:17:26 | 000,092,040 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L8042mou.Sys -- (L8042mou)
DRV:64bit: - [2013/01/03 02:17:26 | 000,033,160 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV:64bit: - [2010/12/13 13:37:18 | 000,036,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nx6000.sys -- (MSHUSBVideo)
DRV:64bit: - [2010/09/02 21:13:56 | 000,056,832 | ---- | M] (Texas Instruments Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\abbttusb.sys -- (ABB3410)
DRV:64bit: - [2010/04/27 13:40:58 | 000,388,448 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr7064.sys -- (rt70x64)
DRV:64bit: - [2010/02/08 07:32:00 | 000,014,992 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CVirtA64.sys -- (CVirtA)
DRV:64bit: - [2009/06/10 17:13:02 | 000,026,624 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\RtNdPt60.sys -- (RtNdPt60)
DRV:64bit: - [2008/11/16 17:39:44 | 000,157,968 | ---- | M] (Deterministic Networks, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\dne64x.sys -- (DNE)
DRV:64bit: - [2008/06/16 04:00:00 | 000,055,024 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2007/07/23 14:05:22 | 000,009,968 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\DLADResE.SYS -- (DLADResE)
DRV:64bit: - [2007/07/23 14:05:12 | 000,135,152 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\DLAUDFAE.SYS -- (DLAUDFAE)
DRV:64bit: - [2007/07/23 14:05:12 | 000,046,448 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\DLABMFSE.SYS -- (DLABMFSE)
DRV:64bit: - [2007/07/23 14:05:10 | 000,144,112 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\DLAUDF_E.SYS -- (DLAUDF_E)
DRV:64bit: - [2007/07/23 14:05:08 | 000,035,056 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\DLAOPIOE.SYS -- (DLAOPIOE)
DRV:64bit: - [2007/07/23 14:05:06 | 000,042,352 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\DLABOIOE.SYS -- (DLABOIOE)
DRV:64bit: - [2007/07/23 14:05:06 | 000,019,824 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\DLAPoolE.SYS -- (DLAPoolE)
DRV:64bit: - [2007/07/23 14:05:04 | 000,146,672 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\DLAIFS_E.SYS -- (DLAIFS_E)
DRV:64bit: - [2007/07/23 13:55:46 | 000,124,112 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\DRVECDB.SYS -- (DRVECDB)
DRV:64bit: - [2007/07/23 13:49:50 | 000,041,072 | ---- | M] (Roxio) [File_System | System | Running] -- C:\Windows\SysNative\drivers\DLARTL_E.SYS -- (DLARTL_E)
DRV:64bit: - [2007/07/23 13:49:50 | 000,017,776 | ---- | M] (Roxio) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\DLACDBHE.SYS -- (DLACDBHE)
DRV:64bit: - [2007/07/23 13:43:46 | 000,063,984 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\DRVEDDM.SYS -- (DRVEDDM)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cndt
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cndt
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{B438FF56-6D90-4B8D-ADDC-8D866B3D6847}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=HPDTDF&pc=HPDTDF&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{C7787F6E-7F3C-47FF-8507-1DEC5E19CB0D}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{B438FF56-6D90-4B8D-ADDC-8D866B3D6847}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=HPDTDF&pc=HPDTDF&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{C7787F6E-7F3C-47FF-8507-1DEC5E19CB0D}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2148773256-3097276083-3132812908-1001\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cndt
IE - HKU\S-1-5-21-2148773256-3097276083-3132812908-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-2148773256-3097276083-3132812908-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-2148773256-3097276083-3132812908-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2148773256-3097276083-3132812908-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Bing "
FF - prefs.js..browser.search.order.3: "Bing "
FF - prefs.js..browser.search.selectedEngine: "Bing "
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: support%40lastpass.com:3.0.12
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - prefs.js..keyword.URL: "http://www.bing.com/search?FORM=U039DF&PC=U039&dt=072013&q="
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@lastpass.com/NPLastPass: C:\Program Files (x86)\LastPass\nplastpass64.dll (LastPass)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@lastpass.com/NPLastPass: C:\Program Files (x86)\LastPass\nplastpass.dll (LastPass)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Roger\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F003DA68-8256-4b37-A6C4-350FA04494DF}: C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013/10/29 11:26:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/01/09 10:22:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/01/09 10:23:00 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/01/09 10:22:59 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/01/09 10:23:00 | 000,000,000 | ---D | M]

[2010/03/19 22:22:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Roger\AppData\Roaming\mozilla\Extensions
[2013/12/10 08:38:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Roger\AppData\Roaming\mozilla\Firefox\Profiles\r1xpa9jz.default-1365792316197\extensions
[2013/12/10 08:38:20 | 000,000,000 | ---D | M] (LastPass) -- C:\Users\Roger\AppData\Roaming\mozilla\Firefox\Profiles\r1xpa9jz.default-1365792316197\extensions\support@lastpass.com
[2013/10/22 11:55:42 | 000,915,554 | ---- | M] () (No name found) -- C:\Users\Roger\AppData\Roaming\mozilla\firefox\profiles\r1xpa9jz.default-1365792316197\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014/01/09 10:22:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/01/09 10:23:21 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U11 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: BlackBerry AppWorld (Enabled) = C:\Program Files (x86)\Research In Motion Limited\BlackBerry App World Browser Plugin\npappworld.dll
CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Roger\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: Angry Birds = C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: Google Docs = C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube Options = C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdokagampppgbnjfdlkfpphniapiiifn\1.8.151_0\
CHR - Extension: Instant Video = C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepgkafmkefhmclkdapaempdmenakbcm\2.7.6_0\
CHR - Extension: Keep Awake = C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\bijihlabcfdnabacffofojgmehjdielb\1.6_0\
CHR - Extension: James White = C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm\3_0\
CHR - Extension: YouTube = C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Solitaire = C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpebaehgfgkcmmjjknibibbjacnplim\1.4.5_0\
CHR - Extension: Facebook = C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm\1.0.3_0\
CHR - Extension: Chrome Tools = C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\celkpebmmedecbphginfpgoiknfifjha\1.1_0\
CHR - Extension: Adblock Plus = C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.2_0\
CHR - Extension: AddThis - Share & Bookmark (new) = C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgbogdmdefihhljhfeiklfiedefalcde\3.0.3_0\
CHR - Extension: Add to Amazon Wish List = C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\
CHR - Extension: Google Search = C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Logitech Smooth Scrolling = C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk\6.60.170_0\
CHR - Extension: Google News = C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\dllkocilcinkggkchnjgegijklcililc\3.0_0\
CHR - Extension: Multiple Account Checker for Gmail\u2122 = C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnimhgelcnggigekhdjlifjpndgmnglm\1.2_0\
CHR - Extension: Gmail Offline = C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0\
CHR - Extension: Google Calendar = C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\
CHR - Extension: Save to Google Drive = C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne\2.0.1_0\
CHR - Extension: LastPass = C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\3.0.22_0\
CHR - Extension: Tabs to the front! = C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjaooagfdhdhmbfchnkhggjmacjlacla\0.2.4_0\
CHR - Extension: Twitter = C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokbgkngfkcpnoaofgccpahihhcaeibc\2.1_0\
CHR - Extension: Cloud Reader = C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd\1.4.0_0\
CHR - Extension: Pixlr Editor = C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmaknaampgiegkcjlimdiidlhopknpk\1.2_0\
CHR - Extension: Match 10 = C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\idbjifkaikmenmlakhhhmobbjcjocjnf\1_0\
CHR - Extension: Woot = C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\klhoeofncdoaefllgaacgnecchcphphb\1.6_0\
CHR - Extension: Google Maps = C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0\
CHR - Extension: Google Mail Checker = C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\
CHR - Extension: Privacy Palette = C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjkcflkplhgpebknipkekjggglimnone\0.4_0\
CHR - Extension: LastPass Vault = C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncliohomlfopnmlfkepkcbnhmeijkhhf\2.0.21_0\
CHR - Extension: Google Wallet = C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\
CHR - Extension: Checker Plus for Gmail\u2122 = C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj\15.1_0\
CHR - Extension: Outlook.com = C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpeapihoiogbcmdmnibeplnikfnhoge\1.0.2_0\
CHR - Extension: Kitco Tracker = C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\phngnmnglpbgiogjjcbllnlldehpnadg\2.0.3_0\
CHR - Extension: Weather Underground = C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjejbgheonogbpfkkjigbmahaljipoej\1.6_0\
CHR - Extension: Gmail = C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013/08/22 07:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKU\S-1-5-21-2148773256-3097276083-3132812908-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\S-1-5-21-2148773256-3097276083-3132812908-1001\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Fences] C:\Program Files (x86)\Stardock\Fences\Fences.exe (Stardock Corporation)
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\WINDOWS\SysNative\LogiLDA.dll (Logitech, Inc.)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
O4 - HKU\.DEFAULT..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILAE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-410 Series" File not found
O4 - HKU\S-1-5-18..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILAE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-410 Series" File not found
O4 - HKU\S-1-5-21-2148773256-3097276083-3132812908-1001..\Run: [8D61D16F694ECA70FC12DE3FFBEB2A9088500AC8._service_run] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKU\S-1-5-21-2148773256-3097276083-3132812908-1001..\Run: [Amazon Cloud Player] C:\Users\Roger\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe ()
O4 - HKU\S-1-5-21-2148773256-3097276083-3132812908-1001..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILAE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-410 Series" File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.45.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{016F717A-5994-4ADF-9816-B67B47E4ACAC}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{016F717A-5994-4ADF-9816-B67B47E4ACAC}: NameServer = 206.40.99.2,206.40.99.3
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O20:64bit: - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22:64bit: - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellExt - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll (Stardock)
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{4311edad-87d9-11e0-826d-406186510557}\Shell - "" = AutoRun
O33 - MountPoints2\{4311edad-87d9-11e0-826d-406186510557}\Shell\AutoRun\command - "" = "I:\MI.exe"
O33 - MountPoints2\{c2fc5c33-5900-11e1-9835-406186510557}\Shell - "" = AutoRun
O33 - MountPoints2\{c2fc5c33-5900-11e1-9835-406186510557}\Shell\AutoRun\command - "" = "J:\LaunchU3.exe" -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/01/16 13:39:00 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Roaming\ScanSpyware
[2014/01/16 13:31:13 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014/01/16 13:30:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2014/01/16 13:30:53 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW
[2014/01/16 13:16:16 | 000,000,000 | ---D | C] -- C:\FRST
[2014/01/16 12:49:55 | 000,688,992 | R--- | C] (Swearware) -- C:\dds.scr
[2014/01/16 12:09:25 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/01/15 07:41:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2014/01/15 07:40:07 | 003,395,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSService.dll
[2014/01/15 07:40:07 | 000,848,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSShared.dll
[2014/01/15 07:40:07 | 000,695,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSShared.dll
[2014/01/15 07:40:07 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/01/15 07:40:07 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/01/15 07:40:06 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSClient.dll
[2014/01/15 07:40:06 | 000,174,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSClient.dll
[2014/01/15 07:40:06 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSCollect.exe
[2014/01/15 07:39:39 | 000,787,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uDWM.dll
[2014/01/14 18:25:22 | 000,000,000 | ---D | C] -- C:\rmscholbe
[2014/01/14 16:07:37 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2014/01/14 15:37:34 | 000,000,000 | ---D | C] -- C:\Users\Roger\Desktop\Scanner
[2014/01/13 09:48:13 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Roaming\.minecraft
[2014/01/10 09:51:04 | 000,000,000 | ---D | C] -- C:\Users\Roger\Desktop\VA Health Care Center Behavioral Health
[2014/01/09 13:55:46 | 000,000,000 | ---D | C] -- C:\Users\Roger\Documents\My Weblog Posts
[2014/01/09 13:41:45 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DX9_43.dll
[2014/01/09 13:41:45 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DX9_43.dll
[2014/01/09 13:27:17 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft LifeCam
[2014/01/09 13:27:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft LifeCam
[2014/01/09 10:22:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/01/05 14:31:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SDFormatter
[2014/01/05 14:31:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SDA
[2014/01/05 11:33:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EaseUS
[2014/01/05 10:54:01 | 000,000,000 | -H-D | C] -- C:\$WINDOWS.~BT
[2014/01/02 12:00:16 | 000,000,000 | ---D | C] -- C:\Users\Roger\Documents\MyHeritage
[2014/01/02 12:00:15 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Roaming\MyHeritage
[2014/01/02 12:00:15 | 000,000,000 | ---D | C] -- C:\ProgramData\MyHeritage
[2014/01/02 12:00:10 | 000,608,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\comctl32.ocx
[2014/01/02 12:00:10 | 000,258,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\unicows.dll
[2014/01/02 12:00:10 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmapi32.ocx
[2014/01/02 11:59:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyHeritage
[2014/01/02 09:21:32 | 000,000,000 | ---D | C] -- C:\Users\Roger\Desktop\Geni Pictures
[2013/12/29 07:55:17 | 000,000,000 | ---D | C] -- C:\Users\Roger\Documents\360 E Xbox
[2013/12/21 15:53:18 | 000,000,000 | ---D | C] -- C:\Users\Roger\Desktop\Heathers Fight
[2013/05/30 18:00:15 | 012,744,192 | ---- | C] (LastPass) -- C:\Program Files (x86)\Common Files\lpuninstall.exe
[1 C:\WINDOWS\SysNative\*.tmp files -> C:\WINDOWS\SysNative\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/01/16 14:43:00 | 000,000,927 | ---- | M] () -- C:\WINDOWS\tasks\EPSON XP-410 Series Update {9533CC94-6B25-4406-9CC7-8A6FFEA8DA84}.job
[2014/01/16 14:43:00 | 000,000,741 | ---- | M] () -- C:\WINDOWS\tasks\EPSON XP-410 Series Invitation {9533CC94-6B25-4406-9CC7-8A6FFEA8DA84}.job
[2014/01/16 14:35:18 | 000,002,205 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/01/16 14:35:06 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/01/16 14:33:45 | 000,000,892 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/16 14:33:02 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/01/16 14:33:00 | 3434,442,752 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/16 14:27:00 | 000,000,896 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/16 14:23:25 | 000,000,279 | ---- | M] () -- C:\Users\Roger\Desktop\create custom scans-fixes for OTL - Google Search.url
[2014/01/16 14:17:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/01/16 13:49:00 | 000,000,927 | ---- | M] () -- C:\WINDOWS\tasks\EPSON XP-410 Series Update {FA7B4253-EC6D-411B-B2CD-CFD4C17633A6}.job
[2014/01/16 13:49:00 | 000,000,741 | ---- | M] () -- C:\WINDOWS\tasks\EPSON XP-410 Series Invitation {FA7B4253-EC6D-411B-B2CD-CFD4C17633A6}.job
[2014/01/16 12:49:36 | 000,688,992 | R--- | M] (Swearware) -- C:\dds.scr
[2014/01/15 18:20:29 | 000,000,080 | ---- | M] () -- C:\Users\Roger\Desktop\Malware 1 (1).url
[2014/01/15 18:20:17 | 014,803,797 | ---- | M] () -- C:\Users\Roger\Desktop\Korea-Reborn-Book-Preview.pdf
[2014/01/14 18:34:23 | 000,000,101 | ---- | M] () -- C:\Users\Roger\Desktop\Malware 1 (2).url
[2014/01/14 16:56:38 | 000,000,092 | ---- | M] () -- C:\Users\Roger\Desktop\HOW TO GET HELP IN THIS FORUM - everyone must read this. - Malware Removal Forum.url
[2014/01/14 13:24:22 | 000,121,254 | ---- | M] () -- C:\Users\Roger\Desktop\Godless (Medium).jpg
[2014/01/12 09:21:08 | 000,103,086 | ---- | M] () -- C:\Users\Roger\Desktop\Towns Where Heather LIved In Idaho.jpg
[2014/01/11 19:19:31 | 000,161,071 | ---- | M] () -- C:\Users\Roger\Desktop\Violet Bible Quiz 01-11-2014.jpg
[2014/01/10 19:34:55 | 000,867,660 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014/01/10 19:34:55 | 000,733,312 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014/01/10 19:34:55 | 000,136,364 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014/01/09 13:27:20 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_LcUvcUpper_01011.Wdf
[2014/01/09 10:10:47 | 000,057,733 | ---- | M] () -- C:\Users\Roger\Desktop\patterns are confusing.jpg
[2014/01/08 17:32:03 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\HPCeeScheduleForRoger.job
[2014/01/06 16:31:05 | 000,693,240 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2014/01/06 16:31:05 | 000,105,464 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2014/01/05 14:31:55 | 000,002,104 | ---- | M] () -- C:\Users\Public\Desktop\SDFormatter.lnk
[2014/01/05 10:54:33 | 000,001,908 | ---- | M] () -- C:\WINDOWS\diagwrn.xml
[2014/01/05 10:54:33 | 000,001,908 | ---- | M] () -- C:\WINDOWS\diagerr.xml
[2013/12/30 11:45:37 | 000,000,362 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2013/12/21 18:48:27 | 000,001,839 | ---- | M] () -- C:\Users\Roger\Desktop\AceMoney.lnk
[2013/12/18 11:22:10 | 000,038,425 | ---- | M] () -- C:\Users\Roger\AppData\Roaming\Comma Separated Values (Windows).ADR
[1 C:\WINDOWS\SysNative\*.tmp files -> C:\WINDOWS\SysNative\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/01/16 14:23:25 | 000,000,279 | ---- | C] () -- C:\Users\Roger\Desktop\create custom scans-fixes for OTL - Google Search.url
[2014/01/15 18:20:29 | 000,000,080 | ---- | C] () -- C:\Users\Roger\Desktop\Malware 1 (1).url
[2014/01/15 18:20:14 | 014,803,797 | ---- | C] () -- C:\Users\Roger\Desktop\Korea-Reborn-Book-Preview.pdf
[2014/01/15 07:40:06 | 000,138,240 | ---- | C] () -- C:\WINDOWS\SysNative\OEMLicense.dll
[2014/01/15 07:40:06 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2014/01/14 18:34:23 | 000,000,101 | ---- | C] () -- C:\Users\Roger\Desktop\Malware 1 (2).url
[2014/01/14 16:56:38 | 000,000,092 | ---- | C] () -- C:\Users\Roger\Desktop\HOW TO GET HELP IN THIS FORUM - everyone must read this. - Malware Removal Forum.url
[2014/01/14 13:24:22 | 000,121,254 | ---- | C] () -- C:\Users\Roger\Desktop\Godless (Medium).jpg
[2014/01/12 09:21:07 | 000,103,086 | ---- | C] () -- C:\Users\Roger\Desktop\Towns Where Heather LIved In Idaho.jpg
[2014/01/11 19:19:30 | 000,161,071 | ---- | C] () -- C:\Users\Roger\Desktop\Violet Bible Quiz 01-11-2014.jpg
[2014/01/09 14:27:20 | 000,002,214 | ---- | C] () -- C:\Users\Roger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
[2014/01/09 13:27:20 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_LcUvcUpper_01011.Wdf
[2014/01/09 10:10:47 | 000,057,733 | ---- | C] () -- C:\Users\Roger\Desktop\patterns are confusing.jpg
[2014/01/06 10:43:19 | 000,000,741 | ---- | C] () -- C:\WINDOWS\tasks\EPSON XP-410 Series Invitation {9533CC94-6B25-4406-9CC7-8A6FFEA8DA84}.job
[2014/01/06 10:43:18 | 000,000,927 | ---- | C] () -- C:\WINDOWS\tasks\EPSON XP-410 Series Update {9533CC94-6B25-4406-9CC7-8A6FFEA8DA84}.job
[2014/01/05 14:31:55 | 000,002,104 | ---- | C] () -- C:\Users\Public\Desktop\SDFormatter.lnk
[2013/12/29 10:17:12 | 000,000,362 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2013/10/15 17:59:24 | 000,000,044 | ---- | C] () -- C:\WINDOWS\XP-410.ini
[2013/08/22 09:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 09:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 08:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 01:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/21 21:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/21 17:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/21 17:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2013/06/12 10:49:36 | 000,000,031 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2013/05/03 08:22:46 | 000,038,426 | ---- | C] () -- C:\Users\Roger\AppData\Roaming\Comma Separated Values (DOS).ADR
[2013/05/03 08:21:46 | 000,012,957 | ---- | C] () -- C:\Users\Roger\AppData\Roaming\Comma Separated Values (DOS).CAL
[2013/04/18 18:06:46 | 000,974,848 | ---- | C] () -- C:\WINDOWS\SysWow64\cis-2.4.dll
[2013/04/18 18:06:46 | 000,081,920 | ---- | C] () -- C:\WINDOWS\SysWow64\issacapi_bs-2.3.dll
[2013/04/18 18:06:46 | 000,065,536 | ---- | C] () -- C:\WINDOWS\SysWow64\issacapi_pe-2.3.dll
[2013/04/18 18:06:46 | 000,057,344 | ---- | C] () -- C:\WINDOWS\SysWow64\issacapi_se-2.3.dll
[2013/03/10 14:47:51 | 000,012,957 | ---- | C] () -- C:\Users\Roger\AppData\Roaming\Comma Separated Values (Windows).CAL
[2013/02/20 14:15:00 | 000,038,425 | ---- | C] () -- C:\Users\Roger\AppData\Roaming\Comma Separated Values (Windows).ADR
[2013/01/17 08:11:00 | 000,045,056 | ---- | C] () -- C:\WINDOWS\SysWow64\BRTCPCON.DLL
[2013/01/17 08:11:00 | 000,000,114 | ---- | C] () -- C:\WINDOWS\SysWow64\BRLMW03A.INI
[2012/10/04 09:54:12 | 000,004,096 | -H-- | C] () -- C:\Users\Roger\AppData\Local\keyfile3.drm
[2012/08/15 20:53:00 | 000,000,857 | ---- | C] () -- C:\Users\Roger\AppData\Local\RT2870_{42BA0B7E-C72F-43FF-8713-0C8F5199D83A}_sta
[2012/08/15 20:53:00 | 000,000,831 | ---- | C] () -- C:\Users\Roger\AppData\Local\RT2870_{42BA0B7E-C72F-43FF-8713-0C8F5199D83A}_prof
[2012/06/19 17:57:15 | 000,001,001 | ---- | C] () -- C:\Users\Roger\AppData\Local\RT2870_{42BA0B7E-C72F-43FF-8713-0C8F5199D83A}_wsc
[2012/03/09 18:08:01 | 000,000,352 | ---- | C] () -- C:\Users\Roger\AppData\Roaming\Network Meter_Settings.ini
[2011/12/11 13:03:17 | 000,012,800 | ---- | C] () -- C:\Users\Roger\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/05 15:27:58 | 000,008,676 | -HS- | C] () -- C:\Users\Roger\AppData\Local\2k3u5a03l6e55ym1p8w68dp737e5m8tyd1210qc8r6
[2011/04/05 15:27:58 | 000,008,668 | -HS- | C] () -- C:\ProgramData\2k3u5a03l6e55ym1p8w68dp737e5m8tyd1210qc8r6
[2010/12/14 16:17:45 | 000,001,634 | ---- | C] () -- C:\Users\Roger\AppData\Roaming\SAS7_000.DAT
[2010/03/20 11:55:05 | 000,007,624 | ---- | C] () -- C:\Users\Roger\AppData\Local\resmon.resmoncfg
[2010/03/20 07:18:48 | 000,000,192 | -H-- | C] () -- C:\ProgramData\{268EB95C-7C1C-4826-B79E-0E50B1A64C5A}.dss

========== ZeroAccess Check ==========

[2013/11/09 17:32:02 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/11/05 14:21:27 | 021,196,664 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/11/05 12:51:37 | 018,642,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 03:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/21 20:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 03:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/11/04 01:54:35 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Temp
[2013/11/04 01:54:35 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Temp
[2010/03/29 19:54:31 | 000,000,000 | ---D | M] -- C:\Users\HomeAdmin\AppData\Roaming\PictureMover
[2013/12/29 14:21:29 | 000,000,000 | ---D | M] -- C:\Users\HomeAdmin\AppData\Roaming\Stardock
[2010/04/08 17:07:09 | 000,000,000 | -HSD | M] -- C:\Users\Roger\AppData\Roaming\.#
[2014/01/13 10:14:44 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\.minecraft
[2012/05/24 10:07:55 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\Amazon
[2012/03/06 10:39:02 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\Autodesk
[2012/08/23 13:18:23 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\calibre
[2013/11/23 13:48:15 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\canon
[2013/11/23 13:50:10 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\Canon_Inc_IC
[2012/10/05 10:32:32 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\Cloudmark
[2013/07/10 22:07:54 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\com.amazon.music.uploader
[2010/03/27 13:27:10 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\COWON
[2013/04/10 16:40:13 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\EasyOn
[2013/10/16 06:41:33 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\EPSON
[2013/03/28 17:26:25 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\GARMIN
[2013/02/22 15:32:15 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\GlobalSCAPE
[2014/01/16 13:54:27 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\gSyncit
[2013/04/26 16:43:45 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\Leadertech
[2013/11/21 21:29:43 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\MechCAD
[2013/10/11 08:41:12 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\Mp3tag
[2014/01/02 12:09:26 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\MyHeritage
[2010/03/19 18:57:17 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\PictureMover
[2011/07/10 09:24:10 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\Rovio
[2013/11/28 10:24:17 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\Rovio Entertainment Ltd
[2013/06/01 09:36:26 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\Samsung
[2014/01/16 13:54:17 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\ScanSpyware
[2014/01/15 07:54:13 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\Stardock
[2011/03/26 06:43:16 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\SystemRequirementsLab
[2012/08/20 13:13:32 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\Temp
[2011/08/18 09:50:44 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\Transcend
[2013/04/05 18:09:47 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\Transcend Elite
[2010/03/21 06:38:48 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\WinBatch
[2012/11/11 16:46:24 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\Windows Live Writer

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 237 bytes -> C:\Users\Roger\SkyDrive:ms-properties
@Alternate Data Stream - 231 bytes -> C:\ProgramData\Temp:D282699C
@Alternate Data Stream - 181 bytes -> C:\ProgramData\Temp:3AC4C770
@Alternate Data Stream - 176 bytes -> C:\ProgramData\Temp:0FF263E8
@Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:15D5AA51

< End of report >
rmscholbe
Active Member
 
Posts: 12
Joined: January 14th, 2014, 6:45 pm

Re: My cursor keeps moving to the right of the screen by its

Unread postby rmscholbe » January 18th, 2014, 9:18 pm

OTL Extras logfile created on: 1/16/2014 2:40:20 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Roger\Desktop\Scanner
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16476)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.43 Gb Available Physical Memory | 60.78% Memory free
10.00 Gb Paging File | 8.32 Gb Available in Paging File | 83.28% Paging File free
Paging file location(s): c:\pagefile.sys 6141 6141 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 584.25 Gb Total Space | 463.63 Gb Free Space | 79.35% Space Free | Partition Type: NTFS
Drive D: | 11.83 Gb Total Space | 2.10 Gb Free Space | 17.78% Space Free | Partition Type: NTFS
Drive E: | 232.88 Gb Total Space | 158.18 Gb Free Space | 67.92% Space Free | Partition Type: NTFS
Drive S: | 100.00 Mb Total Space | 65.50 Mb Free Space | 65.50% Space Free | Partition Type: NTFS

Computer Name: ROGER-PC | User Name: Roger | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2148773256-3097276083-3132812908-1001\SOFTWARE\Classes\<extension>]
.cmd [@ = cmdfile] -- Reg Error: Key error. File not found
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
.pif [@ = piffile] -- Reg Error: Key error. File not found
.vbs [@ = VBSFile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0185992E-71AF-43F2-8CF8-D6520A3176EE}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1E9B605D-FAD3-4176-B382-AC3EC7C4B929}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2638A8BE-68EA-41EF-AFD2-77A2965EBDF5}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{429F84FA-7790-479B-A750-BC8E0CC60093}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{56BC2CC7-E3CE-46D2-8094-3D2D94CDCBA2}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{6FCCDCFD-59AA-41A2-8029-E748884CF6E2}" = lport=5353 | protocol=17 | dir=in | name=bonjour port 5353 |
"{7A622C8A-9177-4E5B-AE06-48040D8D0D4B}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{901C3175-F48E-4EFC-B62D-9794454D7E69}" = lport=10243 | protocol=6 | dir=in | app=system |
"{B1075DE6-602F-4A0F-946E-A580FEBE942E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B2B582AA-32C4-4A9E-A073-475A0A4109E6}" = lport=9322 | protocol=6 | dir=in | name=ekdiscovery |
"{E1F9236E-02C1-413E-AC2A-1C07C4D317E0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EBBC2FD4-0B12-4981-827C-F866B1780BDE}" = rport=10243 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05429E71-0205-4A01-BB57-927CC979BB91}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{0B4D844D-3F8F-4574-9B51-DE568D73D543}" = dir=out | name=@{microsoft.bingweather_1.7.0.26_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{102A5171-362A-458E-89B6-E4A08D0FF036}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{10623643-C7C3-467E-BD29-CFD9B97D076C}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{142615C6-CB02-4360-80D1-53DAE70AD8FB}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{195319F3-D647-4516-8051-4C57F086ADA7}" = dir=out | name=@{microsoft.bingweather_3.0.1.203_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{1A9E08A6-F404-481E-836A-9A891CFD730B}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartmusic.exe |
"{1AE271E5-2162-4AAB-90FB-BF5DBC13A915}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{1D4E96BF-0360-4452-9B75-6EB00B7C1202}" = dir=in | name=@{microsoft.xboxcompanion_1.4.2.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxcompanion/resources/33279} |
"{1F602238-9C64-4D57-94B6-E08A705A7B63}" = dir=out | name=skype |
"{27F6D2C6-487A-4325-92C9-6B505408D97F}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.1.337_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{28E57ACB-E9B4-438D-AB9E-70808CDD352B}" = dir=out | name=google search |
"{2B70538A-9F3C-4BF1-87F2-1E5698472D50}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{2B7079E8-4B5E-4117-9A4F-6910CFF4E94D}" = protocol=6 | dir=in | app=f:\common\epsonnet setup\eneasyapp.exe |
"{2D88AC43-9175-4127-AFD5-DB4328611EEA}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{2E9E971C-E49C-41DE-BAAD-2ABD95014A0B}" = dir=in | name=check point vpn |
"{2EF87728-A214-4CA8-AEE7-F2AA1487174A}" = dir=out | name=windows_ie_ac_001 |
"{30263E52-6E39-491A-80D9-86F1359A6150}" = dir=out | name=juniper networks junos pulse |
"{304AE503-1327-44B9-90C7-F50996ED095B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe |
"{309810C6-5569-4C05-A7FF-9670EE21DEFF}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{35DDBC00-7A2F-4B4B-89DC-E9D8665F09F6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{38A1364C-77D7-4FCE-816C-2F11EEB00C6A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{392F0091-2CF4-4B12-8697-2E31BB51B75C}" = dir=out | name=amazon |
"{39BB3927-7583-4AD5-B541-DBC0D51ED3FA}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{3C82E5E0-B63C-48B8-8958-016CAD163E1E}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{3D941985-3573-460E-86AF-C8A64637495B}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |
"{3E0433DC-F685-4826-9D98-7DE29D53B274}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{489E1CC4-A12F-4654-BA00-726C60F21B79}" = dir=out | name=@{microsoft.zunemusic_2.2.339.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{48BE6C3D-4D06-410D-805C-B8373D14A856}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{4D020C33-F51B-4D56-ADCA-4D8A56F42E8E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{4EA9E65A-40D5-4FF2-B009-74F82CD8B69B}" = protocol=17 | dir=in | app=f:\common\epsonnet setup\eneasyapp.exe |
"{5113053A-04DE-42A8-9A79-C14321DF6701}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{53D3BC3F-436A-4C84-9A90-8E42206CB09E}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{5431714F-AFC8-40F8-9423-7167079E237C}" = dir=out | name=facebook |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{54EFB7D9-B49F-45E9-A9E0-F72C981C6446}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{58A06133-6703-40B8-85A6-27BAC6D5EB9A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{60D4843D-C44D-4B1E-AC20-4DEF7AF2FB92}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{6233B812-B028-447E-A2DB-286556A6D91D}" = dir=out | name=@{microsoft.zunevideo_2.2.338.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{62FAC061-F21E-461B-B7DC-BB10C9C08A7F}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\tsmagent.exe |
"{65668320-2FA8-44E2-A658-BCE472A44F5C}" = dir=out | name=@{microsoft.bingmaps_1.5.1.240_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{6595DF77-0C4F-4E06-8A3A-67AEAAA623B2}" = dir=out | name=@{microsoft.zunemusic_1.1.144.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{65EEE29E-E667-488D-91E6-4CD8B0156EC1}" = dir=out | name=f5 vpn |
"{6685C9AE-FC4B-4D56-A10F-E7CE14330D1C}" = dir=in | name=juniper networks junos pulse |
"{66DD5114-C38B-4CC4-882D-42A74030D171}" = dir=out | name=angry birds star wars |
"{6A60D74F-291B-4C84-B99C-27349F12E962}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{6AE70269-B639-4561-9CA2-B5A3C09B685A}" = dir=out | name=@{microsoft.reader_6.2.9200.20523_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{6B1D4E46-2696-4D8B-AD32-92D3A743D861}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartphoto.exe |
"{6DCA2096-29A5-4342-81FC-18B06677D510}" = dir=in | name=check point vpn |
"{75192EC8-9646-4B27-A915-82F3FFF64B09}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{7574A415-54D9-40EC-9038-8A0EDC6BBE5C}" = dir=out | name=@{microsoft.bingfinance_3.0.1.299_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{76973273-93DF-4960-8DDB-A0715D150B96}" = dir=out | name=@{microsoft.bingtravel_3.0.1.202_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{777D6A61-3124-46D3-8C5D-5CDD83B8AE68}" = dir=in | app=c:\users\roger\appdata\local\microsoft\skydrive\skydrive.exe |
"{7A0767EB-9DC1-4353-A5C6-B57687F2FBF3}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe |
"{7AF0C95F-2A9E-4E1C-9902-0703FF646E61}" = dir=in | name=sonicwall mobile connect |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{82828950-A6CA-4263-A77D-F4F7DF7368DB}" = dir=in | name=f5 vpn |
"{829FDB68-4FF7-41BC-A469-2490DB630C27}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{83CE90FF-3AC1-4EFE-9476-8B84A274406F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe |
"{84DBBD6E-E3CF-4D8C-8469-BC99B3956AE3}" = dir=out | name=@{microsoft.bingfinance_1.7.0.29_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{850D0BF8-3F09-4C70-8E1C-58530D795A2B}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{892F4FFE-8270-4BE1-A86E-D51810D6B458}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{89F9F6D2-8EFA-4B34-9695-55F400AFD9B6}" = dir=out | name=@{microsoft.bingtravel_3.0.1.202_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{8C395798-E09C-438A-A605-D46FA69C03A2}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartmusic.exe |
"{8F18EC20-42B5-431C-9634-47B2F7357BD3}" = dir=out | name=@{microsoft.bingmaps_2.0.2210.2401_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{90146E7E-55A7-43C5-AAAC-F6251F984528}" = dir=out | name=sonicwall mobile connect |
"{9052341B-B886-4DB3-BF42-D073F085141A}" = protocol=6 | dir=in | app=f:\install\data\disk1\setup.exe |
"{90FE4FC2-1A53-4A7F-A44F-850B9FF30ADB}" = protocol=17 | dir=in | app=c:\program files (x86)\epson software\ecprintersetup\enpapp.exe |
"{930EABA4-E131-46F5-A40D-7B767206E970}" = dir=out | name=@{microsoft.bingmaps_2.0.2210.2401_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{9323E0B5-15CA-49B8-B96B-672C082F34C3}" = dir=out | name=@{microsoft.bingnews_3.0.1.321_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/apptitle} |
"{93507A5E-A98C-438E-A6B9-7EF874D0254E}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{94E499E1-9FA2-4A51-8E9D-2F46B3418703}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe |
"{96F5EE0E-E4FE-4A84-BBA3-9C839D446608}" = dir=out | name=@{microsoft.bingnews_1.7.0.31_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{97A2CB7F-DEB9-4FA8-8752-29041F9E08C4}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{97FB5007-75B8-4228-8A98-50F8E8EC8AFB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{9A2F16BE-6076-480A-9CB4-D0A647F59C2F}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.1.335_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{9D207024-47C7-41CE-AB99-5BE60C74FC25}" = dir=out | name=@{microsoft.zunemusic_2.2.339.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{9D6D6C7D-B6C5-408B-AF23-1C4E124AB7F3}" = dir=out | name=associated press |
"{9DF12D8E-DC4D-40CC-A290-9B34B472C32A}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{9E977D6B-03CB-450C-8CCE-F1F1A0A0289E}" = dir=out | name=sonicwall mobile connect |
"{A0D813E5-0FAF-4F07-ACC1-43355539C68F}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{A1A85096-D69B-4497-B081-6E6C0DF5C25F}" = protocol=17 | dir=in | app=f:\install\data\disk1\setup.exe |
"{A2FA8B0E-2E04-49BE-90A9-7B337632FA9C}" = dir=out | name=@{microsoft.bingnews_3.0.1.321_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/apptitle} |
"{A35DFCF2-4DCA-4FDB-B47E-4349A5E57773}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A4E28C05-5D94-4BB2-A022-81AB5A81D64B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{A79CB4D1-E62C-4E6B-80AD-9D994A28F57F}" = dir=out | name=windows_ie_ac_001 |
"{A9FABB8D-52CC-400B-A772-44188A0FA4AB}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{AAC8AB3C-DFBE-498A-8885-18347741A69F}" = dir=out | name=f5 vpn |
"{AC9C0301-81F7-43FC-8E43-66660514BCBD}" = dir=out | name=check point vpn |
"{ADCFC58C-BE1D-490D-ABAE-11EFB0C76BEB}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{AEF83E74-D47D-43E9-8889-799DAB941838}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{B39C2499-8EC6-4D29-839E-F2534564EF8D}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{B71C58E3-72CB-4FB9-87D7-2A4F4EB6AD02}" = dir=out | name=@{uptoelevendigitalsolution.mysms-textanywhere_2.0.0.2_x64__c9d6r4qvva5x8?ms-resource://uptoelevendigitalsolution.mysms-textanywhere/resources/display_name} |
"{B7CE5CC8-4E21-4295-A69B-211445B4457C}" = dir=out | name=@{microsoft.bingsports_3.0.1.203_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{B9D52402-2CBE-40DD-9574-8F6A5DF5DDA2}" = dir=in | name=skype |
"{BAC97072-ADDB-4DE6-8F93-03982B41018B}" = protocol=6 | dir=out | app=system |
"{BD57D2BD-A461-4CF7-BAE2-8B1FD6202411}" = dir=in | name=@{microsoft.reader_6.2.9200.20523_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{BD849BF2-A0C7-4E96-BAAE-BCC5237F5029}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartvideo.exe |
"{BFC3CC16-7251-4224-B61F-314B90AB8565}" = dir=out | name=bible |
"{C128948C-A72A-4D65-BC11-2EA9DE6A3294}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\tsmagent.exe |
"{C2A9E165-48A6-4AD6-A21D-45A2892138B7}" = dir=out | name=twitter |
"{C3EFBF90-BBC8-407F-8898-2C002D254C8E}" = dir=out | name=ebay |
"{C6236072-9929-4AE5-9F2B-81530D3B4A4A}" = dir=in | name=f5 vpn |
"{C726D2DA-AFFC-4124-8688-98845507AC45}" = dir=in | name=juniper networks junos pulse |
"{C7E899FB-5819-466F-A364-1EFAD36665F4}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{C94F8B32-5EF3-4BCD-8E26-6B7D6568AAFF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C97DC95A-D2D5-4962-931F-4308D09E6146}" = dir=out | name=fox news |
"{CA8228AA-E03F-4220-AAF4-57D2B2D75893}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{CC3FDA23-4277-4B88-A2D8-B5C34670E9CE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{D059CD69-9D02-4D86-8BD5-307422B8DE89}" = dir=out | name=@{microsoft.bingweather_3.0.1.203_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{D1B27C6B-9E1F-4F4F-9446-8FEFBD69E68A}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{D2E09FDC-8918-403A-A787-A446AB76ED9E}" = dir=out | name=kindle |
"{D3B348F5-AB97-4F83-8161-06D39F958872}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{D7B45F6F-C795-479F-A602-738B85FA7481}" = dir=in | name=sonicwall mobile connect |
"{D872819D-1439-46F6-B5E0-CB56121F4F7C}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{DC450A0C-3AB4-49D1-83AB-7F087225F886}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{DDC369DD-55BF-4852-853F-3D16AA176C59}" = dir=out | name=@{microsoft.zunevideo_2.2.338.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{DDED20C6-4E08-4A2E-8129-351B4F7734CD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E2ED183D-F272-4D8A-AA62-25A02214E75F}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{E345AE81-5386-4F38-AFC6-EA280DFAC389}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{E3E2AB2D-B426-49BD-9767-886A2A3FA924}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{E472B954-4245-4663-9CA7-DFBB07A03E0F}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\clml\clmlsvc.exe |
"{E4E6F332-9A0B-4959-A724-14A498EF8009}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{E6BCAAF0-F509-4814-8FDA-98C84FFF0B86}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E75C9602-D444-4C5D-A942-80701CA144A3}" = dir=out | name=juniper networks junos pulse |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{E7DFCE39-02CF-40DC-8065-FFB8A47CB3C3}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartphoto.exe |
"{EC263A5B-D429-4A3D-A9BC-309930139264}" = protocol=6 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{EE371B4E-3237-4550-BF6B-7E26F11BCBAC}" = protocol=6 | dir=in | app=c:\program files (x86)\epson software\ecprintersetup\enpapp.exe |
"{F1308DA7-5341-4BE9-B426-885A141552E0}" = protocol=17 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
"{F232F2C0-E2CF-44FA-B16A-BC40796A9105}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F66DDCF1-7E8E-41C8-9A0A-9544E3FA7C94}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartvideo.exe |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{F8DD4B56-5A5E-4D3C-B97E-6F00F2F768C4}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{FD71F315-EBE3-4BDE-ACC7-339DB36D2A13}" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{FEAD15C6-20BF-4518-B727-E8F4DBEE93E7}" = dir=out | name=check point vpn |
"TCP Query User{357AE330-DD1A-4A1B-AEFD-25AA0F6847A3}C:\program files (x86)\amazon\utilities\amazon music importer\amazon music importer.exe" = protocol=6 | dir=in | app=c:\program files (x86)\amazon\utilities\amazon music importer\amazon music importer.exe |
"TCP Query User{3C1CD414-2F40-45FC-B21C-7B06A51F756C}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
"TCP Query User{4AB7E3EA-37F2-4F17-A4C8-9846A13FA76E}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
"TCP Query User{E3CEC615-6851-4E64-BBF9-7F5B650411C9}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{368CD4E1-4A44-425F-9BF5-49840C11E710}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{3E79D412-15D7-499B-B168-460FF103F819}C:\program files (x86)\amazon\utilities\amazon music importer\amazon music importer.exe" = protocol=17 | dir=in | app=c:\program files (x86)\amazon\utilities\amazon music importer\amazon music importer.exe |
"UDP Query User{43F70D8F-E041-4835-949B-8AB793900638}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
"UDP Query User{EF37C1DA-BC40-4DB1-99C7-9BEA4EBB662A}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{2BD837A9-207C-40C1-A497-3A823C4CDE0D}" = OpenSC (64bit)
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{5AF3560C-09BA-426F-BFA0-FEF0A94A9D8B}" = Microsoft Corporation
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{617CA6E9-D5FB-4017-8130-82E68C56C34D}" = Image Resizer for Windows (64 bit)
"{814FA673-A085-403C-9545-747FC1495069}" = Epson Customer Participation
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9C5A08BF-BB99-4998-81BD-F6CC32483B34}" = Microsoft Corporation
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{AAE78E39-FAAF-4C19-A63E-BDED7428FDE1}" = Roxio Drag-to-Disc
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 331.65
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 305.93
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.18.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"32F8755FAEB4107085D8EB430DFE56CD6E5ADDB7" = Windows Driver Package - Amazon.com (WinUSB) KindleFireUsbDeviceClass (12/03/2012 1.2.0000.00000)
"98157A226B40B173301B0F53C8E98C47805D5152" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0)
"EPSON XP-410 Series" = EPSON XP-410 Series Printer Uninstall
"Kindle Fire Drivers" = Amazon.com Kindle Fire
"NetworkView_is1" = NetworkView Version 3.62
"Samsung Mobile phone USB driver Drive" = Samsung Mobile phone USB driver Drive Software
"sp6" = Logitech SetPoint 6.61

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0394CDC8-FABD-4ED8-B104-03393876DFDF}" = Roxio Creator Tools
"{07159635-9DFE-4105-BFC0-2817DB540C68}" = Roxio Activation Module
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0D397393-9B50-4C52-84D5-77E344289F87}" = Roxio Creator Data
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{10144CFE-D76C-4CFA-81A1-37A1642349A3}" = Epson Event Manager
"{179324FF-7B16-4BA8-9836-055CAAEE4F08}" = SDFormatter
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1896E712-2B3D-45eb-BCE9-542742A51032}" = PictureMover
"{18DF995F-2ACC-47E4-A33B-A703F4D39E92}" = CuteFTP 5.0 XP
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 45
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}" = Garmin USB Drivers
"{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{409ECFF1-9CC7-43A8-B28A-B7F0B7CB04D1}_is1" = Classic Menu 4.x for Office 2007
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = PowerRecover
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{5508128A-2C7B-46B5-81F9-58E8E8115F0B}" = AdblockIE
"{553C904F-57A2-4113-888E-BA0C3D1C69C0}" = Microsoft VC9 runtime libraries
"{56D4499E-AC3E-4B8D-91C9-C700C148C44B}" = Google Drive
"{619CDD8A-14B6-43A1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{69d72156-6582-4556-8637-06f40aa7f85b}" = Image Resizer for Windows
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7F1B3341-A94E-4F5C-B587-CA0EB964221E}" = Microsoft Money Shared Libraries
"{8156D076-6317-44AF-AB53-37C2E529D510}" = Angry Birds
"{83FFCFC7-88C6-41C6-8752-958A45325C82}" = Roxio Creator Audio
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Sonic CinePlayer Decoder Pack
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISER_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISER_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISER_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISER_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISER_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISER_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISER_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95140000-0081-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95A7C713-EC82-48DC-A3E9-8D60C7FBBFEB}" = Abbott USB Data Cable Installation
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B260944-746E-4966-8918-0F9636930456}" = ArcSoft MediaImpression for Kodak
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D994879-5A05-2E8A-6D21-321221AFFF32}" = Amazon Music Importer
"{A0087DDE-69D0-11E2-AD57-43CA6188709B}" = Adobe AIR
"{A1CF7B76-682D-4547-AA96-11B659A2CEAC}" = Microsoft Corporation
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{AC76BA86-1033-F400-7760-000000000004}_955" = Adobe Acrobat 9.5.5 - CPSID_83708
"{AC76BA86-1033-F400-7760-000000000004}{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{AFE499B5-FCC4-45E6-A1A5-3C51AE0E539B}" = Mobipocket Creator 4.2
"{B27D272F-2860-4363-9803-956C0A9FAFB9}" = Garmin BaseCamp
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}" = HP Support Information
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{D60071DB-459C-465C-92EF-336E65F1A436}" = Software Updater
"{D916444B-EA3D-4B76-842B-655FFAE80FBA}" = gSyncit
"{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}" = Epson Connect Printer Setup
"{DA5BDB2A-12F0-4343-8351-21AAEB293990}" = PreReq
"{DD6C316A-FE75-4FBB-9D22-4C1920232B72}" = LightScribe System Software
"{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}" = COWON Media Center - jetAudio Plus VX
"{E2A97415-BD97-4867-B906-05E39E9EE51F}" = HL-2270DW
"{E9E34215-82EF-4909-BE2F-F581F0DC9062}" = DirectX for Managed Code Update (Summer 2004)
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 4.42
"AceMoney_is1" = AceMoney
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Advanced PDF Password Recovery" = Advanced PDF Password Recovery (remove only)
"Bejeweled 2 Deluxe" = Bejeweled 2 Deluxe
"com.amazon.music.uploader" = Amazon Music Importer
"ENTERPRISER" = Microsoft Office Enterprise 2007
"EPSON Connect_is1" = EPSON Connect version 1.0
"EPSON Scanner" = EPSON Scan
"Google Chrome" = Google Chrome
"Heatsoft ADCS" = Heatsoft ADCS
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{95A7C713-EC82-48DC-A3E9-8D60C7FBBFEB}" = Abbott USB Data Cable Installation
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"LastPass" = LastPass (uninstall only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Money2005b" = Microsoft Money 2005
"Mozilla Firefox 26.0 (x86 en-US)" = Mozilla Firefox 26.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3tag" = Mp3tag v2.56
"NetworkView_is1" = NetworkView Version 2.03
"NirSoft VideoCacheView" = NirSoft VideoCacheView
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"Paint Shop Pro 5.01" = Paint Shop Pro 5.01
"PrintProjects" = PrintProjects
"Registry Crawler" = Registry Crawler
"Stardock Fences 2" = Stardock Fences 2
"Stardock Start8" = Stardock Start8
"Start81.02" = Start8
"SystemRequirementsLab" = System Requirements Lab
"UsersGuideEpson XP-410 User's Guide_is1" = Epson XP-410 User's Guide version 1.0
"VLC media player" = VLC media player 2.0.8
"WinZip" = WinZip

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2148773256-3097276083-3132812908-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Amazon Amazon Cloud Player" = Amazon Cloud Player
"SkyDriveSetup.exe" = Microsoft SkyDrive
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 1/16/2014 4:33:43 PM | Computer Name = Roger-PC | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1
failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log
for additional information.

Error - 1/16/2014 4:33:43 PM | Computer Name = Roger-PC | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1
failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log
for additional information.

Error - 1/16/2014 4:33:43 PM | Computer Name = Roger-PC | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1
failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log
for additional information.

Error - 1/16/2014 4:33:43 PM | Computer Name = Roger-PC | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1
failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log
for additional information.

Error - 1/16/2014 4:33:43 PM | Computer Name = Roger-PC | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1
failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log
for additional information.

[ Cisco AnyConnect VPN Client Events ]
Error - 8/4/2012 4:57:26 PM | Computer Name = ROGER-PC | Source = vpnagent | ID = 67108866
Description = Function: CNetEnvironment::TestAccessToSG File: .\NetEnvironment.cpp
Line:
1020 Invoked Function: CNetEnvironment::analyzeHttpResponse Return Code: -28901363
(0xFE47000D) Description: NETENVIRONMENT_ERROR_PROBE_INCOMPLETE:Network Probe could
not contact target

Error - 8/4/2012 4:57:26 PM | Computer Name = ROGER-PC | Source = vpnagent | ID = 67108866
Description = Function: CNetEnvironment::testNetwork File: .\NetEnvironment.cpp Line:
856 Invoked Function: CNetEnvironment::IsSGAccessible Return Code: -28901363 (0xFE47000D)
Description:
NETENVIRONMENT_ERROR_PROBE_INCOMPLETE:Network Probe could not contact target

Error - 8/4/2012 4:57:26 PM | Computer Name = ROGER-PC | Source = vpnagent | ID = 67108866
Description = Function: CNetEnvironment::TestNetEnv File: .\NetEnvironment.cpp Line:
190 Invoked Function: CNetEnvironment::testNetwork Return Code: -28901363 (0xFE47000D)
Description:
NETENVIRONMENT_ERROR_PROBE_INCOMPLETE:Network Probe could not contact target

Error - 8/5/2012 9:51:18 AM | Computer Name = Roger-PC | Source = vpnagent | ID = 67108866
Description = Function: CIPv4ChangeRouteHelper::FindBestRoute File: .\IPv4ChangeRouteHelper.cpp
Line:
2460 Invoked Function: CIPv4RouteTable::FindMatchingRoute Return Code: -33095647
(0xFE070021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED

Error - 8/5/2012 9:51:18 AM | Computer Name = Roger-PC | Source = vpnagent | ID = 67108866
Description = Function: CRouteMgr::UpdatePublicAddress File: .\RouteMgr.cpp Line:
2188 Invoked Function: CChangeRouteTable::FindBestRouteInterface Return Code: -33095647
(0xFE070021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED

Error - 8/5/2012 9:51:18 AM | Computer Name = Roger-PC | Source = vpnagent | ID = 67108866
Description = Function: CMainThread::applyHostConfigForNoVpn File: .\MainThread.cpp
Line:
7578 Invoked Function: CHostConfigMgr::DeterminePublicInterface Return Code: -33095647
(0xFE070021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED

Error - 8/5/2012 9:51:18 AM | Computer Name = Roger-PC | Source = vpnagent | ID = 67108866
Description = Function: CMainThread::OnTimerExpired File: .\MainThread.cpp Line: 4128
Invoked
Function: CMainThread::applyHostConfigForNoVpn Return Code: -33095647 (0xFE070021)
Description:
ROUTETABLE_ERROR_GETBESTROUTE_FAILED

Error - 8/5/2012 9:51:18 AM | Computer Name = Roger-PC | Source = vpnagent | ID = 67108866
Description = Function: CIPv4ChangeRouteHelper::FindBestRoute File: .\IPv4ChangeRouteHelper.cpp
Line:
2460 Invoked Function: CIPv4RouteTable::FindMatchingRoute Return Code: -33095647
(0xFE070021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED

Error - 8/5/2012 9:51:18 AM | Computer Name = Roger-PC | Source = vpnagent | ID = 67108866
Description = Function: CRouteMgr::UpdatePublicAddress File: .\RouteMgr.cpp Line:
2188 Invoked Function: CChangeRouteTable::FindBestRouteInterface Return Code: -33095647
(0xFE070021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED

Error - 8/7/2012 8:46:37 AM | Computer Name = Roger-PC | Source = vpnagent | ID = 67110873
Description = Termination reason code 7: The agent has been stopped.

[ Hewlett-Packard Events ]
Error - 3/30/2010 7:03:33 PM | Computer Name = Roger-PC | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find file 'C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)

at System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)

at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a(Object
A_0, EventArgs A_1)

Error - 3/30/2010 7:03:33 PM | Computer Name = Roger-PC | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find file 'C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)

at System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)

at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a(Object
A_0, EventArgs A_1)

Error - 4/4/2010 7:15:57 PM | Computer Name = Roger-PC | Source = Hewlett-Packard | ID = 0
Description =

Error - 4/27/2010 7:00:54 PM | Computer Name = Roger-PC | Source = Hewlett-Packard | ID = 0
Description =

Error - 4/27/2010 7:20:13 PM | Computer Name = Roger-PC | Source = Hewlett-Packard | ID = 0
Description =

[ OSession Events ]
Error - 8/8/2012 5:13:23 PM | Computer Name = Roger-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6661.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 3344
seconds with 1200 seconds of active time. This session ended with a crash.

Error - 8/8/2012 5:16:22 PM | Computer Name = Roger-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6661.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 156
seconds with 0 seconds of active time. This session ended with a crash.

Error - 9/11/2012 8:58:48 AM | Computer Name = Roger-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6661.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 17
seconds with 0 seconds of active time. This session ended with a crash.

Error - 2/25/2013 11:51:17 AM | Computer Name = Roger-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 11
seconds with 0 seconds of active time. This session ended with a crash.

Error - 2/25/2013 11:51:45 AM | Computer Name = Roger-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 6
seconds with 0 seconds of active time. This session ended with a crash.

Error - 2/25/2013 11:52:49 AM | Computer Name = Roger-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 5
seconds with 0 seconds of active time. This session ended with a crash.

Error - 2/25/2013 11:57:44 AM | Computer Name = Roger-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 8
seconds with 0 seconds of active time. This session ended with a crash.

Error - 3/14/2013 1:40:16 PM | Computer Name = Roger-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 103
seconds with 60 seconds of active time. This session ended with a crash.

Error - 5/2/2013 8:31:54 PM | Computer Name = Roger-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 17667
seconds with 2580 seconds of active time. This session ended with a crash.

Error - 9/30/2013 8:55:23 AM | Computer Name = Roger-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 107
seconds with 60 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 1/16/2014 4:33:38 PM | Computer Name = Roger-PC | Source = DCOM | ID = 10010
Description =

Error - 1/16/2014 4:33:38 PM | Computer Name = Roger-PC | Source = DCOM | ID = 10010
Description =

Error - 1/16/2014 4:33:39 PM | Computer Name = Roger-PC | Source = DCOM | ID = 10010
Description =

Error - 1/16/2014 4:33:39 PM | Computer Name = Roger-PC | Source = DCOM | ID = 10010
Description =

Error - 1/16/2014 4:33:39 PM | Computer Name = Roger-PC | Source = DCOM | ID = 10010
Description =

Error - 1/16/2014 4:35:17 PM | Computer Name = Roger-PC | Source = Service Control Manager | ID = 7038
Description = The nvUpdatusService service was unable to log on as .\UpdatusUser
with the currently configured password due to the following error: %%1330 To ensure
that the service is configured properly, use the Services snap-in in Microsoft
Management Console (MMC).

Error - 1/16/2014 4:35:17 PM | Computer Name = Roger-PC | Source = Service Control Manager | ID = 7000
Description = The NVIDIA Update Service Daemon service failed to start due to the
following error: %%1069


< End of report >
rmscholbe
Active Member
 
Posts: 12
Joined: January 14th, 2014, 6:45 pm

Re: My cursor keeps moving to the right of the screen by its

Unread postby rmscholbe » January 18th, 2014, 9:18 pm

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-01-2014 03
Ran by Roger (administrator) on ROGER-PC on 16-01-2014 13:16:25
Running from C:\Users\Roger\Desktop\Scanner
Windows 8.1 Pro with Media Center (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8_64.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATILAE.EXE
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
() C:\Users\Roger\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.)
HKLM\...\Run: [Fences] - C:\Program Files (x86)\Stardock\Fences\Fences.exe [4031152 2013-11-26] (Stardock Corporation)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [642664 2013-05-08] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [44128 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2012-02-20] (Apple Inc.)
HKLM-x32\...\Run: [BrStsMon00] - C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKCU\...\Run: [8D61D16F694ECA70FC12DE3FFBEB2A9088500AC8._service_run] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [863184 2013-12-03] (Google Inc.)
HKCU\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-03-11] (Google Inc.)
HKCU\...\Run: [EPLTarget\P0000000000000000] - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILAE.EXE [297024 2013-01-24] (SEIKO EPSON CORPORATION)
HKCU\...\Run: [Amazon Cloud Player] - C:\Users\Roger\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3145536 2013-12-12] ()
MountPoints2: {4311edad-87d9-11e0-826d-406186510557} - "I:\MI.exe"
MountPoints2: {c2fc5c33-5900-11e1-9835-406186510557} - "J:\LaunchU3.exe" -a
HKU\UpdatusUser\...\RunOnce: [WAB Migrate] - C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cndt
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cndt
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cndt
SearchScopes: HKLM - {C7787F6E-7F3C-47FF-8507-1DEC5E19CB0D} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKLM-x32 - {C7787F6E-7F3C-47FF-8507-1DEC5E19CB0D} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: af0.Adblock.BHO - {90EFF544-3981-4d46-85C9-C0361D0931D6} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{016F717A-5994-4ADF-9816-B67B47E4ACAC}: [NameServer]206.40.99.2,206.40.99.3

FireFox:
========
FF ProfilePath: C:\Users\Roger\AppData\Roaming\Mozilla\Firefox\Profiles\r1xpa9jz.default-1365792316197
FF DefaultSearchEngine: Bing
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Homepage: about:home
FF Keyword.URL: hxxp://www.bing.com/search?FORM=U039DF& ... =072013&q=
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @lastpass.com/NPLastPass - C:\Program Files (x86)\LastPass\nplastpass64.dll (LastPass)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass - C:\Program Files (x86)\LastPass\nplastpass.dll (LastPass)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Roger\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Extension: LastPass - C:\Users\Roger\AppData\Roaming\Mozilla\Firefox\Profiles\r1xpa9jz.default-1365792316197\Extensions\support@lastpass.com [2013-12-10]
FF Extension: Adblock Plus - C:\Users\Roger\AppData\Roaming\Mozilla\Firefox\Profiles\r1xpa9jz.default-1365792316197\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-04-12]
FF HKLM-x32\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013-10-29]

Chrome:
=======
CHR HomePage: hxxp://google.com/
CHR RestoreOnStartup: "hxxp://google.com/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft\u00AE Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll No File
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (RIM Handheld Application Loader) - C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U11) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (BlackBerry AppWorld) - C:\Program Files (x86)\Research In Motion Limited\BlackBerry App World Browser Plugin\npappworld.dll No File
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
CHR Plugin: (Unity Player) - C:\Users\Roger\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Extension: (Angry Birds) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0 [2013-03-13]
CHR Extension: (Google Docs) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0 [2013-03-13]
CHR Extension: (Google Drive) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 [2013-03-13]
CHR Extension: (YouTube Options) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdokagampppgbnjfdlkfpphniapiiifn\1.8.151_0 [2014-01-14]
CHR Extension: (Instant Video) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepgkafmkefhmclkdapaempdmenakbcm\2.7.6_0 [2013-12-15]
CHR Extension: (Keep Awake) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\bijihlabcfdnabacffofojgmehjdielb\1.6_0 [2013-04-10]
CHR Extension: (James White) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm\3_0 [2013-04-12]
CHR Extension: (YouTube) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 [2013-04-12]
CHR Extension: (Solitaire) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpebaehgfgkcmmjjknibibbjacnplim\1.4.5_0 [2013-10-08]
CHR Extension: (Facebook) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm\1.0.3_0 [2013-03-14]
CHR Extension: (Chrome Tools) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\celkpebmmedecbphginfpgoiknfifjha\1.1_0 [2013-06-18]
CHR Extension: (Adblock Plus) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.2_0 [2013-12-19]
CHR Extension: (AddThis - Share & Bookmark (new)) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgbogdmdefihhljhfeiklfiedefalcde\3.0.3_0 [2013-12-24]
CHR Extension: (Add to Amazon Wish List) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0 [2013-03-13]
CHR Extension: (Google Search) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 [2013-03-28]
CHR Extension: (Logitech Smooth Scrolling) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk\6.60.170_0 [2013-10-25]
CHR Extension: (Google News) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\dllkocilcinkggkchnjgegijklcililc\3.0_0 [2013-04-05]
CHR Extension: (Multiple Account Checker for Gmail\u2122) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnimhgelcnggigekhdjlifjpndgmnglm\1.2_0 [2013-06-16]
CHR Extension: (Gmail Offline) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0 [2013-08-09]
CHR Extension: (Google Calendar) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0 [2013-03-18]
CHR Extension: (Save to Google Drive) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne\2.0.1_0 [2013-10-25]
CHR Extension: (LastPass) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\3.0.22_0 [2013-12-25]
CHR Extension: (Tabs to the front!) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjaooagfdhdhmbfchnkhggjmacjlacla\0.2.4_0 [2013-03-19]
CHR Extension: (Twitter) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokbgkngfkcpnoaofgccpahihhcaeibc\2.1_0 [2013-04-12]
CHR Extension: (Cloud Reader) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd\1.4.0_0 [2013-03-13]
CHR Extension: (Pixlr Editor) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmaknaampgiegkcjlimdiidlhopknpk\1.2_0 [2013-03-28]
CHR Extension: (Match 10) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\idbjifkaikmenmlakhhhmobbjcjocjnf\1_0 [2013-05-02]
CHR Extension: (Woot) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\klhoeofncdoaefllgaacgnecchcphphb\1.6_0 [2013-06-05]
CHR Extension: (Google Maps) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0 [2013-04-12]
CHR Extension: (Google Mail Checker) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0 [2013-03-14]
CHR Extension: (Privacy Palette) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjkcflkplhgpebknipkekjggglimnone\0.4_0 [2013-06-20]
CHR Extension: (LastPass Vault) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncliohomlfopnmlfkepkcbnhmeijkhhf\2.0.21_0 [2013-05-30]
CHR Extension: (Google Wallet) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0 [2013-12-19]
CHR Extension: (Checker Plus for Gmail\u2122) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj\15.1_0 [2014-01-10]
CHR Extension: (Outlook.com) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpeapihoiogbcmdmnibeplnikfnhoge\1.0.2_0 [2013-05-18]
CHR Extension: (Kitco Tracker) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\phngnmnglpbgiogjjcbllnlldehpnadg\2.0.3_0 [2013-03-13]
CHR Extension: (Weather Underground) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjejbgheonogbpfkkjigbmahaljipoej\1.6_0 [2013-04-12]
CHR Extension: (Gmail) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0 [2013-03-13]
CHR HKCU\...\Chrome\Extension: [iahagolkpaghhinaljhjihagjgomdokb] - C:\Users\Roger\AppData\Local\Alexa\atbpg-iZ_TWg-1.3.crx [2013-03-14]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

U2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
U2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-16] (Seiko Epson Corporation)
U2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
U2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
U2 Start8; C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [142960 2013-03-19] (Stardock Software, Inc)
U3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
U2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

U3 ABB3410; C:\Windows\system32\DRIVERS\abbttusb.sys [56832 2010-09-02] (Texas Instruments Inc)
U0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
U3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows (R) Win 7 DDK provider)
U2 DLABMFSE; C:\Windows\System32\Drivers\DLABMFSE.SYS [46448 2007-07-23] (Roxio)
U2 DLABOIOE; C:\Windows\System32\Drivers\DLABOIOE.SYS [42352 2007-07-23] (Roxio)
U0 DLACDBHE; C:\Windows\System32\Drivers\DLACDBHE.SYS [17776 2007-07-23] (Roxio)
U2 DLADResE; C:\Windows\System32\Drivers\DLADResE.SYS [9968 2007-07-23] (Roxio)
U2 DLAIFS_E; C:\Windows\System32\Drivers\DLAIFS_E.SYS [146672 2007-07-23] (Roxio)
U2 DLAOPIOE; C:\Windows\System32\Drivers\DLAOPIOE.SYS [35056 2007-07-23] (Roxio)
U2 DLAPoolE; C:\Windows\System32\Drivers\DLAPoolE.SYS [19824 2007-07-23] (Roxio)
U1 DLARTL_E; C:\Windows\System32\Drivers\DLARTL_E.SYS [41072 2007-07-23] (Roxio)
U2 DLAUDFAE; C:\Windows\System32\Drivers\DLAUDFAE.SYS [135152 2007-07-23] (Roxio)
U2 DLAUDF_E; C:\Windows\System32\Drivers\DLAUDF_E.SYS [144112 2007-07-23] (Roxio)
U0 DRVECDB; C:\Windows\System32\Drivers\DRVECDB.SYS [124112 2007-07-23] (Sonic Solutions)
U2 DRVEDDM; C:\Windows\System32\Drivers\DRVEDDM.SYS [63984 2007-07-23] (Roxio)
U3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
U3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
U0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation)
U0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-10] (Microsoft Corporation)
U3 kbldfltr; C:\Windows\System32\drivers\kbldfltr.sys [22272 2013-09-29] (Microsoft Corporation)
U3 LcUvcUpper; C:\Windows\system32\DRIVERS\LcUvcUpper.sys [34408 2013-09-27] (Microsoft Corporation)
U0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
U3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
U3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
U3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
U3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
U3 rt70x64; C:\Windows\System32\DRIVERS\netr7064.sys [388448 2010-04-27] (Ralink Technology Corp.)
U2 RtNdPt60; C:\Windows\System32\DRIVERS\RtNdPt60.sys [26624 2009-06-10] (Windows (R) Codename Longhorn DDK provider)
U3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-25] (Microsoft Corporation)
U0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
U3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
U3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
U3 idsvc;
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [71680 2013-08-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-16 13:16 - 2014-01-16 13:16 - 00000000 ____D C:\FRST
2014-01-16 12:49 - 2014-01-16 12:49 - 00688992 ____R (Swearware) C:\dds.scr
2014-01-16 12:09 - 2014-01-16 12:13 - 00000000 ____D C:\AdwCleaner
2014-01-15 18:20 - 2014-01-15 18:20 - 00000080 _____ C:\Users\Roger\Desktop\Malware 1 (1).url
2014-01-15 07:41 - 2014-01-15 07:41 - 00000000 ____D C:\WINDOWS\ERUNT
2014-01-15 07:40 - 2013-11-27 09:36 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-01-15 07:40 - 2013-11-27 05:41 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2014-01-15 07:40 - 2013-11-27 04:34 - 00138240 _____ C:\WINDOWS\system32\OEMLicense.dll
2014-01-15 07:40 - 2013-11-27 03:54 - 00103936 _____ C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-01-15 07:40 - 2013-11-27 02:48 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-15 07:40 - 2013-11-27 02:45 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-01-15 07:40 - 2013-11-27 02:40 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-15 07:40 - 2013-11-27 02:38 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-01-15 07:40 - 2013-11-27 02:17 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-01-15 07:40 - 2013-11-27 02:12 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-01-15 07:39 - 2013-12-08 18:15 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-01-14 18:34 - 2014-01-14 18:34 - 00000101 _____ C:\Users\Roger\Desktop\Malware 1 (2).url
2014-01-14 18:25 - 2014-01-14 18:26 - 00000000 ____D C:\rmscholbe
2014-01-14 16:56 - 2014-01-14 16:56 - 00000092 _____ C:\Users\Roger\Desktop\HOW TO GET HELP IN THIS FORUM - everyone must read this. - Malware Removal Forum.url
2014-01-14 16:07 - 2014-01-14 16:19 - 00000000 ____D C:\ProgramData\HitmanPro
2014-01-14 15:37 - 2014-01-16 13:16 - 00000000 ____D C:\Users\Roger\Desktop\Scanner
2014-01-14 14:08 - 2014-01-14 14:10 - 00000000 ____D C:\Users\Roger\Downloads\Fences
2014-01-13 17:16 - 2014-01-15 01:20 - 00000345 _____ C:\Users\Roger\Desktop\My Problem Dates.txt
2014-01-13 09:48 - 2014-01-13 10:14 - 00000000 ____D C:\Users\Roger\AppData\Roaming\.minecraft
2014-01-13 09:47 - 2014-01-13 09:47 - 00000000 ____D C:\Users\Roger\Downloads\Minecraft
2014-01-10 19:35 - 2014-01-10 19:36 - 00000000 ____D C:\Users\Roger\Downloads\SanDiskSecureAccessV2.0
2014-01-10 09:51 - 2014-01-10 13:57 - 00000000 ____D C:\Users\Roger\Desktop\VA Health Care Center Behavioral Health
2014-01-09 15:42 - 2014-01-15 01:19 - 00000474 _____ C:\Users\Roger\Desktop\Places I Have Been Stationed.txt
2014-01-09 14:27 - 2014-01-09 14:27 - 00002214 _____ C:\Users\Roger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-01-09 14:27 - 2014-01-09 14:27 - 00002118 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-01-09 14:27 - 2014-01-09 14:27 - 00002118 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-01-09 13:55 - 2014-01-09 13:55 - 00000000 ____D C:\Users\Roger\Documents\My Weblog Posts
2014-01-09 13:41 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2014-01-09 13:41 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2014-01-09 13:27 - 2014-01-09 14:40 - 00000000 ____D C:\Program Files\Microsoft LifeCam
2014-01-09 13:27 - 2014-01-09 14:40 - 00000000 ____D C:\Program Files (x86)\Microsoft LifeCam
2014-01-09 13:27 - 2014-01-09 13:27 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_LcUvcUpper_01011.Wdf
2014-01-09 10:22 - 2014-01-09 10:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-07 08:31 - 2014-01-07 08:31 - 00098116 _____ C:\Users\Roger\Downloads\chrome-youtube-downloader-2.6.5 (1).crx
2014-01-07 08:30 - 2014-01-07 08:31 - 00098116 _____ C:\Users\Roger\Downloads\chrome-youtube-downloader-2.6.5.crx
2014-01-06 10:43 - 2014-01-16 12:43 - 00000927 _____ C:\WINDOWS\Tasks\EPSON XP-410 Series Update {9533CC94-6B25-4406-9CC7-8A6FFEA8DA84}.job
2014-01-06 10:43 - 2014-01-16 12:43 - 00000741 _____ C:\WINDOWS\Tasks\EPSON XP-410 Series Invitation {9533CC94-6B25-4406-9CC7-8A6FFEA8DA84}.job
2014-01-06 10:43 - 2014-01-06 10:43 - 00003958 _____ C:\WINDOWS\System32\Tasks\EPSON XP-410 Series Update {9533CC94-6B25-4406-9CC7-8A6FFEA8DA84}
2014-01-06 10:43 - 2014-01-06 10:43 - 00003772 _____ C:\WINDOWS\System32\Tasks\EPSON XP-410 Series Invitation {9533CC94-6B25-4406-9CC7-8A6FFEA8DA84}
2014-01-05 16:26 - 2014-01-05 16:55 - 00000000 ____D C:\Users\Roger\Downloads\New folder
2014-01-05 14:31 - 2014-01-05 14:31 - 00002104 _____ C:\Users\Public\Desktop\SDFormatter.lnk
2014-01-05 14:31 - 2014-01-05 14:31 - 00000000 ____D C:\Program Files (x86)\SDA
2014-01-05 14:23 - 2014-01-05 16:50 - 00000000 ____D C:\Users\Roger\Downloads\HP USB Formatter
2014-01-05 11:33 - 2014-01-05 11:33 - 00000000 ____D C:\Program Files (x86)\EaseUS
2014-01-05 11:29 - 2014-01-05 11:32 - 00000000 ____D C:\Users\Roger\Downloads\EaseUS
2014-01-05 10:54 - 2014-01-05 10:54 - 00000000 ___HD C:\$WINDOWS.~BT
2014-01-02 12:00 - 2014-01-02 12:09 - 00000000 ____D C:\Users\Roger\AppData\Roaming\MyHeritage
2014-01-02 12:00 - 2014-01-02 12:04 - 00000000 ____D C:\Users\Roger\Documents\MyHeritage
2014-01-02 12:00 - 2014-01-02 12:03 - 00000000 ____D C:\ProgramData\MyHeritage
2014-01-02 12:00 - 2004-12-07 11:11 - 00258352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unicows.dll
2014-01-02 12:00 - 2000-05-22 17:58 - 00608448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.ocx
2014-01-02 12:00 - 1998-06-24 01:00 - 00137000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmapi32.ocx
2014-01-02 11:59 - 2014-01-06 09:34 - 00000000 ____D C:\Program Files (x86)\MyHeritage
2013-12-31 13:54 - 2013-12-31 13:59 - 00000000 ____D C:\Users\Roger\Downloads\MyHeritage Genealogy
2013-12-29 14:22 - 2013-12-29 14:22 - 00000000 ____D C:\Users\HomeAdmin\AppData\Local\Stardock_Corporation
2013-12-29 14:21 - 2013-12-29 14:21 - 00002048 _____ C:\Users\HomeAdmin\Desktop\Customize Fences.lnk
2013-12-29 14:21 - 2013-12-29 14:21 - 00000000 ____D C:\Users\HomeAdmin\AppData\Roaming\Stardock
2013-12-29 14:21 - 2013-12-29 14:21 - 00000000 ____D C:\Users\HomeAdmin\AppData\Roaming\Logitech
2013-12-29 14:21 - 2013-12-29 14:21 - 00000000 ____D C:\Users\HomeAdmin\AppData\Local\Google
2013-12-29 14:20 - 2013-12-29 14:20 - 00001448 _____ C:\Users\HomeAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-29 14:20 - 2013-12-29 14:20 - 00000020 ___SH C:\Users\HomeAdmin\ntuser.ini
2013-12-29 10:17 - 2013-12-30 11:45 - 00000362 __RSH C:\ProgramData\ntuser.pol
2013-12-29 07:55 - 2013-12-29 08:08 - 00000000 ____D C:\Users\Roger\Documents\360 E Xbox
2013-12-21 15:53 - 2014-01-13 18:28 - 00000000 ____D C:\Users\Roger\Desktop\Heathers Fight

==================== One Month Modified Files and Folders =======

2014-01-16 13:16 - 2014-01-16 13:16 - 00000000 ____D C:\FRST
2014-01-16 13:16 - 2014-01-14 15:37 - 00000000 ____D C:\Users\Roger\Desktop\Scanner
2014-01-16 13:16 - 2013-06-21 08:30 - 00000000 ____D C:\Users\Roger\AppData\Roaming\gSyncit
2014-01-16 13:15 - 2012-01-18 11:46 - 00000000 ____D C:\Users\Roger\AppData\Local\CrashDumps
2014-01-16 13:00 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\system32\sru
2014-01-16 12:49 - 2014-01-16 12:49 - 00688992 ____R (Swearware) C:\dds.scr
2014-01-16 12:49 - 2013-11-04 01:42 - 02096131 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-16 12:49 - 2013-10-16 06:49 - 00000927 _____ C:\WINDOWS\Tasks\EPSON XP-410 Series Update {FA7B4253-EC6D-411B-B2CD-CFD4C17633A6}.job
2014-01-16 12:49 - 2013-10-16 06:49 - 00000741 _____ C:\WINDOWS\Tasks\EPSON XP-410 Series Invitation {FA7B4253-EC6D-411B-B2CD-CFD4C17633A6}.job
2014-01-16 12:43 - 2014-01-06 10:43 - 00000927 _____ C:\WINDOWS\Tasks\EPSON XP-410 Series Update {9533CC94-6B25-4406-9CC7-8A6FFEA8DA84}.job
2014-01-16 12:43 - 2014-01-06 10:43 - 00000741 _____ C:\WINDOWS\Tasks\EPSON XP-410 Series Invitation {9533CC94-6B25-4406-9CC7-8A6FFEA8DA84}.job
2014-01-16 12:34 - 2012-11-10 20:40 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2148773256-3097276083-3132812908-1001
2014-01-16 12:31 - 2013-03-13 13:53 - 00002205 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2014-01-16 12:29 - 2013-11-04 02:17 - 00000000 __RDO C:\Users\Roger\SkyDrive
2014-01-16 12:29 - 2013-08-22 08:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2014-01-16 12:29 - 2012-05-25 08:37 - 00000892 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-16 12:27 - 2012-05-25 08:37 - 00000896 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-16 12:17 - 2012-03-28 09:42 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-01-16 12:14 - 2013-08-22 07:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2014-01-16 12:13 - 2014-01-16 12:09 - 00000000 ____D C:\AdwCleaner
2014-01-16 10:54 - 2011-06-04 17:56 - 00000000 ____D C:\Users\Roger\AppData\Local\NPE
2014-01-16 10:00 - 2013-10-02 06:06 - 00000000 ____D C:\Users\Roger\Downloads\McAfee Stinger
2014-01-16 10:00 - 2013-10-01 18:38 - 00000000 ____D C:\Program Files\stinger
2014-01-16 09:33 - 2010-04-08 16:03 - 00003926 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{95DF05EC-C659-42B7-BB33-5548585091F4}
2014-01-16 09:24 - 2013-01-19 08:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-15 18:20 - 2014-01-15 18:20 - 00000080 _____ C:\Users\Roger\Desktop\Malware 1 (1).url
2014-01-15 09:03 - 2010-03-20 17:31 - 00000000 ____D C:\Program Files (x86)\Paint Shop Pro 5
2014-01-15 08:26 - 2010-03-19 21:42 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-15 08:25 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\WinStore
2014-01-15 07:54 - 2013-03-07 07:30 - 00000000 ____D C:\Users\Roger\AppData\Roaming\Stardock
2014-01-15 07:41 - 2014-01-15 07:41 - 00000000 ____D C:\WINDOWS\ERUNT
2014-01-15 01:40 - 2012-05-24 10:29 - 00000000 ____D C:\Users\Roger\Documents\Army
2014-01-15 01:20 - 2014-01-13 17:16 - 00000345 _____ C:\Users\Roger\Desktop\My Problem Dates.txt
2014-01-15 01:19 - 2014-01-09 15:42 - 00000474 _____ C:\Users\Roger\Desktop\Places I Have Been Stationed.txt
2014-01-14 18:34 - 2014-01-14 18:34 - 00000101 _____ C:\Users\Roger\Desktop\Malware 1 (2).url
2014-01-14 18:28 - 2013-11-04 01:47 - 00000000 ____D C:\Users\Roger
2014-01-14 18:26 - 2014-01-14 18:25 - 00000000 ____D C:\rmscholbe
2014-01-14 16:56 - 2014-01-14 16:56 - 00000092 _____ C:\Users\Roger\Desktop\HOW TO GET HELP IN THIS FORUM - everyone must read this. - Malware Removal Forum.url
2014-01-14 16:19 - 2014-01-14 16:07 - 00000000 ____D C:\ProgramData\HitmanPro
2014-01-14 14:51 - 2012-11-11 19:10 - 00000000 ____D C:\Program Files (x86)\Stardock
2014-01-14 14:12 - 2013-09-29 22:03 - 00013664 _____ C:\WINDOWS\PFRO.log
2014-01-14 14:10 - 2014-01-14 14:08 - 00000000 ____D C:\Users\Roger\Downloads\Fences
2014-01-14 14:09 - 2010-03-19 18:56 - 00000000 ___RD C:\Users\Roger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-14 11:09 - 2013-08-22 08:46 - 00007934 _____ C:\WINDOWS\setupact.log
2014-01-14 08:23 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2014-01-13 18:29 - 2010-03-20 18:06 - 00000000 ____D C:\Users\Roger\Documents\My Purchases
2014-01-13 18:28 - 2013-12-21 15:53 - 00000000 ____D C:\Users\Roger\Desktop\Heathers Fight
2014-01-13 18:25 - 2010-03-19 19:38 - 00000000 ____D C:\Users\Roger\Documents\Banking
2014-01-13 14:33 - 2010-03-20 18:05 - 00000000 ____D C:\Users\Roger\PDF Manuals
2014-01-13 10:14 - 2014-01-13 09:48 - 00000000 ____D C:\Users\Roger\AppData\Roaming\.minecraft
2014-01-13 09:47 - 2014-01-13 09:47 - 00000000 ____D C:\Users\Roger\Downloads\Minecraft
2014-01-10 22:22 - 2012-01-07 10:06 - 00000000 ____D C:\Users\Roger\Documents\TAXES
2014-01-10 19:36 - 2014-01-10 19:35 - 00000000 ____D C:\Users\Roger\Downloads\SanDiskSecureAccessV2.0
2014-01-10 19:34 - 2013-09-29 22:15 - 00867660 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2014-01-10 13:57 - 2014-01-10 09:51 - 00000000 ____D C:\Users\Roger\Desktop\VA Health Care Center Behavioral Health
2014-01-09 14:42 - 2012-07-17 17:47 - 00000000 ____D C:\Users\Roger\AppData\Roaming\Skype
2014-01-09 14:42 - 2012-07-17 17:46 - 00000000 ____D C:\ProgramData\Skype
2014-01-09 14:42 - 2012-07-17 16:49 - 00000000 ____D C:\Users\Roger\AppData\Local\Windows Live
2014-01-09 14:40 - 2014-01-09 13:27 - 00000000 ____D C:\Program Files\Microsoft LifeCam
2014-01-09 14:40 - 2014-01-09 13:27 - 00000000 ____D C:\Program Files (x86)\Microsoft LifeCam
2014-01-09 14:35 - 2012-07-17 17:39 - 00000000 ____D C:\Users\Roger\Tracing
2014-01-09 14:27 - 2014-01-09 14:27 - 00002214 _____ C:\Users\Roger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-01-09 14:27 - 2014-01-09 14:27 - 00002118 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-01-09 14:27 - 2014-01-09 14:27 - 00002118 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-01-09 14:27 - 2012-11-11 16:31 - 00000000 ____D C:\Program Files (x86)\Microsoft SkyDrive
2014-01-09 14:27 - 2012-07-17 16:51 - 00000902 _____ C:\WINDOWS\DirectX.log
2014-01-09 13:55 - 2014-01-09 13:55 - 00000000 ____D C:\Users\Roger\Documents\My Weblog Posts
2014-01-09 13:55 - 2012-11-11 16:46 - 00000000 ____D C:\Users\Roger\AppData\Local\Windows Live Writer
2014-01-09 13:27 - 2014-01-09 13:27 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_LcUvcUpper_01011.Wdf
2014-01-09 10:23 - 2014-01-09 10:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-08 17:32 - 2010-03-21 06:43 - 00003164 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForRoger
2014-01-08 17:32 - 2010-03-21 06:43 - 00000350 _____ C:\WINDOWS\Tasks\HPCeeScheduleForRoger.job
2014-01-07 09:29 - 2013-08-04 16:23 - 00000000 ____D C:\Users\Roger\Downloads\VLC Media Player
2014-01-07 08:31 - 2014-01-07 08:31 - 00098116 _____ C:\Users\Roger\Downloads\chrome-youtube-downloader-2.6.5 (1).crx
2014-01-07 08:31 - 2014-01-07 08:30 - 00098116 _____ C:\Users\Roger\Downloads\chrome-youtube-downloader-2.6.5.crx
2014-01-06 18:51 - 2012-11-10 20:31 - 00000000 ____D C:\Users\Roger\AppData\Local\Packages
2014-01-06 16:31 - 2013-08-22 09:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-01-06 16:31 - 2013-08-22 09:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-06 12:03 - 2010-03-25 04:20 - 00000000 ____D C:\ProcessExplorer
2014-01-06 10:43 - 2014-01-06 10:43 - 00003958 _____ C:\WINDOWS\System32\Tasks\EPSON XP-410 Series Update {9533CC94-6B25-4406-9CC7-8A6FFEA8DA84}
2014-01-06 10:43 - 2014-01-06 10:43 - 00003772 _____ C:\WINDOWS\System32\Tasks\EPSON XP-410 Series Invitation {9533CC94-6B25-4406-9CC7-8A6FFEA8DA84}
2014-01-06 09:34 - 2014-01-02 11:59 - 00000000 ____D C:\Program Files (x86)\MyHeritage
2014-01-05 16:55 - 2014-01-05 16:26 - 00000000 ____D C:\Users\Roger\Downloads\New folder
2014-01-05 16:50 - 2014-01-05 14:23 - 00000000 ____D C:\Users\Roger\Downloads\HP USB Formatter
2014-01-05 14:31 - 2014-01-05 14:31 - 00002104 _____ C:\Users\Public\Desktop\SDFormatter.lnk
2014-01-05 14:31 - 2014-01-05 14:31 - 00000000 ____D C:\Program Files (x86)\SDA
2014-01-05 14:31 - 2011-12-14 16:07 - 00000000 ____D C:\Users\Roger\AppData\Local\Downloaded Installations
2014-01-05 11:33 - 2014-01-05 11:33 - 00000000 ____D C:\Program Files (x86)\EaseUS
2014-01-05 11:32 - 2014-01-05 11:29 - 00000000 ____D C:\Users\Roger\Downloads\EaseUS
2014-01-05 10:54 - 2014-01-05 10:54 - 00000000 ___HD C:\$WINDOWS.~BT
2014-01-05 10:54 - 2013-11-04 01:47 - 00001908 _____ C:\WINDOWS\diagwrn.xml
2014-01-05 10:54 - 2013-11-04 01:47 - 00001908 _____ C:\WINDOWS\diagerr.xml
2014-01-05 10:53 - 2013-08-22 08:46 - 00000000 _____ C:\WINDOWS\setuperr.log
2014-01-05 09:42 - 2013-02-22 15:54 - 00000000 ____D C:\Users\Roger\Documents\Anything Email
2014-01-03 19:19 - 2010-04-17 07:36 - 00000000 ____D C:\Users\Roger\Documents\Projects
2014-01-02 12:09 - 2014-01-02 12:00 - 00000000 ____D C:\Users\Roger\AppData\Roaming\MyHeritage
2014-01-02 12:04 - 2014-01-02 12:00 - 00000000 ____D C:\Users\Roger\Documents\MyHeritage
2014-01-02 12:03 - 2014-01-02 12:00 - 00000000 ____D C:\ProgramData\MyHeritage
2014-01-01 20:19 - 2013-08-04 19:08 - 00000000 ____D C:\Users\Roger\AppData\Roaming\vlc
2014-01-01 10:33 - 2010-03-20 18:05 - 00000000 ____D C:\Users\Roger\Documents\Mother
2013-12-31 13:59 - 2013-12-31 13:54 - 00000000 ____D C:\Users\Roger\Downloads\MyHeritage Genealogy
2013-12-30 11:45 - 2013-12-29 10:17 - 00000362 __RSH C:\ProgramData\ntuser.pol
2013-12-30 11:18 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\registration
2013-12-29 15:18 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\rescache
2013-12-29 14:50 - 2012-08-23 07:52 - 00000000 ____D C:\Users\Roger\Documents\My Medical
2013-12-29 14:43 - 2013-12-16 16:29 - 00000000 ____D C:\Users\Roger\Desktop\Rustic Nail Cross
2013-12-29 14:43 - 2012-12-12 10:43 - 00000000 ____D C:\Users\Roger\Desktop\2013 pay Dates
2013-12-29 14:37 - 2013-10-16 10:25 - 00000000 ____D C:\Users\Roger\Desktop\Wall Plaques
2013-12-29 14:37 - 2013-07-20 15:01 - 00000000 ____D C:\Users\Roger\Desktop\RMScholbe Advance Directives
2013-12-29 14:27 - 2012-12-02 13:06 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2148773256-3097276083-3132812908-1003
2013-12-29 14:22 - 2013-12-29 14:22 - 00000000 ____D C:\Users\HomeAdmin\AppData\Local\Stardock_Corporation
2013-12-29 14:21 - 2013-12-29 14:21 - 00002048 _____ C:\Users\HomeAdmin\Desktop\Customize Fences.lnk
2013-12-29 14:21 - 2013-12-29 14:21 - 00000000 ____D C:\Users\HomeAdmin\AppData\Roaming\Stardock
2013-12-29 14:21 - 2013-12-29 14:21 - 00000000 ____D C:\Users\HomeAdmin\AppData\Roaming\Logitech
2013-12-29 14:21 - 2013-12-29 14:21 - 00000000 ____D C:\Users\HomeAdmin\AppData\Local\Google
2013-12-29 14:21 - 2012-11-11 00:22 - 00000000 ____D C:\Users\HomeAdmin\AppData\Local\Packages
2013-12-29 14:20 - 2013-12-29 14:20 - 00001448 _____ C:\Users\HomeAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-29 14:20 - 2013-12-29 14:20 - 00000020 ___SH C:\Users\HomeAdmin\ntuser.ini
2013-12-29 14:20 - 2013-11-04 01:47 - 00000000 ____D C:\Users\HomeAdmin
2013-12-29 14:20 - 2010-03-29 19:53 - 00000000 ___RD C:\Users\HomeAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-29 14:20 - 2010-03-29 19:53 - 00000000 ___RD C:\Users\HomeAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-12-29 14:05 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\system32\setup
2013-12-29 14:01 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2013-12-29 13:36 - 2010-03-19 18:56 - 00000000 ___RD C:\Users\Roger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-12-29 10:17 - 2013-08-22 09:36 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2013-12-29 08:08 - 2013-12-29 07:55 - 00000000 ____D C:\Users\Roger\Documents\360 E Xbox
2013-12-29 07:42 - 2013-03-15 09:45 - 00000000 ___RD C:\Users\Roger\Google Drive
2013-12-21 18:48 - 2013-11-21 21:29 - 00001839 _____ C:\Users\Roger\Desktop\AceMoney.lnk
2013-12-20 18:08 - 2010-03-20 18:05 - 00000000 ____D C:\Users\Roger\Documents\Heather
2013-12-20 11:38 - 2010-05-23 12:42 - 00000000 ____D C:\ProgramData\Roxio
2013-12-19 13:02 - 2012-03-19 09:56 - 00000000 ____D C:\Users\Roger\Documents\A Man His Dog and His Rock
2013-12-18 12:10 - 2013-01-02 09:15 - 00000000 ____D C:\Users\Roger\Downloads\Facebook Archive
2013-12-18 11:22 - 2013-02-20 14:15 - 00038425 _____ C:\Users\Roger\AppData\Roaming\Comma Separated Values (Windows).ADR

Files to move or delete:
====================
C:\ProgramData\{268EB95C-7C1C-4826-B79E-0E50B1A64C5A}.dss
C:\Users\Public\AlexaNSISPlugin.5988.dll


Some content of TEMP:
====================
C:\Users\Roger\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-16 12:26

==================== End Of Log ============================
rmscholbe
Active Member
 
Posts: 12
Joined: January 14th, 2014, 6:45 pm

Re: My cursor keeps moving to the right of the screen by its

Unread postby rmscholbe » January 18th, 2014, 9:19 pm

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-01-2014 03
Ran by Roger at 2014-01-16 13:17:09
Running from C:\Users\Roger\Desktop\Scanner
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Update for Microsoft Office 2007 (KB2508958) (x32 Version: - Microsoft)
64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
7-Zip 4.42 (x32 Version: - )
Abbott USB Data Cable Installation (x32 Version: 1.00.0000 - Abbott Labs)
Abbott USB Data Cable Installation (x32 Version: 1.00.0000 - Abbott Labs) Hidden
AceMoney (x32 Version: - MechCAD Software)
AdblockIE (x32 Version: 1.2 - af0.net)
Adobe Acrobat 9 Pro - English, Français, Deutsch (x32 Version: 9.5.5 - Adobe Systems) Hidden
Adobe Acrobat 9.5.5 - CPSID_83708 (x32 Version: - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.7.0.2090 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.7.0.2090 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Advanced PDF Password Recovery (remove only) (x32 Version: - )
Amazon Cloud Player (HKCU Version: 2.2.0.399 - Amazon Services LLC)
Amazon Music Importer (x32 Version: 2.1.0 - Amazon Services LLC)
Amazon Music Importer (x32 Version: 2.1.0 - Amazon Services LLC) Hidden
Amazon.com Kindle Fire (Version: - )
Angry Birds (x32 Version: 3.3.3 - Rovio Entertainment Ltd.)
Apple Application Support (x32 Version: 2.1.7 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
ArcSoft MediaImpression for Kodak (x32 Version: 2.0.24.1216 - ArcSoft)
Bejeweled 2 Deluxe (x32 Version: - PopCap Games)
Classic Menu 4.x for Office 2007 (x32 Version: - Addintools)
Compatibility Pack for the 2007 Office system (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
COWON Media Center - jetAudio Plus VX (x32 Version: 8.0.17 - COWON)
CuteFTP 5.0 XP (x32 Version: - GlobalSCAPE, Inc.)
CyberLink DVD Suite Deluxe (x32 Version: 6.0.3101 - CyberLink Corp.)
CyberLink DVD Suite Deluxe (x32 Version: 6.0.3101 - CyberLink Corp.) Hidden
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
Epson Connect Printer Setup (x32 Version: 1.1.1 - SEIKO EPSON CORPORATION)
EPSON Connect version 1.0 (x32 Version: 1.0 - Epson America Inc.)
Epson Customer Participation (Version: 1.6.3.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (x32 Version: 3.01.0013 - Seiko Epson Corporation)
EPSON Scan (x32 Version: - Seiko Epson Corporation)
EPSON XP-410 Series Printer Uninstall (Version: - SEIKO EPSON Corporation)
Epson XP-410 User's Guide version 1.0 (x32 Version: 1.0 - )
EpsonNet Print (x32 Version: 2.6.0 - SEIKO EPSON CORPORATION)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Garmin BaseCamp (x32 Version: 4.1.2 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (x32 Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Google Chrome (x32 Version: 31.0.1650.63 - Google Inc.)
Google Drive (x32 Version: 1.13.5782.599 - Google, Inc.)
Google Earth (x32 Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (x32 Version: 7.5.4805.320 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
gSyncit (x32 Version: 3.8.7 - Fieldston Software)
Heatsoft ADCS (x32 Version: - )
HL-2270DW (x32 Version: 1.1.6.0 - Brother Industries, Ltd.)
HP Customer Experience Enhancements (x32 Version: 6.0.1.3 - Hewlett-Packard) Hidden
HP Odometer (x32 Version: 2.10.0000 - Hewlett-Packard)
HP Support Information (x32 Version: 10.1.0002 - Hewlett-Packard)
Image Resizer for Windows (64 bit) (Version: 3.0.4802.35565 - Brice Lambson) Hidden
Image Resizer for Windows (x32 Version: 3.0.4802.35565 - Brice Lambson)
Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
LabelPrint (x32 Version: 2.5.1901 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.1901 - CyberLink Corp.) Hidden
LastPass (uninstall only) (x32 Version: - LastPass)
LightScribe System Software (x32 Version: 1.18.5.1 - LightScribe)
Logitech SetPoint 6.61 (Version: 6.61.15 - Logitech)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Corporation (Version: 11.0.50727.0 - Microsoft Corporation) Hidden
Microsoft Corporation (Version: 9.1.0.0 - Microsoft Corporation) Hidden
Microsoft Corporation (x32 Version: 11.0.50727.0 - Microsoft Corporation) Hidden
Microsoft Corporation (x32 Version: 9.1.0.0 - Microsoft Corporation) Hidden
Microsoft Money 2005 (x32 Version: 14 - Microsoft)
Microsoft Money Shared Libraries (x32 Version: 17.0.0.3817 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (x32 Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (English) (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft VC9 runtime libraries (x32 Version: 2.0.0 - AOL Inc.) Hidden
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Mobipocket Creator 4.2 (x32 Version: 4.2.41 - Mobipocket.com)
Mozilla Firefox 26.0 (x86 en-US) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
Mp3tag v2.56 (x32 Version: v2.56 - Florian Heidenreich)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
NetworkView Version 2.03 (x32 Version: - )
NetworkView Version 3.62 (Version: 3.62 - NetworkView Software)
NirSoft VideoCacheView (x32 Version: - )
NVIDIA 3D Vision Controller Driver (x32 Version: 275.33 - NVIDIA Corporation) Hidden
NVIDIA 3D Vision Controller Driver 275.33 (Version: 275.33 - NVIDIA Corporation)
NVIDIA Control Panel 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 305.93 (Version: 305.93 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.18.0 (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.10.0514 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.10.0514 (Version: 9.10.0514 - NVIDIA Corporation)
NVIDIA Update 1.10.8 (Version: 1.10.8 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.10.8 - NVIDIA Corporation) Hidden
OpenSC (64bit) (Version: 0.12.2.0 - OpenSC Project)
Paint Shop Pro 5.01 (x32 Version: - )
PictureMover (x32 Version: 3.3.1.19 - Hewlett-Packard Company)
Power2Go (x32 Version: 6.0.3101 - CyberLink Corp.)
Power2Go (x32 Version: 6.0.3101 - CyberLink Corp.) Hidden
PowerDirector (x32 Version: 7.0.3101 - CyberLink Corp.)
PowerDirector (x32 Version: 7.0.3101 - CyberLink Corp.) Hidden
PowerRecover (x32 Version: 5.5.1923 - CyberLink Corp.) Hidden
PreReq (x32 Version: 6.2.4.0 - Eastman Kodak Company) Hidden
PrintProjects (x32 Version: 1.0.0.9282 - RocketLife Inc.)
QuickTime (x32 Version: 7.72.80.56 - Apple Inc.)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.5910 - Realtek Semiconductor Corp.)
Registry Crawler (x32 Version: - )
Roxio Activation Module (x32 Version: 1.0 - Roxio)
Roxio Creator Audio (x32 Version: 3.5.0 - Roxio)
Roxio Creator Copy (x32 Version: 3.5.0 - Roxio)
Roxio Creator Data (x32 Version: 3.5.0 - Roxio)
Roxio Creator DE (x32 Version: 3.5.0 - Roxio)
Roxio Creator Tools (x32 Version: 3.5.0 - Roxio)
Roxio Drag-to-Disc (Version: 9.1 - Roxio)
Roxio Express Labeler 3 (x32 Version: 3.2.1 - Roxio)
Roxio Update Manager (x32 Version: 6.0.0 - Roxio)
Samsung Mobile phone USB driver Drive Software (Version: - )
Samsung PC Studio 3 USB Driver Installer (x32 Version: 3.2.0.70701 - Samsung Electronics Co., Ltd.)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.23.0 - SAMSUNG Electronics Co., Ltd.)
SDFormatter (x32 Version: 4.0.0 - SD Association)
Software Updater (x32 Version: 4.0.1 - SEIKO EPSON CORPORATION)
Sonic CinePlayer Decoder Pack (x32 Version: 4.2.0 - Sonic Solutions)
Stardock Fences 2 (x32 Version: 2.12 - Stardock Software, Inc.)
Stardock Start8 (x32 Version: 1.31 - Stardock Software, Inc.)
Start8 (x32 Version: 1.02 - Stardock Corporation)
System Requirements Lab (x32 Version: - )
Unity Web Player (HKCU Version: 2.6.1f3_31223 - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (x32 Version: - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (x32 Version: - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (x32 Version: - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (x32 Version: - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (x32 Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (x32 Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (x32 Version: - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (x32 Version: - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (x32 Version: - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (x32 Version: - Microsoft)
VLC media player 2.0.8 (x32 Version: 2.0.8 - VideoLAN)
Windows Driver Package - Amazon.com (WinUSB) KindleFireUsbDeviceClass (12/03/2012 1.2.0000.00000) (Version: 12/03/2012 1.2.0000.00000 - Amazon.com)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8 - Microsoft Corp)
WinZip (x32 Version: 9.0 SR-1 (6224) - WinZip Computing, Inc.)

==================== Restore Points =========================

29-12-2013 19:53:33 Removed CoPilot Health Management System
02-01-2014 17:54:48 Happy New Year
05-01-2014 20:31:27 Installed SDFormatter.
09-01-2014 19:41:22 Installed DirectX
14-01-2014 22:34:52 OTL Restore Point - 1/14/2014 4:34:48 PM

==================== Hosts content: ==========================

2013-08-22 07:25 - 2013-08-22 07:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0AC4B4A4-A8D1-4BD2-B91B-F040DBED65A5} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {10CA18E6-BC1E-4E1A-A552-021EBADA8B7C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-25] (Google Inc.)
Task: {1DCB5862-4C71-4449-B030-415A671E3CD7} - System32\Tasks\EPSON XP-410 Series Invitation {9533CC94-6B25-4406-9CC7-8A6FFEA8DA84} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {1E944D5D-9D1E-4845-BD16-BFFD34BFC909} - System32\Tasks\EPSON XP-410 Series Invitation {FA7B4253-EC6D-411B-B2CD-CFD4C17633A6} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2293C825-6CC2-49E1-8152-B7EF0741ED07} - System32\Tasks\{D92F006F-187C-4FBA-9B26-120D593B8CE2} => C:\Program Files (x86)\PopCap Games\Bejeweled 2 Deluxe\WinBej2.exe
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {3393E73D-ECA1-4751-BEE0-A20F8F9D5CCD} - System32\Tasks\{1A7C0B03-2CE0-4814-B435-4826147C1C98} => C:\Windows\system32\msiexec.exe [2013-08-22] (Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-21] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {7207868B-8DFF-4547-A080-F049E09E9CA7} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2013-12-15] (Microsoft Corporation)
Task: {730AE80B-5C78-43B9-9009-0F5BBABE5923} - System32\Tasks\{53BE04B9-04D4-49F4-96B4-17CBDA3AD5BB} => C:\Program Files (x86)\CoPilot Health Management System\CoPilot.exe
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {76C1DC70-2F80-44CD-8502-3ECA2AC3338E} - System32\Tasks\{04E184C4-F5B2-4729-84CE-673E56DC5618} => C:\Program Files (x86)\PopCap Games\Bejeweled 2 Deluxe\WinBej2.exe
Task: {77AF7B40-4702-4B3B-A502-8167D9F3D108} - System32\Tasks\EPSON XP-410 Series Update {FA7B4253-EC6D-411B-B2CD-CFD4C17633A6} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {82052D06-C623-4B8A-AA89-FAD6DE91DE5E} - System32\Tasks\EPSON XP-410 Series Update {9533CC94-6B25-4406-9CC7-8A6FFEA8DA84} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A64DB123-DFBE-4792-8692-5CA0A4FF0C5C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe
Task: {AFFFD378-965A-47E3-ACEA-AC66C6CF9A12} - System32\Tasks\{8AA15D1D-7F08-443D-98FA-19B5970144CC} => C:\Program Files (x86)\PopCap Games\Bejeweled 2 Deluxe\WinBej2.exe
Task: {CD8A037D-E097-4ADF-889A-098B4019B9FE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-10] (Adobe Systems Incorporated)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DDF8E0DE-CC2A-4173-967D-F38C6C32E680} - System32\Tasks\{71281088-2CB6-46E8-9EC2-59FBFCA6DFF8} => C:\Program Files (x86)\PopCap Games\Bejeweled 2 Deluxe\WinBej2.exe
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {EF693C19-9D95-4064-A569-090F0F24D15F} - System32\Tasks\HPCeeScheduleForRoger => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07] (Hewlett-Packard)
Task: {F07D1547-D2BD-476E-AC2B-C82721B07DDB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-25] (Google Inc.)
Task: {F2D95831-475E-44D4-BF79-8570857F4B25} - System32\Tasks\{746648DF-9FD6-42F6-9AFA-3F0480C941F8} => C:\Program Files (x86)\PopCap Games\Bejeweled 2 Deluxe\WinBej2.exe
Task: {F6476872-7081-40A6-8FA9-5DE5E019D726} - System32\Tasks\{A1F9B6A3-EA0D-40F8-9E1E-4B05A3052DF4} => C:\Program Files (x86)\PopCap Games\Bejeweled 2 Deluxe\WinBej2.exe
Task: {FC89A5C7-4632-4648-8DA3-59ED0B7DB7A7} - System32\Tasks\{DBF6094F-4D7B-4BA5-A406-40A6D2620E73} => C:\Program Files (x86)\PopCap Games\Bejeweled 2 Deluxe\WinBej2.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\EPSON XP-410 Series Invitation {082A2D05-40B9-4B80-B53C-43A83EE1F02B}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-410 Series Invitation {9533CC94-6B25-4406-9CC7-8A6FFEA8DA84}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-410 Series Invitation {FA7B4253-EC6D-411B-B2CD-CFD4C17633A6}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-410 Series Update {082A2D05-40B9-4B80-B53C-43A83EE1F02B}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-410 Series Update {9533CC94-6B25-4406-9CC7-8A6FFEA8DA84}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-410 Series Update {FA7B4253-EC6D-411B-B2CD-CFD4C17633A6}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForRoger.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) =============

2007-07-23 14:05 - 2007-07-23 14:05 - 00066544 _____ () C:\Program Files\Roxio\Drag-to-Disc\DLAAPI_W.DLL
2013-11-01 12:38 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2013-12-05 12:24 - 2013-12-03 20:48 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll
2013-12-05 12:24 - 2013-12-03 20:48 - 00399312 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
2013-12-05 12:24 - 2013-12-03 20:47 - 01619408 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll
2013-09-18 08:24 - 2013-09-18 08:24 - 04591616 _____ () C:\Users\Roger\AppData\Local\Google\Chrome\User Data\SwiftShader\1.0.5.0\libglesv2.dll
2013-09-18 08:24 - 2013-09-18 08:24 - 00112128 _____ () C:\Users\Roger\AppData\Local\Google\Chrome\User Data\SwiftShader\1.0.5.0\libegl.dll
2013-05-17 09:44 - 2007-10-13 19:47 - 00053248 _____ () C:\Program Files (x86)\Classic Menu for Office\ArmAccess.dll
2013-05-14 16:09 - 2013-05-08 01:57 - 02666496 _____ () C:\Program Files (x86)\Adobe\Acrobat 9.0\PDFMaker\Common\AdobePDFMakerX.dll
2013-07-10 17:07 - 2013-07-10 17:07 - 00756888 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:0FF263E8
AlternateDataStreams: C:\ProgramData\Temp:15D5AA51
AlternateDataStreams: C:\ProgramData\Temp:3AC4C770
AlternateDataStreams: C:\ProgramData\Temp:D282699C
AlternateDataStreams: C:\Users\Roger\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMR400 => ""="Service"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Could not start eventlog service, could not read events.

The requested service has already been started.

More help is available by typing NET HELPMSG 2182.


==================== Memory info ===========================

Percentage of memory in use: 47%
Total physical RAM: 4094.18 MB
Available physical RAM: 2157.93 MB
Total Pagefile: 10235.18 MB
Available Pagefile: 8238.9 MB
Total Virtual: 131072 MB
Available Virtual: 131071.77 MB

==================== Drives ================================

Drive c: (HP) (Fixed) (Total:584.25 GB) (Free:463.79 GB) NTFS
Drive d: (FACTORY_IMAGE) (Fixed) (Total:11.83 GB) (Free:2.1 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (RMS Backup) (Fixed) (Total:232.88 GB) (Free:158.18 GB) NTFS
Drive s: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 596 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=584 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=12 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 233 GB) (Disk ID: 000015ED)
Partition 1: (Not Active) - (Size=233 GB) - (Type=07 NTFS)

==================== End Of Log ============================
rmscholbe
Active Member
 
Posts: 12
Joined: January 14th, 2014, 6:45 pm

Re: My cursor keeps moving to the right of the screen by its

Unread postby rmscholbe » January 18th, 2014, 9:28 pm

Here is a copy of a SystemLook log file.:

SystemLook 30.07.11 by jpshortstuff
Log created at 12:59 on 16/01/2014 by Roger
Administrator - Elevation successful

========== filefind ==========

Searching for "*Fun4IM*"
No files found.

Searching for "*Bandoo*"
No files found.

Searching for "*Searchnu*"
No files found.

Searching for "*Searchqu*"
C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.1.337_x64__8wekyb3d8bbwe\AppCode\Data\SearchQueryData.js --a---- 11153 bytes [14:59 04/11/2013] [14:59 04/11/2013] 488DEF849AF5BD60D2F6BB3C48AEF106

Searching for "*iLivid*"
No files found.

Searching for "*whitesmoke*"
No files found.

Searching for "*datamngr*"
C:\Users\Roger\AppData\Local\Temp\jrt\datamngr_del.reg --a---- 386 bytes [13:40 15/01/2014] [03:41 22/08/2013] 95F42A3D43416D3BB978F174C83F494C

Searching for "*trolltech*"
No files found.

Searching for "*babylon*"
No files found.

Searching for "*conduit*"
No files found.

========== folderfind ==========

Searching for "*Fun4IM*"
No folders found.

Searching for "*Bandoo*"
No folders found.

Searching for "*Searchnu*"
No folders found.

Searching for "*Searchqu*"
No folders found.

Searching for "*iLivid*"
No folders found.

Searching for "*whitesmoke*"
No folders found.

Searching for "*datamngr*"
No folders found.

Searching for "*trolltech*"
No folders found.

Searching for "*babylon*"
No folders found.

Searching for "*conduit*"
No folders found.

========== Regfind ==========

Searching for "Fun4IM"
No data found.

Searching for "Bandoo"
No data found.

Searching for "Searchnu"
No data found.

Searching for "Searchqu"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b9f41624-2083-45cd-ac36-af8119a22a41}]
@="CLocationSearchQuery"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{46A1205B-69C9-4745-B72F-A8A4FC8F24AE}]
@="__x_Windows_CApplicationModel_CSearch_CISearchQueryLinguisticDetails"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{69563521-C154-4B45-B884-035872E3F96A}]
@="ISearchQueryCondition"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}]
@="ISearchQueryHelper"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CAC6C3B8-3C64-4DFD-AD9F-479E4D4065A4}]
@="__x_Windows_CApplicationModel_CSearch_CISearchQueryLinguisticDetailsFactory"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{46A1205B-69C9-4745-B72F-A8A4FC8F24AE}]
@="__x_Windows_CApplicationModel_CSearch_CISearchQueryLinguisticDetails"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{69563521-C154-4B45-B884-035872E3F96A}]
@="ISearchQueryCondition"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}]
@="ISearchQueryHelper"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{CAC6C3B8-3C64-4DFD-AD9F-479E4D4065A4}]
@="__x_Windows_CApplicationModel_CSearch_CISearchQueryLinguisticDetailsFactory"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Search.SearchQueryLinguisticDetails]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\CLSID\{1E041E06-E1C5-4B7B-ADD3-20E32D155C2E}]
"ActivatableClassId"="Windows.ApplicationModel.Search.SearchQueryLinguisticDetails"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Search.SearchQueryLinguisticDetails]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\WindowsRuntime\CLSID\{1E041E06-E1C5-4B7B-ADD3-20E32D155C2E}]
"ActivatableClassId"="Windows.ApplicationModel.Search.SearchQueryLinguisticDetails"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{46A1205B-69C9-4745-B72F-A8A4FC8F24AE}]
@="__x_Windows_CApplicationModel_CSearch_CISearchQueryLinguisticDetails"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{69563521-C154-4B45-B884-035872E3F96A}]
@="ISearchQueryCondition"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}]
@="ISearchQueryHelper"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{CAC6C3B8-3C64-4DFD-AD9F-479E4D4065A4}]
@="__x_Windows_CApplicationModel_CSearch_CISearchQueryLinguisticDetailsFactory"

Searching for "iLivid"
No data found.

Searching for "whitesmoke"
No data found.

Searching for "datamngr"
No data found.

Searching for "kelkoopartners"
No data found.

Searching for "trolltech"
[HKEY_CURRENT_USER\Software\Trolltech]
[HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.6\com.trolltech.Qt.QImageIOHandlerFactoryInterface:]
[HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.7\com.trolltech.Qt.QImageIOHandlerFactoryInterface:]
[HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.8\com.trolltech.Qt.QIconEngineFactoryInterface:]
[HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.8\com.trolltech.Qt.QIconEngineFactoryInterfaceV2:]
[HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.8\com.trolltech.Qt.QImageIOHandlerFactoryInterface:]
[HKEY_USERS\S-1-5-21-2148773256-3097276083-3132812908-1001\Software\Trolltech]
[HKEY_USERS\S-1-5-21-2148773256-3097276083-3132812908-1001\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.6\com.trolltech.Qt.QImageIOHandlerFactoryInterface:]
[HKEY_USERS\S-1-5-21-2148773256-3097276083-3132812908-1001\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.7\com.trolltech.Qt.QImageIOHandlerFactoryInterface:]
[HKEY_USERS\S-1-5-21-2148773256-3097276083-3132812908-1001\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.8\com.trolltech.Qt.QIconEngineFactoryInterface:]
[HKEY_USERS\S-1-5-21-2148773256-3097276083-3132812908-1001\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.8\com.trolltech.Qt.QIconEngineFactoryInterfaceV2:]
[HKEY_USERS\S-1-5-21-2148773256-3097276083-3132812908-1001\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.8\com.trolltech.Qt.QImageIOHandlerFactoryInterface:]

Searching for "babylon"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}]
"DllName"="BabylonToolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}]
"DllName"="BabylonToolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}]
"DllName"="BabylonToolbarTlbr.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}]
"DllName"="BabylonToolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}]
"DllName"="BabylonToolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}]
"DllName"="BabylonToolbarTlbr.dll"

Searching for "conduit"
No data found.

-= EOF =-
rmscholbe
Active Member
 
Posts: 12
Joined: January 14th, 2014, 6:45 pm

Re: My cursor keeps moving to the right of the screen by its

Unread postby rmscholbe » January 18th, 2014, 9:44 pm

On my MS Office, the License Key for it is FFP, which is for a retail license. I paid for this software through a special purchase program, when I was working for the Federal Government.
rmscholbe
Active Member
 
Posts: 12
Joined: January 14th, 2014, 6:45 pm

Re: My cursor keeps moving to the right of the screen by its

Unread postby wannabeageek » January 20th, 2014, 1:27 am

Hi rmscholbe,

I am checking over the logs you posted and will get back to you when I finish.

In the mean time I need to know exactly when you purchased your copy of MS Office Enterprise 2007 and the name of the program you purchased it under.

wbg
wannabeageek
MRU Master
MRU Master
 
Posts: 1871
Joined: November 23rd, 2009, 10:21 pm
Location: California

Re: My cursor keeps moving to the right of the screen by its

Unread postby rmscholbe » January 20th, 2014, 10:36 am

Hi wbg,

I purchased it in 2007 and I do not remember the name of the program, employees were allowed to purchase it under.

If you have a problem with it, please PM me about it.

I also, do not like the tone, reflected in your email. If you want to question me about something, not related to my problem on my computer, please do it via, PM.

I am also guessing that MRU, did not have any classes on how Tier Level 3 & 4 techs, should ask politely request information or ask questions.

Thank you for your time and consideration.

Roger
rmscholbe
Active Member
 
Posts: 12
Joined: January 14th, 2014, 6:45 pm
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 500 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware