Thanks again Quads, Log files from OTL.
For what it is worth my machine does not have a cdrom drive at all....
Also, I appear to have a partitioned drive "Downloads for Android (TM)" with files including three "Disc Image File"s dated 4 yrs ago - is this normal?
Tks a million.
Genera8ion.
OTL logfile created on: 3/14/2014 10:25:33 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Liszelle\Desktop
Starter Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy
1013.09 Mb Total Physical Memory | 96.95 Mb Available Physical Memory | 9.57% Memory free
1.99 Gb Paging File | 0.90 Gb Available in Paging File | 45.37% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 215.79 Gb Total Space | 52.23 Gb Free Space | 24.21% Space Free | Partition Type: NTFS
Drive D: | 4.00 Gb Total Space | 2.63 Gb Free Space | 65.77% Space Free | Partition Type: FAT32
Computer Name: LISZELLE-PC | User Name: Liszelle | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days
========== Processes (SafeList) ========== PRC - [2014/03/14 10:22:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Liszelle\Desktop\OTL.exe
PRC - [2014/02/12 08:57:52 | 000,276,376 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\21.1.1.7\NIS.exe
PRC - [2014/01/08 11:22:20 | 000,064,112 | ---- | M] (CyberGhost S.R.L) -- C:\Program Files\CyberGhost 5\Service.exe
PRC - [2013/05/13 08:33:02 | 001,693,904 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
PRC - [2013/05/13 08:33:02 | 001,113,296 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
PRC - [2012/11/23 05:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2011/02/25 08:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/12/29 08:50:18 | 000,458,240 | ---- | M] (Livescribe) -- C:\Program Files\Common Files\Livescribe\PenComm\PenCommService.exe
PRC - [2010/08/10 12:06:16 | 000,321,104 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\dsiwmis.exe
PRC - [2010/06/12 00:28:06 | 000,715,296 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
PRC - [2010/06/12 00:28:02 | 000,735,776 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
PRC - [2010/06/12 00:27:54 | 000,469,536 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
PRC - [2010/06/08 20:49:30 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/01/30 02:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer VCM\RS_Service.exe
PRC - [2010/01/29 02:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe
PRC - [2010/01/08 16:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Registration\GREGsvc.exe
========== Modules (No Company Name) ========== ========== Services (SafeList) ========== SRV - [2014/03/14 09:13:52 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2014/03/12 06:12:49 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/02/15 13:12:29 | 000,118,896 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/02/12 08:57:52 | 000,276,376 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Internet Security\Engine\21.1.1.7\NIS.exe -- (NIS)
SRV - [2014/01/08 11:22:20 | 000,064,112 | ---- | M] (CyberGhost S.R.L) [Auto | Running] -- C:\Program Files\CyberGhost 5\Service.exe -- (CGVPNCliService)
SRV - [2013/10/23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/05/27 07:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010/12/29 08:50:18 | 000,458,240 | ---- | M] (Livescribe) [Auto | Running] -- C:\Program Files\Common Files\Livescribe\PenComm\PenCommService.exe -- (PenCommService)
SRV - [2010/08/10 12:06:16 | 000,321,104 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2010/06/12 00:28:02 | 000,735,776 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV - [2010/06/08 20:49:30 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/05/27 05:41:06 | 000,305,520 | ---- | M] (Egis Technology Inc.) [On_Demand | Stopped] -- C:\Program Files\EgisTec MyWinLocker\x86\MWLService.exe -- (MWLService)
SRV - [2010/01/30 02:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2010/01/29 02:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV - [2010/01/08 16:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Registration\GREGsvc.exe -- (GREGService)
========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbmdm.sys -- (hwdatacard)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbnet.sys -- (ewusbnet)
DRV - [2014/03/06 07:42:35 | 000,395,992 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Norton Internet Security\NortonData\21.1.1.7\Definitions\IPSDefs\20140313.001\IDSvix86.sys -- (IDSVix86)
DRV - [2014/02/21 00:12:13 | 000,142,936 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2014/02/20 01:00:00 | 001,612,376 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Norton Internet Security\NortonData\21.1.1.7\Definitions\VirusDefs\20140313.016\NAVEX15.SYS -- (NAVEX15)
DRV - [2014/02/20 01:00:00 | 000,376,920 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2014/02/20 01:00:00 | 000,093,272 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Norton Internet Security\NortonData\21.1.1.7\Definitions\VirusDefs\20140313.016\NAVENG.SYS -- (NAVENG)
DRV - [2014/02/14 22:20:24 | 001,098,968 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Norton Internet Security\NortonData\21.1.1.7\Definitions\BASHDefs\20140214.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2014/02/11 21:33:43 | 000,664,280 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\NIS\1501010.007\srtsp.sys -- (SRTSP)
DRV - [2014/02/11 21:33:43 | 000,032,344 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1501010.007\srtspx.sys -- (SRTSPX)
DRV - [2013/09/27 06:18:30 | 000,935,512 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\NIS\1501010.007\SymEFA.sys -- (SymEFA)
DRV - [2013/09/27 05:45:56 | 000,206,936 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1501010.007\Ironx86.sys -- (SymIRON)
DRV - [2013/09/26 06:28:00 | 000,446,552 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1501010.007\symnets.sys -- (SymNetS)
DRV - [2013/09/26 05:50:25 | 000,127,064 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1501010.007\ccSetx86.sys -- (ccSet_NIS)
DRV - [2013/09/10 05:47:26 | 000,367,704 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\NIS\1501010.007\SymDS.sys -- (SymDS)
DRV - [2013/08/22 15:40:22 | 000,035,288 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tap0901.sys -- (tap0901)
DRV - [2013/07/25 09:53:46 | 000,018,944 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netaapl.sys -- (Netaapl)
DRV - [2010/12/29 08:50:18 | 000,020,480 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PulseUsb.sys -- (PulseUsb)
DRV - [2010/11/20 13:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 12:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/10/13 15:28:54 | 000,064,304 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfenlfk.sys -- (mfenlfk)
DRV - [2010/08/24 12:55:52 | 000,068,208 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C)
DRV - [2010/06/17 09:50:38 | 000,082,768 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\EUCR6SK.sys -- (EUCR)
DRV - [2010/05/31 07:04:30 | 006,766,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5s32.sys -- (NETw5s32)
DRV - [2009/07/14 02:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/06/03 05:15:40 | 000,060,976 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV - [2009/06/03 05:15:38 | 000,016,432 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV - [2009/06/03 05:15:34 | 000,018,992 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\System32\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2066188107-2257231759-1798236243-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
acer.msn.comIE - HKU\S-1-5-21-2066188107-2257231759-1798236243-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
www.google.com.sa/IE - HKU\S-1-5-21-2066188107-2257231759-1798236243-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2066188107-2257231759-1798236243-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SRIE - HKU\S-1-5-21-2066188107-2257231759-1798236243-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2066188107-2257231759-1798236243-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ========== FF - prefs.js..browser.startup.homepage: "translate.google.com"
FF - prefs.js..extensions.enabledAddons: %7B2D3F3651-74B9-4795-BDEC-6DA2F431CB62%7D:2014.6.6.3
FF - prefs.js..extensions.enabledAddons: %7BBBDA0591-3099-440a-AA10-41764D9DB4DB%7D:12.1.0.10%20-%201
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0.1
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Liszelle\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Liszelle\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.1.7\IPSFF [2014/02/21 00:19:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.1.7\coFFPlgn\ [2014/03/14 09:25:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2012/06/03 13:37:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Liszelle\AppData\Roaming\mozilla\Extensions
[2013/09/27 02:19:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Liszelle\AppData\Roaming\mozilla\Firefox\Profiles\60d3d1eu.default\extensions
[2014/02/15 13:12:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/02/15 13:12:30 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014/03/14 09:25:44 | 000,000,000 | ---D | M] (Norton Toolbar) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.1.7\COFFPLGN
[2014/02/21 00:19:25 | 000,000,000 | ---D | M] (Norton Vulnerability Protection) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.1.7\IPSFF
========== Chrome ========== CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = C:\Users\Liszelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Liszelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Liszelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Liszelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Norton Identity Protection = C:\Users\Liszelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2014.6.6.3_0\
CHR - Extension: Google Wallet = C:\Users\Liszelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Liszelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2009/06/11 00:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\21.1.1.7\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\21.1.1.7\IPS\IPSBHO.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\21.1.1.7\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKU\S-1-5-21-2066188107-2257231759-1798236243-1000..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5}
security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5}
download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {EA1B8527-E422-4909-825A-70BE0694F18E}
online.westpac.com.au/wtoa/wtOtherAccounts/portfoliomanagerwt.cab (PortfolioManagerWT ProfileManager Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 0.0.0.0
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{11D7F014-A080-46E8-9185-EFDD9EF44E1A}: DhcpNameServer = 192.168.1.1 0.0.0.0
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{474C3954-0799-46A9-9DF3-60A48381145F}: DhcpNameServer = 172.20.10.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FF1B56A0-DD01-4C43-915F-C56AC38C9ADE}: DhcpNameServer = 192.168.1.1 0.0.0.0
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/11 00:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{0979dbe5-8854-11e1-b94e-1c7508223930}\Shell - "" = AutoRun
O33 - MountPoints2\{0979dbe5-8854-11e1-b94e-1c7508223930}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{0979dbe7-8854-11e1-b94e-1c7508223930}\Shell - "" = AutoRun
O33 - MountPoints2\{0979dbe7-8854-11e1-b94e-1c7508223930}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{0979dbec-8854-11e1-b94e-1c7508223930}\Shell - "" = AutoRun
O33 - MountPoints2\{0979dbec-8854-11e1-b94e-1c7508223930}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{166eaa2f-c748-11e1-b5a0-1c7508223930}\Shell - "" = AutoRun
O33 - MountPoints2\{166eaa2f-c748-11e1-b5a0-1c7508223930}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{166eaa33-c748-11e1-b5a0-1c7508223930}\Shell - "" = AutoRun
O33 - MountPoints2\{166eaa33-c748-11e1-b5a0-1c7508223930}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{16df3b14-63bd-11e0-a8fc-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{16df3b14-63bd-11e0-a8fc-806e6f6e6963}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{16df3b35-63bd-11e0-a8fc-1c7508223930}\Shell - "" = AutoRun
O33 - MountPoints2\{16df3b35-63bd-11e0-a8fc-1c7508223930}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{20aa6069-55f5-11e0-b81c-0026c7a8da7c}\Shell - "" = AutoRun
O33 - MountPoints2\{20aa6069-55f5-11e0-b81c-0026c7a8da7c}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{20aa6072-55f5-11e0-b81c-1c7508223930}\Shell - "" = AutoRun
O33 - MountPoints2\{20aa6072-55f5-11e0-b81c-1c7508223930}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{20aa6111-55f5-11e0-b81c-001e101f859f}\Shell - "" = AutoRun
O33 - MountPoints2\{20aa6111-55f5-11e0-b81c-001e101f859f}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{20aa6113-55f5-11e0-b81c-001e101f859f}\Shell - "" = AutoRun
O33 - MountPoints2\{20aa6113-55f5-11e0-b81c-001e101f859f}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{20aa6114-55f5-11e0-b81c-001e101f859f}\Shell - "" = AutoRun
O33 - MountPoints2\{20aa6114-55f5-11e0-b81c-001e101f859f}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{2c09dea1-628a-11e0-b5c8-0026c7a8da7c}\Shell - "" = AutoRun
O33 - MountPoints2\{2c09dea1-628a-11e0-b5c8-0026c7a8da7c}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{71114b21-ac89-11e1-b0ab-1c7508223930}\Shell - "" = AutoRun
O33 - MountPoints2\{71114b21-ac89-11e1-b0ab-1c7508223930}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{a825d6a1-6c6a-11e0-b898-1c7508223930}\Shell - "" = AutoRun
O33 - MountPoints2\{a825d6a1-6c6a-11e0-b898-1c7508223930}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{ac24d6e5-884c-11e1-b2c5-1c7508223930}\Shell - "" = AutoRun
O33 - MountPoints2\{ac24d6e5-884c-11e1-b2c5-1c7508223930}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{ac24d6e9-884c-11e1-b2c5-1c7508223930}\Shell - "" = AutoRun
O33 - MountPoints2\{ac24d6e9-884c-11e1-b2c5-1c7508223930}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{c4063181-9c96-11e1-ae98-0026c7a8da7c}\Shell - "" = AutoRun
O33 - MountPoints2\{c4063181-9c96-11e1-ae98-0026c7a8da7c}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{c4063184-9c96-11e1-ae98-1c7508223930}\Shell - "" = AutoRun
O33 - MountPoints2\{c4063184-9c96-11e1-ae98-1c7508223930}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{c54acb58-4cce-11e1-b621-1c7508223930}\Shell - "" = AutoRun
O33 - MountPoints2\{c54acb58-4cce-11e1-b621-1c7508223930}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{cd640afb-66da-11e0-b744-1c7508223930}\Shell - "" = AutoRun
O33 - MountPoints2\{cd640afb-66da-11e0-b744-1c7508223930}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{d49ef772-30c1-11e0-8af4-1c7508223930}\Shell - "" = AutoRun
O33 - MountPoints2\{d49ef772-30c1-11e0-8af4-1c7508223930}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{d49ef77a-30c1-11e0-8af4-1c7508223930}\Shell - "" = AutoRun
O33 - MountPoints2\{d49ef77a-30c1-11e0-8af4-1c7508223930}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{d49ef77c-30c1-11e0-8af4-1c7508223930}\Shell - "" = AutoRun
O33 - MountPoints2\{d49ef77c-30c1-11e0-8af4-1c7508223930}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{e0df6f28-c264-11e0-a47f-0026c7a8da7c}\Shell - "" = AutoRun
O33 - MountPoints2\{e0df6f28-c264-11e0-a47f-0026c7a8da7c}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{e0df6f2a-c264-11e0-a47f-1c7508223930}\Shell - "" = AutoRun
O33 - MountPoints2\{e0df6f2a-c264-11e0-a47f-1c7508223930}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{e0df6f2d-c264-11e0-a47f-1c7508223930}\Shell - "" = AutoRun
O33 - MountPoints2\{e0df6f2d-c264-11e0-a47f-1c7508223930}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{e8d80d07-30c3-11e0-aa96-1c7508223930}\Shell - "" = AutoRun
O33 - MountPoints2\{e8d80d07-30c3-11e0-aa96-1c7508223930}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{ebd0a3f3-3cd6-11e1-b775-001e101f36d9}\Shell - "" = AutoRun
O33 - MountPoints2\{ebd0a3f3-3cd6-11e1-b775-001e101f36d9}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{ebd0a3f7-3cd6-11e1-b775-1c7508223930}\Shell - "" = AutoRun
O33 - MountPoints2\{ebd0a3f7-3cd6-11e1-b775-1c7508223930}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 90 Days ========== [2014/03/14 10:22:47 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Liszelle\Desktop\OTL.exe
[2014/03/14 09:13:53 | 000,646,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2014/03/14 09:13:53 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsIntl.dll
[2014/03/14 09:13:53 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\elshyph.dll
[2014/03/14 09:13:53 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2014/03/14 09:13:53 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2014/03/14 09:13:53 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2014/03/14 09:13:53 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2014/03/14 09:13:53 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2014/03/14 09:13:52 | 004,240,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2014/03/14 09:13:52 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014/03/14 09:13:52 | 001,926,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2014/03/14 09:13:52 | 001,051,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2014/03/14 09:13:52 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2014/03/14 09:13:52 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2014/03/14 09:13:52 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2014/03/14 09:13:52 | 000,523,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2014/03/14 09:13:52 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2014/03/14 09:13:52 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2014/03/14 09:13:52 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2014/03/14 09:13:52 | 000,244,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2014/03/14 09:13:52 | 000,238,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2014/03/14 09:13:52 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2014/03/14 09:13:52 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2014/03/14 09:13:52 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2014/03/14 09:13:52 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2014/03/14 09:13:52 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2014/03/14 09:13:52 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2014/03/14 09:13:52 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2014/03/14 09:13:52 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2014/03/14 09:13:52 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2014/03/14 09:13:52 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2014/03/14 09:13:52 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2014/03/14 09:13:52 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll
[2014/03/14 09:13:52 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2014/03/14 09:13:52 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2014/03/14 09:13:52 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2014/03/14 09:13:52 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2014/03/14 09:13:52 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2014/03/14 09:13:52 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2014/03/14 09:13:52 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2014/03/14 09:13:52 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2014/03/14 09:13:52 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2014/03/14 09:13:52 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2014/03/12 23:57:44 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2014/03/12 07:33:46 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/03/12 07:28:14 | 001,037,734 | ---- | C] (Thisisu) -- C:\Users\Liszelle\Desktop\JRT.exe
[2014/03/12 05:59:28 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2014/03/12 05:59:15 | 002,349,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2014/03/12 05:59:11 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wer.dll
[2014/03/11 07:11:12 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/03/10 23:17:26 | 000,000,000 | ---D | C] -- C:\Users\Liszelle\Desktop\FRST-OlderVersion
[2014/03/09 19:59:24 | 000,000,000 | ---D | C] -- C:\FRST
[2014/03/09 19:55:53 | 001,145,856 | ---- | C] (Farbar) -- C:\Users\Liszelle\Desktop\FRST.exe
[2014/03/03 21:32:34 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Saudi Arabia
[2014/03/01 10:39:51 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2014/03/01 09:29:56 | 000,000,000 | ---D | C] -- C:\Users\Liszelle\AppData\Local\Skype
[2014/03/01 09:28:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2014/03/01 09:28:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2014/03/01 09:28:45 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2014/02/22 22:10:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014/02/22 22:09:03 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2014/02/22 22:08:39 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2014/02/22 22:08:39 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2014/02/22 21:54:41 | 000,000,000 | ---D | C] -- C:\Users\Liszelle\AppData\Local\CrashDumps
[2014/02/22 21:49:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
[2014/02/22 19:06:09 | 000,000,000 | ---D | C] -- C:\Users\Liszelle\Documents\Seder
[2014/02/21 09:56:46 | 000,000,000 | ---D | C] -- C:\85d5d7074e319e5885ad9665501c
[2014/02/21 00:12:13 | 000,142,936 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
[2014/02/21 00:12:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2014/02/21 00:11:25 | 000,935,512 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\NIS\1501010.007\SymEFA.sys
[2014/02/21 00:11:25 | 000,446,552 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\NIS\1501010.007\symnets.sys
[2014/02/21 00:11:25 | 000,367,704 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\NIS\1501010.007\SymDS.sys
[2014/02/21 00:11:25 | 000,032,344 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\NIS\1501010.007\srtspx.sys
[2014/02/21 00:11:25 | 000,021,520 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\NIS\1501010.007\SymELAM.sys
[2014/02/21 00:11:24 | 000,664,280 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\NIS\1501010.007\srtsp.sys
[2014/02/21 00:11:24 | 000,206,936 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\NIS\1501010.007\Ironx86.sys
[2014/02/21 00:11:24 | 000,127,064 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\NIS\1501010.007\ccSetx86.sys
[2014/02/21 00:10:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\NIS
[2014/02/21 00:10:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\NIS\1501010.007
[2014/02/21 00:10:44 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
[2014/02/21 00:10:44 | 000,000,000 | ---D | C] -- C:\Program Files\Norton Internet Security
[2014/02/20 23:52:16 | 000,000,000 | ---D | C] -- C:\ProgramData\PCSettings
[2014/02/20 22:56:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2014/02/20 22:56:41 | 003,419,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2014/02/20 22:56:41 | 001,987,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2014/02/20 22:56:35 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2014/02/20 22:56:35 | 000,572,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2014/02/20 22:56:35 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2014/02/20 22:56:35 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2014/02/20 22:56:35 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2014/02/20 22:56:34 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2014/02/20 22:56:34 | 000,390,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2014/02/20 22:56:34 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2014/02/20 22:56:34 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2014/02/15 14:09:02 | 000,231,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2014/02/15 13:12:11 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2014/02/03 22:09:44 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2014/02/02 21:46:42 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys
[2014/02/02 21:46:42 | 000,025,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidparse.sys
[2014/02/02 21:46:32 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2014/02/02 21:46:30 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmartcardCredentialProvider.dll
[2014/02/02 21:45:57 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2014/02/02 21:45:57 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2014/02/02 21:45:31 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe
[2014/02/02 21:45:30 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2014/02/02 21:45:18 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2014/02/02 21:44:32 | 003,969,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2014/02/02 21:44:31 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2014/02/02 21:44:29 | 000,619,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tdh.dll
[2014/02/02 21:44:22 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2014/02/02 21:44:11 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2014/02/02 21:44:11 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2014/02/02 21:44:10 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2014/02/02 21:44:09 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2014/02/02 21:44:01 | 000,434,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scavengeui.dll
[2014/02/02 21:43:42 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\portcls.sys
[2014/02/02 21:43:42 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\drmk.sys
[2014/02/02 21:43:06 | 000,240,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2014/02/02 21:42:19 | 000,133,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
[2014/02/02 21:42:15 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshwfp.dll
[2014/02/02 21:42:15 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2014/02/02 21:41:21 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2014/02/02 21:41:21 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[2014/01/21 19:51:10 | 000,000,000 | ---D | C] -- C:\Users\Liszelle\AppData\Roaming\dvdcss
[2014/01/06 22:26:26 | 000,000,000 | ---D | C] -- C:\Users\Liszelle\AppData\Local\CyberGhost
[2014/01/06 22:22:46 | 000,000,000 | ---D | C] -- C:\Program Files\TAP-Windows
[2014/01/06 22:21:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 5
[2014/01/06 22:21:37 | 000,000,000 | ---D | C] -- C:\Program Files\CyberGhost 5
[2013/12/28 12:15:49 | 000,000,000 | ---D | C] -- C:\Users\Liszelle\AppData\Roaming\GIRDAC
[2013/12/28 12:15:49 | 000,000,000 | ---D | C] -- C:\GIRDAC
[1 C:\Users\Liszelle\Documents\*.tmp files -> C:\Users\Liszelle\Documents\*.tmp -> ]
========== Files - Modified Within 90 Days ========== [2014/03/14 10:22:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Liszelle\Desktop\OTL.exe
[2014/03/14 10:17:00 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2066188107-2257231759-1798236243-1000UA.job
[2014/03/14 10:12:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/03/14 09:29:25 | 000,009,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/03/14 09:29:25 | 000,009,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/03/14 09:23:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/03/14 09:23:37 | 796,729,344 | -HS- | M] () -- C:\hiberfil.sys
[2014/03/14 09:17:08 | 002,102,591 | ---- | M] () -- C:\Windows\System32\drivers\NIS\1501010.007\Cat.DB
[2014/03/14 09:13:53 | 000,646,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2014/03/14 09:13:53 | 000,645,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsIntl.dll
[2014/03/14 09:13:53 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\elshyph.dll
[2014/03/14 09:13:53 | 000,182,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2014/03/14 09:13:53 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2014/03/14 09:13:53 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2014/03/14 09:13:53 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2014/03/14 09:13:53 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2014/03/14 09:13:52 | 004,240,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2014/03/14 09:13:52 | 002,724,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014/03/14 09:13:52 | 001,926,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2014/03/14 09:13:52 | 001,051,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2014/03/14 09:13:52 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2014/03/14 09:13:52 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2014/03/14 09:13:52 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2014/03/14 09:13:52 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2014/03/14 09:13:52 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2014/03/14 09:13:52 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2014/03/14 09:13:52 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2014/03/14 09:13:52 | 000,244,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2014/03/14 09:13:52 | 000,238,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2014/03/14 09:13:52 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2014/03/14 09:13:52 | 000,208,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2014/03/14 09:13:52 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2014/03/14 09:13:52 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2014/03/14 09:13:52 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2014/03/14 09:13:52 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2014/03/14 09:13:52 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2014/03/14 09:13:52 | 000,108,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2014/03/14 09:13:52 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2014/03/14 09:13:52 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2014/03/14 09:13:52 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2014/03/14 09:13:52 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll
[2014/03/14 09:13:52 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2014/03/14 09:13:52 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2014/03/14 09:13:52 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2014/03/14 09:13:52 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2014/03/14 09:13:52 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2014/03/14 09:13:52 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2014/03/14 09:13:52 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2014/03/14 09:13:52 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2014/03/14 09:13:52 | 000,016,284 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2014/03/14 09:13:52 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2014/03/14 09:13:52 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2014/03/13 20:52:29 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2066188107-2257231759-1798236243-1000Core.job
[2014/03/12 16:00:26 | 000,404,760 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014/03/12 07:27:06 | 001,037,734 | ---- | M] (Thisisu) -- C:\Users\Liszelle\Desktop\JRT.exe
[2014/03/12 06:12:44 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014/03/12 06:12:44 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2014/03/11 07:06:49 | 001,949,184 | ---- | M] () -- C:\Users\Liszelle\Desktop\AdwCleaner.exe
[2014/03/10 23:17:26 | 001,145,856 | ---- | M] (Farbar) -- C:\Users\Liszelle\Desktop\FRST.exe
[2014/03/10 22:27:56 | 000,077,975 | ---- | M] () -- C:\Users\Liszelle\Documents\QUT 2014-academic-calendar.pdf
[2014/03/08 12:15:37 | 000,000,197 | ---- | M] () -- C:\Users\Liszelle\Desktop\DELTA removal.url
[2014/03/07 21:32:19 | 000,667,112 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/03/07 21:32:19 | 000,126,756 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/03/04 21:40:55 | 000,002,351 | ---- | M] () -- C:\Users\Liszelle\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/02/27 12:48:38 | 000,030,068 | ---- | M] () -- C:\Windows\System32\drivers\NIS\1501010.007\VT20140227.006
[2014/02/24 04:31:53 | 000,802,835 | ---- | M] () -- C:\Users\Liszelle\Documents\profile.jpg
[2014/02/21 00:12:13 | 000,142,936 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
[2014/02/21 00:12:13 | 000,008,194 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
[2014/02/21 00:12:13 | 000,000,805 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.INF
[2014/02/12 09:00:32 | 000,000,172 | ---- | M] () -- C:\Windows\System32\drivers\NIS\1501010.007\isolate.ini
[2014/02/11 21:33:50 | 000,008,180 | R--- | M] () -- C:\Windows\System32\drivers\NIS\1501010.007\srtspx.cat
[2014/02/11 21:33:50 | 000,008,176 | R--- | M] () -- C:\Windows\System32\drivers\NIS\1501010.007\srtsp.cat
[2014/02/11 21:33:50 | 000,001,389 | R--- | M] () -- C:\Windows\System32\drivers\NIS\1501010.007\srtspx.inf
[2014/02/11 21:33:50 | 000,001,388 | R--- | M] () -- C:\Windows\System32\drivers\NIS\1501010.007\srtsp.inf
[2014/02/11 21:33:43 | 000,664,280 | R--- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\NIS\1501010.007\srtsp.sys
[2014/02/11 21:33:43 | 000,032,344 | R--- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\NIS\1501010.007\srtspx.sys
[2014/02/07 04:07:56 | 002,349,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2014/01/30 09:50:35 | 000,302,227 | ---- | M] () -- C:\Users\Liszelle\Documents\My Lisa.JPG
[2014/01/29 05:06:47 | 000,381,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wer.dll
[2014/01/06 22:21:46 | 000,000,995 | ---- | M] () -- C:\Users\Liszelle\Application Data\Microsoft\Internet Explorer\Quick Launch\CyberGhost 5.lnk
[2014/01/02 03:46:17 | 286,866,997 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/12/25 02:09:41 | 001,987,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2013/12/18 06:13:56 | 000,231,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[1 C:\Users\Liszelle\Documents\*.tmp files -> C:\Users\Liszelle\Documents\*.tmp -> ]
========== Files Created - No Company Name ========== [2014/03/14 09:13:52 | 000,016,284 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2014/03/11 07:07:37 | 001,949,184 | ---- | C] () -- C:\Users\Liszelle\Desktop\AdwCleaner.exe
[2014/03/10 22:27:54 | 000,077,975 | ---- | C] () -- C:\Users\Liszelle\Documents\QUT 2014-academic-calendar.pdf
[2014/03/08 12:15:25 | 000,000,197 | ---- | C] () -- C:\Users\Liszelle\Desktop\DELTA removal.url
[2014/02/28 13:19:57 | 000,030,068 | ---- | C] () -- C:\Windows\System32\drivers\NIS\1501010.007\VT20140227.006
[2014/02/24 04:31:51 | 000,802,835 | ---- | C] () -- C:\Users\Liszelle\Documents\profile.jpg
[2014/02/21 11:14:50 | 003,010,430 | ---- | C] () -- C:\Users\Liszelle\Documents\My boys.JPG
[2014/02/21 00:12:21 | 002,102,591 | ---- | C] () -- C:\Windows\System32\drivers\NIS\1501010.007\Cat.DB
[2014/02/21 00:12:13 | 000,008,194 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
[2014/02/21 00:12:13 | 000,000,805 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT.INF
[2014/02/21 00:10:51 | 000,003,433 | R--- | C] () -- C:\Windows\System32\drivers\NIS\1501010.007\SymEFA.inf
[2014/02/21 00:10:51 | 000,002,852 | R--- | C] () -- C:\Windows\System32\drivers\NIS\1501010.007\SymDS.inf
[2014/02/21 00:10:51 | 000,001,440 | R--- | C] () -- C:\Windows\System32\drivers\NIS\1501010.007\SymNet.inf
[2014/02/21 00:10:51 | 000,001,389 | R--- | C] () -- C:\Windows\System32\drivers\NIS\1501010.007\srtspx.inf
[2014/02/21 00:10:51 | 000,001,388 | R--- | C] () -- C:\Windows\System32\drivers\NIS\1501010.007\srtsp.inf
[2014/02/21 00:10:51 | 000,001,098 | R--- | C] () -- C:\Windows\System32\drivers\NIS\1501010.007\symELAM.inf
[2014/02/21 00:10:51 | 000,000,829 | R--- | C] () -- C:\Windows\System32\drivers\NIS\1501010.007\ccSetx86.inf
[2014/02/21 00:10:51 | 000,000,737 | R--- | C] () -- C:\Windows\System32\drivers\NIS\1501010.007\Iron.inf
[2014/02/21 00:10:50 | 000,014,818 | R--- | C] () -- C:\Windows\System32\drivers\NIS\1501010.007\SymVTcer.dat
[2014/02/21 00:10:49 | 000,009,931 | R--- | C] () -- C:\Windows\System32\drivers\NIS\1501010.007\SymELAM.cat
[2014/02/21 00:10:49 | 000,008,194 | R--- | C] () -- C:\Windows\System32\drivers\NIS\1501010.007\ccSetx86.cat
[2014/02/21 00:10:49 | 000,008,184 | R--- | C] () -- C:\Windows\System32\drivers\NIS\1501010.007\SymNet.cat
[2014/02/21 00:10:49 | 000,008,182 | R--- | C] () -- C:\Windows\System32\drivers\NIS\1501010.007\SymEFA.cat
[2014/02/21 00:10:49 | 000,008,180 | R--- | C] () -- C:\Windows\System32\drivers\NIS\1501010.007\srtspx.cat
[2014/02/21 00:10:49 | 000,008,176 | R--- | C] () -- C:\Windows\System32\drivers\NIS\1501010.007\SymDS.cat
[2014/02/21 00:10:49 | 000,008,176 | R--- | C] () -- C:\Windows\System32\drivers\NIS\1501010.007\srtsp.cat
[2014/02/21 00:10:49 | 000,008,176 | R--- | C] () -- C:\Windows\System32\drivers\NIS\1501010.007\iron.cat
[2014/02/21 00:10:49 | 000,000,172 | ---- | C] () -- C:\Windows\System32\drivers\NIS\1501010.007\isolate.ini
[2014/02/21 00:04:41 | 000,302,227 | ---- | C] () -- C:\Users\Liszelle\Documents\My Lisa.JPG
[2014/02/18 23:21:37 | 000,002,351 | ---- | C] () -- C:\Users\Liszelle\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/01/06 22:21:46 | 000,000,995 | ---- | C] () -- C:\Users\Liszelle\Application Data\Microsoft\Internet Explorer\Quick Launch\CyberGhost 5.lnk
[2013/10/22 16:43:30 | 000,180,624 | ---- | C] () -- C:\Windows\System32\Primomonnt.dll
[2013/10/13 14:25:48 | 000,001,795 | ---- | C] () -- C:\Users\Liszelle\AppData\Roaming\SAS7_000.DAT
[2012/05/06 12:27:24 | 000,109,400 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2010/09/17 12:24:14 | 000,131,984 | ---- | C] () -- C:\ProgramData\FullRemove.exe
========== ZeroAccess Check ========== [2009/07/14 07:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 04:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 15:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 04:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== Alternate Data Streams ========== @alternate Data Stream - 233 bytes -> C:\ProgramData\TEMP:0FF263E8
< End of report >
OTL Extras logfile created on: 3/14/2014 10:25:33 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Liszelle\Desktop
Starter Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy
1013.09 Mb Total Physical Memory | 96.95 Mb Available Physical Memory | 9.57% Memory free
1.99 Gb Paging File | 0.90 Gb Available in Paging File | 45.37% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 215.79 Gb Total Space | 52.23 Gb Free Space | 24.21% Space Free | Partition Type: NTFS
Drive D: | 4.00 Gb Total Space | 2.63 Gb Free Space | 65.77% Space Free | Partition Type: FAT32
Computer Name: LISZELLE-PC | User Name: Liszelle | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04050948-FD30-497C-B2EE-22C4F27A5C16}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{27C87612-FF7B-49E7-8396-E12796C94282}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{2C130742-65DD-48A3-9D70-FE1A6BEB88C7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2E5A3DAD-A470-4434-876A-970FBCF37AF7}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{2EAFD0D5-F0D0-4617-80CA-12E50DD4E88F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{317B0FEC-D53C-4505-BB71-FDE39F895C06}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{6133BF37-B40A-4BBE-B57D-4119DDD3E02E}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{82B743E8-F27F-48A3-83E7-C1C18B6AE172}" = lport=2869 | protocol=6 | dir=in | app=system |
"{9D246EF6-830C-45E2-A2AF-F9DD38E1EAB0}" = lport=10243 | protocol=6 | dir=in | app=system |
"{ADB5DFF6-B4EE-4931-B0AF-8BC8AC9855C1}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B56C2D21-4B9C-4600-A403-7F9C7248AF9D}" = rport=10243 | protocol=6 | dir=out | app=system |
"{D2DC1DDF-F2E4-43A4-AE12-9E9CF0D3FBE1}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E3179AF8-FB11-4AE7-8AFC-4BD6341E7B7F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F6023A2E-21AA-4ED0-A806-EE25E7D1288E}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A84EF70-630B-470F-9B02-A9FA60D927F1}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{0E9BD9AD-6E8B-4975-8A90-E8F0C6F8B9F8}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{144E9E1C-F41F-4EB9-8878-AD64D95F1977}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{16D2BF4B-2312-4C23-9553-EC5464FA0798}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1ACD1F3D-D5AD-4B48-8C57-4FB9A2BF5FD7}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{20A5C867-274F-42F1-9D16-16A2D07B9D9D}" = dir=in | app=c:\program files\acer\acer vcm\vc.exe |
"{277573A6-62F5-4481-B9A9-1B684557234D}" = protocol=6 | dir=in | app=c:\users\liszelle\appdata\roaming\dropbox\bin\dropbox.exe |
"{2A05A369-CC30-4ACB-9A2F-E8AA79810B5E}" = protocol=17 | dir=in | app=c:\users\liszelle\appdata\roaming\dropbox\bin\dropbox.exe |
"{2BC1E683-AB08-4CBF-AB26-B842B504FEAA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{370456DA-9D86-40BD-B202-A7F2550712B6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{427D982B-7250-417E-BB3E-6DB3E55D48AD}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{4CE3B962-1DD7-4A8F-9F69-882263DF7E4E}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{68943148-4D57-4D93-B7CD-DEFCEE6DF75C}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{7F2E791F-7AB0-4E6A-87CD-AC2AAD508A37}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{7FD36517-7DFB-4101-B068-D65D821835BF}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{98AD4723-8189-4C0B-A98E-8BBE11A52242}" = protocol=17 | dir=in | app=c:\users\liszelle\appdata\roaming\dropbox\bin\dropbox.exe |
"{9E28758F-7690-4DAB-8188-FBEDFA7CCE9A}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A0B0C98A-9169-4EED-B334-2AE6C5C9317A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A4980432-672B-4DB3-9F1C-3741D57A903A}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{AD7456BD-C09C-43F2-83F4-1F26DB3AB502}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B11C4D83-C909-4806-BD86-C7A184288870}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B5D04191-54BC-40E9-B3C7-AD40B3244E2F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B8DA5C17-C815-47BA-A81B-A71C1289C501}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{C630FA6B-5450-4BF0-8391-C2A09ADD876F}" = protocol=6 | dir=in | app=c:\program files\avg\avg2014\avgmfapx.exe |
"{D1730B57-9590-4973-B1AC-CF2C0C5B5E81}" = protocol=17 | dir=in | app=c:\program files\avg\avg2014\avgmfapx.exe |
"{D6007FF0-E302-4277-94AD-6649D4AC5171}" = dir=in | app=c:\program files\acer\acer vcm\rs_service.exe |
"{D79E9433-C4FE-49E1-9565-D79B5E9FDBF8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{DA6C544D-D030-4294-9AE0-0CC6EA890FCC}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{DAF1E530-C369-4BD2-BAE0-D8F3080002C3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DCE95287-88FD-488E-9AB8-007F810773DA}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EA179C7A-4ADB-44B7-9AF9-E94E5F4E003D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EAB74E8F-4B7C-4DBA-9F55-2D43EC37D551}" = protocol=6 | dir=in | app=c:\users\liszelle\appdata\roaming\dropbox\bin\dropbox.exe |
"{F3A20AF8-59D3-4B38-BCFA-A85788198C3A}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{F63D8D8B-6C83-4FB4-A411-6957E7B59155}" = protocol=6 | dir=out | app=system |
"{F96CF661-9DB8-49E6-AFE4-2EA9F466DF30}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00A61104-74B5-4056-AD00-4397EF4FB141}" = iCloud
"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D7CD0D9-4A88-4A63-8F91-3F4E8F371768}" = MyWinLocker
"{10E3A6DD-84D8-4D8A-BB11-5E5314BCA7FD}" = Apple Mobile Device Support
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{21FC2093-6E43-460B-B9B0-5F5AA35BBB0F}" = Apple Application Support
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2D8A6B2A-236D-498E-9E0C-FEE06A330166}" = Livescribe Desktop Vision Objects Elements
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{41DB5F38-B7CB-4B66-AEA9-07058D4FBABA}" = Livescribe Desktop Documentation
"{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{5154ABB1-E14A-4343-8ECB-038CC0E06DF0}" = Livescribe Smartpen Driver
"{523281E5-91DD-49F5-9D85-954148F7596A}" = AndroidInstaller
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.14
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{86B3F2D6-AC2B-0016-8AE1-F2F77F781B0C}" = EndNote X6
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95140000-00AF-0409-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D210D79-AEC5-453B-960C-4DD2C73931E1}" = Bonjour Print Services
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FE75E68-96A2-48F3-90AB-34E6B8C9989D}" = Microsoft Mouse and Keyboard Center
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.5.5 MUI
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{BA1E2E21-F556-499E-8EBF-50CCEFBB87FA}" = Livescribe Desktop
"{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder
"{C4780F70-8F21-4F0C-95FE-32FF3E2F9247}" = iTunes
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}" = Acer Crystal Eye webcam Ver:1.1.192.810
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F630C9AE-A4B8-4AC3-AB3D-B981AC6F7306}" = Livescribe Desktop Print Your Own Paper
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FFF14233-FE39-4671-A38E-76FD8F24A879}" = e-tax 2013
"3B29FD3CCF1F5B855DA0C521597413EBABE97DFB" = ENE USB Card Reader Driver
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"CyberGhost 5_is1" = CyberGhost 5
"Elantech" = ETDWare PS/2-x86 7.0.6.5_WHQL
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ESET Online Scanner" = ESET Online Scanner v3
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Identity Card" = Identity Card
"iFunbox_is1" = iFunbox (v2.6.2375.747), iFunbox DevTeam
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{523281E5-91DD-49F5-9D85-954148F7596A}" = AndroidInstaller
"InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
"LivescribeDesktop" = Livescribe Desktop
"LManager" = Launch Manager
"Microsoft Mouse and Keyboard Center" = Microsoft Mouse and Keyboard Center
"Mozilla Firefox 27.0.1 (x86 en-US)" = Mozilla Firefox 27.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NIS" = Norton Internet Security
"PrimoPDF" = PrimoPDF -- brought to you by Nitro PDF Software
"ResearchSoft Direct Export Helper" = ResearchSoft Direct Export Helper
"TAP-Windows" = TAP-Windows 9.9.2
"uTorrent" = µTorrent
"VLC media player" = VLC media player 2.0.1
"WinLiveSuite" = Windows Live Essentials
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-2066188107-2257231759-1798236243-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
========== Last 20 Event Log Errors ========== [ Application Events ]
Error - 3/12/2014 10:23:32 AM | Computer Name = Liszelle-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\Program Files\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program
Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
of attribute "version" in element "assemblyIdentity" is invalid.
Error - 3/12/2014 1:23:55 PM | Computer Name = Liszelle-PC | Source = VSS | ID = 8194
Description =
Error - 3/12/2014 4:48:01 PM | Computer Name = Liszelle-PC | Source = Application Hang | ID = 1002
Description = The program firefox.exe version 27.0.1.5156 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 6f0 Start
Time: 01cf3e2e01be7083 Termination Time: 1308 Application Path: C:\Program Files\Mozilla
Firefox\firefox.exe Report Id: 88890210-aa27-11e3-8fa9-1c7508223930
Error - 3/13/2014 12:00:22 AM | Computer Name = Liszelle-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\Program Files\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program
Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
of attribute "version" in element "assemblyIdentity" is invalid.
[ System Events ]
Error - 3/12/2014 9:00:28 AM | Computer Name = Liszelle-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
cdrom
Error - 3/12/2014 3:50:25 PM | Computer Name = Liszelle-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
cdrom
Error - 3/12/2014 10:14:02 PM | Computer Name = Liszelle-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the ShellHWDetection service.
Error - 3/12/2014 10:14:02 PM | Computer Name = Liszelle-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the WMPNetworkSvc service.
Error - 3/13/2014 1:54:41 PM | Computer Name = Liszelle-PC | Source = Service Control Manager | ID = 7043
Description = The Windows Update service did not shut down properly after receiving
a preshutdown control.
Error - 3/13/2014 1:57:58 PM | Computer Name = Liszelle-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
cdrom
Error - 3/14/2014 12:02:13 AM | Computer Name = Liszelle-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
cdrom
Error - 3/14/2014 2:23:59 AM | Computer Name = Liszelle-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
cdrom
< End of report >