1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Game Discs Will Not Run

Discussion in 'Hardware' started by Voltman, Jan 25, 2016.

Thread Status:
Not open for further replies.
Advertisement
  1. Voltman

    Voltman Thread Starter

    Joined:
    Jun 27, 2012
    Messages:
    41
    I am not able to run games when I put in the discs. The auto run does not come up either.
    When I go to my computer and click on the disc drive, no files are found on the disc except for a note pad text file that says:

    [.ShellClassInfo]
    [email protected]%SystemRoot%\system32\shell32.dll,-21815

    No .exe files are found.

    I took the disc and placed it in another computer and right away the auto run came up and all the files were found on the disc. I once called Microsoft when this first happened to a Microsoft flight simulator game disc I was trying to run. They told me it's due to a virus on my computer that is blocking the disc from running. They wanted to remote into my computer and charge me a lot of money. I was skeptical so I did not go ahead with it.

    I just bought another game called Phoenix RC 5 flight simulator and the same issue as noted above. No files found yet it show that the disc is full and it works on my other computer.

    So I may have a virus or I have have issues with the drive or my system. Please help.





    Tech Support Guy System Info Utility version 1.0.0.2
    OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
    Processor: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz, Intel64 Family 6 Model 60 Stepping 3
    Processor Count: 8
    RAM: 8112 Mb
    Graphics Card: NVIDIA GeForce GT 740M, -2048 Mb
    Hard Drives: B: Total - 550430 MB, Free - 198478 MB; C: Total - 153599 MB, Free - 67987 MB;
    Motherboard: Micro-Star International Co., Ltd., MS-16GD
    Antivirus: AVG Internet Security 2014, Updated and Enabled
     
  2. eddie5659

    eddie5659 Moderator Malware Specialist

    Joined:
    Mar 19, 2001
    Messages:
    33,667
    Hiya

    Are you still having this problem? If so, can you run the following and we'll go from there :)

    Download OTL to your Desktop


    (Vista or Win 7 => right click and Run As Administrator)

    • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    • When the window appears, underneath Output at the top change it to Standard Output.
    • At the top, check the box entitled Scan All Users
    • Toward the bottom, check:
      LOP Check
      Purity Check
    • Under the Standard Registry box change it to All
      Do not change any settings unless otherwise told to do so.
    • It should look like this:

      [​IMG]
    • Please copy the text in the code box below and paste it in the Custom Scans/Fixes box in OTL:

      Code:
      DRIVES
      netsvcs
      activex
      msconfig
      drivers32
      %systemroot%\assembly\GAC_32\*.ini
      %systemroot%\assembly\GAC_64\*.ini
      %ALLUSERSPROFILE%\Application Data\*.exe
      %APPDATA%\*.
      safebootminimal
      safebootnetwork
      %SYSTEMDRIVE%\*.*
      %PROGRAMFILES%\*.exe
      %LOCALAPPDATA%\*.exe
      %windir%\Installer\*.*
      %windir%\system32\tasks\*.*
      %windir%\system32\tasks\*.* /64
      %systemroot%\Fonts\*.exe
      %systemroot%\*. /mp /s
      /md5start
      pnrpnsp.dll
      nwprovau.dll
      nlaapi.dll
      napinsp.dll
      mswsock.dll
      winrnr.dll
      wshelper.dll
      consrv.dll
      explorer.exe
      winlogon.exe
      regedit.exe
      Userinit.exe
      svchost.exe
      services.exe
      user32.dll
      atapi.sys
      csrss.exe
      PRINTISOLATIONHOST.EXE
      /md5stop
      hklm\software\clients\startmenuinternet|command /rs
      hklm\software\clients\startmenuinternet|command /64 /rs
      %systemroot%\system32\*.dll /lockedfiles
      %systemroot%\Tasks\*.job /lockedfiles
      %systemdrive%\$Recycle.Bin|@;true;true;true /fp
      %systemroot%\system32\drivers\*.sys /lockedfiles
      C:\Windows\assembly\tmp\U\*.* /s
      %Temp%\smtmp\* \s
      %Temp%\smtmp\1\*.*
      %Temp%\smtmp\2\*.*
      %Temp%\smtmp\3\*.*
      %Temp%\smtmp\4\*.*
      CREATERESTOREPOINT
      
    • Click the Run Scan button. The scan wont take long.
      A black box will appear, this is part of the custom scan, so don't be alarmed ;)
      IF OTL SAYS 'NOT RESPONDING' DON'T USE THE MOUSE. IT WILL CARRY ON SCANNING AFTER A FEW MINUTES

    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic

    Thanks

    eddie
     
  3. Voltman

    Voltman Thread Starter

    Joined:
    Jun 27, 2012
    Messages:
    41
    Hi Eddie
    Thanks for helping me. I was unable to upload the results because my result had more than 1000000 characters. I kept getting an error from this form saying that I have exceeded the maximum number of characters I can upload at once. So I've uploaded the files as an attachment.
     

    Attached Files:

  4. Voltman

    Voltman Thread Starter

    Joined:
    Jun 27, 2012
    Messages:
    41
    I've decided to upload the messages in sections so should you not be able to open my attachments:

    OTL logfile created on: 2/4/2016 7:38:05 PM - Run 2
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mike\Desktop
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.11.9600.17914)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
    7.92 Gb Total Physical Memory | 3.91 Gb Available Physical Memory | 49.39% Memory free
    15.84 Gb Paging File | 12.30 Gb Available in Paging File | 77.62% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]
    %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 150.00 Gb Total Space | 62.99 Gb Free Space | 41.99% Space Free | Partition Type: NTFS
    Computer Name: MSIONYX | User Name: Mike | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
    ========== Processes (SafeList) ==========
    PRC - [2016/02/04 19:06:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mike\Desktop\OTL.exe
    PRC - [2016/01/26 18:52:50 | 003,442,368 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_286.exe
    PRC - [2016/01/11 23:43:57 | 002,787,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    PRC - [2016/01/11 23:43:47 | 001,879,488 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    PRC - [2016/01/05 22:33:53 | 000,392,136 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    PRC - [2015/12/13 23:48:02 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    PRC - [2015/12/08 16:36:58 | 024,952,456 | ---- | M] (Dropbox, Inc.) -- C:\Users\Mike\AppData\Roaming\Dropbox\bin\Dropbox.exe
    PRC - [2015/10/20 20:15:36 | 003,259,304 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
    PRC - [2015/10/20 20:15:12 | 001,443,144 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
    PRC - [2015/10/20 20:14:56 | 005,212,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgui.exe
    PRC - [2015/10/20 20:09:12 | 000,301,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
    PRC - [2015/07/01 16:35:48 | 001,210,376 | ---- | M] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) -- C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
    PRC - [2013/07/05 15:31:36 | 000,160,768 | ---- | M] (Micro-Star International Co., Ltd.) -- C:\Program Files (x86)\SCM\MSIService.exe
    PRC - [2013/04/25 21:25:54 | 000,292,848 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
    PRC - [2013/03/22 10:38:32 | 000,286,704 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    PRC - [2013/03/22 10:38:32 | 000,015,344 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    PRC - [2013/02/15 18:16:30 | 000,366,552 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    PRC - [2013/02/15 18:15:54 | 000,169,432 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
    PRC - [2013/02/01 12:11:58 | 000,143,856 | ---- | M] (MSI) -- C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
    PRC - [2013/02/01 12:11:54 | 000,490,480 | ---- | M] (MSI) -- C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
    PRC - [2012/11/29 12:25:54 | 000,711,680 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe
    PRC - [2011/10/13 02:46:02 | 000,230,696 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe
    PRC - [2011/10/13 02:46:02 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
    PRC - [2008/06/11 22:43:26 | 000,640,376 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
    ========== Modules (No Company Name) ==========
    MOD - [2016/01/26 18:52:48 | 017,882,304 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll
    MOD - [2016/01/11 23:43:57 | 000,018,880 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
    MOD - [2015/12/16 12:34:16 | 000,011,896 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll
    MOD - [2015/12/08 16:36:50 | 000,024,904 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
    MOD - [2015/12/08 16:36:50 | 000,021,840 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
    MOD - [2015/12/08 16:36:50 | 000,021,320 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_xde9e4433x360333f0.pyd
    MOD - [2015/12/08 16:36:48 | 000,023,376 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
    MOD - [2015/12/08 16:36:48 | 000,020,800 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Dropbox\bin\_cffi_python_x66cf7a7cx17a72769.pyd
    MOD - [2015/12/08 16:36:46 | 000,381,752 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
    MOD - [2015/12/08 16:36:46 | 000,019,760 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
    MOD - [2015/12/08 16:36:42 | 003,891,504 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
    MOD - [2015/12/08 16:36:40 | 000,225,080 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
    MOD - [2015/12/08 16:36:40 | 000,133,936 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
    MOD - [2015/12/08 16:36:38 | 000,486,704 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
    MOD - [2015/12/08 16:36:38 | 000,357,680 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
    MOD - [2015/12/08 16:36:36 | 001,950,000 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
    MOD - [2015/12/08 16:36:36 | 000,519,984 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
    MOD - [2015/12/08 16:36:36 | 000,207,672 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
    MOD - [2015/12/08 16:36:34 | 001,826,608 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
    MOD - [2015/12/08 16:36:32 | 000,052,024 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
    MOD - [2015/12/08 16:36:32 | 000,024,392 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
    MOD - [2015/12/08 16:36:30 | 000,038,696 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Dropbox\bin\fastpath.pyd
    MOD - [2015/12/08 16:36:28 | 001,737,032 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
    MOD - [2015/12/08 16:36:28 | 000,084,792 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.dll
    MOD - [2015/12/08 16:36:28 | 000,020,808 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
    MOD - [2015/12/08 16:36:26 | 000,023,352 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Dropbox\bin\Crypto.Util._counter.pyd
    MOD - [2015/12/08 16:36:26 | 000,020,816 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
    MOD - [2015/12/08 16:36:24 | 000,022,848 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Dropbox\bin\Crypto.Random.OSRNG.winrandom.pyd
    MOD - [2015/12/08 16:36:24 | 000,021,304 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Dropbox\bin\Crypto.Util.strxor.pyd
    MOD - [2015/12/08 16:36:22 | 000,117,056 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
    MOD - [2015/12/08 16:36:22 | 000,042,296 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Dropbox\bin\Crypto.Cipher._AES.pyd
    MOD - [2015/12/08 16:36:22 | 000,020,280 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
    MOD - [2015/10/30 20:01:00 | 000,019,920 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
    MOD - [2015/10/30 20:00:58 | 000,786,904 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
    MOD - [2015/10/30 20:00:58 | 000,063,448 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
    MOD - [2015/10/30 20:00:58 | 000,019,408 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
    MOD - [2015/10/30 20:00:26 | 000,036,296 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Dropbox\bin\librsync.dll
    MOD - [2015/10/30 20:00:24 | 000,350,152 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Dropbox\bin\winxpgui.pyd
    MOD - [2015/10/30 20:00:22 | 000,048,592 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Dropbox\bin\win32service.pyd
    MOD - [2015/10/30 20:00:22 | 000,028,616 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Dropbox\bin\win32ts.pyd
    MOD - [2015/10/30 20:00:20 | 000,114,640 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Dropbox\bin\win32security.pyd
    MOD - [2015/10/30 20:00:20 | 000,043,472 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Dropbox\bin\win32process.pyd
    MOD - [2015/10/30 20:00:20 | 000,024,016 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Dropbox\bin\win32profile.pyd
    MOD - [2015/10/30 20:00:18 | 000,175,560 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Dropbox\bin\win32gui.pyd
    MOD - [2015/10/30 20:00:18 | 000,030,160 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Dropbox\bin\win32pipe.pyd
    MOD - [2015/10/30 20:00:16 | 000,124,880 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Dropbox\bin\win32file.pyd
    MOD - [2015/10/30 20:00:16 | 000,024,528 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Dropbox\bin\win32event.pyd
    MOD - [2015/10/30 20:00:14 | 000,105,928 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Dropbox\bin\win32api.pyd
    MOD - [2015/10/30 20:00:14 | 000,024,016 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
    MOD - [2015/10/30 20:00:14 | 000,020,936 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Dropbox\bin\mmapfile.pyd
    MOD - [2015/10/30 20:00:10 | 000,109,520 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
    MOD - [2015/10/30 20:00:08 | 000,240,584 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Dropbox\bin\jpegtran.pyd
    MOD - [2015/10/30 20:00:08 | 000,083,912 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Dropbox\bin\sip.pyd
    MOD - [2015/10/30 20:00:06 | 000,019,408 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Dropbox\bin\faulthandler.pyd
    MOD - [2015/10/30 19:59:54 | 000,134,608 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Dropbox\bin\_elementtree.pyd
    MOD - [2015/10/30 19:59:54 | 000,034,768 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
    MOD - [2015/10/30 19:59:52 | 000,692,688 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Dropbox\bin\unicodedata.pyd
    MOD - [2015/10/30 19:59:52 | 000,093,640 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Dropbox\bin\_ctypes.pyd
    MOD - [2015/10/30 19:59:50 | 000,134,088 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Dropbox\bin\pyexpat.pyd
    MOD - [2015/10/30 19:59:50 | 000,018,376 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Dropbox\bin\select.pyd
    MOD - [2015/10/30 19:59:48 | 000,392,144 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Dropbox\bin\pythoncom27.dll
    MOD - [2015/10/30 19:59:48 | 000,116,688 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Dropbox\bin\pywintypes27.dll
    MOD - [2015/07/01 16:35:58 | 000,439,304 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
    MOD - [2015/07/01 16:35:58 | 000,321,032 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
    MOD - [2015/06/27 06:44:21 | 000,368,128 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\b3eb55fa5864a2fc7accbbbbe7fa7246\PresentationFramework.Aero.ni.dll
    MOD - [2015/06/27 06:44:07 | 014,340,096 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ea543310204d0addfaf9792d820e958d\PresentationFramework.ni.dll
    MOD - [2015/06/27 06:43:58 | 012,438,016 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6949c4470a81970ec3de0a575d93babc\System.Windows.Forms.ni.dll
    MOD - [2015/06/27 06:43:54 | 001,593,344 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5a401fd2a7689ff13fb54182953f9c40\System.Drawing.ni.dll
    MOD - [2015/06/27 06:43:49 | 012,254,208 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\ef204c8310562595a0518e356fb15387\PresentationCore.ni.dll
    MOD - [2015/06/27 06:43:41 | 003,348,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1c3513960037508558358652f2d202a1\WindowsBase.ni.dll
    MOD - [2015/06/23 22:14:32 | 001,071,104 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Servf73e6522#\8d17de4cf6bd55506c509502178d2c20\System.ServiceModel.Web.ni.dll
    MOD - [2015/06/23 22:14:00 | 002,964,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\dd7948371a8babd1bc4291924ec94d05\System.IdentityModel.ni.dll
    MOD - [2015/06/23 22:13:58 | 019,547,136 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\a78078ff6ff0c28ef3bf65bd84e193f0\System.ServiceModel.ni.dll
    MOD - [2015/06/23 21:14:11 | 012,897,280 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\a0b4e6b92d9c147d801a6f2e3a15080b\System.Windows.Forms.ni.dll
    MOD - [2015/06/23 21:14:10 | 006,982,656 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Core\c61bafa9d029e3f2bf83bd5af3f1f5ac\System.Core.ni.dll
    MOD - [2015/06/23 21:14:06 | 000,967,680 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\908075c4922acdf834c67ac802814c9d\System.Configuration.ni.dll
    MOD - [2015/03/07 23:59:18 | 010,069,504 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System\d18e2115a3270f89663fce831547f534\System.ni.dll
    MOD - [2015/03/07 23:58:30 | 000,118,272 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\93a0883923e78cc3e80b7ac4a9768c60\SMDiagnostics.ni.dll
    MOD - [2015/03/07 15:45:23 | 002,855,424 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\187177229c00aec6dec613ea4b9ff209\System.Runtime.Serialization.ni.dll
    MOD - [2015/03/07 15:45:21 | 000,790,528 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\14cc73701aac461eb89d6473a88fcd56\System.ServiceModel.Internals.ni.dll
    MOD - [2015/03/07 15:44:21 | 001,642,496 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\dd2f9ea99ac0f984b9dc430824638c9f\System.Drawing.ni.dll
    MOD - [2015/03/07 15:44:08 | 007,793,664 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\3d6ee4ffbd9a86ac1e7b01800b6fe9c7\System.Xml.ni.dll
    MOD - [2015/03/07 15:43:45 | 017,207,296 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\d1265d6159ea876f9d63ea4c1361b587\mscorlib.ni.dll
    MOD - [2014/10/25 11:11:59 | 005,467,648 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49908aa93a23c84847b1f8b1b667860\System.Xml.ni.dll
    MOD - [2014/10/25 11:07:23 | 007,991,808 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\908ba9e296e92b4e14bdc2437edac603\System.ni.dll
    MOD - [2014/09/14 23:58:41 | 011,497,984 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll
    ========== Services (SafeList) ==========
    SRV:64bit: - [2016/01/11 23:43:46 | 001,163,200 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe -- (GfExperienceService)
    SRV:64bit: - [2016/01/11 23:43:37 | 006,308,288 | ---- | M] (NVIDIA Corporation) [On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe -- (NvStreamNetworkSvc)
    SRV:64bit: - [2016/01/11 23:43:37 | 004,812,736 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe -- (NvStreamSvc)
    SRV:64bit: - [2015/06/20 14:34:46 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
    SRV:64bit: - [2015/05/25 13:19:13 | 001,255,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
    SRV:64bit: - [2014/02/03 19:45:14 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
    SRV:64bit: - [2013/05/27 00:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV:64bit: - [2013/04/12 18:31:26 | 000,055,056 | ---- | M] (Western Digital) [Auto | Running] -- C:\Program Files\Western Digital\WD Boost\WDBoost.exe -- (WD Boost)
    SRV:64bit: - [2013/03/22 10:38:32 | 000,015,344 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
    SRV:64bit: - [2012/12/10 16:31:44 | 000,803,872 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel(R)
    SRV:64bit: - [2012/12/10 16:31:28 | 000,732,160 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
    SRV:64bit: - [2012/05/30 15:11:34 | 000,149,544 | ---- | M] (Intel(R) Corporation) [On_Demand | Running] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
    SRV - [2016/01/11 23:43:47 | 001,879,488 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
    SRV - [2016/01/05 22:34:12 | 000,146,888 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
    SRV - [2015/12/13 23:48:02 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
    SRV - [2015/10/20 20:15:36 | 003,259,304 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent)
    SRV - [2015/10/20 20:15:12 | 001,443,144 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgfws.exe -- (avgfws)
    SRV - [2015/10/20 20:09:12 | 000,301,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe -- (avgwd)
    SRV - [2014/12/11 09:30:48 | 000,315,496 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
    SRV - [2014/04/11 23:08:08 | 000,103,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2014/03/20 17:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
    SRV - [2014/02/03 19:34:04 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
    SRV - [2013/07/05 15:31:36 | 000,160,768 | ---- | M] (Micro-Star International Co., Ltd.) [Auto | Running] -- C:\Program Files (x86)\SCM\MSIService.exe -- (Micro Star SCM)
    SRV - [2013/05/24 01:07:38 | 000,279,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
    SRV - [2013/04/25 20:53:06 | 000,042,496 | ---- | M] (Realtek Semiconductor Corporation) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek Bluetooth\RtkBleServ.exe -- (RtkBleServ)
    SRV - [2013/04/25 18:32:12 | 000,047,104 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe -- (BTDevManager)
    SRV - [2013/04/02 16:29:46 | 000,035,328 | ---- | M] (Realtek Semiconductor Corporation) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek Bluetooth\AvrcpService.exe -- (AvrcpService)
    SRV - [2013/02/15 18:16:30 | 000,366,552 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
    SRV - [2013/02/15 18:15:54 | 000,169,432 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
    SRV - [2013/02/01 12:11:58 | 000,143,856 | ---- | M] (MSI) [Auto | Running] -- C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe -- (MSI_SuperCharger)
    SRV - [2010/07/16 18:39:32 | 000,012,800 | ---- | M] (MSI) [Auto | Running] -- C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe -- (MSI Foundation Service)
    ========== Driver Services (SafeList) ==========
    DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\MSI Software Install\MGHwCtrl.sys -- (MGHwCtrl)
    DRV:64bit: - [2016/01/11 23:43:36 | 000,026,560 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
    DRV:64bit: - [2015/12/18 01:11:06 | 000,047,760 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
    DRV:64bit: - [2015/12/16 12:34:16 | 000,031,352 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
    DRV:64bit: - [2015/05/26 20:04:18 | 000,369,120 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
    DRV:64bit: - [2015/05/26 20:03:18 | 000,237,536 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
    DRV:64bit: - [2015/05/26 20:03:16 | 000,211,936 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
    DRV:64bit: - [2015/05/18 20:13:08 | 000,276,960 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
    DRV:64bit: - [2014/10/24 10:20:06 | 000,237,848 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
    DRV:64bit: - [2014/07/21 20:03:12 | 000,244,504 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
    DRV:64bit: - [2014/06/30 11:43:02 | 000,152,344 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgdiska.sys -- (Avgdiska)
    DRV:64bit: - [2014/06/17 15:06:06 | 000,031,512 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
    DRV:64bit: - [2013/10/01 21:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
    DRV:64bit: - [2013/09/26 09:44:54 | 000,057,144 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgfwd6a.sys -- (Avgfwfd)
    DRV:64bit: - [2013/07/18 20:51:59 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
    DRV:64bit: - [2013/07/18 20:43:56 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
    DRV:64bit: - [2013/07/18 20:43:56 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
    DRV:64bit: - [2013/05/17 00:25:18 | 000,442,368 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
    DRV:64bit: - [2013/05/17 00:20:46 | 004,433,696 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
    DRV:64bit: - [2013/05/06 20:21:52 | 000,118,504 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
    DRV:64bit: - [2013/05/01 22:46:36 | 001,514,568 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtwlane.sys -- (RTWlanE)
    DRV:64bit: - [2013/04/25 21:24:58 | 000,020,464 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
    DRV:64bit: - [2013/04/25 21:24:56 | 000,786,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
    DRV:64bit: - [2013/04/25 21:24:56 | 000,368,112 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
    DRV:64bit: - [2013/04/18 01:56:08 | 000,177,736 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtkA2dp.sys -- (RtkA2dp)
    DRV:64bit: - [2013/04/12 18:31:32 | 000,173,840 | ---- | M] (Western Digital) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hiosd.sys -- (hiosd)
    DRV:64bit: - [2013/04/12 18:31:32 | 000,028,944 | ---- | M] (Western Digital) [File_System | System | Running] -- C:\Windows\SysNative\drivers\hiofs.sys -- (hiofs)
    DRV:64bit: - [2013/04/07 20:36:18 | 000,066,376 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtkAvrcpCtrlr.sys -- (RtkAvrcpCtrlr)
    DRV:64bit: - [2013/03/27 20:32:06 | 000,535,624 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtkBtfilter.sys -- (RtkBtFilter)
    DRV:64bit: - [2013/03/22 10:38:18 | 000,678,384 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
    DRV:64bit: - [2013/03/22 10:38:18 | 000,028,656 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorF.sys -- (iaStorF)
    DRV:64bit: - [2013/03/04 05:13:14 | 000,357,200 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
    DRV:64bit: - [2013/02/26 03:31:20 | 000,091,208 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtkHfp.sys -- (BthAudioHF)
    DRV:64bit: - [2013/02/15 18:15:54 | 000,064,624 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
    DRV:64bit: - [2012/12/27 03:15:30 | 000,061,152 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtkAvrcp.sys -- (RtkAvrcp)
    DRV:64bit: - [2012/08/23 09:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
    DRV:64bit: - [2012/08/23 09:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
    DRV:64bit: - [2012/05/30 15:10:50 | 000,016,168 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
    DRV:64bit: - [2011/10/13 02:46:20 | 000,031,216 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
    DRV:64bit: - [2010/12/01 03:12:06 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
    DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
    DRV:64bit: - [2009/11/17 18:12:00 | 000,032,344 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBfilt64.sys -- (MBfilt)
    DRV:64bit: - [2009/11/02 09:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
    DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
    DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
    DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
    DRV:64bit: - [2009/06/19 21:09:57 | 001,394,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
    DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
    DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
    DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
    DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
    DRV:64bit: - [2008/06/27 07:51:10 | 000,088,632 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\windows\SysNative\drivers\adfs.sys -- (adfs)
    DRV - [2013/02/01 11:34:10 | 000,019,952 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\Super-Charger\ipadtst_64.sys -- (ipadtst)
    DRV - [2012/10/25 21:45:52 | 000,013,368 | ---- | M] (MSI) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys -- (NTIOLib_1_0_3)
    DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
    DRV - [2000/01/14 16:22:40 | 000,206,240 | ---- | M] (Adaptec) [File_System | System | Stopped] -- C:\windows\SysWow64\drivers\udfreadr.sys -- (UdfReadr)
    ========== Standard Registry (All) ==========
    ========== Internet Explorer ==========

    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {06656A4E-F484-4C4E-BF1B-7EC9CE59B823}
    IE:64bit: - HKLM\..\SearchScopes\{06656A4E-F484-4C4E-BF1B-7EC9CE59B823}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE9TR&pc=MAMIJS&src=IE9TR
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://msi.msn.com
    IE - HKLM\..\SearchScopes,DefaultScope = {06656A4E-F484-4C4E-BF1B-7EC9CE59B823}
    IE - HKLM\..\SearchScopes\{06656A4E-F484-4C4E-BF1B-7EC9CE59B823}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MSITDF&pc=MAM3&src=IE-SearchBox
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://msi13.msn.com
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://msi13.msn.com
    IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
    IE - HKCU\..\SearchScopes,DefaultScope = {06656A4E-F484-4C4E-BF1B-7EC9CE59B823}
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    ========== FireFox ==========
    FF - prefs.js..browser.search.countryCode: "US"
    FF - prefs.js..browser.search.defaultenginename: "Google"
    FF - prefs.js..browser.search.defaultenginename.US: "Google"
    FF - prefs.js..browser.search.isUS: true
    FF - prefs.js..browser.search.openintab: true
    FF - prefs.js..browser.search.region: "US"
    FF - prefs.js..extensions.enabledAddons: firefox%40online-convert.com:1.4.1-signed
    FF - prefs.js..extensions.enabledAddons: amznUWL2%40amazon.com:1.10.1-signed
    FF - prefs.js..extensions.enabledAddons: foxmarks%40kei.com:4.3.7.1-signed
    FF - prefs.js..extensions.enabledAddons: %7Bdc572301-7619-498c-a57d-39143191b318%7D:0.4.2.0
    FF - prefs.js..extensions.enabledAddons: %7B097d3191-e6fa-4728-9826-b533d755359d%7D:0.7.28
    FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:43.0.4
    FF - user.js - File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll ()
    FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
    FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
    FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp: C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
    FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf: C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
    FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
    FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.71.2: C:\Program Files (x86)\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.71.2: C:\Program Files (x86)\Java\jre1.8.0_71\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF - HKCU\Software\MozillaPlugins\@citrixonline.com/appdetectorplugin: C:\Users\Mike\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
    FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Mike\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
    FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Mike\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Mike\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Mike\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 43.0.4\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 43.0.4\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
    [2014/02/03 01:08:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mike\AppData\Roaming\Mozilla\Extensions
    [2016/02/01 20:39:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\6ogla58h.default\extensions
    [2015/06/04 19:07:58 | 000,000,000 | ---D | M] ("urn:mozilla:install-manifest" em:id="[email protected]" em:name="Xmarks" em:type="2" em:unpack="true" em:version="4.3.7.1-signed" em:creator="Todd Agulnick" em:description="Bookmark Sync and Web Discovery" em:homepageURL="http://www.xmarks.com/" em:eek:ptionsURL="chrome://foxmarks/content/foxmarks-dialog.xul" em:iconURL="chrome://foxmarks/skin/images/foxmarks.ico" em:developer="LastPass">) -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\6ogla58h.default\extensions\[email protected]
    [2015/06/04 19:07:58 | 000,239,764 | ---- | M] () (No name found) -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\6ogla58h.default\extensions\[email protected]
    [2015/06/04 19:07:58 | 000,018,783 | ---- | M] () (No name found) -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\6ogla58h.default\extensions\[email protected]
    [2016/01/09 08:43:31 | 000,469,376 | ---- | M] () (No name found) -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\6ogla58h.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi
    [2015/12/29 20:40:12 | 000,864,526 | ---- | M] () (No name found) -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\6ogla58h.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
    [2016/01/09 08:39:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
    [2016/01/09 08:39:54 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    ========== Chrome ==========
    CHR - Extension: No name found = C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
    CHR - Extension: No name found = C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
    CHR - Extension: No name found = C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
    CHR - Extension: No name found = C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\
    CHR - Extension: No name found = C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\
    CHR - Extension: No name found = C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\
    CHR - Extension: No name found = C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghnomdcacenbmilgjigehppbamfndblo\2.8.0_0\
    CHR - Extension: No name found = C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
    CHR - Extension: No name found = C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
    O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
    O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll (Oracle Corporation)
    O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    O2 - BHO: (Evernote extension) - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
    O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll (Oracle Corporation)
    O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O4:64bit: - HKLM..\Run: [BtServer] C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe (Realtek Semiconductor Corporation)
    O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
    O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\windows\SysNative\hkcmd.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [IgfxTray] C:\windows\SysNative\igfxtray.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
    O4:64bit: - HKLM..\Run: [MBCfg64] C:\windows\SysNative\MBCfg64.DLL (Creative Technology Ltd.)
    O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
    O4:64bit: - HKLM..\Run: [Persistence] C:\windows\SysNative\igfxpers.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [Radio Manager] C:\Program Files (x86)\SCM\Radio Manager.exe (MSI)
    O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
    O4:64bit: - HKLM..\Run: [SCM] C:\Program Files (x86)\SCM\SCM.exe (MSI)
    O4:64bit: - HKLM..\Run: [ShadowPlay] C:\windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
    O4 - HKLM..\Run: [] File not found
    O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
    O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
    O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
    O4 - HKLM..\Run: [Sound Blaster Cinema] C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe (Creative Technology Ltd)
    O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Oracle Corporation)
    O4 - HKLM..\Run: [Super-Charger] C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe (MSI)
    O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
    O4 - HKLM..\Run: [YouCam Mirage] C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (CyberLink)
    O4 - HKLM..\Run: [YouCam Tray] C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe (CyberLink Corp.)
    O4 - HKCU..\Run: [Dropbox Update] C:\Users\Mike\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
    O4 - HKCU..\Run: [Google Update] C:\Users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
    O4 - Startup: C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Mike\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    O4 - Startup: C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
    O4 - Startup: C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel(R) Turbo Boost Technology Monitor 2.6.lnk = File not found
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
    O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8:64bit: - Extra context menu item: Clip bookmark - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0 File not found
    O8:64bit: - Extra context menu item: Clip image - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4 File not found
    O8:64bit: - Extra context menu item: Clip selection - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3 File not found
    O8:64bit: - Extra context menu item: Clip this page - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1 File not found
    O8:64bit: - Extra context menu item: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0 File not found
    O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
    O8:64bit: - Extra context menu item: New note - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html ()
    O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: Clip bookmark - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0 File not found
    O8 - Extra context menu item: Clip image - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4 File not found
    O8 - Extra context menu item: Clip selection - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3 File not found
    O8 - Extra context menu item: Clip this page - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1 File not found
    O8 - Extra context menu item: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0 File not found
    O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
    O8 - Extra context menu item: New note - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html ()
    O9:64bit: - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html ()
    O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html ()
    O9 - Extra Button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
    O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
    O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html ()
    O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html ()
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
    O1364bit: - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4030F7D4-DE77-4181-BF21-40A4128FE784}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7D3FE195-09C8-4980-B126-175F9B7655D8}: DhcpNameServer = 192.168.100.1
    O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
    O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
    O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
    O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
    O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
    O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
    O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
    O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
    O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
    O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
    O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
    O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
    O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
    O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
    O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
    O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
    O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
    O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
    O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
    O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
    O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
    O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysNative\mscoree.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysNative\mscoree.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysNative\mscoree.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
    O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysWow64\mscoree.dll (Microsoft Corporation)
    O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysWow64\mscoree.dll (Microsoft Corporation)
    O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysWow64\mscoree.dll (Microsoft Corporation)
    O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
    O20:64bit: - AppInit_DLLs: (C:\windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
    O20 - AppInit_DLLs: (C:\windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
    O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\windows\SysWow64\credssp.dll (Microsoft Corporation)
    O29 - HKLM SecurityProviders - (credssp.dll) - C:\windows\SysWow64\credssp.dll (Microsoft Corporation)
    O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\windows\SysNative\msv1_0.dll (Microsoft Corporation)
    O30 - LSA: Authentication Packages - (msv1_0) - C:\windows\SysWow64\msv1_0.dll (Microsoft Corporation)
    O30:64bit: - LSA: Security Packages - (kerberos) - C:\windows\SysNative\kerberos.dll (Microsoft Corporation)
    O30:64bit: - LSA: Security Packages - (msv1_0) - C:\windows\SysNative\msv1_0.dll (Microsoft Corporation)
    O30:64bit: - LSA: Security Packages - (schannel) - C:\windows\SysNative\schannel.dll (Microsoft Corporation)
    O30:64bit: - LSA: Security Packages - (wdigest) - C:\windows\SysNative\wdigest.dll (Microsoft Corporation)
    O30:64bit: - LSA: Security Packages - (tspkg) - C:\windows\SysNative\tspkg.dll (Microsoft Corporation)
    O30:64bit: - LSA: Security Packages - (pku2u) - C:\windows\SysNative\pku2u.dll (Microsoft Corporation)
    O30:64bit: - LSA: Security Packages - (livessp) - C:\windows\SysNative\livessp.dll (Microsoft Corp.)
    O30 - LSA: Security Packages - (kerberos) - C:\windows\SysWow64\kerberos.dll (Microsoft Corporation)
    O30 - LSA: Security Packages - (msv1_0) - C:\windows\SysWow64\msv1_0.dll (Microsoft Corporation)
    O30 - LSA: Security Packages - (schannel) - C:\windows\SysWow64\schannel.dll (Microsoft Corporation)
    O30 - LSA: Security Packages - (wdigest) - C:\windows\SysWow64\wdigest.dll (Microsoft Corporation)
    O30 - LSA: Security Packages - (tspkg) - C:\windows\SysWow64\tspkg.dll (Microsoft Corporation)
    O30 - LSA: Security Packages - (pku2u) - C:\windows\SysWow64\pku2u.dll (Microsoft Corporation)
    O30 - LSA: Security Packages - (livessp) - C:\windows\SysWow64\livessp.dll (Microsoft Corp.)
    O31 - SafeBoot: AlternateShell - cmd.exe
    O32 - HKLM CDRom: AutoRun - 1
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
    ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
    ActiveX:64bit: {26784146-6E05-3FF9-9335-786C7C0FB5BE} - .NET Framework
    ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
    ActiveX:64bit: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\windows\system32\cmd.exe /D /C start C:\windows\system32\ie4uinit.exe -ClearIconCache
    ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
    ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
    ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
    ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
    ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
    ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
    ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
    ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
    ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
    ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
    ActiveX:64bit: {7D715857-A67C-4C2F-A929-038448584D63} - C:\windows\System32\ie4uinit.exe -DisableSSL3
    ActiveX:64bit: {7DEBE4EB-6B40-3766-BB35-5CBBC385DA37} - .NET Framework
    ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
    ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
    ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
    ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
    ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
    ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
    ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
    ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
    ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
    ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
    ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
    ActiveX: {26784146-6E05-3FF9-9335-786C7C0FB5BE} - .NET Framework
    ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
    ActiveX: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\windows\system32\cmd.exe /D /C start C:\windows\system32\ie4uinit.exe -ClearIconCache
    ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
    ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
    ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
    ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
    ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
    ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
    ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
    ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
    ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
    ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
    ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
    ActiveX: {7DEBE4EB-6B40-3766-BB35-5CBBC385DA37} - .NET Framework
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} -
    ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
    ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.103\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
    ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
    ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
    ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
    ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
    ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
    MsConfig:64bit - State: "bootini" - Reg Error: Key error.
    Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: vidc.cvid - C:\windows\SysWow64\iccvid.dll (Radius Inc.)
    SafeBootMin:64bit: AppMgmt - Service
    SafeBootMin:64bit: Base - Driver Group
    SafeBootMin:64bit: Boot Bus Extender - Driver Group
    SafeBootMin:64bit: Boot file system - Driver Group
    SafeBootMin:64bit: File system - Driver Group
    SafeBootMin:64bit: Filter - Driver Group
    SafeBootMin:64bit: HelpSvc - Service
    SafeBootMin:64bit: PCI Configuration - Driver Group
    SafeBootMin:64bit: PNP Filter - Driver Group
    SafeBootMin:64bit: Primary disk - Driver Group
    SafeBootMin:64bit: sacsvr - Service
    SafeBootMin:64bit: SCSI Class - Driver Group
    SafeBootMin:64bit: System Bus Extender - Driver Group
    SafeBootMin:64bit: vmms - Service
    SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
    SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
    SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
    SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
    SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
    SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
    SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
    SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
    SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
    SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
    SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
    SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
    SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
    SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
    SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
    SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
    SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
    SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
    SafeBootMin: AppMgmt - Service
    SafeBootMin: Base - Driver Group
    SafeBootMin: Boot Bus Extender - Driver Group
    SafeBootMin: Boot file system - Driver Group
    SafeBootMin: File system - Driver Group
    SafeBootMin: Filter - Driver Group
    SafeBootMin: HelpSvc - Service
    SafeBootMin: PCI Configuration - Driver Group
    SafeBootMin: PNP Filter - Driver Group
    SafeBootMin: Primary disk - Driver Group
    SafeBootMin: sacsvr - Service
    SafeBootMin: SCSI Class - Driver Group
    SafeBootMin: System Bus Extender - Driver Group
    SafeBootMin: vmms - Service
    SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
    SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
    SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
    SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
    SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
    SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
    SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
    SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
    SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
    SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
    SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
    SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
    SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
    SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
    SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
    SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
    SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
    SafeBootNet:64bit: AppMgmt - Service
    SafeBootNet:64bit: Base - Driver Group
    SafeBootNet:64bit: Boot Bus Extender - Driver Group
    SafeBootNet:64bit: Boot file system - Driver Group
    SafeBootNet:64bit: File system - Driver Group
    SafeBootNet:64bit: Filter - Driver Group
    SafeBootNet:64bit: HelpSvc - Service
    SafeBootNet:64bit: Messenger - Service
    SafeBootNet:64bit: NDIS Wrapper - Driver Group
    SafeBootNet:64bit: NetBIOSGroup - Driver Group
    SafeBootNet:64bit: NetDDEGroup - Driver Group
    SafeBootNet:64bit: Network - Driver Group
    SafeBootNet:64bit: NetworkProvider - Driver Group
    SafeBootNet:64bit: PCI Configuration - Driver Group
    SafeBootNet:64bit: PNP Filter - Driver Group
    SafeBootNet:64bit: PNP_TDI - Driver Group
    SafeBootNet:64bit: Primary disk - Driver Group
    SafeBootNet:64bit: rdsessmgr - Service
    SafeBootNet:64bit: sacsvr - Service
    SafeBootNet:64bit: SCSI Class - Driver Group
    SafeBootNet:64bit: Streams Drivers - Driver Group
    SafeBootNet:64bit: System Bus Extender - Driver Group
    SafeBootNet:64bit: TDI - Driver Group
    SafeBootNet:64bit: vmms - Service
    SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
    SafeBootNet:64bit: WudfUsbccidDriver - Driver
    SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
    SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
    SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
    SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
    SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
    SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
    SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
    SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
    SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
    SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
    SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
    SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
    SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
    SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
    SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
    SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
    SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
    SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
    SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
    SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
    SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
    SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
    SafeBootNet: AppMgmt - Service
    SafeBootNet: Base - Driver Group
    SafeBootNet: Boot Bus Extender - Driver Group
    SafeBootNet: Boot file system - Driver Group
    SafeBootNet: File system - Driver Group
    SafeBootNet: Filter - Driver Group
    SafeBootNet: HelpSvc - Service
    SafeBootNet: Messenger - Service
    SafeBootNet: NDIS Wrapper - Driver Group
    SafeBootNet: NetBIOSGroup - Driver Group
    SafeBootNet: NetDDEGroup - Driver Group
    SafeBootNet: Network - Driver Group
    SafeBootNet: NetworkProvider - Driver Group
    SafeBootNet: PCI Configuration - Driver Group
    SafeBootNet: PNP Filter - Driver Group
    SafeBootNet: PNP_TDI - Driver Group
    SafeBootNet: Primary disk - Driver Group
    SafeBootNet: rdsessmgr - Service
    SafeBootNet: sacsvr - Service
    SafeBootNet: SCSI Class - Driver Group
    SafeBootNet: Streams Drivers - Driver Group
    SafeBootNet: System Bus Extender - Driver Group
    SafeBootNet: TDI - Driver Group
    SafeBootNet: vmms - Service
    SafeBootNet: WudfUsbccidDriver - Driver
    SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
    SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
    SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
    SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
    SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
    SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
    SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
    SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
    SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
    SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
    SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
    SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
    SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
    SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
    SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
    SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
    SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
    SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
    SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
    SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
    SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
    SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
     
  5. Voltman

    Voltman Thread Starter

    Joined:
    Jun 27, 2012
    Messages:
    41
    CREATERESTOREPOINT
    Restore point Set: OTL Restore Point
    ========== Files/Folders - Created Within 30 Days ==========
    [2016/02/04 19:07:08 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Mike\Desktop\OTL.exe
    [2016/01/26 19:45:37 | 000,000,000 | ---D | C] -- C:\windows\Sun
    [2016/01/26 19:43:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
    [2016/01/26 19:42:53 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Roaming\Sun
    [2016/01/26 19:42:53 | 000,000,000 | ---D | C] -- C:\Users\Mike\.oracle_jre_usage
    [2016/01/26 19:42:48 | 000,097,888 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\WindowsAccessBridge-32.dll
    [2016/01/26 19:42:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
    [2016/01/26 19:42:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
    [2016/01/26 19:42:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
    [2016/01/25 23:15:59 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\NV
    [2016/01/25 23:15:59 | 000,000,000 | ---D | C] -- C:\windows\SysNative\NV
    [2016/01/25 23:14:20 | 018,716,176 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvwgf2umx.dll
    [2016/01/25 23:14:20 | 016,286,888 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvwgf2um.dll
    [2016/01/25 23:14:19 | 031,061,624 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvoglv64.dll
    [2016/01/25 23:14:19 | 024,895,792 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvoglv32.dll
    [2016/01/25 23:14:19 | 021,122,456 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvopencl.dll
    [2016/01/25 23:14:19 | 020,663,816 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvcuda.dll
    [2016/01/25 23:14:19 | 017,561,432 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvopencl.dll
    [2016/01/25 23:14:19 | 017,156,968 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvcuda.dll
    [2016/01/25 23:14:19 | 016,981,976 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvd3dumx.dll
    [2016/01/25 23:14:19 | 003,168,376 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvcuvid.dll
    [2016/01/25 23:14:19 | 002,755,704 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvcuvid.dll
    [2016/01/25 23:14:19 | 001,915,696 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvdispco6436143.dll
    [2016/01/25 23:14:19 | 001,564,976 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvdispgenco6436143.dll
    [2016/01/25 23:14:19 | 000,938,104 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\NvFBC64.dll
    [2016/01/25 23:14:19 | 000,872,056 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\NvIFR64.dll
    [2016/01/25 23:14:19 | 000,734,512 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\NvFBC.dll
    [2016/01/25 23:14:19 | 000,681,592 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\NvIFR.dll
    [2016/01/25 23:14:19 | 000,502,080 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvEncodeAPI64.dll
    [2016/01/25 23:14:19 | 000,423,264 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvEncodeAPI.dll
    [2016/01/25 23:14:19 | 000,416,376 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\NvIFROpenGL.dll
    [2016/01/25 23:14:19 | 000,370,808 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\NvIFROpenGL.dll
    [2016/01/25 23:14:19 | 000,151,184 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvoglshim64.dll
    [2016/01/25 23:14:19 | 000,128,696 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvoglshim32.dll
    [2016/01/25 23:14:19 | 000,031,352 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\drivers\nvpciflt.sys
    [2016/01/25 23:05:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
    [2016/01/25 23:04:43 | 000,090,768 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvaudcap32v.dll
    [2016/01/25 23:04:43 | 000,047,760 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\drivers\nvvad64v.sys
    [1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
    ========== Files - Modified Within 30 Days ==========
    [2016/02/04 19:34:00 | 000,000,898 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
    [2016/02/04 19:15:01 | 000,000,536 | ---- | M] () -- C:\windows\tasks\G2MUpdateTask-S-1-5-21-1976023582-461195794-4052751207-1002.job
    [2016/02/04 19:11:00 | 000,000,904 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1976023582-461195794-4052751207-1002UA.job
    [2016/02/04 19:06:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mike\Desktop\OTL.exe
    [2016/02/04 19:00:44 | 000,000,914 | ---- | M] () -- C:\windows\tasks\DropboxUpdateTaskUserS-1-5-21-1976023582-461195794-4052751207-1002UA.job
    [2016/02/04 19:00:07 | 000,024,656 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2016/02/04 19:00:07 | 000,024,656 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2016/02/04 18:54:51 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
    [2016/02/04 18:33:00 | 000,000,632 | ---- | M] () -- C:\windows\tasks\G2MUploadTask-S-1-5-21-1976023582-461195794-4052751207-1002.job
    [2016/02/04 18:00:04 | 000,000,862 | ---- | M] () -- C:\windows\tasks\DropboxUpdateTaskUserS-1-5-21-1976023582-461195794-4052751207-1002Core.job
    [2016/02/04 17:47:24 | 000,000,894 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
    [2016/02/04 17:41:10 | 000,000,852 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1976023582-461195794-4052751207-1002Core.job
    [2016/02/04 17:38:56 | 000,002,193 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
    [2016/02/01 20:20:54 | 2085,023,743 | -HS- | M] () -- C:\hiberfil.sys
    [2016/01/28 22:28:11 | 000,318,804 | ---- | M] () -- C:\Users\Mike\Desktop\Amazon.com - Online Return Center.pdf
    [2016/01/27 22:45:21 | 000,590,071 | ---- | M] () -- C:\Users\Mike\Desktop\Statefarm.pdf
    [2016/01/27 21:27:05 | 000,101,516 | ---- | M] () -- C:\Users\Mike\Desktop\Auto Policy Information.pdf
    [2016/01/26 23:27:47 | 000,788,438 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
    [2016/01/26 23:27:47 | 000,666,614 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
    [2016/01/26 23:27:47 | 000,123,888 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
    [2016/01/26 19:42:42 | 000,097,888 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\WindowsAccessBridge-32.dll
    [2016/01/26 18:52:51 | 000,796,864 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
    [2016/01/26 18:52:51 | 000,142,528 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
    [2016/01/25 23:05:54 | 000,001,387 | ---- | M] () -- C:\Users\Public\Desktop\GeForce Experience.lnk
    [2016/01/25 21:44:24 | 000,614,968 | ---- | M] () -- C:\Users\Mike\Desktop\ESS UI.pdf
    [2016/01/25 15:24:36 | 000,028,038 | ---- | M] () -- C:\Users\Mike\Desktop\renderReferral.jsp_patientid=133913&referralid=9269.pdf
    [2016/01/11 23:41:10 | 001,542,600 | ---- | M] (NVIDIA Corporation) -- C:\windows\SysWow64\nvspcap.dll
    [2016/01/11 23:41:09 | 001,316,184 | ---- | M] (NVIDIA Corporation) -- C:\windows\SysWow64\nvspbridge.dll
    [2016/01/11 23:40:47 | 001,860,120 | ---- | M] (NVIDIA Corporation) -- C:\windows\SysNative\nvspcap64.dll
    [2016/01/11 23:40:47 | 001,756,608 | ---- | M] (NVIDIA Corporation) -- C:\windows\SysNative\nvspbridge64.dll
    [2016/01/11 23:40:47 | 000,112,032 | ---- | M] () -- C:\windows\SysNative\NvRtmpStreamer64.dll
    [2016/01/09 08:42:43 | 005,166,021 | ---- | M] () -- C:\Users\Mike\Desktop\GCMS info.pdf
    [2016/01/09 08:39:57 | 000,001,157 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
    [1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
    ========== Files Created - No Company Name ==========
    [2016/01/28 22:28:09 | 000,318,804 | ---- | C] () -- C:\Users\Mike\Desktop\Amazon.com - Online Return Center.pdf
    [2016/01/27 22:45:21 | 000,590,071 | ---- | C] () -- C:\Users\Mike\Desktop\Statefarm.pdf
    [2016/01/27 21:27:01 | 000,101,516 | ---- | C] () -- C:\Users\Mike\Desktop\Auto Policy Information.pdf
    [2016/01/25 23:14:17 | 042,977,072 | ---- | C] () -- C:\windows\SysNative\nvcompiler.dll
    [2016/01/25 23:14:17 | 037,609,080 | ---- | C] () -- C:\windows\SysWow64\nvcompiler.dll
    [2016/01/25 23:05:57 | 000,112,032 | ---- | C] () -- C:\windows\SysNative\NvRtmpStreamer64.dll
    [2016/01/25 21:44:24 | 000,614,968 | ---- | C] () -- C:\Users\Mike\Desktop\ESS UI.pdf
    [2016/01/25 15:24:33 | 000,028,038 | ---- | C] () -- C:\Users\Mike\Desktop\renderReferral.jsp_patientid=133913&referralid=9269.pdf
    [2016/01/09 08:42:43 | 005,166,021 | ---- | C] () -- C:\Users\Mike\Desktop\GCMS info.pdf
    [2014/01/25 15:06:35 | 000,007,613 | ---- | C] () -- C:\Users\Mike\AppData\Local\Resmon.ResmonCfg
    ========== ZeroAccess Check ==========
    [2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
    "" = C:\Windows\SysNative\shell32.dll -- [2015/02/13 00:22:33 | 014,177,280 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment
    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll -- [2015/02/13 00:26:18 | 012,875,264 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment
    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free
    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free
    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both
    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
    ========== LOP Check ==========
    [2014/02/03 18:20:25 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Audacity
    [2014/03/22 22:55:03 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\AVG
    [2014/02/03 00:38:39 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\AVG2014
    [2014/02/18 01:28:49 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\COWON
    [2016/02/01 20:23:47 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Dropbox
    [2015/06/01 22:26:11 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Eyeblaster
    [2014/10/07 01:13:16 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\flightgear.org
    [2014/10/07 01:12:39 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\fltk.org
    [2014/09/30 12:17:17 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Foxit Software
    [2015/06/06 23:32:43 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Mp3tag
    [2014/02/16 13:51:28 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\My Bluetooth
    [2015/05/17 21:59:40 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Samsung
    [2014/12/03 13:41:27 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Serif
    [2014/06/17 00:27:21 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Subversion
    [2014/02/03 00:37:56 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\TuneUp Software
    ========== Purity Check ==========
    ========== Custom Scans ==========
    ========== Drive Information ==========

    Physical Drives
    ---------------
    Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
    Interface type: IDE
    Media Type: Fixed hard disk media
    Model: ATA Hitachi HTS72757 SCSI Disk Device
    Partitions: 4
    Status: OK
    Status Info: 0
    Partitions
    ---------------
    DeviceID: Disk #0, Partition #0
    PartitionType: Unknown
    Bootable: False
    BootPartition: False
    PrimaryPartition: True
    Size: 11.00GB
    Starting Offset: 1048576
    Hidden sectors: 0
    DeviceID: Disk #0, Partition #1
    PartitionType: Unknown
    Bootable: True
    BootPartition: True
    PrimaryPartition: True
    Size: 100.00MB
    Starting Offset: 11818500096
    Hidden sectors: 0
    DeviceID: Disk #0, Partition #2
    PartitionType: Installable File System
    Bootable: False
    BootPartition: False
    PrimaryPartition: True
    Size: 150.00GB
    Starting Offset: 11923357696
    Hidden sectors: 0
    DeviceID: Disk #0, Partition #3
    PartitionType: Extended w/Extended Int 13
    Bootable: False
    BootPartition: False
    PrimaryPartition: False
    Size: 538.00GB
    Starting Offset: 172984631296
    Hidden sectors: 0
    < %systemroot%\assembly\GAC_32\*.ini >
    < %systemroot%\assembly\GAC_64\*.ini >
    < %ALLUSERSPROFILE%\Application Data\*.exe >
    < %APPDATA%\*. >

    [2015/02/25 22:28:49 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Adobe
    [2014/12/12 14:18:17 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Apple Computer
    [2014/02/03 18:20:25 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Audacity
    [2014/03/22 22:55:03 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\AVG
    [2014/02/03 00:38:39 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\AVG2014
    [2014/02/18 01:28:49 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\COWON
    [2014/02/16 21:26:16 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\CyberLink
    [2016/02/01 20:23:47 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Dropbox
    [2015/06/01 22:26:11 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Eyeblaster
    [2014/10/07 01:13:16 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\flightgear.org
    [2014/10/07 01:12:39 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\fltk.org
    [2014/09/30 12:17:17 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Foxit Software
    [2014/01/25 15:02:36 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Identities
    [2014/02/11 01:16:07 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\InstallShield
    [2014/01/25 15:04:01 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Intel Corporation
    [2014/01/25 14:11:23 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Macromedia
    [2014/07/10 09:45:16 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Malwarebytes
    [2013/07/18 20:24:45 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Media Center Programs
    [2015/11/12 16:59:14 | 000,000,000 | --SD | M] -- C:\Users\Mike\AppData\Roaming\Microsoft
    [2015/12/16 10:45:28 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Mozilla
    [2015/06/06 23:32:43 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Mp3tag
    [2014/02/16 13:51:28 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\My Bluetooth
    [2015/12/04 20:50:14 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\NVIDIA
    [2015/05/17 21:59:40 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Samsung
    [2014/12/03 13:41:27 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Serif
    [2014/06/15 19:54:48 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Skype
    [2014/06/17 00:27:21 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Subversion
    [2016/01/26 19:42:53 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Sun
    [2014/02/03 00:37:56 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\TuneUp Software
    < %SYSTEMDRIVE%\*.* >
    [2010/11/20 22:23:51 | 000,383,786 | RHS- | M] () -- C:\bootmgr
    [2011/02/14 16:42:56 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
    [2016/02/01 20:20:54 | 2085,023,743 | -HS- | M] () -- C:\hiberfil.sys
    [2016/02/01 20:20:53 | 4211,691,519 | -HS- | M] () -- C:\pagefile.sys
    < %PROGRAMFILES%\*.exe >
    < %LOCALAPPDATA%\*.exe >
    < %windir%\Installer\*.* >

    [2016/01/14 21:12:48 | 000,849,408 | ---- | M] () -- C:\windows\Installer\1026192c.msi
    [2016/01/11 22:19:17 | 046,080,000 | R--- | M] () -- C:\windows\Installer\102619bc.msp
    [2015/10/29 02:48:45 | 001,208,320 | R--- | M] () -- C:\windows\Installer\102f0538.msp
    [2014/02/11 10:33:51 | 059,317,760 | ---- | M] () -- C:\windows\Installer\109fef.msi
    [2015/02/18 04:17:44 | 016,441,344 | R--- | M] () -- C:\windows\Installer\10fec5.msp
    [2015/02/18 04:15:46 | 013,508,608 | R--- | M] () -- C:\windows\Installer\10fefa.msp
    [2015/02/18 04:29:44 | 011,120,640 | R--- | M] () -- C:\windows\Installer\10ff2e.msp
    [2015/02/18 04:22:54 | 004,939,776 | R--- | M] () -- C:\windows\Installer\10ff4b.msp
    [2015/02/10 12:54:50 | 009,691,136 | R--- | M] () -- C:\windows\Installer\10ff5a.msp
    [2015/02/18 04:14:44 | 010,448,896 | R--- | M] () -- C:\windows\Installer\10ff76.msp
    [2015/02/10 12:53:02 | 004,984,832 | R--- | M] () -- C:\windows\Installer\10ff84.msp
    [2015/02/10 12:54:42 | 004,333,568 | R--- | M] () -- C:\windows\Installer\10ff93.msp
    [2011/06/11 06:29:54 | 000,177,664 | ---- | M] () -- C:\windows\Installer\1121f.msi
    [2011/06/28 23:21:32 | 004,637,184 | R--- | M] () -- C:\windows\Installer\11220.msp
    [2015/07/07 11:36:08 | 004,726,784 | R--- | M] () -- C:\windows\Installer\11e6c78d.msp
    [2015/07/07 11:39:32 | 010,043,392 | R--- | M] () -- C:\windows\Installer\11e6c79b.msp
    [2015/06/20 02:57:10 | 004,984,832 | R--- | M] () -- C:\windows\Installer\11e6c7b7.msp
    [2015/06/20 02:56:20 | 010,444,800 | R--- | M] () -- C:\windows\Installer\11e6c7c6.msp
    [2015/06/20 02:57:20 | 013,508,608 | R--- | M] () -- C:\windows\Installer\11e6c7d5.msp
    [2015/06/20 02:57:58 | 009,691,136 | R--- | M] () -- C:\windows\Installer\11e6c80a.msp
    [2015/02/16 22:40:06 | 003,084,288 | R--- | M] () -- C:\windows\Installer\121d19.msp
    [2013/02/15 18:15:50 | 007,880,704 | ---- | M] () -- C:\windows\Installer\12724.msi
    [2013/03/22 10:40:38 | 008,552,448 | ---- | M] () -- C:\windows\Installer\1272a.msi
    [2014/03/19 12:11:50 | 011,222,528 | R--- | M] () -- C:\windows\Installer\129380e0.msp
    [2014/01/29 02:37:28 | 013,148,160 | R--- | M] () -- C:\windows\Installer\129380fc.msp
    [2014/03/19 12:11:48 | 004,347,392 | R--- | M] () -- C:\windows\Installer\1293810b.msp
    [2014/03/12 01:03:54 | 005,005,824 | R--- | M] () -- C:\windows\Installer\12938119.msp
    [2013/07/05 00:31:40 | 004,625,408 | ---- | M] () -- C:\windows\Installer\138af.msi
    [2015/10/26 10:16:34 | 006,529,024 | ---- | M] () -- C:\windows\Installer\13dc3f08.msi
    [2015/12/11 17:58:00 | 006,729,728 | ---- | M] () -- C:\windows\Installer\17e20454.msi
    [2015/10/14 04:40:18 | 001,224,704 | R--- | M] () -- C:\windows\Installer\19016435.msp
    [2011/01/31 08:33:19 | 008,065,024 | ---- | M] () -- C:\windows\Installer\19601c.msi
    [2011/08/22 12:06:50 | 007,372,800 | R--- | M] () -- C:\windows\Installer\1960bd.msp
    [2015/05/15 16:12:56 | 004,984,832 | R--- | M] () -- C:\windows\Installer\196312.msp
    [2015/05/18 13:54:46 | 001,118,208 | R--- | M] () -- C:\windows\Installer\19631c.msp
    [2015/02/17 18:17:08 | 000,421,888 | R--- | M] () -- C:\windows\Installer\196326.msp
    [2011/04/16 08:44:26 | 002,770,944 | ---- | M] () -- C:\windows\Installer\1a288d0.msi
    [2015/03/10 10:26:44 | 009,801,728 | R--- | M] () -- C:\windows\Installer\1af045.msp
    [2015/04/14 07:53:04 | 015,880,192 | R--- | M] () -- C:\windows\Installer\1af07a.msp
    [2015/07/09 06:46:23 | 049,188,864 | R--- | M] () -- C:\windows\Installer\1b1c102.msp
    [2015/06/27 07:10:33 | 053,332,992 | R--- | M] () -- C:\windows\Installer\1b697a.msp
    [2009/07/12 14:16:26 | 000,223,232 | ---- | M] () -- C:\windows\Installer\1b926.msi
    [2009/07/12 09:43:18 | 000,231,936 | ---- | M] () -- C:\windows\Installer\1b92c.msi
    [2008/09/20 06:07:16 | 003,769,856 | ---- | M] () -- C:\windows\Installer\1bae740.msi
    [2008/09/20 04:27:46 | 003,115,008 | ---- | M] () -- C:\windows\Installer\1e128b3.msi
    [2008/09/20 04:30:54 | 005,435,392 | ---- | M] () -- C:\windows\Installer\1e128b9.msi
    [2008/09/20 04:31:12 | 003,190,272 | ---- | M] () -- C:\windows\Installer\1e128bf.msi
    [2008/09/20 04:28:14 | 003,154,944 | ---- | M] () -- C:\windows\Installer\1e128c5.msi
    [2008/09/20 04:30:28 | 003,130,880 | ---- | M] () -- C:\windows\Installer\1e128cb.msi
    [2008/09/20 04:28:42 | 003,222,528 | ---- | M] () -- C:\windows\Installer\1e128d1.msi
    [2008/09/20 04:29:02 | 005,413,376 | ---- | M] () -- C:\windows\Installer\1e128d7.msi
    [2008/09/20 04:28:22 | 003,117,568 | ---- | M] () -- C:\windows\Installer\1e128de.msi
    [2008/09/20 04:28:28 | 003,118,080 | ---- | M] () -- C:\windows\Installer\1e128e5.msi
    [2008/09/20 04:28:34 | 003,118,080 | ---- | M] () -- C:\windows\Installer\1e128ec.msi
    [2008/09/20 04:31:10 | 003,120,640 | ---- | M] () -- C:\windows\Installer\1e128f2.msi
    [2008/09/20 04:31:16 | 005,802,496 | ---- | M] () -- C:\windows\Installer\1e128f9.msi
    [2008/09/20 04:31:14 | 003,160,576 | ---- | M] () -- C:\windows\Installer\1e12900.msi
    [2008/09/20 04:27:48 | 003,115,008 | ---- | M] () -- C:\windows\Installer\1e12906.msi
    [2008/09/20 04:31:20 | 003,119,104 | ---- | M] () -- C:\windows\Installer\1e1290d.msi
    [2008/09/20 04:28:02 | 003,746,304 | ---- | M] () -- C:\windows\Installer\1e12913.msi
    [2008/09/20 04:29:30 | 003,781,120 | ---- | M] () -- C:\windows\Installer\1e12919.msi
    [2008/09/20 04:28:08 | 003,328,512 | ---- | M] () -- C:\windows\Installer\1e1291f.msi
    [2008/05/29 01:04:08 | 000,029,696 | ---- | M] () -- C:\windows\Installer\1e12925.msi
    [2008/09/20 04:28:48 | 003,117,056 | ---- | M] () -- C:\windows\Installer\1e1292c.msi
    [2008/09/20 04:29:30 | 005,480,960 | ---- | M] () -- C:\windows\Installer\1e12932.msi
    [2008/09/20 04:30:26 | 003,137,536 | ---- | M] () -- C:\windows\Installer\1e12938.msi
    [2008/09/20 04:31:00 | 003,127,296 | ---- | M] () -- C:\windows\Installer\1e1293e.msi
    [2008/09/20 04:28:10 | 003,133,440 | ---- | M] () -- C:\windows\Installer\1e12944.msi
    [2014/02/03 19:58:04 | 000,024,064 | ---- | M] () -- C:\windows\Installer\1e12952.msi
    [2008/09/20 04:28:20 | 004,938,752 | ---- | M] () -- C:\windows\Installer\1e12958.msi
    [2008/09/20 04:29:58 | 003,139,584 | ---- | M] () -- C:\windows\Installer\1e1295e.msi
    [2008/09/20 04:30:12 | 003,160,576 | ---- | M] () -- C:\windows\Installer\1e12964.msi
    [2008/09/20 04:28:18 | 004,945,408 | ---- | M] () -- C:\windows\Installer\1e1296b.msi
    [2008/09/20 04:30:30 | 003,140,608 | ---- | M] () -- C:\windows\Installer\1e12972.msi
    [2008/09/20 04:30:44 | 003,123,712 | ---- | M] () -- C:\windows\Installer\1e12978.msi
    [2008/09/20 04:30:44 | 003,121,152 | ---- | M] () -- C:\windows\Installer\1e1297e.msi
    [2008/09/20 04:28:38 | 003,123,200 | ---- | M] () -- C:\windows\Installer\1e12984.msi
    [2008/09/20 04:31:24 | 003,119,104 | ---- | M] () -- C:\windows\Installer\1e1298a.msi
    [2008/09/20 04:28:42 | 003,130,368 | ---- | M] () -- C:\windows\Installer\1e12990.msi
    [2008/09/20 04:28:36 | 003,118,080 | ---- | M] () -- C:\windows\Installer\1e12996.msi
    [2008/09/20 04:31:08 | 003,117,568 | ---- | M] () -- C:\windows\Installer\1e1299c.msi
    [2008/09/20 04:29:02 | 003,127,808 | ---- | M] () -- C:\windows\Installer\1e129a2.msi
    [2008/09/20 04:30:34 | 003,120,640 | ---- | M] () -- C:\windows\Installer\1e129a8.msi
    [2008/09/20 04:27:44 | 003,245,568 | ---- | M] () -- C:\windows\Installer\1e129af.msi
    [2008/09/20 04:28:16 | 003,154,944 | ---- | M] () -- C:\windows\Installer\1e129b5.msi
    [2008/09/20 04:31:08 | 003,118,592 | ---- | M] () -- C:\windows\Installer\1e129bb.msi
    [2008/09/20 04:30:00 | 003,139,584 | ---- | M] () -- C:\windows\Installer\1e129c1.msi
    [2008/09/20 04:30:16 | 003,160,576 | ---- | M] () -- C:\windows\Installer\1e129c7.msi
    [2008/09/20 04:30:24 | 003,123,200 | ---- | M] () -- C:\windows\Installer\1e129cd.msi
    [2008/09/20 04:30:28 | 003,130,880 | ---- | M] () -- C:\windows\Installer\1e129d3.msi
    [2008/09/20 04:30:42 | 003,252,736 | ---- | M] () -- C:\windows\Installer\1e129da.msi
    [2008/09/20 04:31:04 | 003,127,296 | ---- | M] () -- C:\windows\Installer\1e129e0.msi
    [2008/09/20 04:31:10 | 003,120,640 | ---- | M] () -- C:\windows\Installer\1e129e6.msi
    [2008/09/20 04:28:12 | 003,122,176 | ---- | M] () -- C:\windows\Installer\1e129ec.msi
    [2008/09/16 19:23:46 | 006,387,200 | ---- | M] () -- C:\windows\Installer\1e12a02.msi
    [2008/09/20 04:27:44 | 003,230,720 | ---- | M] () -- C:\windows\Installer\1e12a0c.msi
    [2008/09/20 04:29:28 | 003,148,288 | ---- | M] () -- C:\windows\Installer\1e12a13.msi
    [2008/09/20 04:31:22 | 003,140,608 | ---- | M] () -- C:\windows\Installer\1e12a1c.msi
    [2008/09/20 04:31:22 | 003,133,952 | ---- | M] () -- C:\windows\Installer\1e12a24.msi
    [2008/09/20 04:30:42 | 003,141,632 | ---- | M] () -- C:\windows\Installer\1e12a33.msi
    [2008/09/20 04:30:54 | 003,161,600 | ---- | M] () -- C:\windows\Installer\1e12a3a.msi
    [2008/09/20 04:30:18 | 003,131,904 | ---- | M] () -- C:\windows\Installer\1e12a41.msi
    [2008/09/20 04:30:52 | 005,661,696 | ---- | M] () -- C:\windows\Installer\1e12a67.msi
    [2008/09/20 04:30:36 | 005,920,256 | ---- | M] () -- C:\windows\Installer\1e12a8a.msi
    [2008/09/20 04:27:42 | 005,684,736 | ---- | M] () -- C:\windows\Installer\1e12aac.msi
    [2008/09/20 04:30:32 | 005,858,816 | ---- | M] () -- C:\windows\Installer\1e12ab2.msi
    [2014/11/19 08:45:32 | 011,059,200 | R--- | M] () -- C:\windows\Installer\21441743.msp
    [2014/11/25 10:16:04 | 011,124,736 | R--- | M] () -- C:\windows\Installer\21441777.msp
    [2014/11/12 20:12:46 | 010,436,608 | R--- | M] () -- C:\windows\Installer\21441794.msp
    [2014/11/25 10:17:26 | 009,691,136 | R--- | M] () -- C:\windows\Installer\214417a3.msp
    [2014/11/25 10:15:40 | 004,984,832 | R--- | M] () -- C:\windows\Installer\214417be.msp
    [2014/11/25 10:15:34 | 004,333,568 | R--- | M] () -- C:\windows\Installer\214417cd.msp
    [2012/04/11 03:55:34 | 000,041,472 | ---- | M] () -- C:\windows\Installer\23b79914.msi
    [2014/04/23 00:28:30 | 053,217,792 | R--- | M] () -- C:\windows\Installer\23b7991c.msp
    [2014/11/15 21:29:07 | 000,026,112 | ---- | M] () -- C:\windows\Installer\254f292d.msi
    [2014/07/31 22:58:30 | 053,303,296 | R--- | M] () -- C:\windows\Installer\256efc2c.msp
    [2008/09/20 04:30:34 | 006,224,896 | ---- | M] () -- C:\windows\Installer\267081c.msi
    [2011/07/21 11:34:34 | 003,456,000 | R--- | M] () -- C:\windows\Installer\26ba4fba.msp
    [2014/02/20 08:23:06 | 005,006,848 | R--- | M] () -- C:\windows\Installer\27608db9.msp
    [2014/04/16 07:43:24 | 022,920,192 | R--- | M] () -- C:\windows\Installer\2bc7efec.msp
    [2014/04/16 07:41:38 | 007,844,864 | R--- | M] () -- C:\windows\Installer\2bc97d9b.msp
    [2014/04/16 07:40:26 | 007,900,672 | R--- | M] () -- C:\windows\Installer\2bc97dd0.msp
    [2014/04/29 10:55:14 | 005,006,848 | R--- | M] () -- C:\windows\Installer\2bc97e04.msp
    [2014/04/02 01:54:52 | 003,246,592 | R--- | M] () -- C:\windows\Installer\2bc97e10.msp
    [2015/01/14 22:36:26 | 004,333,568 | R--- | M] () -- C:\windows\Installer\2eb09214.msp
    [2015/01/14 22:34:40 | 010,444,800 | R--- | M] () -- C:\windows\Installer\2eb09223.msp
    [2015/01/14 22:35:00 | 002,576,384 | R--- | M] () -- C:\windows\Installer\2eb09234.msp
    [2015/01/14 22:35:04 | 010,158,080 | R--- | M] () -- C:\windows\Installer\2eb0925f.msp
    [2015/01/14 22:35:00 | 011,120,640 | R--- | M] () -- C:\windows\Installer\2eb0929b.msp
    [2015/01/14 22:34:58 | 004,980,736 | R--- | M] () -- C:\windows\Installer\2eb092b7.msp
    [2015/01/14 22:36:46 | 009,691,136 | R--- | M] () -- C:\windows\Installer\2eb092c6.msp
    [2009/04/14 04:50:22 | 005,191,680 | R--- | M] () -- C:\windows\Installer\2fca79a.msp
    [2013/01/23 18:05:40 | 009,765,376 | R--- | M] () -- C:\windows\Installer\2fca7a2.msp
    [2013/11/01 18:17:42 | 005,009,920 | R--- | M] () -- C:\windows\Installer\2fca7c5.msp
    [2013/11/18 06:05:00 | 005,006,336 | R--- | M] () -- C:\windows\Installer\2fca7d3.msp
    [2011/09/15 18:37:28 | 016,691,712 | R--- | M] () -- C:\windows\Installer\2fca7da.msp
    [2011/09/15 18:37:52 | 034,428,416 | R--- | M] () -- C:\windows\Installer\2fca80b.msp
    [2011/09/15 18:34:54 | 428,804,608 | R--- | M] () -- C:\windows\Installer\2fca8b3.msp
    [2011/09/15 18:34:14 | 008,499,712 | R--- | M] () -- C:\windows\Installer\2fca967.msp
    [2011/09/15 18:38:04 | 010,838,528 | R--- | M] () -- C:\windows\Installer\2fca972.msp
    [2011/09/15 18:39:22 | 011,163,136 | R--- | M] () -- C:\windows\Installer\2fca97e.msp
    [2011/09/15 18:40:36 | 007,959,552 | R--- | M] () -- C:\windows\Installer\2fca988.msp
    [2009/04/14 04:56:18 | 020,498,944 | R--- | M] () -- C:\windows\Installer\2fca991.msp
    [2009/02/25 19:08:18 | 008,311,808 | R--- | M] () -- C:\windows\Installer\2fca99f.msp
    [2009/05/07 09:04:06 | 018,341,376 | R--- | M] () -- C:\windows\Installer\2fca9ce.msp
    [2009/04/14 03:46:12 | 015,438,848 | R--- | M] () -- C:\windows\Installer\2fca9d7.msp
    [2009/04/14 04:51:24 | 001,303,040 | R--- | M] () -- C:\windows\Installer\2fca9e0.msp
    [2009/04/14 04:21:34 | 015,303,168 | R--- | M] () -- C:\windows\Installer\2fca9e9.msp
    [2011/04/19 04:21:02 | 000,235,520 | ---- | M] () -- C:\windows\Installer\2fca9f1.msi
    [2011/04/19 04:54:14 | 000,227,328 | ---- | M] () -- C:\windows\Installer\2fca9f8.msi
    [2016/01/26 19:38:30 | 049,250,304 | ---- | M] () -- C:\windows\Installer\2feca5.msi
    [2016/01/26 19:38:24 | 000,765,952 | ---- | M] () -- C:\windows\Installer\2fecab.msi
    [2013/10/05 03:39:52 | 000,143,360 | ---- | M] () -- C:\windows\Installer\33254ae6.msi
    [2013/10/05 03:39:48 | 000,143,360 | ---- | M] () -- C:\windows\Installer\33254aec.msi
    [2015/12/03 16:53:47 | 002,801,664 | ---- | M] () -- C:\windows\Installer\34b13ee0.msi
    [2014/10/14 09:25:02 | 004,980,736 | R--- | M] () -- C:\windows\Installer\3982fe55.msp
    [2014/10/07 16:44:32 | 004,333,568 | R--- | M] () -- C:\windows\Installer\3982fe64.msp
    [2014/10/07 16:44:08 | 011,153,408 | R--- | M] () -- C:\windows\Installer\3982fe72.msp
    [2014/10/29 07:00:18 | 004,931,584 | R--- | M] () -- C:\windows\Installer\3982fe8f.msp
    [2015/03/17 03:42:22 | 002,792,960 | ---- | M] () -- C:\windows\Installer\45f606d0.msi
    [2011/11/08 21:29:08 | 001,897,984 | ---- | M] () -- C:\windows\Installer\47384.msi
    [2010/07/16 03:40:42 | 000,414,208 | ---- | M] () -- C:\windows\Installer\47389.msi
    [2013/07/19 12:32:40 | 011,384,320 | ---- | M] () -- C:\windows\Installer\47392.msi
    [2011/07/26 03:51:28 | 019,917,312 | ---- | M] () -- C:\windows\Installer\47396.msi
    [2013/02/01 14:12:01 | 125,546,496 | ---- | M] () -- C:\windows\Installer\473a2.msi
    [2013/07/19 12:36:45 | 004,680,704 | ---- | M] () -- C:\windows\Installer\473a6.msi
    [2013/07/19 12:36:45 | 000,659,456 | ---- | M] () -- C:\windows\Installer\473aa.msi
    [2013/07/19 12:36:45 | 000,684,032 | ---- | M] () -- C:\windows\Installer\473ae.msi
    [2013/07/19 12:36:46 | 003,734,016 | ---- | M] () -- C:\windows\Installer\473b2.msi
    [2013/07/19 12:36:48 | 007,705,600 | ---- | M] () -- C:\windows\Installer\473b6.msi
    [2013/07/19 12:36:49 | 008,568,832 | ---- | M] () -- C:\windows\Installer\473ba.msi
    [2013/07/19 12:36:50 | 002,081,792 | ---- | M] () -- C:\windows\Installer\473be.msi
    [2013/07/19 12:36:50 | 000,084,992 | ---- | M] () -- C:\windows\Installer\473c2.msi
    [2013/07/19 12:36:50 | 000,150,528 | ---- | M] () -- C:\windows\Installer\473c6.msi
    [2013/07/19 12:36:51 | 000,465,408 | ---- | M] () -- C:\windows\Installer\473ca.msi
    [2013/07/19 12:36:51 | 004,133,376 | ---- | M] () -- C:\windows\Installer\473ce.msi
    [2013/07/19 12:36:52 | 002,343,936 | ---- | M] () -- C:\windows\Installer\473d2.msi
    [2013/07/19 12:36:53 | 002,407,424 | ---- | M] () -- C:\windows\Installer\473d6.msi
    [2013/07/19 12:36:53 | 009,595,392 | ---- | M] () -- C:\windows\Installer\473da.msi
    [2013/07/19 12:36:54 | 003,676,160 | ---- | M] () -- C:\windows\Installer\473de.msi
    [2013/07/19 12:36:56 | 014,121,472 | ---- | M] () -- C:\windows\Installer\473e2.msi
    [2013/07/19 12:36:55 | 008,552,960 | ---- | M] () -- C:\windows\Installer\473e6.msi
    [2013/07/19 12:36:57 | 005,481,984 | ---- | M] () -- C:\windows\Installer\473ea.msi
    [2013/07/19 12:36:57 | 000,092,672 | ---- | M] () -- C:\windows\Installer\473ee.msi
    [2013/07/19 12:36:57 | 000,289,792 | ---- | M] () -- C:\windows\Installer\473f2.msi
    [2013/07/19 12:36:58 | 005,650,432 | ---- | M] () -- C:\windows\Installer\473f6.msi
    [2013/07/19 12:36:59 | 001,170,432 | ---- | M] () -- C:\windows\Installer\473fa.msi
    [2013/07/19 12:36:59 | 006,439,424 | ---- | M] () -- C:\windows\Installer\473fe.msi
    [2013/07/19 12:36:59 | 000,092,672 | ---- | M] () -- C:\windows\Installer\47402.msi
    [2013/07/19 12:37:00 | 000,285,184 | ---- | M] () -- C:\windows\Installer\47406.msi
    [2013/07/19 12:37:01 | 005,944,832 | ---- | M] () -- C:\windows\Installer\4740a.msi
    [2013/07/19 12:37:01 | 001,168,896 | ---- | M] () -- C:\windows\Installer\4740e.msi
    [2013/07/19 12:37:03 | 006,721,536 | ---- | M] () -- C:\windows\Installer\47412.msi
    [2013/07/19 12:37:04 | 000,078,848 | ---- | M] () -- C:\windows\Installer\47416.msi
    [2013/07/19 12:37:04 | 000,243,200 | ---- | M] () -- C:\windows\Installer\4741a.msi
    [2013/07/19 12:37:05 | 003,403,264 | ---- | M] () -- C:\windows\Installer\4741e.msi
    [2013/07/19 12:37:05 | 001,160,192 | ---- | M] () -- C:\windows\Installer\47422.msi
    [2013/07/19 12:37:06 | 003,911,168 | ---- | M] () -- C:\windows\Installer\47426.msi
    [2013/07/19 12:37:07 | 001,819,136 | ---- | M] () -- C:\windows\Installer\4742a.msi
    [2013/07/19 12:37:10 | 035,364,352 | ---- | M] () -- C:\windows\Installer\4742e.msi
    [2013/07/19 12:37:11 | 015,838,720 | ---- | M] () -- C:\windows\Installer\47432.msi
    [2013/07/19 12:37:13 | 004,182,528 | ---- | M] () -- C:\windows\Installer\47436.msi
    [2013/07/19 12:37:12 | 000,280,064 | ---- | M] () -- C:\windows\Installer\4743a.msi
    [2013/07/19 12:37:14 | 004,172,288 | ---- | M] () -- C:\windows\Installer\4743e.msi
    [2013/07/19 12:37:14 | 000,277,504 | ---- | M] () -- C:\windows\Installer\47442.msi
    [2013/07/19 12:37:15 | 004,031,488 | ---- | M] () -- C:\windows\Installer\47446.msi
    [2013/07/19 12:37:15 | 000,216,576 | ---- | M] () -- C:\windows\Installer\4744a.msi
    [2013/07/19 12:37:16 | 000,835,584 | ---- | M] () -- C:\windows\Installer\4744e.msi
    [2013/07/19 12:37:17 | 000,037,376 | ---- | M] () -- C:\windows\Installer\47452.msi
    [2013/07/19 12:37:18 | 000,037,376 | ---- | M] () -- C:\windows\Installer\47456.msi
    [2013/07/19 12:37:19 | 000,037,376 | ---- | M] () -- C:\windows\Installer\4745a.msi
    [2013/07/19 12:37:19 | 000,088,064 | ---- | M] () -- C:\windows\Installer\4745e.msi
    [2013/07/19 12:37:20 | 000,268,288 | ---- | M] () -- C:\windows\Installer\47462.msi
    [2013/07/19 12:37:21 | 003,407,360 | ---- | M] () -- C:\windows\Installer\47466.msi
    [2013/07/19 12:37:22 | 001,166,848 | ---- | M] () -- C:\windows\Installer\4746a.msi
    [2013/07/19 12:37:21 | 004,129,280 | ---- | M] () -- C:\windows\Installer\4746e.msi
    [2013/07/19 12:37:23 | 004,139,520 | ---- | M] () -- C:\windows\Installer\47472.msi
    [2013/07/19 12:37:23 | 000,261,120 | ---- | M] () -- C:\windows\Installer\47476.msi
    [2013/07/19 12:37:23 | 000,037,376 | ---- | M] () -- C:\windows\Installer\4747a.msi
    [2014/10/07 17:04:52 | 002,323,456 | ---- | M] () -- C:\windows\Installer\4f6557.msi
    [2014/10/07 15:36:14 | 021,402,624 | ---- | M] () -- C:\windows\Installer\4f6687.msi
    [2014/10/07 17:12:54 | 028,567,040 | ---- | M] () -- C:\windows\Installer\4f6984.msi
    [2005/09/23 07:48:26 | 002,483,200 | ---- | M] () -- C:\windows\Installer\4f6992.msi
    [2012/07/25 16:57:08 | 002,532,864 | R--- | M] () -- C:\windows\Installer\5153edb.msp
    [2013/07/17 13:33:26 | 016,541,184 | R--- | M] () -- C:\windows\Installer\5153f04.msp
    [2012/09/25 12:39:06 | 001,760,768 | R--- | M] () -- C:\windows\Installer\5153f35.msp
    [2012/09/25 12:38:52 | 011,885,568 | R--- | M] () -- C:\windows\Installer\5153f5c.msp
    [2013/05/08 21:36:50 | 010,943,488 | R--- | M] () -- C:\windows\Installer\5153f7c.msp
    [2012/02/17 08:45:24 | 002,299,392 | R--- | M] () -- C:\windows\Installer\5153fb0.msp
    [2012/03/15 02:24:28 | 001,795,584 | R--- | M] () -- C:\windows\Installer\5153fe5.msp
    [2013/07/11 05:30:06 | 008,865,792 | R--- | M] () -- C:\windows\Installer\515400e.msp
    [2012/07/18 15:46:48 | 000,593,408 | R--- | M] () -- C:\windows\Installer\5154044.msp
    [2011/11/01 13:34:26 | 001,169,920 | R--- | M] () -- C:\windows\Installer\5154079.msp
    [2011/11/01 13:34:28 | 002,247,168 | R--- | M] () -- C:\windows\Installer\51540c4.msp
    [2013/11/18 06:05:54 | 011,192,320 | R--- | M] () -- C:\windows\Installer\51540d2.msp
    [2013/11/01 18:15:08 | 006,185,472 | R--- | M] () -- C:\windows\Installer\51540ef.msp
    [2012/07/25 16:59:06 | 011,032,064 | R--- | M] () -- C:\windows\Installer\5154124.msp
    [2013/09/18 16:22:18 | 010,510,848 | R--- | M] () -- C:\windows\Installer\5154159.msp
    [2013/09/04 17:56:48 | 005,980,160 | R--- | M] () -- C:\windows\Installer\5154168.msp
    [2013/09/18 16:23:10 | 009,745,408 | R--- | M] () -- C:\windows\Installer\5154184.msp
    [2013/06/21 10:24:42 | 010,079,232 | R--- | M] () -- C:\windows\Installer\51541a0.msp
    [2013/01/09 12:39:02 | 019,780,096 | R--- | M] () -- C:\windows\Installer\51541dc.msp
    [2013/09/04 17:56:14 | 011,640,832 | R--- | M] () -- C:\windows\Installer\5154211.msp
    [2013/11/18 06:06:06 | 004,346,880 | R--- | M] () -- C:\windows\Installer\5154246.msp
    [2012/06/19 12:54:40 | 002,239,488 | R--- | M] () -- C:\windows\Installer\5154255.msp
    [2013/10/22 06:08:44 | 001,107,456 | R--- | M] () -- C:\windows\Installer\5154288.msp
    [2011/11/01 13:34:56 | 004,250,112 | R--- | M] () -- C:\windows\Installer\51542a6.msp
    [2013/11/01 18:14:50 | 009,660,928 | R--- | M] () -- C:\windows\Installer\51542b5.msp
    [2013/09/06 05:46:04 | 013,146,112 | R--- | M] () -- C:\windows\Installer\51542ef.msp
    [2012/12/19 22:36:38 | 013,662,720 | R--- | M] () -- C:\windows\Installer\51542fe.msp
    [2008/09/30 21:07:10 | 006,042,112 | ---- | M] () -- C:\windows\Installer\547e2d2.msi
    [2009/07/21 00:29:14 | 006,057,984 | ---- | M] () -- C:\windows\Installer\547e2d9.msi
    [2012/11/07 03:30:52 | 001,559,552 | ---- | M] () -- C:\windows\Installer\586e0.msi
    [2012/11/07 03:39:00 | 001,304,064 | ---- | M] () -- C:\windows\Installer\586e6.msi
    [2012/11/07 03:37:52 | 000,836,608 | ---- | M] () -- C:\windows\Installer\586ec.msi
    [2011/01/15 09:46:32 | 002,049,536 | ---- | M] () -- C:\windows\Installer\5b88a.msi
    [2014/08/14 18:38:44 | 004,976,640 | R--- | M] () -- C:\windows\Installer\5d95367.msp
    [2014/09/25 15:43:48 | 001,220,608 | ---- | M] () -- C:\windows\Installer\5ef35068.msi
    [2014/09/16 21:23:56 | 011,124,736 | R--- | M] () -- C:\windows\Installer\5ef35075.msp
    [2014/09/23 13:29:08 | 004,980,736 | R--- | M] () -- C:\windows\Installer\5ef35091.msp
    [2014/09/16 20:32:04 | 004,333,568 | R--- | M] () -- C:\windows\Installer\5ef350a0.msp
    [2015/03/18 03:09:52 | 004,988,928 | R--- | M] () -- C:\windows\Installer\61c33d2c.msp
    [2015/04/30 12:05:07 | 040,329,216 | ---- | M] () -- C:\windows\Installer\61c33e45.msi
    [2015/03/18 03:08:20 | 011,128,832 | R--- | M] () -- C:\windows\Installer\61c33e52.msp
    [2015/02/05 20:34:26 | 010,502,144 | R--- | M] () -- C:\windows\Installer\61c33e7e.msp
    [2015/03/18 03:08:56 | 004,333,568 | R--- | M] () -- C:\windows\Installer\61cbf8de.msp
    [2014/05/16 04:06:18 | 009,850,368 | R--- | M] () -- C:\windows\Installer\6773dc09.msp
    [2014/05/16 04:07:12 | 005,002,752 | R--- | M] () -- C:\windows\Installer\6773dc3d.msp
    [2014/05/16 04:10:46 | 011,215,360 | R--- | M] () -- C:\windows\Installer\6773dc4b.msp
    [2014/05/16 04:10:50 | 004,346,880 | R--- | M] () -- C:\windows\Installer\6773dc68.msp
    [2014/05/16 04:08:36 | 008,179,200 | R--- | M] () -- C:\windows\Installer\6773dc77.msp
    [2014/04/12 11:48:44 | 001,572,864 | ---- | M] () -- C:\windows\Installer\7320cce0.msi
    [2014/04/24 12:02:28 | 053,303,296 | R--- | M] () -- C:\windows\Installer\79c876d.msp
    [2012/02/12 13:06:18 | 053,833,728 | ---- | M] () -- C:\windows\Installer\84c0f996.msi
    [2015/11/12 16:59:12 | 000,165,888 | ---- | M] () -- C:\windows\Installer\92fe248.msi
    [2013/07/19 11:59:21 | 006,979,072 | ---- | M] () -- C:\windows\Installer\9a7f5.msi
    [2015/07/29 08:19:43 | 095,416,320 | ---- | M] () -- C:\windows\Installer\9d04bc6.msi
    [2014/02/03 00:35:26 | 000,040,960 | ---- | M] () -- C:\windows\Installer\9f2989.msi
    [2014/02/03 00:35:25 | 013,684,736 | ---- | M] () -- C:\windows\Installer\9f2991.msi
    [2015/11/25 04:42:23 | 000,212,992 | R--- | M] () -- C:\windows\Installer\c1a47ed.msp
    [2014/06/18 04:15:58 | 005,001,728 | R--- | M] () -- C:\windows\Installer\c80dc86.msp
    [2016/02/01 20:24:03 | 000,040,960 | ---- | M] () -- C:\windows\Installer\cc632.msi
    [2014/02/03 14:38:15 | 002,398,720 | ---- | M] () -- C:\windows\Installer\d2f520.msi
    [2014/02/03 14:38:15 | 000,502,272 | ---- | M] () -- C:\windows\Installer\d2f526.msi
    [2014/02/03 14:38:27 | 000,503,296 | ---- | M] () -- C:\windows\Installer\d2f52c.msi
    [2014/02/03 14:38:25 | 000,502,272 | ---- | M] () -- C:\windows\Installer\d2f532.msi
    [2014/02/03 14:38:33 | 000,514,048 | ---- | M] () -- C:\windows\Installer\d2f538.msi
    [2014/02/03 14:38:32 | 000,518,144 | ---- | M] () -- C:\windows\Installer\d2f53f.msi
    [2014/02/03 14:38:29 | 000,507,904 | ---- | M] () -- C:\windows\Installer\d2f546.msi
    [2014/02/03 14:38:29 | 000,502,272 | ---- | M] () -- C:\windows\Installer\d2f54c.msi
    [2014/02/03 14:38:35 | 001,654,272 | ---- | M] () -- C:\windows\Installer\d2f552.msi
    [2014/02/03 14:38:37 | 000,847,872 | ---- | M] () -- C:\windows\Installer\d2f559.msi
    [2014/02/03 14:38:38 | 006,367,744 | ---- | M] () -- C:\windows\Installer\d2f561.msi
    [2014/02/03 14:50:15 | 001,714,176 | ---- | M] () -- C:\windows\Installer\d2f570.msi
    [2014/02/03 14:50:21 | 007,101,440 | ---- | M] () -- C:\windows\Installer\d2f5aa.msi
    [2014/02/03 14:54:22 | 001,642,496 | ---- | M] () -- C:\windows\Installer\d2f5c6.msi
    [2014/02/03 14:54:27 | 006,272,512 | ---- | M] () -- C:\windows\Installer\d2f5f5.msi
    [2014/02/03 14:59:24 | 002,024,448 | ---- | M] () -- C:\windows\Installer\d2f611.msi
    [2014/02/03 14:59:29 | 006,888,960 | ---- | M] () -- C:\windows\Installer\d2f63d.msi
    [2015/10/12 22:26:31 | 021,102,592 | R--- | M] () -- C:\windows\Installer\d477f.msp
    [2011/06/11 06:30:40 | 000,163,840 | ---- | M] () -- C:\windows\Installer\ec76.msi
    [2011/06/28 23:27:28 | 004,028,928 | R--- | M] () -- C:\windows\Installer\ec77.msp
    [2016/01/18 23:45:03 | 053,338,112 | R--- | M] () -- C:\windows\Installer\f3d031a.msp
    [2015/08/17 10:17:46 | 053,332,992 | R--- | M] () -- C:\windows\Installer\fa13707.msp
    [2015/10/26 10:16:59 | 000,020,480 | ---- | M] () -- C:\windows\Installer\SourceHash{055E4E62-72ED-4668-9F7A-AE5462B4D466}
    [2015/04/30 12:05:23 | 000,020,480 | ---- | M] () -- C:\windows\Installer\SourceHash{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}
    [2015/03/07 15:40:13 | 000,028,672 | ---- | M] () -- C:\windows\Installer\SourceHash{26784146-6E05-3FF9-9335-786C7C0FB5BE}
    [2016/01/26 19:42:35 | 000,020,480 | ---- | M] () -- C:\windows\Installer\SourceHash{26A24AE4-039D-4CA4-87B4-2F83218071F0}
    [2014/12/12 01:44:08 | 000,020,480 | ---- | M] () -- C:\windows\Installer\SourceHash{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}
    [2014/10/25 10:24:48 | 000,020,480 | ---- | M] () -- C:\windows\Installer\SourceHash{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}
    [2014/12/12 01:42:26 | 000,020,480 | ---- | M] () -- C:\windows\Installer\SourceHash{46F044A5-CE8B-4196-984E-5BD6525E361D}
    [2016/01/26 19:43:19 | 000,020,480 | ---- | M] () -- C:\windows\Installer\SourceHash{4A03706F-666A-4037-7777-5F2748764D10}
    [2015/12/03 16:53:56 | 000,020,480 | ---- | M] () -- C:\windows\Installer\SourceHash{4ED5A05D-A367-47A4-B8CD-9D8BF1360511}
    [2015/02/07 08:16:02 | 000,020,480 | ---- | M] () -- C:\windows\Installer\SourceHash{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
    [2014/12/12 01:42:09 | 000,020,480 | ---- | M] () -- C:\windows\Installer\SourceHash{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
    [2014/12/04 13:28:58 | 000,020,480 | ---- | M] () -- C:\windows\Installer\SourceHash{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    [2016/01/25 23:05:27 | 000,020,480 | ---- | M] () -- C:\windows\Installer\SourceHash{929FBD26-9020-399B-9A7A-751D61F0B942}
    [2014/12/03 13:14:54 | 000,032,768 | ---- | M] () -- C:\windows\Installer\SourceHash{93C40A12-0098-46B1-972E-E8083686A7A0}
    [2015/07/29 08:21:02 | 000,020,480 | ---- | M] () -- C:\windows\Installer\SourceHash{A229420E-204B-11E5-B844-0050569584E9}
    [2014/12/12 11:11:28 | 000,020,480 | ---- | M] () -- C:\windows\Installer\SourceHash{A49F249F-0C91-497F-86DF-B2585E8E76B7}
    [2016/01/25 23:05:22 | 000,020,480 | ---- | M] () -- C:\windows\Installer\SourceHash{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}
    [2016/01/14 21:12:54 | 000,020,480 | ---- | M] () -- C:\windows\Installer\SourceHash{AC76BA86-0804-1033-1959-001824166751}
    [2015/07/10 20:42:59 | 000,020,480 | ---- | M] () -- C:\windows\Installer\SourceHash{AC76BA86-7AD7-1033-7B44-AC0F074E4100}
    [2014/12/12 11:10:02 | 000,020,480 | ---- | M] () -- C:\windows\Installer\SourceHash{CECD9C02-FEBA-4E03-91B8-218C57089E26}
    [2015/11/12 16:59:14 | 000,020,480 | ---- | M] () -- C:\windows\Installer\SourceHash{E5F6D26D-E180-4547-A865-565EAB61000C}
    [2014/12/04 13:29:30 | 000,020,480 | ---- | M] () -- C:\windows\Installer\SourceHash{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
    [2015/12/16 10:45:28 | 000,020,480 | ---- | M] () -- C:\windows\Installer\SourceHash{F9B579C2-D854-300A-BE62-A09EB9D722E4}
    [2013/07/19 11:32:57 | 000,000,288 | ---- | M] () -- C:\windows\Installer\wix{FA00A3CC-7440-4938-A271-F186F50DD40D}.SchedServiceConfig.rmi
    [1 C:\windows\Installer\*.tmp files -> C:\windows\Installer\*.tmp -> ]
    < %windir%\system32\tasks\*.* >
    < %windir%\system32\tasks\*.* /64 >

    [2016/01/14 21:14:23 | 000,003,886 | ---- | M] () -- C:\windows\SysNative\tasks\Adobe Acrobat Update Task
    [2015/02/12 18:27:25 | 000,003,694 | ---- | M] () -- C:\windows\SysNative\tasks\Adobe online update program
    [2015/07/17 16:55:53 | 000,003,490 | ---- | M] () -- C:\windows\SysNative\tasks\DropboxUpdateTaskUserS-1-5-21-1976023582-461195794-4052751207-1002Core
    [2015/07/17 16:55:53 | 000,003,886 | ---- | M] () -- C:\windows\SysNative\tasks\DropboxUpdateTaskUserS-1-5-21-1976023582-461195794-4052751207-1002UA
    [2016/02/02 20:05:49 | 000,003,562 | ---- | M] () -- C:\windows\SysNative\tasks\G2MUpdateTask-S-1-5-21-1976023582-461195794-4052751207-1002
    [2016/02/02 20:05:50 | 000,003,658 | ---- | M] () -- C:\windows\SysNative\tasks\G2MUploadTask-S-1-5-21-1976023582-461195794-4052751207-1002
    [2014/06/19 13:01:51 | 000,003,820 | ---- | M] () -- C:\windows\SysNative\tasks\Google Updater and Installer
    [2016/02/01 20:29:55 | 000,003,642 | ---- | M] () -- C:\windows\SysNative\tasks\GoogleUpdateTaskMachineCore
    [2016/02/01 20:29:55 | 000,003,894 | ---- | M] () -- C:\windows\SysNative\tasks\GoogleUpdateTaskMachineUA
    [2016/02/02 20:06:52 | 000,003,480 | ---- | M] () -- C:\windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1976023582-461195794-4052751207-1002Core
    [2016/02/02 20:06:53 | 000,003,876 | ---- | M] () -- C:\windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1976023582-461195794-4052751207-1002UA
    [2014/02/03 00:38:13 | 000,003,230 | ---- | M] () -- C:\windows\SysNative\tasks\SidebarExecute
    [2014/02/03 14:31:02 | 000,003,022 | ---- | M] () -- C:\windows\SysNative\tasks\{DFF137CE-772E-45DE-A2DC-E0B5DE7913E1}
    < %systemroot%\Fonts\*.exe >
    < %systemroot%\*. /mp /s >
    < MD5 for: ATAPI.SYS >

    [2009/07/13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\drivers\atapi.sys
    [2009/07/13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
    [2009/07/13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
    [2009/07/13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
    [2009/07/13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
    [2009/07/13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys
    < MD5 for: CSRSS.EXE >
    [2009/07/13 20:39:02 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=60C2862B4BF0FD9F582EF344C2B1EC72 -- C:\windows\SysNative\csrss.exe
    [2009/07/13 20:39:02 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=60C2862B4BF0FD9F582EF344C2B1EC72 -- C:\Windows\winsxs\amd64_microsoft-windows-csrss_31bf3856ad364e35_6.1.7600.16385_none_b4d8d57efdc6b4f3\csrss.exe
    < MD5 for: EXPLORER.EXE >
    [2013/07/18 20:44:39 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
    [2013/07/18 20:44:39 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
    [2013/07/18 20:44:39 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
    [2013/07/18 20:44:39 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
    [2010/11/20 22:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
    [2013/07/18 20:44:39 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
    [2013/07/18 20:44:39 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
    [2010/11/20 22:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
    < MD5 for: MSWSOCK.DLL >
    [2010/11/20 22:24:00 | 000,326,144 | ---- | M] (Microsoft Corporation) MD5=1D5185A4C7E6695431AE4B55C3D7D333 -- C:\Windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.17514_none_16795c7543eb48cf\mswsock.dll
    [2013/09/06 21:04:16 | 000,231,424 | ---- | M] (Microsoft Corporation) MD5=6547D445C4B69DC0083B619AC642DF04 -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.22444_none_bac3d364a4c3ea89\mswsock.dll
    [2010/11/20 22:24:09 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=8999B8631C7FD9F7F9EC3CAFD953BA24 -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.17514_none_ba5ac0f18b8dd799\mswsock.dll
    [2013/09/07 21:27:14 | 000,327,168 | ---- | M] (Microsoft Corporation) MD5=9A9F9F1A77D6A80EE28B57664F00013E -- C:\windows\SysNative\mswsock.dll
    [2013/09/07 21:27:14 | 000,327,168 | ---- | M] (Microsoft Corporation) MD5=9A9F9F1A77D6A80EE28B57664F00013E -- C:\Windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.18254_none_164e004b440bdabf\mswsock.dll
    [2013/09/06 21:24:39 | 000,327,168 | ---- | M] (Microsoft Corporation) MD5=BDDB1FD258B92DEE00F222D3304B5D9C -- C:\Windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.22444_none_16e26ee85d215bbf\mswsock.dll
    [2013/09/07 21:03:58 | 000,231,424 | ---- | M] (Microsoft Corporation) MD5=E94C583CDE2348950155F2AF2876F34D -- C:\Windows\SysWOW64\mswsock.dll
    [2013/09/07 21:03:58 | 000,231,424 | ---- | M] (Microsoft Corporation) MD5=E94C583CDE2348950155F2AF2876F34D -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.18254_none_ba2f64c78bae6989\mswsock.dll
    < MD5 for: NAPINSP.DLL >
    [2009/07/13 20:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=0B7E85364CB878E2AD531DB7B601A9E5 -- C:\Windows\SysWOW64\NapiNSP.dll
    [2009/07/13 20:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=0B7E85364CB878E2AD531DB7B601A9E5 -- C:\Windows\winsxs\x86_microsoft-windows-n..ider-infrastructure_31bf3856ad364e35_6.1.7600.16385_none_abf396ebf0847c31\NapiNSP.dll
    [2009/07/13 20:41:52 | 000,068,096 | ---- | M] (Microsoft Corporation) MD5=58A0CDABEA255616827B1C22C9994466 -- C:\windows\SysNative\NapiNSP.dll
    [2009/07/13 20:41:52 | 000,068,096 | ---- | M] (Microsoft Corporation) MD5=58A0CDABEA255616827B1C22C9994466 -- C:\Windows\winsxs\amd64_microsoft-windows-n..ider-infrastructure_31bf3856ad364e35_6.1.7600.16385_none_0812326fa8e1ed67\NapiNSP.dll
    < MD5 for: NLAAPI.DLL >
    [2013/07/18 21:02:55 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=0BA65122FFA7E37564EE86422DBF7AE8 -- C:\Windows\winsxs\wow64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.17964_none_cfca9d84561311f2\nlaapi.dll
    [2010/11/20 22:24:01 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=104A1070E90F1C530328E69B49718841 -- C:\Windows\winsxs\wow64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.17514_none_d000a58855ea91a1\nlaapi.dll
    [2013/07/18 21:02:55 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=11B8C7970C10650827D060AA81BEE63F -- C:\Windows\winsxs\wow64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.22124_none_d07f52216f10753a\nlaapi.dll
    [2010/11/20 22:23:54 | 000,070,656 | ---- | M] (Microsoft Corporation) MD5=2DF36F15B2BC1571A6A542A3C2107920 -- C:\Windows\winsxs\amd64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.17514_none_c5abfb362189cfa6\nlaapi.dll
    [2012/10/18 15:31:53 | 000,070,656 | ---- | M] (Microsoft Corporation) MD5=39170EE9D22ED3DAF45501ED19E145D6 -- C:\Windows\winsxs\amd64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.22893_none_c5de055b3ae94990\nlaapi.dll
    [2013/07/18 21:02:55 | 000,070,656 | ---- | M] (Microsoft Corporation) MD5=46BB91A169B9B31FF44EB04C48EC1D41 -- C:\windows\SysNative\nlaapi.dll
    [2013/07/18 21:02:55 | 000,070,656 | ---- | M] (Microsoft Corporation) MD5=46BB91A169B9B31FF44EB04C48EC1D41 -- C:\Windows\winsxs\amd64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.17964_none_c575f33221b24ff7\nlaapi.dll
    [2013/07/18 21:02:55 | 000,070,656 | ---- | M] (Microsoft Corporation) MD5=46BB91A169B9B31FF44EB04C48EC1D41 -- C:\Windows\winsxs\amd64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.18685_none_c561372a21c1c35c\nlaapi.dll
    [2014/12/05 23:18:18 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=5A6A55BB31693D2D7064D7F44ADDB98D -- C:\Windows\winsxs\wow64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.22893_none_d032afad6f4a0b8b\nlaapi.dll
    [2013/07/18 21:02:55 | 000,070,656 | ---- | M] (Microsoft Corporation) MD5=C98BCE54F31113D5E736C1097FD086DC -- C:\Windows\winsxs\amd64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.22124_none_c62aa7cf3aafb33f\nlaapi.dll
    [2014/12/05 22:50:19 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=FE48346938C1CDDDF4E4097DB9B99764 -- C:\Windows\SysWOW64\nlaapi.dll
    [2014/12/05 22:50:19 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=FE48346938C1CDDDF4E4097DB9B99764 -- C:\Windows\winsxs\wow64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.18685_none_cfb5e17c56228557\nlaapi.dll
    < MD5 for: PNRPNSP.DLL >
    [2009/07/13 20:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) MD5=5CF640EDDB1E40A5AB1BB743BCDEC610 -- C:\Windows\SysWOW64\pnrpnsp.dll
    [2009/07/13 20:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) MD5=5CF640EDDB1E40A5AB1BB743BCDEC610 -- C:\Windows\winsxs\wow64_microsoft-windows-peertopeerpnrp_31bf3856ad364e35_6.1.7600.16385_none_d7c8b1ac70865dab\pnrpnsp.dll
    [2009/07/13 20:41:53 | 000,086,016 | ---- | M] (Microsoft Corporation) MD5=613C8CE10A5FDE582BA5FA64C4D56AAA -- C:\windows\SysNative\pnrpnsp.dll
    [2009/07/13 20:41:53 | 000,086,016 | ---- | M] (Microsoft Corporation) MD5=613C8CE10A5FDE582BA5FA64C4D56AAA -- C:\Windows\winsxs\amd64_microsoft-windows-peertopeerpnrp_31bf3856ad364e35_6.1.7600.16385_none_cd74075a3c259bb0\pnrpnsp.dll
    < MD5 for: PRINTISOLATIONHOST.EXE >
    [2009/07/13 20:39:27 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=22F020C76E339EB2B2187BA73A7E4173 -- C:\windows\SysNative\PrintIsolationHost.exe
    [2009/07/13 20:39:27 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=22F020C76E339EB2B2187BA73A7E4173 -- C:\Windows\winsxs\amd64_microsoft-windows-p..ng-server-isolation_31bf3856ad364e35_6.1.7600.16385_none_f8a40495785334a9\PrintIsolationHost.exe
    < MD5 for: REGEDIT.EXE >
    [2009/07/13 20:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=2E2C937846A0B8789E5E91739284D17A -- C:\Windows\winsxs\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5023a70bf589ad3e\regedit.exe
    [2009/07/13 20:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\regedit.exe
    [2009/07/13 20:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\SysWOW64\regedit.exe
    [2009/07/13 20:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\winsxs\wow64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5a78515e29ea6f39\regedit.exe
    < MD5 for: SERVICES.EXE >
    [2009/07/13 20:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
    [2015/04/10 23:31:36 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=43DCEC23557C32F7702C8D5BC729738F -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.23033_none_2df8898bfd178df8\services.exe
    [2015/04/12 22:28:33 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=71C85477DF9347FE8E7BC55768473FCA -- C:\windows\SysNative\services.exe
    [2015/04/12 22:28:33 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=71C85477DF9347FE8E7BC55768473FCA -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.18829_none_2d7fe646e3ec3705\services.exe
    < MD5 for: SVCHOST.EXE >
    [2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
    [2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
    [2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\windows\SysNative\svchost.exe
    [2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
    < MD5 for: USER32.DLL >
    [2010/11/20 22:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
    [2010/11/20 22:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
    [2010/11/20 22:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\windows\SysNative\user32.dll
    [2010/11/20 22:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
    < MD5 for: USERINIT.EXE >
    [2010/11/20 22:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
    [2010/11/20 22:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
    [2010/11/20 22:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\windows\SysNative\userinit.exe
    [2010/11/20 22:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
    < MD5 for: WINLOGON.EXE >
    [2010/11/20 22:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
    [2014/03/04 06:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
    [2014/03/04 04:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
    [2014/07/16 21:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\windows\SysNative\winlogon.exe
    [2014/07/16 21:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_cdc47ed1ebad0e4e\winlogon.exe
    [2014/07/15 22:23:23 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=98AA0BFEE089C7E5DADB94190D93456C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_ce434d9704d2c730\winlogon.exe
    < MD5 for: WINRNR.DLL >
    [2009/07/13 20:41:56 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=2E2072EB48238FCA8FBB7A9F5FABAC45 -- C:\windows\SysNative\winrnr.dll
    [2009/07/13 20:41:56 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=2E2072EB48238FCA8FBB7A9F5FABAC45 -- C:\Windows\winsxs\amd64_microsoft-windows-dns-client-winrnr_31bf3856ad364e35_6.1.7600.16385_none_b543449669c73e11\winrnr.dll
    [2009/07/13 20:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=5DF5D8CFD9B9573FA3B2C89D9061A240 -- C:\Windows\SysWOW64\winrnr.dll
    [2009/07/13 20:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=5DF5D8CFD9B9573FA3B2C89D9061A240 -- C:\Windows\winsxs\x86_microsoft-windows-dns-client-winrnr_31bf3856ad364e35_6.1.7600.16385_none_5924a912b169ccdb\winrnr.dll
    < MD5 for: WSHELPER.DLL >
    [2009/07/13 20:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) MD5=5B90BB3171504C9DAF3C5CB44B203CA7 -- C:\Windows\SysWOW64\wshelper.dll
    [2009/07/13 20:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) MD5=5B90BB3171504C9DAF3C5CB44B203CA7 -- C:\Windows\winsxs\wow64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6ace9e67456cc40b\wshelper.dll
    [2009/07/13 20:41:58 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=D314DA4B0B8DCD023D547FC568E34FB6 -- C:\windows\SysNative\wshelper.dll
    [2009/07/13 20:41:58 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=D314DA4B0B8DCD023D547FC568E34FB6 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\wshelper.dll
    < hklm\software\clients\startmenuinternet|command /rs >
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2016/01/05 22:35:17 | 000,973,424 | ---- | M] (Mozilla Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2016/01/05 22:35:17 | 000,973,424 | ---- | M] (Mozilla Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2016/01/05 22:35:17 | 000,973,424 | ---- | M] (Mozilla Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" [2016/01/05 22:33:53 | 000,392,136 | ---- | M] (Mozilla Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -preferences [2016/01/05 22:33:53 | 000,392,136 | ---- | M] (Mozilla Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -safe-mode [2016/01/05 22:33:53 | 000,392,136 | ---- | M] (Mozilla Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [2016/02/03 02:27:16 | 000,748,872 | ---- | M] (Google Inc.)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --hide-icons [2016/02/03 02:27:16 | 000,748,872 | ---- | M] (Google Inc.)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --show-icons [2016/02/03 02:27:16 | 000,748,872 | ---- | M] (Google Inc.)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [2016/02/03 02:27:16 | 000,748,872 | ---- | M] (Google Inc.)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2015/06/25 13:09:28 | 000,814,280 | ---- | M] (Microsoft Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2015/06/25 13:09:28 | 000,814,280 | ---- | M] (Microsoft Corporation)
    < hklm\software\clients\startmenuinternet|command /64 /rs >
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /HIDESHORTCUTS [2016/01/05 22:35:17 | 000,973,424 | ---- | M] (Mozilla Corporation)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SHOWSHORTCUTS [2016/01/05 22:35:17 | 000,973,424 | ---- | M] (Mozilla Corporation)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SETASDEFAULTAPPGLOBAL [2016/01/05 22:35:17 | 000,973,424 | ---- | M] (Mozilla Corporation)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" [2016/01/05 22:33:53 | 000,392,136 | ---- | M] (Mozilla Corporation)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -PREFERENCES [2016/01/05 22:33:53 | 000,392,136 | ---- | M] (Mozilla Corporation)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -SAFE-MODE [2016/01/05 22:33:53 | 000,392,136 | ---- | M] (Mozilla Corporation)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --MAKE-DEFAULT-BROWSER [2016/02/03 02:27:16 | 000,748,872 | ---- | M] (Google Inc.)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --HIDE-ICONS [2016/02/03 02:27:16 | 000,748,872 | ---- | M] (Google Inc.)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --SHOW-ICONS [2016/02/03 02:27:16 | 000,748,872 | ---- | M] (Google Inc.)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" [2016/02/03 02:27:16 | 000,748,872 | ---- | M] (Google Inc.)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2015/06/20 13:48:40 | 000,720,384 | ---- | M] (Microsoft Corporation)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2015/06/20 13:48:40 | 000,720,384 | ---- | M] (Microsoft Corporation)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2015/06/20 13:48:40 | 000,720,384 | ---- | M] (Microsoft Corporation)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2015/06/25 13:09:28 | 000,814,280 | ---- | M] (Microsoft Corporation)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE [2015/06/25 13:09:28 | 000,814,280 | ---- | M] (Microsoft Corporation)
    < %systemroot%\system32\*.dll /lockedfiles >
    < %systemroot%\Tasks\*.job /lockedfiles >
    < %systemdrive%\$Recycle.Bin|@;true;true;true /fp >
    < %systemroot%\system32\drivers\*.sys /lockedfiles >
    < C:\Windows\assembly\tmp\U\*.* /s >

    [2009/07/14 00:08:49 | 000,000,006 | -H-- | C] () -- C:\windows\Tasks\SA.DAT
    [2009/07/14 00:08:49 | 000,028,718 | ---- | C] () -- C:\windows\Tasks\SCHEDLGU.TXT
    [2014/02/03 01:13:09 | 000,000,894 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    [2014/02/03 01:13:09 | 000,000,898 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    [2014/03/16 15:49:46 | 000,000,852 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1976023582-461195794-4052751207-1002Core.job
    [2014/03/16 15:49:47 | 000,000,904 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1976023582-461195794-4052751207-1002UA.job
    [2015/06/21 16:03:47 | 000,000,862 | ---- | C] () -- C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1976023582-461195794-4052751207-1002Core.job
    [2015/06/21 16:03:48 | 000,000,914 | ---- | C] () -- C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1976023582-461195794-4052751207-1002UA.job
    [2015/11/12 16:59:20 | 000,000,536 | ---- | C] () -- C:\windows\Tasks\G2MUpdateTask-S-1-5-21-1976023582-461195794-4052751207-1002.job
    [2015/11/12 16:59:21 | 000,000,632 | ---- | C] () -- C:\windows\Tasks\G2MUploadTask-S-1-5-21-1976023582-461195794-4052751207-1002.job
    < %Temp%\smtmp\* \s >
    < %Temp%\smtmp\1\*.* >
    < %Temp%\smtmp\2\*.* >
    < %Temp%\smtmp\3\*.* >
    < %Temp%\smtmp\4\*.* >


    < End of report >
     
  6. Voltman

    Voltman Thread Starter

    Joined:
    Jun 27, 2012
    Messages:
    41
    ----------Here is the Extra.Txt Log-----------
    OTL Extras logfile created on: 2/4/2016 7:38:05 PM - Run 2
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mike\Desktop
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.11.9600.17914)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
    7.92 Gb Total Physical Memory | 3.91 Gb Available Physical Memory | 49.39% Memory free
    15.84 Gb Paging File | 12.30 Gb Available in Paging File | 77.62% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]
    %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 150.00 Gb Total Space | 62.99 Gb Free Space | 41.99% Space Free | Partition Type: NTFS
    Computer Name: MSIONYX | User Name: Mike | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
    ========== Extra Registry (All) ==========
    ========== File Associations ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .chm[@ = chm.file] -- C:\windows\hh.exe (Microsoft Corporation)
    .cpl[@ = cplfile] -- C:\windows\SysNative\control.exe (Microsoft Corporation)
    .hlp[@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
    .hta[@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
    .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
    .inf[@ = inffile] -- C:\windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
    .ini[@ = inifile] -- C:\windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
    .url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
    .js[@ = JSFile] -- C:\windows\SysNative\WScript.exe (Microsoft Corporation)
    .jse[@ = JSEFile] -- C:\windows\SysNative\WScript.exe (Microsoft Corporation)
    .reg[@ = regfile] -- C:\windows\regedit.exe (Microsoft Corporation)
    .txt[@ = txtfile] -- C:\windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
    .vbe[@ = VBEFile] -- C:\windows\SysNative\WScript.exe (Microsoft Corporation)
    .vbs[@ = VBSFile] -- C:\windows\SysNative\WScript.exe (Microsoft Corporation)
    .wsf[@ = WSFFile] -- C:\windows\SysNative\WScript.exe (Microsoft Corporation)
    .wsh[@ = WSHFile] -- C:\windows\SysNative\WScript.exe (Microsoft Corporation)
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .bat [@ = batfile] -- "%1" %*
    .chm [@ = chm.file] -- C:\windows\hh.exe (Microsoft Corporation)
    .cmd [@ = cmdfile] -- "%1" %*
    .com [@ = comfile] -- "%1" %*
    .cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
    .exe [@ = exefile] -- "%1" %*
    .hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
    .hta [@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
    .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
    .inf [@ = inffile] -- C:\windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
    .ini [@ = inifile] -- C:\windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
    .url [@ = InternetShortcut] -- C:\windows\SysWow64\rundll32.exe (Microsoft Corporation)
    .js [@ = JSFile] -- C:\windows\SysWow64\WScript.exe (Microsoft Corporation)
    .jse [@ = JSEFile] -- C:\windows\SysWow64\WScript.exe (Microsoft Corporation)
    .pif [@ = piffile] -- "%1" %*
    .reg [@ = regfile] -- C:\windows\SysWow64\regedit.exe (Microsoft Corporation)
    .scr [@ = scrfile] -- "%1" /S
    .txt [@ = txtfile] -- C:\windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
    .vbe [@ = VBEFile] -- C:\windows\SysWow64\WScript.exe (Microsoft Corporation)
    .vbs [@ = VBSFile] -- C:\windows\SysWow64\WScript.exe (Microsoft Corporation)
    .wsf [@ = WSFFile] -- C:\windows\SysWow64\WScript.exe (Microsoft Corporation)
    .wsh [@ = WSHFile] -- C:\windows\SysWow64\WScript.exe (Microsoft Corporation)
    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
    ========== Shell Spawning ==========
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    batfile [open] -- "%1" %*
    batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
    cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    cmdfile [open] -- "%1" %*
    cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
    htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
    htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
    htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
    http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
    jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
    jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
    jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
    jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
    jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
    regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
    regfile [merge] -- Reg Error: Key error.
    regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
    vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    batfile [open] -- "%1" %*
    batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
    cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    cmdfile [open] -- "%1" %*
    cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
    htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
    htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
    htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
    http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
    jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
    jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
    jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
    jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
    jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
    regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
    regfile [merge] -- Reg Error: Key error.
    regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
    vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
    ========== Security Center Settings ==========
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    ========== Firewall Settings ==========
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0
    ========== Authorized Applications List ==========
    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{0F59BC8B-11C5-493C-8056-F71A7FB1ADD8}" = lport=47995 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
    "{1CA0D8E3-DFAE-4508-84A0-6563A7D90FAC}" = rport=10243 | protocol=6 | dir=out | app=system |
    "{209E77F6-BC92-42DD-9053-841292E4E472}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
    "{3A09CBDD-4939-456E-9CD1-48E2C92E128D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{48F239EE-F7FC-4248-9FD3-F354A7B61E42}" = lport=47998 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamuseragent.exe |
    "{492D0E25-6C70-4EA1-95D9-FCDAB5A082A0}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
    "{4B6D4B8A-5632-44BC-813B-735A2282800C}" = lport=139 | protocol=6 | dir=in | app=system |
    "{4CEF91BC-25D9-4882-A6DB-B96C40522548}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
    "{4E4373DC-BCE1-4AB0-8A22-1C4BCEC3DFCB}" = lport=137 | protocol=17 | dir=in | app=system |
    "{4F9445C1-D26B-4D8E-A3EB-35C782E2C98F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{5834D7A5-559E-4D9B-9AE0-1B5DDE0F4998}" = lport=445 | protocol=6 | dir=in | app=system |
    "{5AC973FD-C8EF-4B31-B060-BED44617DFF1}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{5ACCA41E-86E8-4419-B283-AFC329009B69}" = rport=138 | protocol=17 | dir=out | app=system |
    "{5B33D030-BAF9-4F03-A673-B295E8516BF4}" = lport=138 | protocol=17 | dir=in | app=system |
    "{705D37A9-E6A4-4090-94C4-27748E1C0854}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
    "{7583232B-53D6-4DE9-BD22-542E8D4A8452}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{78A52546-09FB-4494-863E-7B897F357A1C}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{7D85F2D0-AC15-49CD-B0D8-2DB791156C68}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
    "{7E7C2CF1-3EBD-4BC8-B8A5-0B8A114978D2}" = rport=139 | protocol=6 | dir=out | app=system |
    "{862B4973-7C8F-4D3C-8AC5-0F148FD2FC42}" = rport=137 | protocol=17 | dir=out | app=system |
    "{90389672-FA11-4EF1-9200-C5391DC267EF}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
    "{9AB156D0-33A3-4A38-A18C-142470F13055}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
    "{9F9FE68D-3743-4776-9CDE-3E654BAE5E48}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{A00992F4-274C-41AB-AE39-1753C720E35D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{A3B06B63-91D5-497A-B61F-96AA475924A5}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{AA8F2599-6F72-416B-ACD0-0A0B866699A8}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{B0F28314-34AE-46E0-8F29-20246491F8DA}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
    "{BA353B3B-70A7-487D-AED3-E1504638E6D9}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamnetworkservice.exe |
    "{BE32BA20-1DF5-4976-AF53-439531B04791}" = lport=10243 | protocol=6 | dir=in | app=system |
    "{BE707609-E6BC-4F3C-9927-E0254A5565BD}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamnetworkservice.exe |
    "{C282CC35-E1D3-4C92-8C6A-6EE142E03EFD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{DA80F818-86CB-40C1-B191-C86D37E62257}" = lport=35043 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
    "{E9C9D7DA-B5E6-4F84-AF4B-15E2BAC62EB7}" = rport=445 | protocol=6 | dir=out | app=system |
    "{F190154A-A391-4DB3-9084-6706121CC31B}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
    "{F2387DBB-CEA6-4BAF-983D-9867EE8CB63B}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
    "{F2BE584A-03FD-4525-8B65-17F70654A9D7}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
    "{FB3D8382-CC51-4325-B8AD-58DB22765817}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    ========== Vista Active Application Exception List ==========
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{0E45B043-33B4-4666-BBEE-E9F101E8B527}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
    "{132FAB45-F15B-40D8-B947-2BBE9FA735DA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{1DAAFAFE-0A1E-400C-B3F0-9D5920147E2B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{25199169-AD74-4E81-AD32-543FE6B476C2}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgnsa.exe |
    "{3BB7E048-85FC-4594-8E33-84A306EE1314}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
    "{3F56204F-CA5D-4DB0-AA3F-0D68F364A21B}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
    "{4C4201FD-4E8B-4DBB-A2F9-378D735FF355}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{4E335F9F-9D40-402B-BF45-809177206B2A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{51543FB6-C715-40CF-8CBD-8FF7E7E7FA71}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgnsa.exe |
    "{5A640CCE-DC2D-448E-8AF2-71830D3CAE8E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{6D9C4868-3226-41E5-AEC7-FC6CBB7E6069}" = protocol=17 | dir=in | app=c:\program files\western digital\wd boost\wdboost.exe |
    "{81049ED9-5B58-4DAD-969A-630B3257FDDD}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgdiagex.exe |
    "{817A2C03-F9AB-4B71-A108-7DBD582CADCA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{83E8ED1B-790D-4550-ABE9-75826AFDCCD1}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
    "{8BC9401E-B607-40F0-A1D0-1369A2138282}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{93AC0A48-D42C-433D-8BBD-A4B1A6E3B0BB}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{9EC6D260-2B10-4EF9-830C-A87732416C25}" = protocol=1 | dir=out | [email protected],-28544 |
    "{A1F9C85B-1246-4A39-ACDD-00D978448573}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
    "{A71C3BBF-7D72-4515-92E2-FA0368E10ED2}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe |
    "{A9E70ED7-F51D-4070-82E5-5771247B7094}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{AA9B6838-51D7-4D0A-AD8B-68FE392CFA01}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
    "{AAEB14DF-151F-4FDD-8707-906098B0C0F9}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
    "{AED1C271-1F33-415B-9962-0E35A4972352}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{B01EED07-231A-4F4B-A1EE-716DF4C5D8E4}" = protocol=1 | dir=in | [email protected],-28543 |
    "{B0B35A8C-67F9-4C1C-BEAF-C870AD20586D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{B2208ADF-91C0-451F-9A49-31BF625DF0FC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
    "{BB22036B-DE47-4D7A-A27C-CF6D4F3E47B8}" = protocol=6 | dir=out | app=system |
    "{BB5EB0AF-2D79-4AA2-A6C7-24586522947D}" = protocol=17 | dir=in | app=c:\users\mike\appdata\roaming\dropbox\bin\dropbox.exe |
    "{C210268F-7F46-4E5F-8A3D-F418A18BCF29}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
    "{C2166DAC-1EA2-4D8B-8161-2DB20149CAC9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{C4C3E444-7F6B-40D2-A9BA-50624F59E455}" = protocol=6 | dir=in | app=c:\users\mike\appdata\roaming\dropbox\bin\dropbox.exe |
    "{C9FBAC13-FFA7-4188-B93E-9D2176C11006}" = protocol=58 | dir=out | [email protected],-28546 |
    "{D382E139-EDC2-4F57-AA57-2054893EDDAE}" = protocol=58 | dir=in | [email protected],-28545 |
    "{D67D296B-CAF3-4547-B73E-88A37DC76149}" = protocol=6 | dir=in | app=c:\program files\western digital\wd boost\wdboost.exe |
    "{D8105886-05A3-4376-A1A6-C4817CF69543}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgemca.exe |
    "{DF9C015B-45C0-48EB-90F5-DD76077560ED}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgdiagex.exe |
    "{EB560DE0-E84A-4353-A5A5-C9DF5C3B3FB4}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{EDA9D77E-0396-4E4F-8CD2-A9E0C7D3EC26}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgemca.exe |
    "{F369A171-C858-4B73-A1B9-E297B231C54E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{FE1C2DB6-8D46-4F6D-BF53-E5E5EB1A14F0}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe |
    "TCP Query User{6125DFBA-1A0D-439A-B873-BB25085E2287}C:\users\mike\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\mike\appdata\roaming\dropbox\bin\dropbox.exe |
    "UDP Query User{DD792599-4188-40C5-8431-C9C743ACBEB1}C:\users\mike\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\mike\appdata\roaming\dropbox\bin\dropbox.exe |
    ========== HKEY_LOCAL_MACHINE Uninstall List ==========
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{055E4E62-72ED-4668-9F7A-AE5462B4D466}" = AVG 2014
    "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
    "{26784146-6E05-3FF9-9335-786C7C0FB5BE}" = Microsoft .NET Framework 4.5.2
    "{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
    "{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
    "{409CB30E-E457-4008-9B1A-ED1B9EA21140}" = Intel(R) Rapid Storage Technology
    "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
    "{4ED5A05D-A367-47A4-B8CD-9D8BF1360511}" = AVG 2014
    "{5EB368A4-562A-41B6-A5B3-06054A27F5A6}" = Intel(R) Rapid Storage Technology
    "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    "{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64
    "{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}" = Intel(R) Turbo Boost Technology Monitor 2.6
    "{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
    "{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables
    "{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
    "{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
    "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
    "{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
    "{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
    "{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
    "{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
    "{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.2
    "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
    "{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 361.43
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 361.43
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.9.1.22
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus Update 2.9.1.22
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.15.0428
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 2.9.1.22
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GfExperienceService" = NVIDIA GeForce Experience Service
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 2.9.1.22
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController" = SHIELD Wireless Controller Driver
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.34
    "{CA85D7A7-6B45-4011-9BCC-C01F31EDE157}" = SCM
    "{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
    "{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
    "{D4311756-3895-4F60-9657-6C5C228EB1DC}" = WD Boost
    "{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
    "{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
    "{F6822EFD-3F7D-4B35-8845-757A26AEC8E2}" = Windows Live MIME IFilter
    "{FA00A3CC-7440-4938-A271-F186F50DD40D}" = Intel® Trusted Connect Service Client
    "AVG" = AVG 2014
    "Elantech" = ETDWare PS/2-X64 11.13.2.4_WHQL
    "FlightGear_is1" = FlightGear 2.10.0.3
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
    "{01944037-D136-45EE-A007-403EAD929FC7}" = Windows Live Writer
    "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
    "{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
    "{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
    "{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
    "{061FF8F3-5226-4278-8AAB-282C1B024F58}" = Photo Common
    "{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
    "{0A04086B-0B71-43C3-95EF-FDFC4C18D161}" = SILKYPIX Developer Studio 3.1 SE
    "{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}" = Cisco PEAP Module
    "{0AD576A7-EDCE-469E-ADD7-1AC9DB200C6B}" = Windows Live Mail
    "{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
    "{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
    "{13F3CEA5-9E2C-4C4E-9F0F-D0DB389CF4A9}" = Movie Maker
    "{14F70205-1940-4000-88C7-BE799A6B2CAD}" = Adobe Soundbooth CS4
    "{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
    "{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
    "{18272881-CFC0-434D-A975-E5BE44206AA0}" = Windows Live UX Platform Language Pack
    "{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{1FEE19BC-6F0C-42E4-82FF-FB597F6141DF}" = Windows Live Essentials
    "{2177152C-83DD-4540-B2F0-970F7303B7BA}" = Windows Live Writer Resources
    "{23A3E560-069F-4CFC-8F6C-1B526EC735FC}" = Windows Live Writer Resources
    "{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
    "{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 7.0
    "{26A24AE4-039D-4CA4-87B4-2F83218071F0}" = Java 8 Update 71
    "{2892E1B7-E24D-4CCB-B8A7-B63D4B66F89F}" = BurnRecovery
    "{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
    "{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
    "{332EBFE0-C39E-42D1-99B5-ABBBECAD71B6}" = MSI Software Install
    "{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
    "{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
    "{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
    "{3C41298B-A3F5-40C8-8BE3-A9A3F0644B0A}" = Windows Live Writer
    "{3C63F944-803E-49A7-B3A2-B8AB3313E883}" = Windows Live UX Platform Language Pack
    "{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
    "{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}" = QuickTime 7
    "{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
    "{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}" = Microsoft ASP.NET MVC 4 Runtime
    "{400C31E4-796F-4E86-8FDC-C3C4FACC6847}" = Junk Mail filter update
    "{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1" = Foxit Cloud
    "{446CC8CE-0E90-44F7-ADD0-774B243EF090}" = Galerie de photos
    "{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets
    "{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4
    "{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
    "{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
    "{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs
    "{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
    "{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter
    "{5BABDA39-61CF-41EE-992D-4054B6649A9B}" = Movie Maker
    "{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
    "{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
    "{619FA785-489B-4D22-911F-82D6EDF5BDB0}" = MSI Battery Calibration
    "{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}" = Adobe Creative Suite 4 Master Collection
    "{631C4E4F-6FDC-4CC0-A067-E9876A9BA7FD}" = 影像中心
    "{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
    "{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
    "{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
    "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
    "{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
    "{67E80218-05FB-45B3-852F-AF06908A1014}" = ClearViewSE
    "{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
    "{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
    "{70854FE6-3BF1-4C69-94D0-BEB821102E34}" = Windows Live Mail
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
    "{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1" = Super-Charger
    "{7f51bdb9-ee21-49ee-94d6-90afc321780e}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
    "{8030AE22-7FA0-4880-A538-8906EDBF49F4}" = Windows Live Writer Resources
    "{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
    "{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
    "{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
    "{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
    "{86C40513-B5A4-476E-9EAB-EC118DCF4502}" = Windows Live Writer
    "{8801CA65-921A-4CCC-9D63-879D1D0BAA97}" = Sound Blaster Cinema
    "{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
    "{8D813AFF-D91D-4EE0-821F-B901FC2E89FA}" = Windows Live
    "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
    "{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
    "{8F7FECEC-088F-431D-A5FB-2B59E1E69943}" = Galería de fotos
    "{90120000-0016-0000-0000-0000000FF1CE}" = Microsoft Office Excel 2007
    "{90120000-0016-0000-0000-0000000FF1CE}_EXCEL_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
    "{90120000-0016-0409-0000-0000000FF1CE}_EXCEL_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0018-0000-0000-0000000FF1CE}" = Microsoft Office PowerPoint 2007
    "{90120000-0018-0000-0000-0000000FF1CE}_POWERPOINT_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
    "{90120000-0018-0409-0000-0000000FF1CE}_POWERPOINT_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-001A-0000-0000-0000000FF1CE}" = Microsoft Office Outlook 2007
    "{90120000-001A-0000-0000-0000000FF1CE}_OUTLOOK_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
    "{90120000-001A-0409-0000-0000000FF1CE}_OUTLOOK_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-001B-0000-0000-0000000FF1CE}" = Microsoft Office Word 2007
    "{90120000-001B-0000-0000-0000000FF1CE}_WORD_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
    "{90120000-001B-0409-0000-0000000FF1CE}_WORD_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
    "{90120000-001F-0409-0000-0000000FF1CE}_EXCEL_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-0409-0000-0000000FF1CE}_OUTLOOK_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-0409-0000-0000000FF1CE}_POWERPOINT_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-0409-0000-0000000FF1CE}_WORD_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
    "{90120000-001F-040C-0000-0000000FF1CE}_EXCEL_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-040C-0000-0000000FF1CE}_OUTLOOK_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-040C-0000-0000000FF1CE}_POWERPOINT_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-040C-0000-0000000FF1CE}_WORD_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
    "{90120000-001F-0C0A-0000-0000000FF1CE}_EXCEL_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-0C0A-0000-0000000FF1CE}_OUTLOOK_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-0C0A-0000-0000000FF1CE}_POWERPOINT_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-0C0A-0000-0000000FF1CE}_WORD_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-002A-0000-1000-0000000FF1CE}_EXCEL_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-002A-0000-1000-0000000FF1CE}_OUTLOOK_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-002A-0000-1000-0000000FF1CE}_POWERPOINT_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-002A-0000-1000-0000000FF1CE}_WORD_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-002A-0409-1000-0000000FF1CE}_EXCEL_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-002A-0409-1000-0000000FF1CE}_OUTLOOK_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-002A-0409-1000-0000000FF1CE}_POWERPOINT_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-002A-0409-1000-0000000FF1CE}_WORD_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
    "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
    "{90120000-006E-0409-0000-0000000FF1CE}_EXCEL_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-006E-0409-0000-0000000FF1CE}_OUTLOOK_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-006E-0409-0000-0000000FF1CE}_POWERPOINT_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-006E-0409-0000-0000000FF1CE}_WORD_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
    "{90120000-0115-0409-0000-0000000FF1CE}_EXCEL_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0115-0409-0000-0000000FF1CE}_OUTLOOK_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0115-0409-0000-0000000FF1CE}_POWERPOINT_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0115-0409-0000-0000000FF1CE}_WORD_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0116-0409-1000-0000000FF1CE}_EXCEL_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0116-0409-1000-0000000FF1CE}_OUTLOOK_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0116-0409-1000-0000000FF1CE}_POWERPOINT_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0116-0409-1000-0000000FF1CE}_WORD_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
    "{90150000-0138-0409-0000-0000000FF1CE}" = Microsoft Office
    "{90993BD9-C7D9-4C2F-B56C-2F7AFEBD4CD0}" = Windows Live UX Platform Language Pack
    "{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
    "{93C40A12-0098-46B1-972E-E8083686A7A0}" = Serif MoviePlus X5
    "{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
    "{96914829-DF65-40AE-8A31-6F3E96BAEBBD}" = Windows Live Mail
    "{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
    "{97C79BEC-43F7-4BD8-A6A7-85C0257E488A}" = Windows Live Writer
    "{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{9D3D8C60-A5EF-4123-B2B9-172095903AB}" = REALTEK Bluetooth Driver
    "{9DAABC60-A5EF-41FF-B2B9-17329590CD5}" = REALTEK Wireless LAN Driver
    "{A17946CA-18E5-4CF0-8D55-A56D804718F8}" = Movie Maker
    "{A229420E-204B-11E5-B844-0050569584E9}" = Evernote v. 5.8.13
    "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{AC76BA86-0804-1033-1959-001824166751}" = Adobe Refresh Manager
    "{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
    "{AC76BA86-7AD7-1033-7B44-AC0F074E4100}" = Adobe Acrobat Reader DC
    "{AF312B06-5C5C-468E-89B3-BE6DE2645722}" = Cisco LEAP Module
    "{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4
    "{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4
    "{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}" = Adobe Premiere Pro CS4 Functional Content
    "{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
    "{B328282C-DCE9-49B7-8B98-C08D9AA28C46}" = Windows Live Mail
    "{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
    "{B77D2795-23C0-4DBD-B7B5-CFB542D1FA3F}" = Windows Live Writer Resources
    "{B80D3EA9-A252-4AE5-AC51-81729F5C586F}" = Windows Live Mail
    "{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
    "{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
    "{C034A6F9-6569-491B-B3BF-F5D15221A708}" = Windows Live Essentials
    "{C40D110E-0718-4E11-A69B-D4EC7BF2EB04}" = Windows Live UX Platform Language Pack
    "{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
    "{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
    "{C595F480-788A-4F8F-8277-1A91F32CA879}" = Windows Live Writer
    "{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content
    "{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
    "{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
    "{CD95F661-A5C4-44F5-A6AA-ECDD91C240C1}" = WinZip 15.0
    "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
    "{D2C146B1-948D-47EF-8387-5D1C6B980F7C}" = Windows Live Writer
    "{D499F8DE-3F31-4900-9157-61061613704B}" = Adobe Premiere Pro CS4
    "{D5082B89-2E86-447E-A02C-922534592FA8}" = Photo Common
    "{D888F114-7537-4D48-AF03-5DA9C82D7540}" = Photo Common
    "{DA5597C9-9216-44FF-9670-D1E48817B998}" = MSI HOUSE
    "{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
    "{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}" = COWON Media Center - jetAudio Plus VX
    "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
    "{E0B5FDF0-6940-44B2-8204-CFA746A6B4AF}" = Movie Maker
    "{E5F6D26D-E180-4547-A865-565EAB61000C}" = Citrix Online Launcher
    "{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}" = Adobe Setup
    "{EA2BE047-FF29-4336-BB70-6AF201085BAF}" = Windows Live 程式集
    "{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
    "{EE353798-E875-42E0-B58D-7E6696182EA8}" = Adobe Media Encoder CS4 Dolby
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
    "{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{F54030F3-14B6-432D-9361-78DCB1473920}" = Photo Common
    "{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
    "{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
    "{F9B579C2-D854-300A-BE62-A09EB9D722E4}" = Google Talk Plugin
    "{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs
    "{FC6C7107-7D72-41A1-A031-3CE751159BAB}" = Photo Gallery
    "{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) SDK for OpenCL - CPU Only Runtime Package
    "{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
    "{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
    "Adaptec UDF Reader" = Adaptec UDF Reader
    "Adobe AIR" = Adobe AIR
    "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
    "Adobe Flash Player NPAPI" = Adobe Flash Player 20 NPAPI
    "Adobe_b2d6abde968e6f277ddbfd501383e02" = Adobe Creative Suite 4 Master Collection
    "Audacity_is1" = Audacity 2.0.5
    "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
    "DTC Library" = DTC Library
    "EXCEL" = Microsoft Office Excel 2007
    "Foxit Reader_is1" = Foxit Reader
    "Google Chrome" = Google Chrome
    "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
    "InstallShield_{0A04086B-0B71-43C3-95EF-FDFC4C18D161}" = SILKYPIX Developer Studio 3.1 SE
    "Mozilla Firefox 43.0.4 (x86 en-US)" = Mozilla Firefox 43.0.4 (x86 en-US)
    "MozillaMaintenanceService" = Mozilla Maintenance Service
    "Mp3tag" = Mp3tag v2.58
    "OpenAL" = OpenAL
    "OUTLOOK" = Microsoft Office Outlook 2007
    "POWERPOINT" = Microsoft Office PowerPoint 2007
    "WinLiveSuite" = Windows Live Essentials
    "WORD" = Microsoft Office Word 2007
    ========== HKEY_CURRENT_USER Uninstall List ==========
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Dropbox" = Dropbox
    "GoToMeeting" = GoToMeeting 7.9.2.4376
    "OneDriveSetup.exe" = Microsoft OneDrive
    ========== Last 20 Event Log Errors ==========
    [ Application Events ]
    Error - 10/11/2015 10:55:04 PM | Computer Name = msiOnyx | Source = Windows Backup | ID = 4103
    Description =
    Error - 10/11/2015 11:40:14 PM | Computer Name = msiOnyx | Source = Application Error | ID = 1000
    Description = Faulting application name: Explorer.EXE, version: 6.1.7601.17567,
    time stamp: 0x4d672ee4 Faulting module name: SHELL32.dll, version: 6.1.7601.18762,
    time stamp: 0x54dd89c7 Exception code: 0xc0000005 Fault offset: 0x00000000003f11b3
    Faulting
    process id: 0xcf8 Faulting application start time: 0x01d102b6ba294bec Faulting application
    path: C:\windows\Explorer.EXE Faulting module path: C:\windows\system32\SHELL32.dll
    Report
    Id: f26397a7-7092-11e5-9a81-54271e0c592f
    Error - 10/17/2015 6:01:59 PM | Computer Name = msiOnyx | Source = WinMgmt | ID = 10
    Description =
    Error - 10/17/2015 6:02:54 PM | Computer Name = msiOnyx | Source = Application Error | ID = 1000
    Description = Faulting application name: OUTLOOK.EXE, version: 12.0.6691.5000, time
    stamp: 0x52e8c57c Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
    Exception
    code: 0xc0000005 Fault offset: 0x00000000 Faulting process id: 0x146c Faulting application
    start time: 0x01d1092774d7cf21 Faulting application path: C:\Program Files (x86)\Microsoft
    Office\Office12\OUTLOOK.EXE Faulting module path: unknown Report Id: d0b76f87-751a-11e5-96ad-54271e0c592f
    Error - 10/19/2015 1:23:28 PM | Computer Name = msiOnyx | Source = Windows Backup | ID = 4103
    Description =
    Error - 10/19/2015 1:24:35 PM | Computer Name = msiOnyx | Source = Application Error | ID = 1000
    Description = Faulting application name: plugin-container.exe, version: 41.0.1.5750,
    time stamp: 0x560b37be Faulting module name: mozglue.dll, version: 41.0.1.5750,
    time stamp: 0x560b229d Exception code: 0x80000003 Fault offset: 0x0000ec7f Faulting
    process id: 0x2b08 Faulting application start time: 0x01d10a9301467a5b Faulting application
    path: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe Faulting module
    path: C:\Program Files (x86)\Mozilla Firefox\mozglue.dll Report Id: 440c280c-7686-11e5-96ad-54271e0c592f
    Error - 10/21/2015 3:42:36 PM | Computer Name = msiOnyx | Source = Application Error | ID = 1000
    Description = Faulting application name: plugin-container.exe, version: 41.0.2.5765,
    time stamp: 0x561ef9f1 Faulting module name: mozglue.dll, version: 41.0.2.5765,
    time stamp: 0x561ee53f Exception code: 0x80000003 Fault offset: 0x0000ec91 Faulting
    process id: 0x1fc0 Faulting application start time: 0x01d10af43e079723 Faulting application
    path: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe Faulting module
    path: C:\Program Files (x86)\Mozilla Firefox\mozglue.dll Report Id: e09e3a99-782b-11e5-96ad-54271e0c592f
    Error - 10/22/2015 2:44:36 PM | Computer Name = msiOnyx | Source = WinMgmt | ID = 10
    Description =
    Error - 10/22/2015 2:45:59 PM | Computer Name = msiOnyx | Source = Application Error | ID = 1000
    Description = Faulting application name: OUTLOOK.EXE, version: 12.0.6691.5000, time
    stamp: 0x52e8c57c Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
    Exception
    code: 0xc0000005 Fault offset: 0x00000000 Faulting process id: 0x16c0 Faulting application
    start time: 0x01d10cf9b8700a0b Faulting application path: C:\Program Files (x86)\Microsoft
    Office\Office12\OUTLOOK.EXE Faulting module path: unknown Report Id: 22296c78-78ed-11e5-b038-54271e0c592f
    Error - 10/26/2015 11:13:04 AM | Computer Name = msiOnyx | Source = Windows Backup | ID = 4103
    Description =
    [ System Events ]
    Error - 12/6/2015 7:41:47 PM | Computer Name = msiOnyx | Source = volmgr | ID = 262189
    Description = The system could not sucessfully load the crash dump driver.
    Error - 12/11/2015 8:04:39 PM | Computer Name = msiOnyx | Source = Application Popup | ID = 1060
    Description = \SystemRoot\SysWow64\Drivers\UdfReadr.SYS has been blocked from loading
    due to incompatibility with this system. Please contact your software vendor for
    a compatible version of the driver.
    Error - 12/11/2015 8:05:40 PM | Computer Name = msiOnyx | Source = Service Control Manager | ID = 7026
    Description = The following boot-start or system-start driver(s) failed to load:
    UdfReadr
    Error - 12/11/2015 8:26:57 PM | Computer Name = msiOnyx | Source = Application Popup | ID = 1060
    Description = \SystemRoot\SysWow64\Drivers\UdfReadr.SYS has been blocked from loading
    due to incompatibility with this system. Please contact your software vendor for
    a compatible version of the driver.
    Error - 12/11/2015 8:27:56 PM | Computer Name = msiOnyx | Source = Service Control Manager | ID = 7026
    Description = The following boot-start or system-start driver(s) failed to load:
    UdfReadr
    Error - 12/12/2015 11:39:54 PM | Computer Name = msiOnyx | Source = Service Control Manager | ID = 7034
    Description = The WD Boost service terminated unexpectedly. It has done this 1
    time(s).
    Error - 12/18/2015 1:43:27 AM | Computer Name = msiOnyx | Source = DCOM | ID = 10010
    Description =
    Error - 12/18/2015 11:32:44 PM | Computer Name = msiOnyx | Source = Application Popup | ID = 1060
    Description = \SystemRoot\SysWow64\Drivers\UdfReadr.SYS has been blocked from loading
    due to incompatibility with this system. Please contact your software vendor for
    a compatible version of the driver.
    Error - 12/18/2015 11:33:20 PM | Computer Name = msiOnyx | Source = Service Control Manager | ID = 7000
    Description = The Foxit Cloud Safe Update Service service failed to start due to
    the following error: %%2
    Error - 12/18/2015 11:33:50 PM | Computer Name = msiOnyx | Source = Service Control Manager | ID = 7026
    Description = The following boot-start or system-start driver(s) failed to load:
    UdfReadr
    < End of report >
     
  7. eddie5659

    eddie5659 Moderator Malware Specialist

    Joined:
    Mar 19, 2001
    Messages:
    33,667
    Thanks for the logs :)

    Had a look through, and whilst there is some things to tidy up, nothing jumps out. But this is just the one tool so far.

    Can you use any other disks in the drive, like music cd's or film dvd's?

    Does the notepad that is on the disks say its the desktop.ini?

    If you right-click on the dvd drive and select Explore, can you see the files?

    For the AutoPlay, see if this helps:

    http://windows.microsoft.com/en-gb/windows/change-autoplay-settings#1TC=windows-7
     
  8. Voltman

    Voltman Thread Starter

    Joined:
    Jun 27, 2012
    Messages:
    41
    I can play music CDs and it plays automatically (AutoPlay) but I CANNOT play/watch DVDs or games as they will not load or run. Even with the AutoPlay on.

    Whenever I right click on a game disc it is always blank: no files or folders visible. Same thing happens if I double click on my disc drive. AutoPlay does not load either.
    This is what happens when I right clicked on the movie DVD: I see an option to OPEN (not EXPLORE). I click OPEN and I can see the Audio folder but it's empty and the Video_TS folder with .bup .info and .vob files but no notepad file with the desktop.ini. Even though can I see the VOB files I can't get them to run when I click on them individually.

    I also got this message when I initially double clicked on the the DVD or when AutoPlays tries load/run for a movie DVD:
    upload_2016-2-10_21-0-12.png

    I did update my drive and my NVIDIA card with the latest so I'm not sure why this happens. Also the DVDs and games work in my older computers (Vista & XP old and not updated).

    Thanks
     

    Attached Files:

  9. eddie5659

    eddie5659 Moderator Malware Specialist

    Joined:
    Mar 19, 2001
    Messages:
    33,667
    Hi

    For the movie dvd's, can you see if they will play with VLC player? Just seeing if its a WMP issue:

    http://www.videolan.org/vlc/index.html

    You also say you've updated your drivers for Nvidia, can you tell me which version?

    To do this, open up Nvidia GeForce Experience panel (usually via the Start menu) and then click on the My Rig tab, and in there will be your driver version, and your card.

    For example, mine is Geforce GTX 760, driver version 344.60

    eddie
     
  10. Voltman

    Voltman Thread Starter

    Joined:
    Jun 27, 2012
    Messages:
    41
    Hi I'm using NVIDIA GeForce GT 740M version 361.43

    I downloaded the VLC player and I was able to play my DVD. I still have no luck opening the game disc.
     
  11. eddie5659

    eddie5659 Moderator Malware Specialist

    Joined:
    Mar 19, 2001
    Messages:
    33,667
    This is always present, just may be showing if you have your Folder Options to "Show hidden files and folders".

    I know it may seem a strange question, but did you update the drivers, and then this happened? Just looking at your drivers, and a few people are having issues with it. Also, the supported products doesn't mention your card:

    http://www.nvidia.com/download/driverResults.aspx/96883/en-us

    But the 361.91 does:

    http://www.nvidia.co.uk/download/driverResults.aspx/98879/en-uk

    Also, I wonder is maybe the DirextX had some issues after it was updated.

    Can you go to Start | Run and type in DXDIAG and click OK.

    Wait for the green bar to move across (bottom left), then let me know which version of DirectX you have (bottom of the System Information on the first tab).

    Also, click on the tabs for Display, Sound etc, and see if in the Notes box at the bottom if any problems are spotted.



    Also, going to move this to Hardware for now, as I think its not malware related.
     
  12. Voltman

    Voltman Thread Starter

    Joined:
    Jun 27, 2012
    Messages:
    41
    Hi this happened before I updated the card. I never updated my card until I realized that game disks will not load. I had never had a game disk that worked on this computer. When the first disk did not work I thought the disk was bad. But when none worked I realized that it's not the disk and then I tired the disks on another older computer and it worked. I did update to NVIDIA version 361.91 after my initial post but I still cannot open my game disks.

    I ran DXDIAG and it says I have DirextX version 11 and after clicking the tabs, all the Notes said: No problems found.
     
  13. eddie5659

    eddie5659 Moderator Malware Specialist

    Joined:
    Mar 19, 2001
    Messages:
    33,667
    Okay, so it looks like it may be computer related more than malware related. Can you see if SafeMode is bringing the same issue:

    http://windows.microsoft.com/en-gb/...-safe-mode#start-computer-safe-mode=windows-7

    Also (in normal mode), can you run this:

    Please download MiniToolBox, save it to your desktop and run it.

    Checkmark the following checkboxes:
    • Listlast10EventViewer log
    • ListInstalledPrograms
    • ListDevices
    Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
     
  14. Voltman

    Voltman Thread Starter

    Joined:
    Jun 27, 2012
    Messages:
    41
    Hi I started the computer in safe mode and the game disk was recognized and I was able to install the disk. I still can't do it in normal mode. WMP does not launch in safe mode but VLC player was able to play a DVD movie in safe mode and normal mode.
    Here is the log from MTB
    MiniToolBox by Farbar Version: 07-02-2016 01
    Ran by Mike (administrator) on 06-03-2016 at 22:39:18
    Running from "B:\Downloads"
    Microsoft Windows 7 Home Premium Service Pack 1 (X64)
    Model: GP60 2OD Manufacturer: Micro-Star International Co., Ltd.
    Boot Mode: Normal
    ***************************************************************************

    ========================= Event log errors: ===============================

    Application errors:
    ==================
    Error: (03/06/2016 10:28:45 PM) (Source: Windows Backup) (User: )
    Description: The backup did not complete because of an error writing to the backup location D:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).

    Error: (03/06/2016 10:20:32 PM) (Source: Application Error) (User: )
    Description: Faulting application name: OUTLOOK.EXE, version: 12.0.6691.5000, time stamp: 0x52e8c57c
    Faulting module name: EvernoteCCx32.dll, version: 1.0.0.1, time stamp: 0x54339785
    Exception code: 0xc0000005
    Fault offset: 0x00009a1f
    Faulting process id: 0x1344
    Faulting application start time: 0xOUTLOOK.EXE0
    Faulting application path: OUTLOOK.EXE1
    Faulting module path: OUTLOOK.EXE2
    Report Id: OUTLOOK.EXE3

    Error: (03/06/2016 10:20:05 PM) (Source: WinMgmt) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (03/06/2016 10:00:48 PM) (Source: WinMgmt) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (03/06/2016 09:34:58 PM) (Source: WinMgmt) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (03/06/2016 09:27:09 PM) (Source: Application Error) (User: )
    Description: Faulting application name: OUTLOOK.EXE, version: 12.0.6691.5000, time stamp: 0x52e8c57c
    Faulting module name: EvernoteCCx32.dll, version: 1.0.0.1, time stamp: 0x54339785
    Exception code: 0xc0000005
    Fault offset: 0x00009a1f
    Faulting process id: 0x108c
    Faulting application start time: 0xOUTLOOK.EXE0
    Faulting application path: OUTLOOK.EXE1
    Faulting module path: OUTLOOK.EXE2
    Report Id: OUTLOOK.EXE3

    Error: (03/06/2016 09:26:24 PM) (Source: WinMgmt) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (03/02/2016 11:41:16 PM) (Source: Application Error) (User: )
    Description: Faulting application name: BurnRecovery.exe, version: 3.0.1103.1801, time stamp: 0x4d82a598
    Faulting module name: BurnRecovery.exe, version: 3.0.1103.1801, time stamp: 0x4d82a598
    Exception code: 0x40000015
    Fault offset: 0x0002cccb
    Faulting process id: 0x1ef0
    Faulting application start time: 0xBurnRecovery.exe0
    Faulting application path: BurnRecovery.exe1
    Faulting module path: BurnRecovery.exe2
    Report Id: BurnRecovery.exe3

    Error: (03/01/2016 10:46:43 PM) (Source: Application Error) (User: )
    Description: Faulting application name: OUTLOOK.EXE, version: 12.0.6691.5000, time stamp: 0x52e8c57c
    Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
    Exception code: 0xc0000005
    Fault offset: 0x00000000
    Faulting process id: 0x10ac
    Faulting application start time: 0xOUTLOOK.EXE0
    Faulting application path: OUTLOOK.EXE1
    Faulting module path: OUTLOOK.EXE2
    Report Id: OUTLOOK.EXE3

    Error: (03/01/2016 10:46:18 PM) (Source: WinMgmt) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


    System errors:
    =============
    Error: (03/06/2016 10:19:04 PM) (Source: Service Control Manager) (User: )
    Description: The following boot-start or system-start driver(s) failed to load:
    UdfReadr

    Error: (03/06/2016 10:18:45 PM) (Source: Service Control Manager) (User: )
    Description: The Foxit Cloud Safe Update Service service failed to start due to the following error:
    %%2

    Error: (03/06/2016 10:18:08 PM) (Source: Application Popup) (User: )
    Description: \SystemRoot\SysWow64\Drivers\UdfReadr.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

    Error: (03/06/2016 10:17:47 PM) (Source: DCOM) (User: )
    Description: {3EB3C877-1F16-487C-9050-104DBCD66683}

    Error: (03/06/2016 09:59:29 PM) (Source: Service Control Manager) (User: )
    Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
    %%1068

    Error: (03/06/2016 09:59:29 PM) (Source: Service Control Manager) (User: )
    Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
    %%1068

    Error: (03/06/2016 09:59:29 PM) (Source: Service Control Manager) (User: )
    Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
    %%1068

    Error: (03/06/2016 09:59:29 PM) (Source: Service Control Manager) (User: )
    Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
    %%1068

    Error: (03/06/2016 09:59:29 PM) (Source: Service Control Manager) (User: )
    Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
    %%1068

    Error: (03/06/2016 09:59:29 PM) (Source: Service Control Manager) (User: )
    Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
    %%1068


    Microsoft Office Sessions:
    =========================

    =========================== Installed Programs ============================

    Adaptec UDF Reader (HKLM-x32\...\Adaptec UDF Reader) (Version: - )
    Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20059 - Adobe Systems Incorporated)
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.1.0.5790 - Adobe Systems Inc.)
    Adobe Anchor Service x64 CS4 (HKLM\...\{887797BF-37A5-4199-B0C9-0D38D6196E9A}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
    Adobe CMaps x64 CS4 (HKLM\...\{90BA8112-80B3-4617-A3C1-BD2771B60F74}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
    Adobe Creative Suite 4 Master Collection (HKLM-x32\...\Adobe_b2d6abde968e6f277ddbfd501383e02) (Version: 4.0 - Adobe Systems Incorporated)
    Adobe CSI CS4 x64 (HKLM\...\{8DAA31EB-6830-4006-A99F-4DF8AB24714F}) (Version: 1 - Adobe Systems Incorporated) Hidden
    Adobe Drive CS4 x64 (HKLM\...\{A3454894-144A-4D80-B605-C128FE0D7329}) (Version: 1 - Adobe Systems Incorporated) Hidden
    Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.2.202.228 - Adobe Systems Incorporated)
    Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
    Adobe Fonts All x64 (HKLM\...\{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
    Adobe Linguistics CS4 x64 (HKLM\...\{8875A1C0-6308-4790-8CF6-D34E89880052}) (Version: 4.0.0 - Adobe Systems Incorporated) Hidden
    Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
    Adobe PDF Library Files x64 CS4 (HKLM\...\{DFFABE78-8173-4E97-9C5C-22FB26192FC5}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
    Adobe Photoshop CS4 (64 Bit) (HKLM\...\{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
    Adobe Type Support x64 CS4 (HKLM\...\{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
    Adobe WinSoft Linguistics Plugin x64 (HKLM\...\{295CFB7C-A57E-4313-93E7-68E7CE1D0332}) (Version: 1.1 - Adobe Systems Incorporated) Hidden
    Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
    AVG 2014 (HKLM\...\{437FDDE9-92B4-4C3B-9BA2-9550EAF5F73A}) (Version: 14.0.4855 - AVG Technologies) Hidden
    AVG 2014 (HKLM\...\{4ED5A05D-A367-47A4-B8CD-9D8BF1360511}) (Version: 14.0.4477 - AVG Technologies) Hidden
    AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4855 - AVG Technologies)
    BurnRecovery (HKLM-x32\...\{2892E1B7-E24D-4CCB-B8A7-B63D4B66F89F}) (Version: 3.0.1103.1801 - Micro-Star International Co., Ltd.)
    Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
    Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
    Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
    Citrix Online Launcher (HKLM-x32\...\{E5F6D26D-E180-4547-A865-565EAB61000C}) (Version: 1.0.362 - Citrix)
    ClearViewSE (HKLM-x32\...\{67E80218-05FB-45B3-852F-AF06908A1014}) (Version: 5.5.0 - Happy Bytes LLC)
    Connect (HKLM-x32\...\{B29AD377-CC12-490A-A480-1452337C618D}) (Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
    COWON Media Center - jetAudio Plus VX (HKLM-x32\...\{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}) (Version: 7.0.0 - COWON)
    CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.4612 - CyberLink Corp.)
    D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
    Dropbox (HKCU\...\Dropbox) (Version: 3.14.7 - Dropbox, Inc.)
    DTC Library (HKLM-x32\...\DTC Library) (Version: - )
    ETDWare PS/2-X64 11.13.2.4_WHQL (HKLM\...\Elantech) (Version: 11.13.2.4 - ELAN Microelectronic Corp.)
    Evernote v. 5.8.13 (HKLM-x32\...\{A229420E-204B-11E5-B844-0050569584E9}) (Version: 5.8.13.8152 - Evernote Corp.)
    FlightGear 2.10.0.3 (HKLM\...\FlightGear_is1) (Version: - The FlightGear Team)
    Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 3.7.143.923 - Foxit Software Inc.)
    Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.1.5.425 - Foxit Software Inc.)
    Galería de fotos (HKLM-x32\...\{8F7FECEC-088F-431D-A5FB-2B59E1E69943}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
    Galerie de photos (HKLM-x32\...\{446CC8CE-0E90-44F7-ADD0-774B243EF090}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)
    Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
    Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.29.5 - Google Inc.) Hidden
    Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
    GoToMeeting 7.13.0.4542 (HKCU\...\GoToMeeting) (Version: 7.13.0.4542 - CitrixOnline)
    Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
    Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3186 - Intel Corporation)
    Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.5.0.1066 - Intel Corporation)
    Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
    Intel(R) Turbo Boost Technology Monitor 2.6 (HKLM\...\{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}) (Version: 2.6.2.0 - Intel)
    Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
    Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
    Junk Mail filter update (HKLM-x32\...\{400C31E4-796F-4E86-8FDC-C3C4FACC6847}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
    kuler (HKLM-x32\...\{098727E1-775A-4450-B573-3F441F1CA243}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
    Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
    Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
    Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
    Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0016-0000-0000-0000000FF1CE}_EXCEL_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
    Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0018-0000-0000-0000000FF1CE}_POWERPOINT_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
    Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001A-0000-0000-0000000FF1CE}_OUTLOOK_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
    Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001B-0000-0000-0000000FF1CE}_WORD_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
    Microsoft Office Excel 2007 (HKLM-x32\...\EXCEL) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
    Microsoft Office Outlook 2007 (HKLM-x32\...\OUTLOOK) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office PowerPoint 2007 (HKLM-x32\...\POWERPOINT) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office Word 2007 (HKLM-x32\...\WORD) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.5860.0512 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
    Movie Maker (HKLM-x32\...\{13F3CEA5-9E2C-4C4E-9F0F-D0DB389CF4A9}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
    Movie Maker (HKLM-x32\...\{5BABDA39-61CF-41EE-992D-4054B6649A9B}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
    Movie Maker (HKLM-x32\...\{A17946CA-18E5-4CF0-8D55-A56D804718F8}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
    Movie Maker (HKLM-x32\...\{E0B5FDF0-6940-44B2-8204-CFA746A6B4AF}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
    Movie Maker (HKLM-x32\...\{ED6C77F9-4D7E-447C-9EC0-9A212D075535}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
    Mozilla Firefox 44.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 44.0.2 (x86 en-US)) (Version: 44.0.2 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2.5884 - Mozilla)
    Mp3tag v2.58 (HKLM-x32\...\Mp3tag) (Version: v2.58 - Florian Heidenreich)
    MSI Battery Calibration (HKLM-x32\...\{619FA785-489B-4D22-911F-82D6EDF5BDB0}) (Version: 1.0.0.1 - Micro-Star International Co., Ltd.)
    MSI HOUSE (HKLM-x32\...\{DA5597C9-9216-44FF-9670-D1E48817B998}) (Version: 10.07.1601 - MSI)
    MSI Software Install (HKLM-x32\...\{332EBFE0-C39E-42D1-99B5-ABBBECAD71B6}) (Version: 4.0.1105.1701 - Micro-Star International Co., Ltd.)
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    NVIDIA GeForce Experience 2.10.2.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.10.2.40 - NVIDIA Corporation)
    NVIDIA Graphics Driver 352.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 352.86 - NVIDIA Corporation)
    NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
    OpenAL (HKLM-x32\...\OpenAL) (Version: - )
    PDF Settings CS4 (HKLM-x32\...\{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
    Phoenix R/C® (HKLM-x32\...\PhoenixRC) (Version: 5.0.a - Runtime Games Ltd)
    Photoshop Camera Raw (HKLM-x32\...\{CC75AB5C-2110-4A7F-AF52-708680D22FE8}) (Version: 5.0 - Adobe Systems Incorporated) Hidden
    Photoshop Camera Raw_x64 (HKLM\...\{2D74E972-5A85-44DC-9193-8A302BA8C181}) (Version: 5.0 - Adobe Systems Incorporated) Hidden
    Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.13 - Qualcomm Atheros Communications Inc.)
    QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
    REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.728.728.042813 - )
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6914 - Realtek Semiconductor Corp.)
    Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30127 - Realtek Semiconductor Corp.)
    REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0212 - )
    SCM (HKLM\...\{CA85D7A7-6B45-4011-9BCC-C01F31EDE157}) (Version: 14.013.07054 - )
    Serif MoviePlus X5 (HKLM-x32\...\{93C40A12-0098-46B1-972E-E8083686A7A0}) (Version: 7.0.2.018 - Serif (Europe) Ltd)
    SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 5.1.0270 - NVIDIA Corporation) Hidden
    SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.10.2.40 - NVIDIA Corporation) Hidden
    SILKYPIX Developer Studio 3.1 SE (HKLM-x32\...\{0A04086B-0B71-43C3-95EF-FDFC4C18D161}) (Version: 3 - Ichikawa Soft Laboratory) Hidden
    SILKYPIX Developer Studio 3.1 SE (HKLM-x32\...\InstallShield_{0A04086B-0B71-43C3-95EF-FDFC4C18D161}) (Version: 3 - Ichikawa Soft Laboratory)
    Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
    Sound Blaster Cinema (HKLM-x32\...\{8801CA65-921A-4CCC-9D63-879D1D0BAA97}) (Version: 1.00.02 - Creative Technology Limited)
    Suite Shared Configuration CS4 (HKLM-x32\...\{842B4B72-9E8F-4962-B3C1-1C422A5C4434}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
    Super-Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.017 - MSI)
    Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0016-0000-0000-0000000FF1CE}_EXCEL_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
    Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0018-0000-0000-0000000FF1CE}_POWERPOINT_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
    Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-001A-0000-0000-0000000FF1CE}_OUTLOOK_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
    Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-001B-0000-0000-0000000FF1CE}_WORD_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
    Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
    Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
    VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.2 - VideoLAN)
    WD Boost (HKLM\...\{D4311756-3895-4F60-9657-6C5C228EB1DC}) (Version: 1.50.0.0 - Western Digital Corporation)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
    WinZip 15.0 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240C1}) (Version: 15.0.9411 - WinZip Computing, S.L. )
    影像中心 (HKLM-x32\...\{631C4E4F-6FDC-4CC0-A067-E9876A9BA7FD}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

    ========================= Devices: ================================

    Name: Volume Manager
    Description: Volume Manager
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service: volmgr
    Device ID: ROOT\VOLMGR\0000

    Name: Microsoft Windows Management Interface for ACPI
    Description: Microsoft Windows Management Interface for ACPI
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: WmiAcpi
    Device ID: ACPI\PNP0C14\0

    Name: Intel(R) Xeon(R) processor E3-1200 v3/4th Gen Core processor DRAM Controller - 0C04
    Description: Intel(R) Xeon(R) processor E3-1200 v3/4th Gen Core processor DRAM Controller - 0C04
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel
    Service:
    Device ID: PCI\VEN_8086&DEV_0C04&SUBSYS_10E91462&REV_06\3&11583659&1&00

    Name: Remote Access IPv6 ARP Driver
    Description: Remote Access IPv6 ARP Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: Wanarpv6
    Device ID: ROOT\LEGACY_WANARPV6\0000

    Name: Intel(R) 8 Series/C220 Series PCI Express Root Port #4 - 8C16
    Description: Intel(R) 8 Series/C220 Series PCI Express Root Port #4 - 8C16
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel
    Service: pci
    Device ID: PCI\VEN_8086&DEV_8C16&SUBSYS_10E91462&REV_D5\3&11583659&1&E3

    Name: Intel(R) 8 Series/C220 Series USB EHCI #1 - 8C26
    Description: Intel(R) 8 Series/C220 Series USB EHCI #1 - 8C26
    Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
    Manufacturer: Intel
    Service: usbehci
    Device ID: PCI\VEN_8086&DEV_8C26&SUBSYS_10E91462&REV_05\3&11583659&1&E8

    Name: NDIS System Driver
    Description: NDIS System Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: NDIS
    Device ID: ROOT\LEGACY_NDIS\0000

    Name: Link-Layer Topology Discovery Responder
    Description: Link-Layer Topology Discovery Responder
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: rspndr
    Device ID: ROOT\LEGACY_RSPNDR\0000

    Name: HL-DT-ST DVDRAM GTA0N SCSI CdRom Device
    Description: CD-ROM Drive
    Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard CD-ROM drives)
    Service: cdrom
    Device ID: SCSI\CDROM&VEN_HL-DT-ST&PROD_DVDRAM_GTA0N\4&2B90ED11&0&000000

    Name: Microsoft Windows Management Interface for ACPI
    Description: Microsoft Windows Management Interface for ACPI
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: WmiAcpi
    Device ID: ACPI\PNP0C14\OPT1

    Name: System timer
    Description: System timer
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:
    Device ID: ACPI\PNP0100\4&9841554&0

    Name: Kernel Mode Driver Frameworks service
    Description: Kernel Mode Driver Frameworks service
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: Wdf01000
    Device ID: ROOT\LEGACY_WDF01000\0000

    Name: HTTP
    Description: HTTP
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: HTTP
    Device ID: ROOT\LEGACY_HTTP\0000

    Name: NDIS Usermode I/O Protocol
    Description: NDIS Usermode I/O Protocol
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: Ndisuio
    Device ID: ROOT\LEGACY_NDISUIO\0000

    Name: HID-compliant device
    Description: HID-compliant device
    Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
    Manufacturer: (Standard system devices)
    Service:
    Device ID: HID\RTKVIRTUALHIDDEVICE&COL01\9&30AC8D0C&0&0000

    Name: ACPI Thermal Zone
    Description: ACPI Thermal Zone
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:
    Device ID: ACPI\THERMALZONE\THRM

    Name: Security Driver
    Description: Security Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: secdrv
    Device ID: ROOT\LEGACY_SECDRV\0000

    Name: AVG TDI Driver
    Description: AVG TDI Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: Avgtdia
    Device ID: ROOT\LEGACY_AVGTDIA\0000

    Name: High precision event timer
    Description: High precision event timer
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:
    Device ID: ACPI\PNP0103\0

    Name: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz
    Description: Intel Processor
    Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
    Manufacturer: Intel
    Service: intelppm
    Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_60_-_INTEL(R)_CORE(TM)[email protected]_2.40GHZ\_4

    Name: Hardware Policy Driver
    Description: Hardware Policy Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: hwpolicy
    Device ID: ROOT\LEGACY_HWPOLICY\0000

    Name: NVIDIA GeForce GT 740M
    Description: NVIDIA GeForce GT 740M
    Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
    Manufacturer: NVIDIA
    Service: nvlddmkm
    Device ID: PCI\VEN_10DE&DEV_1292&SUBSYS_10E91462&REV_A1\4&37AA9B99&0&0008

    Name: Microsoft Virtual WiFi Miniport Adapter
    Description: Microsoft Virtual WiFi Miniport Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: vwifimp
    Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&12DAFE29&0&01

    Name: WFP Lightweight Filter
    Description: WFP Lightweight Filter
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: WfpLwf
    Device ID: ROOT\LEGACY_WFPLWF\0000

    Name: Microsoft ACPI-Compliant System
    Description: Microsoft ACPI-Compliant System
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: ACPI
    Device ID: ACPI_HAL\PNP0C08\0

    Name: NDProxy
    Description: NDProxy
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: NDProxy
    Device ID: ROOT\LEGACY_NDPROXY\0000

    Name: Security Processor Loader Driver
    Description: Security Processor Loader Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: spldr
    Device ID: ROOT\LEGACY_SPLDR\0000

    Name: Intel(R) Xeon(R) processor E3-1200 v3/4th Gen Core processor PCI Express x8 Controller - 0C05
    Description: Intel(R) Xeon(R) processor E3-1200 v3/4th Gen Core processor PCI Express x8 Controller - 0C05
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel
    Service: pci
    Device ID: PCI\VEN_8086&DEV_0C05&SUBSYS_10E91462&REV_06\3&11583659&1&09

    Name: Beep
    Description: Beep
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: Beep
    Device ID: ROOT\LEGACY_BEEP\0000

    Name: Microsoft 6to4 Adapter
    Description: Microsoft 6to4 Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: tunnel
    Device ID: ROOT\*6TO4MP\0000

    Name: X3M( Remote Control )
    Description: Realtek Bluetooth A/V Remote Control Target Device
    Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
    Manufacturer: Realtek Semiconductor Corp.
    Service: RtkAvrcp
    Device ID: BTHENUM\{0000110E-0000-1000-8000-00805F9B34FB}_LOCALMFG&005D\8&6EA074C&0&0012028002A3_C00000000

    Name: ipadtst
    Description: ipadtst
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: ipadtst
    Device ID: ROOT\LEGACY_IPADTST\0000

    Name: Microsoft Bluetooth Enumerator
    Description: Microsoft Bluetooth Enumerator
    Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
    Manufacturer: Microsoft
    Service: BthEnum
    Device ID: BTH\MS_BTHBRB\7&155306DB&0&1

    Name: User Mode Driver Frameworks Platform Driver
    Description: User Mode Driver Frameworks Platform Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: WudfPf
    Device ID: ROOT\LEGACY_WUDFPF\0000

    Name: HID-compliant device
    Description: HID-compliant device
    Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
    Manufacturer: (Standard system devices)
    Service:
    Device ID: HID\RTKVIRTUALHIDDEVICE&COL01\9&3329A73D&0&0000

    Name: Generic PnP Monitor
    Description: Generic PnP Monitor
    Class Guid: {4d36e96e-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard monitor types)
    Service: monitor
    Device ID: DISPLAY\LGD0259\4&1651CA5C&0&UID68092928

    Name: Direct memory access controller
    Description: Direct memory access controller
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:
    Device ID: ACPI\PNP0200\4&9841554&0

    Name: CyberLink WebCam Virtual Driver
    Description: CyberLink WebCam Virtual Driver
    Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
    Manufacturer: CyberLink
    Service: clwvd
    Device ID: ROOT\MEDIA\0000

    Name: KSecDD
    Description: KSecDD
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: KSecDD
    Device ID: ROOT\LEGACY_KSECDD\0000

    Name: Realtek Bluetooth 4.0 + High Speed Chip
    Description: Realtek Bluetooth 4.0 + High Speed Chip
    Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
    Manufacturer: Realtek Semiconductor Corp.
    Service: BTHUSB
    Device ID: USB\VID_13D3&PID_3394\00E04C000001

    Name: Microsoft ISATAP Adapter
    Description: Microsoft ISATAP Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: tunnel
    Device ID: ROOT\*ISATAP\0001

    Name: Bluetooth Device (Personal Area Network)
    Description: Bluetooth Device (Personal Area Network)
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: BthPan
    Device ID: BTH\MS_BTHPAN\7&155306DB&0&2

    Name: NETBT
    Description: NETBT
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: NetBT
    Device ID: ROOT\LEGACY_NETBT\0000

    Name: Realtek RTL8723AE Wireless LAN 802.11n PCI-E NIC #2
    Description: Realtek RTL8723AE Wireless LAN 802.11n PCI-E NIC
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Realtek Semiconductor Corp.
    Service: RTWlanE
    Device ID: PCI\VEN_10EC&DEV_8723&SUBSYS_21141A3B&REV_00\012387FEFF4CE00000

    Name: PCI bus
    Description: PCI bus
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service: pci
    Device ID: ACPI\PNP0A08\0

    Name: Microsoft AC Adapter
    Description: Microsoft AC Adapter
    Class Guid: {72631e54-78a4-11d0-bcf7-00aa00b7b32a}
    Manufacturer: Microsoft
    Service: CmBatt
    Device ID: ACPI\ACPI0003\5&21572EAD&0

    Name: Microsoft ISATAP Adapter #2
    Description: Microsoft ISATAP Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: tunnel
    Device ID: ROOT\*ISATAP\0002

    Name: Microsoft System Management BIOS Driver
    Description: Microsoft System Management BIOS Driver
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service: mssmbios
    Device ID: ROOT\MSSMBIOS\0000

    Name: Intel(R) 8 Series/C220 Series PCI Express Root Port #6 - 8C1A
    Description: Intel(R) 8 Series/C220 Series PCI Express Root Port #6 - 8C1A
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel
    Service: pci
    Device ID: PCI\VEN_8086&DEV_8C1A&SUBSYS_10E91462&REV_D5\3&11583659&1&E5

    Name: Intel(R) 8 Series/C220 Series USB EHCI #2 - 8C2D
    Description: Intel(R) 8 Series/C220 Series USB EHCI #2 - 8C2D
    Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
    Manufacturer: Intel
    Service: usbehci
    Device ID: PCI\VEN_8086&DEV_8C2D&SUBSYS_10E91462&REV_05\3&11583659&1&D0

    Name: Teredo Tunneling Pseudo-Interface
    Description: Microsoft Teredo Tunneling Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: tunnel
    Device ID: ROOT\*TEREDO\0000

    Name: KSecPkg
    Description: KSecPkg
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: KSecPkg
    Device ID: ROOT\LEGACY_KSECPKG\0000

    Name: HID-compliant consumer control device
    Description: HID-compliant consumer control device
    Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
    Manufacturer: Microsoft
    Service:
    Device ID: HID\RTKVIRTUALHIDDEVICE&COL02\9&30AC8D0C&0&0001

    Name: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz
    Description: Intel Processor
    Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
    Manufacturer: Intel
    Service: intelppm
    Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_60_-_INTEL(R)_CORE(TM)[email protected]_2.40GHZ\_5

    Name: Microsoft ISATAP Adapter #4
    Description: Microsoft ISATAP Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: tunnel
    Device ID: ROOT\*ISATAP\0003

    Name: ATA Hitachi HTS72757 SCSI Disk Device
    Description: Disk drive
    Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard disk drives)
    Service: disk
    Device ID: SCSI\DISK&VEN_ATA&PROD_HITACHI_HTS72757\4&2B90ED11&0&040000

    Name: Bluetooth Device (RFCOMM Protocol TDI)
    Description: Bluetooth Device (RFCOMM Protocol TDI)
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: RFCOMM
    Device ID: BTH\MS_RFCOMM\7&155306DB&0&0

    Name: Common Log (CLFS)
    Description: Common Log (CLFS)
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: CLFS
    Device ID: ROOT\LEGACY_CLFS\0000

    Name: WAN Miniport (IKEv2)
    Description: WAN Miniport (IKEv2)
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: RasAgileVpn
    Device ID: ROOT\MS_AGILEVPNMINIPORT\0000

    Name: ACPI x64-based PC
    Description: ACPI x64-based PC
    Class Guid: {4d36e966-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard computers)
    Service: \Driver\ACPI_HAL
    Device ID: ROOT\ACPI_HAL\0000

    Name: Microsoft ISATAP Adapter #5
    Description: Microsoft ISATAP Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: tunnel
    Device ID: ROOT\*ISATAP\0004

    Name: Link-Layer Topology Discovery Mapper I/O Driver
    Description: Link-Layer Topology Discovery Mapper I/O Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: lltdio
    Device ID: ROOT\LEGACY_LLTDIO\0000

    Name: System CMOS/real time clock
    Description: System CMOS/real time clock
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:
    Device ID: ACPI\PNP0B00\4&9841554&0

    Name: NSI proxy service driver.
    Description: NSI proxy service driver.
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: nsiproxy
    Device ID: ROOT\LEGACY_NSIPROXY\0000

    Name: CNG
    Description: CNG
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: CNG
    Device ID: ROOT\LEGACY_CNG\0000

    Name: RCA RTS7110B( Remote Control )
    Description: Realtek Bluetooth A/V Remote Control Target Device
    Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
    Manufacturer: Realtek Semiconductor Corp.
    Service: RtkAvrcp
    Device ID: BTHENUM\{0000110E-0000-1000-8000-00805F9B34FB}_VID&0001000F_PID&0000\8&6EA074C&0&DC2C26F04DB5_C00000000

    Name: File as Volume Driver
    Description: File as Volume Driver
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: blbdrive
    Device ID: ROOT\BLBDRIVE\0000

    Name: X3M( Stereo )
    Description: Realtek Bluetooth A2dp Device
    Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
    Manufacturer: Realtek Bluetooth
    Service: RtkA2dp
    Device ID: BTHENUM\{0000110B-0000-1000-8000-00805F9B34FB}_LOCALMFG&005D\8&6EA074C&0&0012028002A3_C00000000

    Name: WAN Miniport (L2TP)
    Description: WAN Miniport (L2TP)
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: Rasl2tp
    Device ID: ROOT\MS_L2TPMINIPORT\0000

    Name: HID-compliant consumer control device
    Description: HID-compliant consumer control device
    Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
    Manufacturer: Microsoft
    Service:
    Device ID: HID\RTKVIRTUALHIDDEVICE&COL02\9&3329A73D&0&0001

    Name: Generic volume
    Description: Generic volume
    Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
    Manufacturer: Microsoft
    Service: volsnap
    Device ID: STORAGE\VOLUME\{7ECE291D-6D8C-11E3-A32B-806E6F6E6963}#0000000000100000

    Name: System board
    Description: System board
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:
    Device ID: ACPI\PNP0C01\1

    Name: Composite Bus Enumerator
    Description: Composite Bus Enumerator
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: CompositeBus
    Device ID: ROOT\COMPOSITEBUS\0000

    Name: ELAN PS/2 Port Smart-Pad
    Description: ELAN PS/2 Port Smart-Pad
    Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
    Manufacturer: ELAN
    Service: i8042prt
    Device ID: ACPI\ETD0300\4&9841554&0

    Name: WAN Miniport (Network Monitor)
    Description: WAN Miniport (Network Monitor)
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: NdisWan
    Device ID: ROOT\MS_NDISWANBH\0000

    Name: Motherboard resources
    Description: Motherboard resources
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:
    Device ID: ACPI\PNP0C02\1

    Name: NTIOLib_1_0_3
    Description: NTIOLib_1_0_3
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: NTIOLib_1_0_3
    Device ID: ROOT\LEGACY_NTIOLIB_1_0_3\0000

    Name: System Attribute Cache
    Description: System Attribute Cache
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: discache
    Device ID: ROOT\LEGACY_DISCACHE\0000

    Name: Microsoft Composite Battery
    Description: Microsoft Composite Battery
    Class Guid: {72631e54-78a4-11d0-bcf7-00aa00b7b32a}
    Manufacturer: Microsoft
    Service: Compbatt
    Device ID: ROOT\COMPOSITE_BATTERY\0000

    Name: Motherboard resources
    Description: Motherboard resources
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:
    Device ID: ACPI\PNP0C02\10

    Name: WAN Miniport (IP)
    Description: WAN Miniport (IP)
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: NdisWan
    Device ID: ROOT\MS_NDISWANIP\0000

    Name: ACPI Fixed Feature Button
    Description: ACPI Fixed Feature Button
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:
    Device ID: ACPI\FIXEDBUTTON\2&DABA3FF&3

    Name: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz
    Description: Intel Processor
    Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
    Manufacturer: Intel
    Service: intelppm
    Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_60_-_INTEL(R)_CORE(TM)[email protected]_2.40GHZ\_6

    Name: LDDM Graphics Subsystem
    Description: LDDM Graphics Subsystem
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: DXGKrnl
    Device ID: ROOT\LEGACY_DXGKRNL\0000

    Name: Motherboard resources
    Description: Motherboard resources
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:
    Device ID: ACPI\PNP0C02\2

    Name: Mount Point Manager
    Description: Mount Point Manager
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: mountmgr
    Device ID: ROOT\LEGACY_MOUNTMGR\0000

    Name: Null
    Description: Null
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: Null
    Device ID: ROOT\LEGACY_NULL\0000

    Name: adfs
    Description: adfs
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: adfs
    Device ID: ROOT\LEGACY_ADFS\0000

    Name: Intel(R) 8 Series Chipset Family SATA AHCI Controller
    Description: Intel(R) 8 Series Chipset Family SATA AHCI Controller
    Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel Corporation
    Service: iaStorA
    Device ID: PCI\VEN_8086&DEV_8C03&SUBSYS_10E91462&REV_05\3&11583659&1&FA

    Name: High Definition Audio Controller
    Description: High Definition Audio Controller
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: HDAudBus
    Device ID: PCI\VEN_8086&DEV_8C20&SUBSYS_10E91462&REV_05\3&11583659&1&D8

    Name: Intel(R) USB 3.0 eXtensible Host Controller
    Description: Intel(R) USB 3.0 eXtensible Host Controller
    Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
    Manufacturer: Intel(R) Corporation
    Service: iusb3xhc
    Device ID: PCI\VEN_8086&DEV_8C31&SUBSYS_10E91462&REV_05\3&11583659&1&A0

    Name: WAN Miniport (IPv6)
    Description: WAN Miniport (IPv6)
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: NdisWan
    Device ID: ROOT\MS_NDISWANIPV6\0000

    Name: Generic volume
    Description: Generic volume
    Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
    Manufacturer: Microsoft
    Service: volsnap
    Device ID: STORAGE\VOLUME\{7ECE291D-6D8C-11E3-A32B-806E6F6E6963}#00000002C0700000

    Name: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz
    Description: Intel Processor
    Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
    Manufacturer: Intel
    Service: intelppm
    Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_60_-_INTEL(R)_CORE(TM)[email protected]_2.40GHZ\_1

    Name: TCP/IP Protocol Driver
    Description: TCP/IP Protocol Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: Tcpip
    Device ID: ROOT\LEGACY_TCPIP\0000

    Name: RCA RTS7110B( Stereo )
    Description: Realtek Bluetooth A2dp Device
    Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
    Manufacturer: Realtek Bluetooth
    Service: RtkA2dp
    Device ID: BTHENUM\{0000110B-0000-1000-8000-00805F9B34FB}_VID&0001000F_PID&0000\8&6EA074C&0&DC2C26F04DB5_C00000000

    Name: NvStreamKms
    Description: NvStreamKms
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: NvStreamKms
    Device ID: ROOT\LEGACY_NVSTREAMKMS\0000

    Name: Windows Firewall Authorization Driver
    Description: Windows Firewall Authorization Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: mpsdrv
    Device ID: ROOT\LEGACY_MPSDRV\0000

    Name: Ancillary Function Driver for Winsock
    Description: Ancillary Function Driver for Winsock
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: AFD
    Device ID: ROOT\LEGACY_AFD\0000

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT1

    Name: X3M( Mono )
    Description: Realtek Bluetooth HandsFree Audio
    Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
    Manufacturer: Realtek Bluetooth
    Service: BthAudioHF
    Device ID: BTHENUM\{0000111E-0000-1000-8000-00805F9B34FB}_LOCALMFG&005D\8&6EA074C&0&0012028002A3_C00000000

    Name: WAN Miniport (PPPOE)
    Description: WAN Miniport (PPPOE)
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: RasPppoe
    Device ID: ROOT\MS_PPPOEMINIPORT\0000

    Name: Numeric data processor
    Description: Numeric data processor
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:
    Device ID: ACPI\PNP0C04\4&9841554&0

    Name: TCP/IP Registry Compatibility
    Description: TCP/IP Registry Compatibility
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: tcpipreg
    Device ID: ROOT\LEGACY_TCPIPREG\0000

    Name: IDE Channel
    Description: IDE Channel
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: atapi
    Device ID: ROOT\LEGACY_ATAPI\0000

    Name: Intel(R) 82802 Firmware Hub Device
    Description: Intel(R) 82802 Firmware Hub Device
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel
    Service:
    Device ID: ACPI\INT0800\4&9841554&0

    Name: Performance Counters for Windows Driver
    Description: Performance Counters for Windows Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: pcw
    Device ID: ROOT\LEGACY_PCW\0000

    Name: Qualcomm Atheros AR8161/8165 PCI-E Gigabit Ethernet Controller (NDIS 6.20) #2
    Description: Qualcomm Atheros AR8161/8165 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Qualcomm Atheros
    Service: L1C
    Device ID: PCI\VEN_1969&DEV_1091&SUBSYS_10E91462&REV_10\FF40E1E8448A5BFF00

    Name: UMBus Enumerator
    Description: UMBus Enumerator
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: umbus
    Device ID: UMB\UMB\1&841921D&0&PRINTERBUSENUMERATOR

    Name: WAN Miniport (PPTP)
    Description: WAN Miniport (PPTP)
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: PptpMiniport
    Device ID: ROOT\MS_PPTPMINIPORT\0000

    Name: Intel(R) Management Engine Interface
    Description: Intel(R) Management Engine Interface
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel
    Service: MEIx64
    Device ID: PCI\VEN_8086&DEV_8C3A&SUBSYS_10E91462&REV_04\3&11583659&1&B0

    Name: NetIO Legacy TDI Support Driver
    Description: NetIO Legacy TDI Support Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: tdx
    Device ID: ROOT\LEGACY_TDX\0000

    Name: PEAUTH
    Description: PEAUTH
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: PEAUTH
    Device ID: ROOT\LEGACY_PEAUTH\0000

    Name: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz
    Description: Intel Processor
    Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
    Manufacturer: Intel
    Service: intelppm
    Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_60_-_INTEL(R)_CORE(TM)[email protected]_2.40GHZ\_7

    Name: Generic volume
    Description: Generic volume
    Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
    Manufacturer: Microsoft
    Service: volsnap
    Device ID: STORAGE\VOLUME\{7ECE291D-6D8C-11E3-A32B-806E6F6E6963}#00000002C6B00000

    Name: WAN Miniport (SSTP)
    Description: WAN Miniport (SSTP)
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: RasSstp
    Device ID: ROOT\MS_SSTPMINIPORT\0000

    Name: Turbo Boost UI Monitor driver
    Description: Turbo Boost UI Monitor driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: TurboB
    Device ID: ROOT\LEGACY_TURBOB\0000

    Name: Microsoft ACPI-Compliant Embedded Controller
    Description: Microsoft ACPI-Compliant Embedded Controller
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:
    Device ID: ACPI\PNP0C09\4&9841554&0

    Name: AVG network filter service
    Description: AVG network filter service
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: Avgfwfd
    Device ID: ROOT\LEGACY_AVGFWFD\0000

    Name: Motherboard resources
    Description: Motherboard resources
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:
    Device ID: ACPI\INT3F0D\4&9841554&0

    Name: Generic USB Hub
    Description: Generic USB Hub
    Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
    Manufacturer: (Generic USB Hub)
    Service: usbhub
    Device ID: USB\VID_8087&PID_8000\5&1A5B020E&0&1

    Name: QoS Packet Scheduler
    Description: QoS Packet Scheduler
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: Psched
    Device ID: ROOT\LEGACY_PSCHED\0000

    Name: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz
    Description: Intel Processor
    Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
    Manufacturer: Intel
    Service: intelppm
    Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_60_-_INTEL(R)_CORE(TM)[email protected]_2.40GHZ\_2

    Name: Terminal Server Keyboard Driver
    Description: Terminal Server Keyboard Driver
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service: TermDD
    Device ID: ROOT\RDP_KBD\0000

    Name: Microsoft ACPI-Compliant Control Method Battery
    Description: Microsoft ACPI-Compliant Control Method Battery
    Class Guid: {72631e54-78a4-11d0-bcf7-00aa00b7b32a}
    Manufacturer: Microsoft
    Service: CmBatt
    Device ID: ACPI\PNP0C0A\1

    Name: Intel(R) HD Graphics 4600
    Description: Intel(R) HD Graphics 4600
    Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel Corporation
    Service: igfx
    Device ID: PCI\VEN_8086&DEV_0416&SUBSYS_10E91462&REV_06\3&11583659&1&10

    Name: Realtek Bluetooth A/V Remote Control Controller
    Description: Realtek Bluetooth A/V Remote Control Controller
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service: RtkAvrcpCtrlr
    Device ID: BTHENUM\{0000110C-0000-1000-8000-00805F9B34FB}_LOCALMFG&005D\8&6EA074C&0&0012028002A3_C00000000

    Name: Intel(R) 8 Series/C220 Series PCI Express Root Port #1 - 8C10
    Description: Intel(R) 8 Series/C220 Series PCI Express Root Port #1 - 8C10
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel
    Service: pci
    Device ID: PCI\VEN_8086&DEV_8C10&SUBSYS_10E91462&REV_D5\3&11583659&1&E0

    Name: QWAVE driver
    Description: QWAVE driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: QWAVEdrv
    Device ID: ROOT\LEGACY_QWAVEDRV\0000

    Name: Intel(R) 8 Series/C220 Series SMBus Controller - 8C22
    Description: Intel(R) 8 Series/C220 Series SMBus Controller - 8C22
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel
    Service:
    Device ID: PCI\VEN_8086&DEV_8C22&SUBSYS_10E91462&REV_05\3&11583659&1&FB

    Name: Realtek High Definition Audio
    Description: Realtek High Definition Audio
    Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
    Manufacturer: Realtek
    Service: IntcAzAudAddService
    Device ID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0269&SUBSYS_146210FA&REV_1001\4&1AB8E1F9&0&0001

    Name: Terminal Server Mouse Driver
    Description: Terminal Server Mouse Driver
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service: TermDD
    Device ID: ROOT\RDP_MOU\0000

    Name: ACPI Power Button
    Description: ACPI Power Button
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:
    Device ID: ACPI\PNP0C0C\2&DABA3FF&3

    Name: VgaSave
    Description: VgaSave
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: VgaSave
    Device ID: ROOT\LEGACY_VGASAVE\0000

    Name: Generic volume
    Description: Generic volume
    Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
    Manufacturer: Microsoft
    Service: volsnap
    Device ID: STORAGE\VOLUME\{7ECE291D-6D8C-11E3-A32B-806E6F6E6963}#0000002846C00000

    Name: Plug and Play Software Device Enumerator
    Description: Plug and Play Software Device Enumerator
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service: swenum
    Device ID: ROOT\SYSTEM\0000

    Name: PC/AT Enhanced PS/2 Keyboard (101/102-Key)
    Description: PC/AT Enhanced PS/2 Keyboard (101/102-Key)
    Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard keyboards)
    Service: i8042prt
    Device ID: ACPI\MSNB1001\4&9841554&0

    Name: ACPI Lid
    Description: ACPI Lid
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:
    Device ID: ACPI\PNP0C0D\5&21572EAD&0

    Name: Dynamic Volume Manager
    Description: Dynamic Volume Manager
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: volmgrx
    Device ID: ROOT\LEGACY_VOLMGRX\0000

    Name: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz
    Description: Intel Processor
    Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
    Manufacturer: Intel
    Service: intelppm
    Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_60_-_INTEL(R)_CORE(TM)[email protected]_2.40GHZ\_8

    Name: UMBus Root Bus Enumerator
    Description: UMBus Root Bus Enumerator
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: umbus
    Device ID: ROOT\UMBUS\0000

    Name: msisadrv
    Description: msisadrv
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: msisadrv
    Device ID: ROOT\LEGACY_MSISADRV\0000

    Name: RDPCDD
    Description: RDPCDD
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: RDPCDD
    Device ID: ROOT\LEGACY_RDPCDD\0000

    Name: Intel(R) Xeon(R) processor E3-1200 v3/4th Gen Core processor PCI Express x16 Controller - 0C01
    Description: Intel(R) Xeon(R) processor E3-1200 v3/4th Gen Core processor PCI Express x16 Controller - 0C01
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel
    Service: pci
    Device ID: PCI\VEN_8086&DEV_0C01&SUBSYS_10E91462&REV_06\3&11583659&1&08

    Name: Intel(R) HM86 LPC Controller - 8C49
    Description: Intel(R) HM86 LPC Controller - 8C49
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel
    Service: msisadrv
    Device ID: PCI\VEN_8086&DEV_8C49&SUBSYS_10E91462&REV_05\3&11583659&1&F8

    Name: NVIDIA Virtual Audio Device (Wave Extensible) (WDM)
    Description: NVIDIA Virtual Audio Device (Wave Extensible) (WDM)
    Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
    Manufacturer: NVIDIA
    Service: nvvad_WaveExtensible
    Device ID: ROOT\UNNAMED_DEVICE\0000

    Name: Storage volumes
    Description: Storage volumes
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: volsnap
    Device ID: ROOT\LEGACY_VOLSNAP\0000

    Name: USB Root Hub
    Description: USB Root Hub
    Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
    Manufacturer: (Standard USB Host Controller)
    Service: usbhub
    Device ID: USB\ROOT_HUB20\4&7EC491F&0

    Name: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz
    Description: Intel Processor
    Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
    Manufacturer: Intel
    Service: intelppm
    Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_60_-_INTEL(R)_CORE(TM)[email protected]_2.40GHZ\_3

    Name: RDP Encoder Mirror Driver
    Description: RDP Encoder Mirror Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: RDPENCDD
    Device ID: ROOT\LEGACY_RDPENCDD\0000

    Name: Programmable interrupt controller
    Description: Programmable interrupt controller
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:
    Device ID: ACPI\PNP0000\4&9841554&0

    Name: Generic USB Hub
    Description: Generic USB Hub
    Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
    Manufacturer: (Generic USB Hub)
    Service: usbhub
    Device ID: USB\VID_8087&PID_8008\5&57794F3&0&1

    Name: Realtek Bluetooth A/V Remote Control Controller
    Description: Realtek Bluetooth A/V Remote Control Controller
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service: RtkAvrcpCtrlr
    Device ID: BTHENUM\{0000110C-0000-1000-8000-00805F9B34FB}_VID&0001000F_PID&0000\8&6EA074C&0&DC2C26F04DB5_C00000000

    Name: ACPI Sleep Button
    Description: ACPI Sleep Button
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:
    Device ID: ACPI\PNP0C0E\2&DABA3FF&3

    Name: Realtek USB 2.0 Card Reader
    Description: Realtek USB 2.0 Card Reader
    Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
    Manufacturer: Realtek
    Service: RSUSBSTOR
    Device ID: USB\VID_0BDA&PID_0138\20090516388200000

    Name: Microsoft Virtual Drive Enumerator Driver
    Description: Microsoft Virtual Drive Enumerator Driver
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service: vdrvroot
    Device ID: ROOT\VDRVROOT\0000

    Name: Virtual WiFi Filter Driver
    Description: Virtual WiFi Filter Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: vwififlt
    Device ID: ROOT\LEGACY_VWIFIFLT\0000

    Name: NativeWiFi Filter
    Description: NativeWiFi Filter
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: NativeWifiP
    Device ID: ROOT\LEGACY_NATIVEWIFIP\0000

    Name: Bitlocker Drive Encryption Filter Driver
    Description: Bitlocker Drive Encryption Filter Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: fvevol
    Device ID: ROOT\LEGACY_FVEVOL\0000

    Name: USB Root Hub
    Description: USB Root Hub
    Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
    Manufacturer: (Standard USB Host Controller)
    Service: usbhub
    Device ID: USB\ROOT_HUB20\4&CF8C665&0

    Name: Reflector Display Driver used to gain access to graphics data
    Description: Reflector Display Driver used to gain access to graphics data
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: RDPREFMP
    Device ID: ROOT\LEGACY_RDPREFMP\0000

    Name: Intel(R) USB 3.0 Root Hub
    Description: Intel(R) USB 3.0 Root Hub
    Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
    Manufacturer: Intel(R) Corporation
    Service: iusb3hub
    Device ID: IUSB3\ROOT_HUB30\4&264C40B3&0


    **** End of log ****
     

    Attached Files:

  15. eddie5659

    eddie5659 Moderator Malware Specialist

    Joined:
    Mar 19, 2001
    Messages:
    33,667
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1164912

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice