Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org
Database version: 7230
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
22/07/2011 14:54:57
mbam-log-2011-07-22 (14-54-57).txt
Scan type: Quick scan
Objects scanned: 183161
Time elapsed: 4 minute(s), 39 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 5
Files Infected: 13
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\Software\Reg-Tool (Rogue.RegTool) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Reg-Tool (Rogue.RegTool) -> Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
mbam log
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
c:\Users\eugene\AppData\Roaming\Reg-Tool (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\eugene\AppData\Roaming\Reg-Tool\Logs (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\eugene\AppData\Roaming\Reg-Tool\Results (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\program files\Reg-Tool (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\program files\Reg-Tool\PW (Rogue.RegTool) -> Quarantined and deleted successfully.
Files Infected:
c:\Users\eugene\favorites\free porn tube movies & xxx sex pics - stream [bleep].url (Rogue.Link) -> Quarantined and deleted successfully.
c:\Users\eugene\AppData\Roaming\Reg-Tool\spy_ignore.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\eugene\AppData\Roaming\Reg-Tool\Logs\2010-02-10 13-42-420.log (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\eugene\AppData\Roaming\Reg-Tool\Results\Evidence.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\eugene\AppData\Roaming\Reg-Tool\Results\Junk.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\eugene\AppData\Roaming\Reg-Tool\Results\Registry.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\eugene\AppData\Roaming\Reg-Tool\Results\Update.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\program files\Reg-Tool\PW\general.html (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\program files\Reg-Tool\PW\optimizations.html (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\program files\Reg-Tool\PW\privacy.html (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\program files\Reg-Tool\PW\scheduler.html (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\program files\Reg-Tool\PW\startup.html (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\program files\Reg-Tool\PW\wizard.css (Rogue.RegTool) -> Quarantined and deleted successfully.
combofix log
ComboFix 11-07-22.01 - eugene 22/07/2011 15:17:06.1.2 - x86
Microsoft Windows 7 Professional 6.1.7600.0.1252.44.1033.18.3036.1903 [GMT 1:00]
Running from: c:\users\eugene\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\eugene\g2mdlhlpx.exe
c:\users\Public\{43952E6C-9816-47fc-972F-B7EF3C733BC2}.dll
.
.
((((((((((((((((((((((((( Files Created from 2011-06-22 to 2011-07-22 )))))))))))))))))))))))))))))))
.
.
2011-07-22 14:23 . 2011-07-22 14:23 -------- d-----w- c:\users\Guest\AppData\Local\temp
2011-07-22 14:23 . 2011-07-22 14:23 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-07-22 13:57 . 2011-07-22 13:57 28752 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A68BCC41-7651-44A1-A83E-96424B2DF5A7}\MpKsl41563710.sys
2011-07-22 13:42 . 2011-07-22 13:42 -------- d-----w- c:\users\eugene\AppData\Roaming\Malwarebytes
2011-07-22 13:42 . 2011-07-06 18:52 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-07-22 13:42 . 2011-07-22 13:42 -------- d-----w- c:\programdata\Malwarebytes
2011-07-22 13:42 . 2011-07-22 13:42 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-07-22 13:42 . 2011-07-06 18:52 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-07-21 11:16 . 2011-07-21 11:16 -------- d-----w- C:\_OTL
2011-07-21 11:14 . 2011-07-13 03:39 6881616 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A68BCC41-7651-44A1-A83E-96424B2DF5A7}\mpengine.dll
2011-07-19 13:05 . 2011-07-19 14:29 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2011-07-19 13:05 . 2011-07-19 13:06 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-07-16 00:26 . 2011-07-16 00:26 -------- d-----w- c:\windows\system32\MpEngineStore
2011-07-13 16:49 . 2011-06-11 02:37 2332672 ----a-w- c:\windows\system32\win32k.sys
2011-07-03 11:03 . 2011-07-05 17:00 -------- d-----w- c:\users\Public\Program Files
2011-06-29 19:59 . 2011-05-24 10:35 294912 ----a-w- c:\windows\system32\umpnpmgr.dll
2011-06-29 19:59 . 2011-05-04 04:53 1553920 ----a-w- c:\windows\system32\tquery.dll
2011-06-29 19:59 . 2011-05-04 04:52 666624 ----a-w- c:\windows\system32\mssvp.dll
2011-06-29 19:59 . 2011-05-04 04:52 337408 ----a-w- c:\windows\system32\mssph.dll
2011-06-29 19:59 . 2011-05-04 04:52 1401856 ----a-w- c:\windows\system32\mssrch.dll
2011-06-29 19:59 . 2011-05-04 04:52 428032 ----a-w- c:\windows\system32\SearchIndexer.exe
2011-06-29 19:59 . 2011-05-04 04:52 59392 ----a-w- c:\windows\system32\msscntrs.dll
2011-06-29 19:59 . 2011-05-04 04:52 197120 ----a-w- c:\windows\system32\mssphtb.dll
2011-06-29 19:59 . 2011-05-04 04:52 86528 ----a-w- c:\windows\system32\SearchFilterHost.exe
2011-06-29 19:59 . 2011-05-04 04:52 164352 ----a-w- c:\windows\system32\SearchProtocolHost.exe
2011-06-26 22:22 . 2011-07-22 13:47 319 ----a-w- c:\users\Public\{43952E6C-9816-47fc-972F-B7EF3C733BC2}.pif
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-07 15:55 . 2011-05-21 00:31 7074640 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-05-28 03:00 . 2011-06-16 17:09 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-05-20 14:07 . 2011-05-20 14:07 439632 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{750D7834-9DC8-4022-8146-22A022A9A08B}\gapaengine.dll
2011-05-04 02:43 . 2011-06-16 17:09 222720 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-05-04 02:43 . 2011-06-16 17:09 96256 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-05-04 02:43 . 2011-06-16 17:09 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-05-03 04:50 . 2011-06-16 17:09 740864 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 02:57 . 2011-06-16 17:10 311296 ----a-w- c:\windows\system32\drivers\srv.sys
2011-04-29 02:57 . 2011-06-16 17:10 309760 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-04-29 02:57 . 2011-06-16 17:10 114176 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-04-27 02:33 . 2011-06-16 17:10 78336 ----a-w- c:\windows\system32\drivers\dfsc.sys
2011-04-25 04:56 . 2011-06-16 17:10 1286016 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-04-25 02:35 . 2011-06-16 17:10 338944 ----a-w- c:\windows\system32\drivers\afd.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPADVISOR"="c:\program files\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2009-07-16 1668664]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-09-02 13351304]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-12-12 39408]
"Messenger (Yahoo!)"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2009-11-10 5244216]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-11-11 1451520]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-08-25 186904]
"PDF Complete"="c:\program files\PDF Complete\pdfsty.exe" [2009-06-18 563736]
"WirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-07-09 1721640]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-08-04 98304]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2006-08-25 221184]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-08-25 81920]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2009-05-18 1314816]
"acevents"="c:\program files\ActivIdentity\ActivClient\acevents.exe" [2009-06-03 153640]
"accrdsub"="c:\program files\ActivIdentity\ActivClient\accrdsub.exe" [2009-06-03 400936]
"PTHOSTTR"="c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE" [2009-07-30 354360]
"CognizanceTS"="c:\progra~1\HEWLET~1\IAM\Bin\ASTSVCC.dll" [2009-07-23 24848]
"PrintDisp"="c:\windows\system32\PrintDisp.exe" [2009-08-21 878080]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-09-08 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-09-24 421160]
"HTC Sync Loader"="c:\program files\HTC\HTC Sync 3.0\htcUPCTLoader.exe" [2010-10-28 294912]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdcBase.exe" [2007-05-31 648072]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 997408]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-06 449584]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2011-07-06 1047656]
.
c:\users\eugene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-30 795936]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\HEWLET~1\IAM\Bin\APSHook.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe]
2009-07-27 22:49 288312 ----a-w- c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-27 135664]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-27 135664]
R3 HP ProtectTools Service;HP ProtectTools Service;c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [2009-07-30 45056]
R3 HTCAND32;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-10-26 25088]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [2010-06-23 23040]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2011-07-06 41272]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-10-24 43392]
R3 NETw1v32;Intel® Wireless WiFi Link 1000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw1v32.sys [2009-07-20 5958656]
R3 netw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2010-10-24 54144]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 206360]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2010-02-26 137344]
R3 RoxMediaDB10;RoxMediaDB10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-06-13 1120752]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-07 1343400]
S0 SafeBoot;SafeBoot; [x]
S0 SbAlg;SbAlg; [x]
S0 SbFsLock;SbFsLock; [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-10-23 691696]
S1 MpKsl41563710;MpKsl41563710;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A68BCC41-7651-44A1-A83E-96424B2DF5A7}\MpKsl41563710.sys [2011-07-22 28752]
S1 RsvLock;RsvLock; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 ac.sharedstore;ActivIdentity Shared Store Service;c:\program files\Common Files\ActivIdentity\ac.sharedstore.exe [2009-06-03 207400]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-04 176128]
S2 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 ATService;AuthenTec Fingerprint Service;c:\program files\Fingerprint Sensor\AtService.exe [2009-07-29 1201400]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-10-14 92216]
S2 HpFkCryptService;Drive Encryption Service;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2009-07-29 256544]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2009-07-08 26168]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-07-06 366640]
S2 PassThru Service;Internet Pass-Through Service;c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe [2010-09-16 80896]
S2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [2009-06-18 635416]
S2 Printer Control;Printer Control;c:\windows\system32\PrintCtrl.exe [2009-06-16 77824]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S3 5U876UVC;HP Webcam [2 MP series];c:\windows\system32\DRIVERS\5U876.sys [2009-06-30 14:01 118656]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-07-06 22712]
S3 NETw5s32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [2010-07-09 6758912]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2010-01-08 316416]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Cognizance REG_MULTI_SZ ASBroker
Bioscrypt REG_MULTI_SZ ASChannel
GPSvcGroup REG_MULTI_SZ GPSvc
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 19:11 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2011-07-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-27 22:00]
.
2011-07-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-27 22:00]
.
2011-07-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1012414038-1724211066-2711748988-1001Core.job
- c:\users\eugene\AppData\Local\Google\Update\GoogleUpdate.exe [2009-12-12 09:43]
.
2011-07-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1012414038-1724211066-2711748988-1001UA.job
- c:\users\eugene\AppData\Local\Google\Update\GoogleUpdate.exe [2009-12-12 09:43]
.
2011-07-14 c:\windows\Tasks\HPCeeScheduleForeugene.job
- c:\program files\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07 03:22]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://vshare.toolbarhome.com/?hp=df
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=92&bd=all&pf=cmnb
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: Se&nd to OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\eugene\AppData\Roaming\Mozilla\Firefox\Profiles\i3lhng56.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1269415&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - hxxp://vshare.toolbarhome.com/?hp=df
FF - prefs.js: keyword.URL - hxxp://toolbar.ask.com/toolbarv/askRedirect?o=10607&gct=&gc=1&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - Ext: myBabylon English Toolbar: {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - %profile%\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}
FF - Ext: vShare:
[email protected] - %profile%\extensions\
[email protected] .
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKCU-Run-{43952E6C-9816-47fc-972F-B7EF3C733BC2} - c:\users\Public\{43952E6C-9816-47fc-972F-B7EF3C733BC2}.dll
AddRemove-{08DB3902-2CE0-474D-BCE3-0177766CE9F1} - c:\program files\InstallShield Installation Information\{08DB3902-2CE0-474D-BCE3-0177766CE9F1}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,22,ab,00,55,24,45,59,47,84,08,bc,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,22,ab,00,55,24,45,59,47,84,08,bc,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(4284)
c:\program files\Hewlett-Packard\IAM\Bin\ItClient.dll
c:\program files\WIDCOMM\Bluetooth Software\btncopy.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_eng.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Microsoft Security Client\Antimalware\MsMpEng.exe
c:\windows\system32\atieclxx.exe
c:\windows\system32\AEADISRV.EXE
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\windows\servicing\TrustedInstaller.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\taskhost.exe
c:\program files\Hewlett-Packard\IAM\Bin\AsGHost.exe
c:\windows\system32\conhost.exe
.
**************************************************************************
.
Completion time: 2011-07-22 15:31:23 - machine was rebooted
ComboFix-quarantined-files.txt 2011-07-22 14:31
.
Pre-Run: 154,851,610,624 bytes free
Post-Run: 154,309,316,608 bytes free
.
- - End Of File - - 51265EBF5EE47CF1C7B93D3C60225CC9
tdsskiller log
2011/07/22 15:33:39.0810 1596 TDSS rootkit removing tool 2.5.11.0 Jul 11 2011 16:56:56
2011/07/22 15:33:40.0111 1596 ================================================================================
2011/07/22 15:33:40.0111 1596 SystemInfo:
2011/07/22 15:33:40.0111 1596
2011/07/22 15:33:40.0111 1596 OS Version: 6.1.7600 ServicePack: 0.0
2011/07/22 15:33:40.0111 1596 Product type: Workstation
2011/07/22 15:33:40.0111 1596 ComputerName: EUGENEMACHINE
2011/07/22 15:33:40.0112 1596 UserName: eugene
2011/07/22 15:33:40.0112 1596 Windows directory: C:\windows
2011/07/22 15:33:40.0112 1596 System windows directory: C:\windows
2011/07/22 15:33:40.0112 1596 Processor architecture: Intel x86
2011/07/22 15:33:40.0112 1596 Number of processors: 2
2011/07/22 15:33:40.0112 1596 Page size: 0x1000
2011/07/22 15:33:40.0112 1596 Boot type: Normal boot
2011/07/22 15:33:40.0112 1596 ================================================================================
2011/07/22 15:33:40.0848 1596 Initialize success
2011/07/22 15:33:59.0075 5872 ================================================================================
2011/07/22 15:33:59.0075 5872 Scan started
2011/07/22 15:33:59.0075 5872 Mode: Manual;
2011/07/22 15:33:59.0075 5872 ================================================================================
2011/07/22 15:33:59.0676 5872 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\windows\system32\DRIVERS\1394ohci.sys
2011/07/22 15:33:59.0752 5872 5U876UVC (080a40550fb95a328917512f3f5a0409) C:\windows\system32\DRIVERS\5U876.sys
2011/07/22 15:33:59.0840 5872 Accelerometer (4df5e6215a102a192b2b6dbb61f2fba5) C:\windows\system32\DRIVERS\Accelerometer.sys
2011/07/22 15:33:59.0895 5872 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\windows\system32\DRIVERS\ACPI.sys
2011/07/22 15:33:59.0961 5872 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\windows\system32\DRIVERS\acpipmi.sys
2011/07/22 15:34:00.0032 5872 ADIHdAudAddService (6c61bceb60c2c187e6f96001fd69493e) C:\windows\system32\drivers\ADIHdAud.sys
2011/07/22 15:34:00.0108 5872 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\windows\system32\DRIVERS\adp94xx.sys
2011/07/22 15:34:00.0165 5872 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\windows\system32\DRIVERS\adpahci.sys
2011/07/22 15:34:00.0221 5872 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\windows\system32\DRIVERS\adpu320.sys
2011/07/22 15:34:00.0318 5872 AFD (0db7a48388d54d154ebec120461a0fcd) C:\windows\system32\drivers\afd.sys
2011/07/22 15:34:00.0377 5872 AgereSoftModem (7e10e3bb9b258ad8a9300f91214d67b9) C:\windows\system32\DRIVERS\AGRSM.sys
2011/07/22 15:34:00.0424 5872 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\windows\system32\DRIVERS\agp440.sys
2011/07/22 15:34:00.0453 5872 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\windows\system32\DRIVERS\djsvs.sys
2011/07/22 15:34:00.0493 5872 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\windows\system32\DRIVERS\aliide.sys
2011/07/22 15:34:00.0547 5872 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\windows\system32\DRIVERS\amdagp.sys
2011/07/22 15:34:00.0585 5872 amdide (cd5914170297126b6266860198d1d4f0) C:\windows\system32\DRIVERS\amdide.sys
2011/07/22 15:34:00.0613 5872 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\windows\system32\DRIVERS\amdk8.sys
2011/07/22 15:34:00.0659 5872 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\windows\system32\DRIVERS\amdppm.sys
2011/07/22 15:34:00.0721 5872 amdsata (19ce906b4cdc11fc4fef5745f33a63b6) C:\windows\system32\drivers\amdsata.sys
2011/07/22 15:34:00.0799 5872 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\windows\system32\DRIVERS\amdsbs.sys
2011/07/22 15:34:00.0827 5872 amdxata (869e67d66be326a5a9159fba8746fa70) C:\windows\system32\drivers\amdxata.sys
2011/07/22 15:34:00.0889 5872 AppID (feb834c02ce1e84b6a38f953ca067706) C:\windows\system32\drivers\appid.sys
2011/07/22 15:34:00.0960 5872 arc (2932004f49677bd84dbc72edb754ffb3) C:\windows\system32\DRIVERS\arc.sys
2011/07/22 15:34:00.0982 5872 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\windows\system32\DRIVERS\arcsas.sys
2011/07/22 15:34:01.0043 5872 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\windows\system32\DRIVERS\asyncmac.sys
2011/07/22 15:34:01.0092 5872 atapi (338c86357871c167a96ab976519bf59e) C:\windows\system32\DRIVERS\atapi.sys
2011/07/22 15:34:01.0154 5872 AtiHdmiService (e2398389648b5d44dc63ca43fdd5b3f8) C:\windows\system32\drivers\AtiHdmi.sys
2011/07/22 15:34:01.0265 5872 atikmdag (a4252328d2b1520571102992ef0b0e5c) C:\windows\system32\DRIVERS\atikmdag.sys
2011/07/22 15:34:01.0463 5872 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\windows\system32\DRIVERS\bxvbdx.sys
2011/07/22 15:34:01.0524 5872 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\windows\system32\DRIVERS\b57nd60x.sys
2011/07/22 15:34:01.0595 5872 Beep (505506526a9d467307b3c393dedaf858) C:\windows\system32\drivers\Beep.sys
2011/07/22 15:34:01.0647 5872 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\windows\system32\DRIVERS\blbdrive.sys
2011/07/22 15:34:01.0726 5872 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\windows\system32\DRIVERS\bowser.sys
2011/07/22 15:34:01.0787 5872 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\DRIVERS\BrFiltLo.sys
2011/07/22 15:34:01.0867 5872 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\windows\system32\DRIVERS\BrFiltUp.sys
2011/07/22 15:34:01.0908 5872 Brserid (845b8ce732e67f3b4133164868c666ea) C:\windows\System32\Drivers\Brserid.sys
2011/07/22 15:34:01.0943 5872 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\System32\Drivers\BrSerWdm.sys
2011/07/22 15:34:01.0972 5872 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\windows\System32\Drivers\BrUsbMdm.sys
2011/07/22 15:34:01.0988 5872 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\windows\System32\Drivers\BrUsbSer.sys
2011/07/22 15:34:02.0046 5872 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\windows\system32\drivers\BthEnum.sys
2011/07/22 15:34:02.0079 5872 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\windows\system32\DRIVERS\bthmodem.sys
2011/07/22 15:34:02.0114 5872 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\windows\system32\DRIVERS\bthpan.sys
2011/07/22 15:34:02.0165 5872 BTHPORT (88059ff1ded4472acd17eebabd393069) C:\windows\System32\Drivers\BTHport.sys
2011/07/22 15:34:02.0198 5872 BTHUSB (80e6384beec03b8bd45edea29802d657) C:\windows\System32\Drivers\BTHUSB.sys
2011/07/22 15:34:02.0229 5872 btwaudio (d57d29132efe13a83133d9bd449e0cf1) C:\windows\system32\drivers\btwaudio.sys
2011/07/22 15:34:02.0272 5872 btwavdt (d282c14a69357d0e1bafaecc2ca98c3a) C:\windows\system32\drivers\btwavdt.sys
2011/07/22 15:34:02.0328 5872 btwl2cap (aafd7cb76ba61fbb08e302da208c974a) C:\windows\system32\DRIVERS\btwl2cap.sys
2011/07/22 15:34:02.0359 5872 btwrchid (02eb4d2b05967df2d32f29c84ab1fb17) C:\windows\system32\DRIVERS\btwrchid.sys
2011/07/22 15:34:02.0520 5872 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\windows\system32\DRIVERS\cdfs.sys
2011/07/22 15:34:02.0587 5872 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\windows\system32\DRIVERS\cdrom.sys
2011/07/22 15:34:02.0642 5872 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\windows\system32\DRIVERS\circlass.sys
2011/07/22 15:34:02.0719 5872 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\windows\system32\CLFS.sys
2011/07/22 15:34:02.0816 5872 CmBatt (dea805815e587dad1dd2c502220b5616) C:\windows\system32\DRIVERS\CmBatt.sys
2011/07/22 15:34:02.0845 5872 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\windows\system32\DRIVERS\cmdide.sys
2011/07/22 15:34:02.0877 5872 CNG (1b675691ed940766149c93e8f4488d68) C:\windows\system32\Drivers\cng.sys
2011/07/22 15:34:02.0947 5872 Compbatt (a6023d3823c37043986713f118a89bee) C:\windows\system32\DRIVERS\compbatt.sys
2011/07/22 15:34:02.0999 5872 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\windows\system32\DRIVERS\CompositeBus.sys
2011/07/22 15:34:03.0028 5872 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\windows\system32\DRIVERS\crcdisk.sys
2011/07/22 15:34:03.0094 5872 CSC (27c9490bdd0ae48911ab8cf1932591ed) C:\windows\system32\drivers\csc.sys
2011/07/22 15:34:03.0161 5872 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\windows\system32\Drivers\dfsc.sys
2011/07/22 15:34:03.0194 5872 discache (1a050b0274bfb3890703d490f330c0da) C:\windows\system32\drivers\discache.sys
2011/07/22 15:34:03.0240 5872 Disk (565003f326f99802e68ca78f2a68e9ff) C:\windows\system32\DRIVERS\disk.sys
2011/07/22 15:34:03.0285 5872 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\windows\system32\drivers\drmkaud.sys
2011/07/22 15:34:03.0328 5872 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\windows\System32\drivers\dxgkrnl.sys
2011/07/22 15:34:03.0437 5872 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\windows\system32\DRIVERS\evbdx.sys
2011/07/22 15:34:03.0561 5872 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\windows\system32\DRIVERS\elxstor.sys
2011/07/22 15:34:03.0592 5872 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\windows\system32\DRIVERS\errdev.sys
2011/07/22 15:34:03.0633 5872 exfat (2dc9108d74081149cc8b651d3a26207f) C:\windows\system32\drivers\exfat.sys
2011/07/22 15:34:03.0660 5872 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\windows\system32\drivers\fastfat.sys
2011/07/22 15:34:03.0698 5872 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\windows\system32\DRIVERS\fdc.sys
2011/07/22 15:34:03.0730 5872 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\windows\system32\drivers\fileinfo.sys
2011/07/22 15:34:03.0757 5872 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\windows\system32\drivers\filetrace.sys
2011/07/22 15:34:03.0779 5872 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\windows\system32\DRIVERS\flpydisk.sys
2011/07/22 15:34:03.0811 5872 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\windows\system32\drivers\fltmgr.sys
2011/07/22 15:34:03.0852 5872 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\windows\system32\drivers\FsDepends.sys
2011/07/22 15:34:03.0874 5872 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\windows\system32\drivers\Fs_Rec.sys
2011/07/22 15:34:03.0908 5872 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\windows\system32\DRIVERS\fvevol.sys
2011/07/22 15:34:03.0935 5872 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\windows\system32\DRIVERS\gagp30kx.sys
2011/07/22 15:34:03.0962 5872 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
2011/07/22 15:34:04.0046 5872 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\windows\system32\drivers\hcw85cir.sys
2011/07/22 15:34:04.0077 5872 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\windows\system32\drivers\HdAudio.sys
2011/07/22 15:34:04.0128 5872 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\windows\system32\DRIVERS\HDAudBus.sys
2011/07/22 15:34:04.0154 5872 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\windows\system32\DRIVERS\HidBatt.sys
2011/07/22 15:34:04.0178 5872 HidBth (89448f40e6df260c206a193a4683ba78) C:\windows\system32\DRIVERS\hidbth.sys
2011/07/22 15:34:04.0210 5872 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\windows\system32\DRIVERS\hidir.sys
2011/07/22 15:34:04.0266 5872 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\windows\system32\DRIVERS\hidusb.sys
2011/07/22 15:34:04.0342 5872 hpdskflt (e1d82f0c8456abb03b7df5d623ca47d1) C:\windows\system32\DRIVERS\hpdskflt.sys
2011/07/22 15:34:04.0369 5872 HpqKbFiltr (1210960ff8928950d2a786895b0c424a) C:\windows\system32\DRIVERS\HpqKbFiltr.sys
2011/07/22 15:34:04.0435 5872 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\windows\system32\DRIVERS\HpSAMD.sys
2011/07/22 15:34:04.0509 5872 HTCAND32 (950cc1e6ae3a6cd23e0945cde089b02c) C:\windows\system32\Drivers\ANDROIDUSB.sys
2011/07/22 15:34:04.0575 5872 htcnprot (339adefad60353f960e3ca67ce468c24) C:\windows\system32\DRIVERS\htcnprot.sys
2011/07/22 15:34:04.0647 5872 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\windows\system32\drivers\HTTP.sys
2011/07/22 15:34:04.0687 5872 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\windows\system32\drivers\hwpolicy.sys
2011/07/22 15:34:04.0738 5872 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\windows\system32\DRIVERS\i8042prt.sys
2011/07/22 15:34:04.0794 5872 iaStor (01446278d4563b3013c92830ae6cbb26) C:\windows\system32\DRIVERS\iaStor.sys
2011/07/22 15:34:04.0858 5872 iaStorV (71f1a494fedf4b33c02c4a6a28d6d9e9) C:\windows\system32\drivers\iaStorV.sys
2011/07/22 15:34:05.0028 5872 igfx (ad626f6964f4d364d226c39e06872dd3) C:\windows\system32\DRIVERS\igdkmd32.sys
2011/07/22 15:34:05.0172 5872 iirsp (4173ff5708f3236cf25195fecd742915) C:\windows\system32\DRIVERS\iirsp.sys
2011/07/22 15:34:05.0217 5872 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\windows\system32\DRIVERS\intelide.sys
2011/07/22 15:34:05.0269 5872 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\windows\system32\DRIVERS\intelppm.sys
2011/07/22 15:34:05.0307 5872 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\windows\system32\DRIVERS\ipfltdrv.sys
2011/07/22 15:34:05.0356 5872 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\windows\system32\DRIVERS\IPMIDrv.sys
2011/07/22 15:34:05.0383 5872 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\windows\system32\drivers\ipnat.sys
2011/07/22 15:34:05.0429 5872 IRENUM (42996cff20a3084a56017b7902307e9f) C:\windows\system32\drivers\irenum.sys
2011/07/22 15:34:05.0453 5872 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\windows\system32\DRIVERS\isapnp.sys
2011/07/22 15:34:05.0483 5872 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\windows\system32\DRIVERS\msiscsi.sys
2011/07/22 15:34:05.0510 5872 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\windows\system32\DRIVERS\kbdclass.sys
2011/07/22 15:34:05.0544 5872 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\windows\system32\DRIVERS\kbdhid.sys
2011/07/22 15:34:05.0573 5872 KSecDD (e36a061ec11b373826905b21be10948f) C:\windows\system32\Drivers\ksecdd.sys
2011/07/22 15:34:05.0610 5872 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\windows\system32\Drivers\ksecpkg.sys
2011/07/22 15:34:05.0708 5872 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\windows\system32\DRIVERS\lltdio.sys
2011/07/22 15:34:05.0766 5872 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\windows\system32\DRIVERS\lsi_fc.sys
2011/07/22 15:34:05.0790 5872 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\windows\system32\DRIVERS\lsi_sas.sys
2011/07/22 15:34:05.0817 5872 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\windows\system32\DRIVERS\lsi_sas2.sys
2011/07/22 15:34:05.0846 5872 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\windows\system32\DRIVERS\lsi_scsi.sys
2011/07/22 15:34:05.0869 5872 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\windows\system32\drivers\luafv.sys
2011/07/22 15:34:05.0929 5872 MBAMProtector (eca00eed9ab95489007b0ef84c7149de) C:\windows\system32\drivers\mbam.sys
2011/07/22 15:34:05.0994 5872 MBAMSwissArmy (b18225739ed9caa83ba2df966e9f43e8) C:\windows\system32\drivers\mbamswissarmy.sys
2011/07/22 15:34:06.0026 5872 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\windows\system32\DRIVERS\megasas.sys
2011/07/22 15:34:06.0075 5872 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\windows\system32\DRIVERS\MegaSR.sys
2011/07/22 15:34:06.0114 5872 Modem (f001861e5700ee84e2d4e52c712f4964) C:\windows\system32\drivers\modem.sys
2011/07/22 15:34:06.0157 5872 monitor (79d10964de86b292320e9dfe02282a23) C:\windows\system32\DRIVERS\monitor.sys
2011/07/22 15:34:06.0198 5872 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\windows\system32\DRIVERS\mouclass.sys
2011/07/22 15:34:06.0245 5872 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\windows\system32\DRIVERS\mouhid.sys
2011/07/22 15:34:06.0270 5872 mountmgr (921c18727c5920d6c0300736646931c2) C:\windows\system32\drivers\mountmgr.sys
2011/07/22 15:34:06.0346 5872 MpFilter (7e34bfa1a7b60bba1da03d677f16cd63) C:\windows\system32\DRIVERS\MpFilter.sys
2011/07/22 15:34:06.0373 5872 mpio (2af5997438c55fb79d33d015c30e1974) C:\windows\system32\DRIVERS\mpio.sys
2011/07/22 15:34:06.0505 5872 MpKsl41563710 (5f53edfead46fa7adb78eee9ecce8fdf) c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A68BCC41-7651-44A1-A83E-96424B2DF5A7}\MpKsl41563710.sys
2011/07/22 15:34:06.0538 5872 MpNWMon (f32e2d6a1640a469a9ed4f1929a4a861) C:\windows\system32\DRIVERS\MpNWMon.sys
2011/07/22 15:34:06.0560 5872 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\windows\system32\drivers\mpsdrv.sys
2011/07/22 15:34:06.0592 5872 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\windows\system32\drivers\mrxdav.sys
2011/07/22 15:34:06.0638 5872 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\windows\system32\DRIVERS\mrxsmb.sys
2011/07/22 15:34:06.0690 5872 mrxsmb10 (c108952d3660375dcb716b222912e868) C:\windows\system32\DRIVERS\mrxsmb10.sys
2011/07/22 15:34:06.0715 5872 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\windows\system32\DRIVERS\mrxsmb20.sys
2011/07/22 15:34:06.0746 5872 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\windows\system32\DRIVERS\msahci.sys
2011/07/22 15:34:06.0776 5872 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\windows\system32\DRIVERS\msdsm.sys
2011/07/22 15:34:06.0834 5872 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\windows\system32\drivers\Msfs.sys
2011/07/22 15:34:06.0854 5872 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\windows\System32\drivers\mshidkmdf.sys
2011/07/22 15:34:06.0888 5872 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\windows\system32\DRIVERS\msisadrv.sys
2011/07/22 15:34:06.0939 5872 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\windows\system32\drivers\MSKSSRV.sys
2011/07/22 15:34:07.0018 5872 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\windows\system32\drivers\MSPCLOCK.sys
2011/07/22 15:34:07.0043 5872 MSPQM (f456e973590d663b1073e9c463b40932) C:\windows\system32\drivers\MSPQM.sys
2011/07/22 15:34:07.0077 5872 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\windows\system32\drivers\MsRPC.sys
2011/07/22 15:34:07.0110 5872 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\windows\system32\DRIVERS\mssmbios.sys
2011/07/22 15:34:07.0137 5872 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\windows\system32\drivers\MSTEE.sys
2011/07/22 15:34:07.0165 5872 MTConfig (33599130f44e1f34631cea241de8ac84) C:\windows\system32\DRIVERS\MTConfig.sys
2011/07/22 15:34:07.0188 5872 Mup (159fad02f64e6381758c990f753bcc80) C:\windows\system32\Drivers\mup.sys
2011/07/22 15:34:07.0257 5872 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\windows\system32\DRIVERS\nwifi.sys
2011/07/22 15:34:07.0327 5872 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\windows\system32\drivers\ndis.sys
2011/07/22 15:34:07.0380 5872 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\windows\system32\DRIVERS\ndiscap.sys
2011/07/22 15:34:07.0423 5872 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\windows\system32\DRIVERS\ndistapi.sys
2011/07/22 15:34:07.0451 5872 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\windows\system32\DRIVERS\ndisuio.sys
2011/07/22 15:34:07.0475 5872 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\windows\system32\DRIVERS\ndiswan.sys
2011/07/22 15:34:07.0500 5872 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\windows\system32\drivers\NDProxy.sys
2011/07/22 15:34:07.0545 5872 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\windows\system32\DRIVERS\netbios.sys
2011/07/22 15:34:07.0571 5872 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\windows\system32\DRIVERS\netbt.sys
2011/07/22 15:34:07.0758 5872 NETw1v32 (d1f531b61cb35422d691e545de60554c) C:\windows\system32\DRIVERS\NETw1v32.sys
2011/07/22 15:34:08.0054 5872 NETw5s32 (3577b851e59da59e6d65419a057c9914) C:\windows\system32\DRIVERS\NETw5s32.sys
2011/07/22 15:34:08.0318 5872 netw5v32 (58218ec6b61b1169cf54aab0d00f5fe2) C:\windows\system32\DRIVERS\netw5v32.sys
2011/07/22 15:34:08.0493 5872 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\windows\system32\DRIVERS\nfrd960.sys
2011/07/22 15:34:08.0548 5872 NisDrv (17e2c08c5ecfbe94a7c67b1c275ee9d9) C:\windows\system32\DRIVERS\NisDrvWFP.sys
2011/07/22 15:34:08.0621 5872 nmwcd (c3963d85b721a7f80d8a55f4e2867a3a) C:\windows\system32\drivers\ccdcmb.sys
2011/07/22 15:34:08.0657 5872 nmwcdc (3859c69a77793180548802dac9f34a38) C:\windows\system32\drivers\ccdcmbo.sys
2011/07/22 15:34:08.0695 5872 nmwcdnsu (338f83ee9cb9e15eeacf0cbb90218cbf) C:\windows\system32\drivers\nmwcdnsu.sys
2011/07/22 15:34:08.0729 5872 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\windows\system32\drivers\Npfs.sys
2011/07/22 15:34:08.0758 5872 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\windows\system32\drivers\nsiproxy.sys
2011/07/22 15:34:08.0822 5872 Ntfs (187002ce05693c306f43c873f821381f) C:\windows\system32\drivers\Ntfs.sys
2011/07/22 15:34:08.0849 5872 Null (f9756a98d69098dca8945d62858a812c) C:\windows\system32\drivers\Null.sys
2011/07/22 15:34:08.0883 5872 nvraid (f1b0bed906f97e16f6d0c3629d2f21c6) C:\windows\system32\drivers\nvraid.sys
2011/07/22 15:34:08.0915 5872 nvstor (4520b63899e867f354ee012d34e11536) C:\windows\system32\drivers\nvstor.sys
2011/07/22 15:34:08.0951 5872 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\windows\system32\DRIVERS\nv_agp.sys
2011/07/22 15:34:08.0985 5872 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\windows\system32\DRIVERS\ohci1394.sys
2011/07/22 15:34:09.0051 5872 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\windows\system32\DRIVERS\parport.sys
2011/07/22 15:34:09.0085 5872 partmgr (ff4218952b51de44fe910953a3e686b9) C:\windows\system32\drivers\partmgr.sys
2011/07/22 15:34:09.0115 5872 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\windows\system32\DRIVERS\parvdm.sys
2011/07/22 15:34:09.0177 5872 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\windows\system32\DRIVERS\pccsmcfd.sys
2011/07/22 15:34:09.0201 5872 pci (c858cb77c577780ecc456a892e7e7d0f) C:\windows\system32\DRIVERS\pci.sys
2011/07/22 15:34:09.0221 5872 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\windows\system32\DRIVERS\pciide.sys
2011/07/22 15:34:09.0254 5872 pcmcia (f396431b31693e71e8a80687ef523506) C:\windows\system32\DRIVERS\pcmcia.sys
2011/07/22 15:34:09.0284 5872 pcw (250f6b43d2b613172035c6747aeeb19f) C:\windows\system32\drivers\pcw.sys
2011/07/22 15:34:09.0342 5872 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\windows\system32\drivers\peauth.sys
2011/07/22 15:34:09.0458 5872 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\windows\system32\DRIVERS\raspptp.sys
2011/07/22 15:34:09.0493 5872 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\windows\system32\DRIVERS\processr.sys
2011/07/22 15:34:09.0539 5872 Psched (6270ccae2a86de6d146529fe55b3246a) C:\windows\system32\DRIVERS\pacer.sys
2011/07/22 15:34:09.0596 5872 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\windows\system32\Drivers\PxHelp20.sys
2011/07/22 15:34:09.0642 5872 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\windows\system32\DRIVERS\ql2300.sys
2011/07/22 15:34:09.0690 5872 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\windows\system32\DRIVERS\ql40xx.sys
2011/07/22 15:34:09.0724 5872 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\windows\system32\drivers\qwavedrv.sys
2011/07/22 15:34:09.0775 5872 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\windows\system32\DRIVERS\rasacd.sys
2011/07/22 15:34:09.0806 5872 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\windows\system32\DRIVERS\AgileVpn.sys
2011/07/22 15:34:09.0837 5872 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\windows\system32\DRIVERS\rasl2tp.sys
2011/07/22 15:34:09.0889 5872 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\windows\system32\DRIVERS\raspppoe.sys
2011/07/22 15:34:09.0909 5872 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\windows\system32\DRIVERS\rassstp.sys
2011/07/22 15:34:09.0934 5872 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\windows\system32\DRIVERS\rdbss.sys
2011/07/22 15:34:09.0960 5872 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\windows\system32\DRIVERS\rdpbus.sys
2011/07/22 15:34:09.0993 5872 RDPCDD (1e016846895b15a99f9a176a05029075) C:\windows\system32\DRIVERS\RDPCDD.sys
2011/07/22 15:34:10.0032 5872 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) C:\windows\system32\drivers\rdpdr.sys
2011/07/22 15:34:10.0058 5872 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\windows\system32\drivers\rdpencdd.sys
2011/07/22 15:34:10.0084 5872 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\windows\system32\drivers\rdprefmp.sys
2011/07/22 15:34:10.0113 5872 RDPWD (801371ba9782282892d00aadb08ee367) C:\windows\system32\drivers\RDPWD.sys
2011/07/22 15:34:10.0164 5872 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\windows\system32\drivers\rdyboost.sys
2011/07/22 15:34:10.0226 5872 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\windows\system32\DRIVERS\rfcomm.sys
2011/07/22 15:34:10.0275 5872 RimUsb (0f6756ef8bda6dfa7be50465c83132bb) C:\windows\system32\Drivers\RimUsb.sys
2011/07/22 15:34:10.0347 5872 rspndr (032b0d36ad92b582d869879f5af5b928) C:\windows\system32\DRIVERS\rspndr.sys
2011/07/22 15:34:10.0385 5872 RsvLock (13335d083935ab88e09c9acc077355b5) C:\windows\system32\drivers\RsvLock.sys
2011/07/22 15:34:10.0419 5872 s3cap (5423d8437051e89dd34749f242c98648) C:\windows\system32\DRIVERS\vms3cap.sys
2011/07/22 15:34:10.0471 5872 SafeBoot (062b82fa74c895382ab0784d493c8c9c) C:\windows\system32\drivers\SafeBoot.sys
2011/07/22 15:34:10.0472 5872 Suspicious file (NoAccess): C:\windows\system32\drivers\SafeBoot.sys. md5: 062b82fa74c895382ab0784d493c8c9c
2011/07/22 15:34:10.0478 5872 SafeBoot - detected LockedFile.Multi.Generic (1)
2011/07/22 15:34:10.0498 5872 SbAlg (c9cb2c392c35cbee2733c836d23dc642) C:\windows\system32\drivers\SbAlg.sys
2011/07/22 15:34:10.0534 5872 SbFsLock (b5a8ecdee930b52fd3ba35700a15ea53) C:\windows\system32\drivers\SbFsLock.sys
2011/07/22 15:34:10.0594 5872 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\windows\system32\DRIVERS\sbp2port.sys
2011/07/22 15:34:10.0654 5872 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\windows\system32\DRIVERS\scfilter.sys
2011/07/22 15:34:10.0720 5872 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys
2011/07/22 15:34:10.0781 5872 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\windows\system32\DRIVERS\serenum.sys
2011/07/22 15:34:10.0803 5872 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\windows\system32\DRIVERS\serial.sys
2011/07/22 15:34:10.0827 5872 sermouse (79bffb520327ff916a582dfea17aa813) C:\windows\system32\DRIVERS\sermouse.sys
2011/07/22 15:34:10.0896 5872 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\windows\system32\DRIVERS\sffdisk.sys
2011/07/22 15:34:10.0924 5872 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\windows\system32\DRIVERS\sffp_mmc.sys
2011/07/22 15:34:10.0950 5872 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\windows\system32\DRIVERS\sffp_sd.sys
2011/07/22 15:34:10.0978 5872 sfloppy (db96666cc8312ebc45032f30b007a547) C:\windows\system32\DRIVERS\sfloppy.sys
2011/07/22 15:34:11.0016 5872 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\windows\system32\DRIVERS\sisagp.sys
2011/07/22 15:34:11.0063 5872 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\windows\system32\DRIVERS\SiSRaid2.sys
2011/07/22 15:34:11.0086 5872 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\windows\system32\DRIVERS\sisraid4.sys
2011/07/22 15:34:11.0146 5872 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\windows\system32\DRIVERS\smb.sys
2011/07/22 15:34:11.0198 5872 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\windows\system32\drivers\spldr.sys
2011/07/22 15:34:11.0278 5872 sptd (cdddec541bc3c96f91ecb48759673505) C:\windows\system32\Drivers\sptd.sys
2011/07/22 15:34:11.0278 5872 Suspicious file (NoAccess): C:\windows\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
2011/07/22 15:34:11.0288 5872 sptd - detected LockedFile.Multi.Generic (1)
2011/07/22 15:34:11.0343 5872 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\windows\system32\DRIVERS\srv.sys
2011/07/22 15:34:11.0373 5872 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\windows\system32\DRIVERS\srv2.sys
2011/07/22 15:34:11.0397 5872 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\windows\system32\DRIVERS\srvnet.sys
2011/07/22 15:34:11.0467 5872 stexstor (db32d325c192b801df274bfd12a7e72b) C:\windows\system32\DRIVERS\stexstor.sys
2011/07/22 15:34:11.0515 5872 storflt (957e346ca948668f2496a6ccf6ff82cc) C:\windows\system32\DRIVERS\vmstorfl.sys
2011/07/22 15:34:11.0540 5872 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) C:\windows\system32\DRIVERS\storvsc.sys
2011/07/22 15:34:11.0561 5872 swenum (e58c78a848add9610a4db6d214af5224) C:\windows\system32\DRIVERS\swenum.sys
2011/07/22 15:34:11.0631 5872 SynTP (596573e770d7743ce66c54390857f697) C:\windows\system32\DRIVERS\SynTP.sys
2011/07/22 15:34:11.0714 5872 Tcpip (0158d5e9982e9d6a90dfc802f618e130) C:\windows\system32\drivers\tcpip.sys
2011/07/22 15:34:11.0780 5872 TCPIP6 (0158d5e9982e9d6a90dfc802f618e130) C:\windows\system32\DRIVERS\tcpip.sys
2011/07/22 15:34:11.0816 5872 tcpipreg (e64444523add154f86567c469bc0b17f) C:\windows\system32\drivers\tcpipreg.sys
2011/07/22 15:34:11.0851 5872 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\windows\system32\drivers\tdpipe.sys
2011/07/22 15:34:11.0879 5872 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\windows\system32\drivers\tdtcp.sys
2011/07/22 15:34:11.0912 5872 tdx (cb39e896a2a83702d1737bfd402b3542) C:\windows\system32\DRIVERS\tdx.sys
2011/07/22 15:34:11.0941 5872 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\windows\system32\DRIVERS\termdd.sys
2011/07/22 15:34:11.0982 5872 TPM (5ad05191dc8b444a7ba4d79b76c42a30) C:\windows\system32\drivers\tpm.sys
2011/07/22 15:34:12.0051 5872 truecrypt (aceb4f4f83b895e15c8c1a2f55009783) C:\windows\system32\drivers\truecrypt.sys
2011/07/22 15:34:12.0092 5872 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\windows\system32\DRIVERS\tssecsrv.sys
2011/07/22 15:34:12.0138 5872 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\windows\system32\DRIVERS\tunnel.sys
2011/07/22 15:34:12.0181 5872 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\windows\system32\DRIVERS\uagp35.sys
2011/07/22 15:34:12.0212 5872 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\windows\system32\DRIVERS\udfs.sys
2011/07/22 15:34:12.0279 5872 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\windows\system32\DRIVERS\uliagpkx.sys
2011/07/22 15:34:12.0334 5872 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\windows\system32\DRIVERS\umbus.sys
2011/07/22 15:34:12.0361 5872 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\windows\system32\DRIVERS\umpass.sys
2011/07/22 15:34:12.0417 5872 upperdev (0ccadc7391021376edbb8aa649d04e68) C:\windows\system32\DRIVERS\usbser_lowerflt.sys
2011/07/22 15:34:12.0472 5872 USBAAPL (4b8a9c16b6d9258ed99c512aecb8c555) C:\windows\system32\Drivers\usbaapl.sys
2011/07/22 15:34:12.0518 5872 usbccgp (c31ae588e403042632dc796cf09e30b0) C:\windows\system32\DRIVERS\usbccgp.sys
2011/07/22 15:34:12.0554 5872 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\windows\system32\DRIVERS\usbcir.sys
2011/07/22 15:34:12.0584 5872 usbehci (e4c436d914768ce965d5e659ba7eebd8) C:\windows\system32\DRIVERS\usbehci.sys
2011/07/22 15:34:12.0608 5872 usbhub (bdcd7156ec37448f08633fd899823620) C:\windows\system32\DRIVERS\usbhub.sys
2011/07/22 15:34:12.0635 5872 usbohci (eb2d819a639015253c871cda09d91d58) C:\windows\system32\drivers\usbohci.sys
2011/07/22 15:34:12.0664 5872 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\windows\system32\DRIVERS\usbprint.sys
2011/07/22 15:34:12.0695 5872 usbser (88701eca76145e2c011c0eeff0f7b70e) C:\windows\system32\DRIVERS\usbser.sys
2011/07/22 15:34:12.0734 5872 USBSTOR (1c4287739a93594e57e2a9e6a3ed7353) C:\windows\system32\DRIVERS\USBSTOR.SYS
2011/07/22 15:34:12.0761 5872 usbuhci (22480bf4e5a09192e5e30ba4dde79fa4) C:\windows\system32\DRIVERS\usbuhci.sys
2011/07/22 15:34:12.0825 5872 usbvideo (b5f6a992d996282b7fae7048e50af83a) C:\windows\System32\Drivers\usbvideo.sys
2011/07/22 15:34:12.0890 5872 usb_rndisx (d82f43d15fdaa666856c0190cb73e7c9) C:\windows\system32\DRIVERS\usb8023x.sys
2011/07/22 15:34:12.0946 5872 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\windows\system32\DRIVERS\vdrvroot.sys
2011/07/22 15:34:12.0983 5872 vga (17c408214ea61696cec9c66e388b14f3) C:\windows\system32\DRIVERS\vgapnp.sys
2011/07/22 15:34:13.0005 5872 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\windows\System32\drivers\vga.sys
2011/07/22 15:34:13.0049 5872 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\windows\system32\DRIVERS\vhdmp.sys
2011/07/22 15:34:13.0095 5872 viaagp (c829317a37b4bea8f39735d4b076e923) C:\windows\system32\DRIVERS\viaagp.sys
2011/07/22 15:34:13.0119 5872 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\windows\system32\DRIVERS\viac7.sys
2011/07/22 15:34:13.0147 5872 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\windows\system32\DRIVERS\viaide.sys
2011/07/22 15:34:13.0175 5872 vmbus (379b349f65f453d2a6e75ea6b7448e49) C:\windows\system32\DRIVERS\vmbus.sys
2011/07/22 15:34:13.0202 5872 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) C:\windows\system32\DRIVERS\VMBusHID.sys
2011/07/22 15:34:13.0228 5872 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\windows\system32\DRIVERS\volmgr.sys
2011/07/22 15:34:13.0254 5872 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\windows\system32\drivers\volmgrx.sys
2011/07/22 15:34:13.0287 5872 volsnap (58df9d2481a56edde167e51b334d44fd) C:\windows\system32\DRIVERS\volsnap.sys
2011/07/22 15:34:13.0322 5872 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\windows\system32\DRIVERS\vsmraid.sys
2011/07/22 15:34:13.0350 5872 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\windows\system32\DRIVERS\vwifibus.sys
2011/07/22 15:34:13.0393 5872 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\windows\system32\DRIVERS\vwififlt.sys
2011/07/22 15:34:13.0439 5872 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\windows\system32\DRIVERS\vwifimp.sys
2011/07/22 15:34:13.0487 5872 WacomPen (de3721e89c653aa281428c8a69745d90) C:\windows\system32\DRIVERS\wacompen.sys
2011/07/22 15:34:13.0533 5872 WANARP (692a712062146e96d28ba0b7d75de31b) C:\windows\system32\DRIVERS\wanarp.sys
2011/07/22 15:34:13.0546 5872 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\windows\system32\DRIVERS\wanarp.sys
2011/07/22 15:34:13.0645 5872 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\windows\system32\DRIVERS\wd.sys
2011/07/22 15:34:13.0678 5872 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\windows\system32\drivers\Wdf01000.sys
2011/07/22 15:34:13.0757 5872 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\windows\system32\DRIVERS\wfplwf.sys
2011/07/22 15:34:13.0780 5872 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\windows\system32\drivers\wimmount.sys
2011/07/22 15:34:13.0872 5872 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\windows\system32\DRIVERS\WinUsb.sys
2011/07/22 15:34:13.0901 5872 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\windows\system32\DRIVERS\wmiacpi.sys
2011/07/22 15:34:13.0954 5872 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\windows\system32\drivers\ws2ifsl.sys
2011/07/22 15:34:14.0000 5872 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\windows\system32\drivers\WudfPf.sys
2011/07/22 15:34:14.0079 5872 yukonw7 (4e8630d1a7e15d7f9a2bc25993ae7234) C:\windows\system32\DRIVERS\yk62x86.sys
2011/07/22 15:34:14.0150 5872 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
2011/07/22 15:34:14.0175 5872 Boot (0x1200) (a262899c9979d950a91b5811f183bbd3) \Device\Harddisk0\DR0\Partition0
2011/07/22 15:34:14.0193 5872 Boot (0x1200) (890f34e92994b2ef16f5ac2019a8c7bd) \Device\Harddisk0\DR0\Partition1
2011/07/22 15:34:14.0229 5872 Boot (0x1200) (45e7d0a9e5a37a2046f09294b5baf7ce) \Device\Harddisk0\DR0\Partition2
2011/07/22 15:34:14.0249 5872 Boot (0x1200) (c0aad7742d3ebc27891ac1efd2939b39) \Device\Harddisk0\DR0\Partition3
2011/07/22 15:34:14.0255 5872 ================================================================================
2011/07/22 15:34:14.0255 5872 Scan finished
2011/07/22 15:34:14.0255 5872 ================================================================================
2011/07/22 15:34:14.0268 4868 Detected object count: 2
2011/07/22 15:34:14.0268 4868 Actual detected object count: 2
2011/07/22 15:34:26.0029 4868 LockedFile.Multi.Generic(SafeBoot) - User select action: Skip
2011/07/22 15:34:26.0031 4868 LockedFile.Multi.Generic(sptd) - User select action: Skip
aswMBR version 0.9.7.777 Copyright© 2011 AVAST Software
Run date: 2011-07-21 03:00:34
-----------------------------
03:00:34.499 OS Version: Windows 6.1.7600
03:00:34.500 Number of processors: 2 586 0x170A
03:00:34.501 ComputerName: EUGENEMACHINE UserName: eugene
03:00:38.489 Initialize success
03:01:12.384 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
03:01:12.387 Disk 0 Vendor: ST950042 0006 Size: 476940MB BusType: 3
03:01:12.435 Disk 0 MBR read successfully
03:01:12.437 Disk 0 MBR scan
03:01:12.441 Disk 0 unknown MBR code
03:01:12.446 Disk 0 scanning sectors +976760832
03:01:12.530 Disk 0 scanning C:\windows\system32\drivers
03:01:22.748 Service scanning
03:01:24.175 Disk 0 trace - called modules:
03:01:24.221 ntkrnlpa.exe CLASSPNP.SYS disk.sys hpdskflt.sys halmacpi.dll ACPI.sys iaStor.sys splu.sys >>UNKNOWN [0x86125938]<<
03:01:24.226 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x879ad708]
03:01:24.231 3 CLASSPNP.SYS[8c10959e] -> nt!IofCallDriver -> [0x879ad020]
03:01:24.236 5 hpdskflt.sys[8cc2f090] -> nt!IofCallDriver -> [0x86f8c320]
03:01:24.241 7 ACPI.sys[8bd9d3b2] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x86f97028]
03:01:24.577 Scan finished successfully
03:03:03.278 Disk 0 MBR has been saved successfully to "C:\Users\eugene\Desktop\MBR.dat"
03:03:03.286 The log file has been saved successfully to "C:\Users\eugene\Desktop\aswMBR.txt"
aswMBR version 0.9.8.977 Copyright© 2011 AVAST Software
Run date: 2011-07-22 15:44:31
-----------------------------
15:44:31.167 OS Version: Windows 6.1.7600
15:44:31.167 Number of processors: 2 586 0x170A
15:44:31.169 ComputerName: EUGENEMACHINE UserName: eugene
15:44:46.815 Initialize success
15:44:59.885 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
15:44:59.888 Disk 0 Vendor: ST950042 0006 Size: 476940MB BusType: 3
15:44:59.944 Disk 0 MBR read successfully
15:44:59.948 Disk 0 MBR scan
15:44:59.953 Disk 0 Windows VISTA default MBR code
15:44:59.960 Disk 0 scanning sectors +976760832
15:45:00.042 Disk 0 scanning C:\windows\system32\drivers
15:45:08.007 Service scanning
15:45:08.491 Service MpNWMon C:\windows\system32\DRIVERS\MpNWMon.sys **LOCKED** 32
15:45:08.546 Service SafeBoot C:\windows\System32\Drivers\SafeBoot.sys **LOCKED** 32
15:45:08.565 Service sptd C:\windows\System32\Drivers\sptd.sys **LOCKED** 32
15:45:09.126 Modules scanning
15:45:16.207 Disk 0 trace - called modules:
15:45:16.222 ntkrnlpa.exe CLASSPNP.SYS disk.sys hpdskflt.sys halmacpi.dll ACPI.sys iaStor.sys splj.sys >>UNKNOWN [0x85d25938]<<
15:45:16.566 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x875af030]
15:45:16.576 3 CLASSPNP.SYS[8bcf059e] -> nt!IofCallDriver -> [0x875ad890]
15:45:16.586 5 hpdskflt.sys[8c9f9090] -> nt!IofCallDriver -> [0x86b87958]
15:45:16.596 7 ACPI.sys[8bb413b2] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x86ae4028]
15:45:16.605 Scan finished successfully
15:46:12.188 Disk 0 MBR has been saved successfully to "C:\Users\eugene\Desktop\MBR.dat"
15:46:12.234 The log file has been saved successfully to "C:\Users\eugene\Desktop\aswMBR.txt"
MBRCheck, version 1.2.3
© 2010, AD
Command-line:
Windows Version: Windows 7 Professional
Windows Information: (build 7600), 32-bit
Base Board Manufacturer: Hewlett-Packard
BIOS Manufacturer: Hewlett-Packard
System Manufacturer: Hewlett-Packard
System Product Name: HP ProBook 4710s
Logical Drives Mask: 0x00000074
Kernel Drivers (total 258):
0x82E3A000 \SystemRoot\system32\ntkrnlpa.exe
0x82E03000 \SystemRoot\system32\halmacpi.dll
0x80BC1000 \SystemRoot\system32\kdcom.dll
0x8B800000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x8B878000 \SystemRoot\system32\PSHED.dll
0x8B889000 \SystemRoot\system32\BOOTVID.dll
0x8B891000 \SystemRoot\system32\CLFS.SYS
0x8B8D3000 \SystemRoot\system32\CI.dll
0x8B97E000 \SystemRoot\system32\drivers\Wdf01000.sys
0x8B9EF000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x8BA16000 \SystemRoot\System32\Drivers\splj.sys
0x8BB09000 \SystemRoot\System32\Drivers\WMILIB.SYS
0x8BB12000 \SystemRoot\System32\Drivers\SCSIPORT.SYS
0x8BB38000 \SystemRoot\system3
OTL Extras logfile created on: 7/22/2011 5:48:54 PM - Run 2
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\eugene\Desktop
An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
2.97 Gb Total Physical Memory | 1.47 Gb Available Physical Memory | 49.55% Memory free
5.93 Gb Paging File | 4.01 Gb Available in Paging File | 67.62% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 448.47 Gb Total Space | 145.07 Gb Free Space | 32.35% Space Free | Partition Type: NTFS
Drive D: | 93.16 Gb Total Space | 60.45 Gb Free Space | 64.89% Space Free | Partition Type: NTFS
Drive E: | 1.99 Gb Total Space | 1.91 Gb Free Space | 96.36% Space Free | Partition Type: FAT32
Computer Name: EUGENEMACHINE | User Name: eugene | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (All) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- C:\windows\hh.exe (Microsoft Corporation)
.cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\windows\System32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf [@ = inffile] -- C:\windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\windows\System32\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\windows\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\windows\System32\WScript.exe (Microsoft Corporation)
.reg [@ = regfile] -- C:\windows\regedit.exe (Microsoft Corporation)
.txt [@ = txtfile] -- C:\windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\windows\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\windows\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\windows\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\windows\System32\WScript.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- C:\Users\eugene\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\System32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{004739E9-9BBF-4A8B-9FAC-EB7CA5B7A9D9}" = HP User Guides 0136
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{085A087C-8559-AC21-F988-9B885923B58B}" = CCC Help Japanese
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{0934E41E-D8EE-478A-A540-AE9FAE399D5D}" = HP ProtectTools Security Manager
"{17BDCAD2-39E2-A44B-CDCA-6854FA71421E}" = Catalyst Control Center Localization All
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{19DC9559-9C20-4A46-A67D-7ECBA52A2788}" = Nokia PC Suite
"{1BE8806A-84F8-4655-A381-0D5524430944}" = ActivClient x86
"{1D61E881-43CD-447B-9E6B-D2C6138B2862}" = HP Webcam
"{1D7DBD8E-4E22-B307-81F4-D55080B16FC7}" = ccc-utility
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{20C53FA2-4307-4671-A93F-9463B29DFCF1}" = Symantec Technical Support Web Controls
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = Media Player Classic - Home Cinema v. 1.3.1249.0
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java 6 Update 21
"{299625B9-6C69-462C-9CEA-8E06D878B1C5}" = HP 3D DriveGuard
"{2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}" = iTunes
"{30A2A953-DEB1-466A-B660-F4399C7C6B9D}" = Roxio MyDVD
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver
"{31D9C74D-CD7A-4215-B1E4-DF8099AEA997}" = Catalyst Control Center - Branding
"{3291E190-DB36-45F8-A119-A5C58645D382}" = HP QuickLook
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons
"{37D6F9FA-A5F2-3040-AF7B-78BE92957D89}" = CCC Help Thai
"{38CA1644-39F5-44EB-F200-DFC6C5E9C5A8}" = CCC Help Chinese Standard
"{3B84CB71-78CA-4E9B-9167-1B877D60FB97}" = HP JavaCard for HP ProtectTools
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CD5E925-0EFE-4E0E-849E-BAF2E6D9E1C5}" = Credential Manager for HP ProtectTools
"{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D568C38-0552-4CDD-A643-01FAFA2957EF}" = Nokia Software Updater
"{4D833CF3-A3AE-2863-584B-3AD3A0D70981}" = CCC Help Russian
"{511376F5-7E5A-4EC9-B603-193B1D425BC3}" = HP ESU for Microsoft Windows 7
"{52AD35F5-FDA6-6E74-27E4-5EC2BD8A8B29}" = CCC Help Korean
"{52B24A16-729C-BDB9-D921-01556B19283D}" = CCC Help Greek
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Creator Business
"{54CC7901-804D-4155-B353-21F0CC9112AB}" = HP Wireless Assistant
"{565AEE5D-35E5-0A21-02E2-3DC8CEA652FB}" = Catalyst Control Center Graphics Light
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57115A63-203E-8864-8951-4D5864D23956}" = CCC Help Norwegian
"{572964E9-BE64-1F57-B672-4D2B7595FAA1}" = Catalyst Control Center Graphics Full Existing
"{5AE47629-FA38-4747-4CEA-1DD2983FA8BF}" = CCC Help German
"{5E984B44-B441-5361-B00B-91441EE7B5B4}" = CCC Help English
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{602C75D1-0C09-D216-D83D-F3126AC24A27}" = CCC Help French
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669A032D-4E28-3D11-BB26-8AD5D51EFE87}" = Google Talk Plugin
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{74656168-CF28-40BD-9D87-700B07BAF9B6}" = HTC Sync
"{75D7BB3A-9AB7-4ad1-AD5E-0059B90C624B}" = HP ProtectTools Security Manager Suite
"{76AF1F61-BB44-4694-A0EA-C6830C8BEF41}" = HP Software Setup
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{7B20C1C7-2766-DDB8-A02E-D6F9C7341864}" = CCC Help Finnish
"{7EFEE754-EA7D-A79B-8DDA-65CADCAF1AB4}" = Catalyst Control Center InstallProxy
"{7FFAA34E-0AA6-BF03-D37C-7AC5C380CF2F}" = CCC Help Chinese Traditional
"{805F8590-510E-74AD-FC88-ADE4224B8854}" = CCC Help Polish
"{82EF29B1-9B60-4142-A155-0599216DD053}" = LightScribe System Software
"{853403A9-70A9-2C60-9E74-67BDC650E820}" = Catalyst Control Center Core Implementation
"{87CA636B-85B8-4611-A81D-F97E71024AFD}" = HP Common Access Service Library
"{8A75B387-6A34-7FBE-3512-89809AF89524}" = CCC Help Hungarian
"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Sonic CinePlayer Decoder Pack
"{8F0EDF80-31C2-FA10-DEE8-BD435A5F7D61}" = ATI Catalyst Install Manager
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9E4FC4A7-E9E1-1EF1-104B-ECFB738A1824}" = CCC Help Italian
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = HP Integrated Module with Bluetooth wireless technology
"{9EE30AB4-1D07-7C32-106D-7AE7CEEFD1EC}" = CCC Help Spanish
"{A45AF5E2-3648-EA45-2A62-C3EA975D57D9}" = Catalyst Control Center Graphics Full New
"{A5A70E61-FEAB-4CEC-977C-BE0EF8DC05AB}" = PC Connectivity Solution
"{A657B744-4F40-6973-D177-5FD028712702}" = ccc-core-static
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{B0344B38-378B-47E0-BDCC-977785D24768}" = Integrated Camera Driver Installer Package Ver.1.30.110.0
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B53E61D7-7C80-40DF-82D2-CF5390D6D20A}" = HP Advisor
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{BA728FCC-0B8C-6F7F-B29C-583829D1E8BB}" = CCC Help Dutch
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{BD7A7136-1E88-4EB8-985C-1326DCE5612A}" = AuthenTec Fingerprint System
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C4518D5B-C62C-4984-A615-1FC1DD55B86A}" = Drive Encryption for HP ProtectTools
"{c48c12e9-16cb-4048-8c88-8bafcafd8add}" = Nero 9 Lite
"{C7AE4EC3-9C13-4213-8457-74D16B353F91}" = HP Web Camera
"{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade
"{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}" = Apple Mobile Device Support
"{D0BFE65D-C320-4FC9-88D2-B9C32FB95DA0}" = HP Setup
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D796ABCD-73D4-F18D-CF80-9BA1BE403933}" = CCC Help Swedish
"{E045FAC9-0B70-4796-AD3A-7035E89CE536}" = SCR3xxx Smart Card Reader
"{E48D0275-B2E0-C879-4B86-506757A16DC7}" = CCC Help Turkish
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{E70E6183-F6EC-45B4-AFA4-0C3C36D4B664}" = Windows 7 Default Setting
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{E9B0164A-27EA-4C31-5526-867C6882B60D}" = CCC Help Czech
"{EA891D60-C20D-03C4-88CB-E4597A1753AA}" = CCC Help Portuguese
"{EC877639-07AB-495C-BFD1-D63AF9140810}" = Roxio Activation Module
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator Business v10
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F173C2B3-296F-458C-98FF-1676A42EBA02}" = HP Wallpaper
"{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL
"{F1FDAA01-988C-423F-AC12-0D8F333943FD}" = Nokia Connectivity Cable Driver
"{F3818CCA-B7E4-2B53-F86E-2D4F195F66F3}" = CCC Help Danish
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"05B59228C7E1C21DFBE89260F879BD95880548D8" = Windows Driver Package - Nokia Modem (10/05/2009 4.2)
"43442AE9-6512-4392-B5DD-9167BECD1114_is1" = Infix 4.13
"504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Windows Driver Package - Nokia Modem (06/01/2009 7.01.0.4)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"DivX Setup.divx.com" = DivX Setup
"FaceDub" = FaceDub
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.1.1800
"Marvell Miniport Driver" = Marvell Miniport Driver
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox (3.5.9)" = Mozilla Firefox (3.5.9)
"Nokia PC Suite" = Nokia PC Suite
"PDF Complete" = PDF Complete Special Edition
"Spotify" = Spotify
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TrueCrypt" = TrueCrypt
"Veetle Broadcaster" = Veetle Broadcaster 0.9.18
"Veetle TV" = Veetle TV 0.9.18
"VideoPad" = VideoPad Video Editor
"VLC media player" = VLC media player 1.1.4
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Advanced Archive Password Recovery" = Advanced Archive Password Recovery
"Google Chrome" = Google Chrome
"GoToMeeting" = GoToMeeting 4.5.0.457
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 1/9/2011 7:13:18 PM | Computer Name = eugenemachine | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1279
Error - 1/9/2011 7:13:19 PM | Computer Name = eugenemachine | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 1/9/2011 7:13:19 PM | Computer Name = eugenemachine | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2324
Error - 1/9/2011 7:13:19 PM | Computer Name = eugenemachine | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2324
Error - 1/9/2011 7:13:20 PM | Computer Name = eugenemachine | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 1/9/2011 7:13:20 PM | Computer Name = eugenemachine | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 3354
Error - 1/9/2011 7:13:20 PM | Computer Name = eugenemachine | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 3354
Error - 1/9/2011 7:15:35 PM | Computer Name = eugenemachine | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 1/9/2011 7:15:35 PM | Computer Name = eugenemachine | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 138435
Error - 1/9/2011 7:15:35 PM | Computer Name = eugenemachine | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 138435
[ Credential Manager Events ]
Error - 7/10/2011 7:44:44 AM | Computer Name = eugenemachine | Source = AuthServer | ID = 100811779
Description = The system failed to authenticate the submitted user credentials. User:
[email protected] Client GUID: {Password} Error: 0xC516020B Client Host: localhost
Client
Address: 127.0.0.1 Authority: HP Server Host: localhost Protocol: HTTP
Error - 7/10/2011 7:44:44 AM | Computer Name = eugenemachine | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User:
[email protected]Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.
Error - 7/10/2011 7:44:46 AM | Computer Name = eugenemachine | Source = AuthServer | ID = 100811779
Description = The system failed to authenticate the submitted user credentials. User:
[email protected] Client GUID: {Password} Error: 0xC516020B Client Host: localhost
Client
Address: 127.0.0.1 Authority: HP Server Host: localhost Protocol: HTTP
Error - 7/10/2011 7:44:46 AM | Computer Name = eugenemachine | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User:
[email protected]Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.
Error - 7/10/2011 8:16:32 AM | Computer Name = eugenemachine | Source = AuthServer | ID = 100811779
Description = The system failed to authenticate the submitted user credentials. User:
[email protected] Client GUID: {Password} Error: 0xC516020B Client Host: localhost
Client
Address: 127.0.0.1 Authority: HP Server Host: localhost Protocol: HTTP
Error - 7/10/2011 8:16:32 AM | Computer Name = eugenemachine | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User:
[email protected]Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.
Error - 7/19/2011 1:45:56 AM | Computer Name = eugenemachine | Source = AuthServer | ID = 100811779
Description = The system failed to authenticate the submitted user credentials. User:
[email protected] Client GUID: {Password} Error: 0xC516020B Client Host: localhost
Client
Address: 127.0.0.1 Authority: HP Server Host: localhost Protocol: HTTP
Error - 7/19/2011 1:45:56 AM | Computer Name = eugenemachine | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User:
[email protected]Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.
Error - 7/20/2011 5:50:47 AM | Computer Name = eugenemachine | Source = AuthServer | ID = 100811779
Description = The system failed to authenticate the submitted user credentials. User:
[email protected] Client GUID: {Password} Error: 0xC516020B Client Host: localhost
Client
Address: 127.0.0.1 Authority: HP Server Host: localhost Protocol: HTTP
Error - 7/20/2011 5:50:47 AM | Computer Name = eugenemachine | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User:
[email protected]Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.
[ Hewlett-Packard Events ]
Error - 6/29/2010 7:49:47 AM | Computer Name = eugenemachine | Source = Hewlett-Packard | ID = 0
Description = en-GB Exception has been thrown by the target of an invocation. mscorlib
at System.RuntimeMethodHandle._InvokeMethodFast(Object target, Object[] arguments,
SignatureStruct& sig, MethodAttributes methodAttributes, RuntimeTypeHandle typeOwner)
at System.RuntimeMethodHandle.InvokeMethodFast(Object target, Object[] arguments,
Signature sig, MethodAttributes methodAttributes, RuntimeTypeHandle typeOwner)
at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr,
Binder binder, Object[] parameters, CultureInfo culture, Boolean skipVisibilityChecks)
at System.Delegate.DynamicInvokeImpl(Object[] args) at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate
callback, Object args, Boolean isSingleParameter) at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object
source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler)
Object
reference not set to an instance of an object.
Error - 6/29/2010 7:49:53 AM | Computer Name = eugenemachine | Source = Hewlett-Packard | ID = 0
Description = en-GB Exception has been thrown by the target of an invocation. mscorlib
at System.RuntimeMethodHandle._InvokeMethodFast(Object target, Object[] arguments,
SignatureStruct& sig, MethodAttributes methodAttributes, RuntimeTypeHandle typeOwner)
at System.RuntimeMethodHandle.InvokeMethodFast(Object target, Object[] arguments,
Signature sig, MethodAttributes methodAttributes, RuntimeTypeHandle typeOwner)
at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr,
Binder binder, Object[] parameters, CultureInfo culture, Boolean skipVisibilityChecks)
at System.Delegate.DynamicInvokeImpl(Object[] args) at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate
callback, Object args, Boolean isSingleParameter) at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object
source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler)
Object
reference not set to an instance of an object.
Error - 6/29/2010 7:50:01 AM | Computer Name = eugenemachine | Source = Hewlett-Packard | ID = 0
Description = en-GB Exception has been thrown by the target of an invocation. mscorlib
at System.RuntimeMethodHandle._InvokeMethodFast(Object target, Object[] arguments,
SignatureStruct& sig, MethodAttributes methodAttributes, RuntimeTypeHandle typeOwner)
at System.RuntimeMethodHandle.InvokeMethodFast(Object target, Object[] arguments,
Signature sig, MethodAttributes methodAttributes, RuntimeTypeHandle typeOwner)
at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr,
Binder binder, Object[] parameters, CultureInfo culture, Boolean skipVisibilityChecks)
at System.Delegate.DynamicInvokeImpl(Object[] args) at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate
callback, Object args, Boolean isSingleParameter) at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object
source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler)
Object
reference not set to an instance of an object.
Error - 6/29/2010 7:50:05 AM | Computer Name = eugenemachine | Source = Hewlett-Packard | ID = 0
Description = en-GB Exception has been thrown by the target of an invocation. mscorlib
at System.RuntimeMethodHandle._InvokeMethodFast(Object target, Object[] arguments,
SignatureStruct& sig, MethodAttributes methodAttributes, RuntimeTypeHandle typeOwner)
at System.RuntimeMethodHandle.InvokeMethodFast(Object target, Object[] arguments,
Signature sig, MethodAttributes methodAttributes, RuntimeTypeHandle typeOwner)
at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr,
Binder binder, Object[] parameters, CultureInfo culture, Boolean skipVisibilityChecks)
at System.Delegate.DynamicInvokeImpl(Object[] args) at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate
callback, Object args, Boolean isSingleParameter) at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object
source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler)
Object
reference not set to an instance of an object.
Error - 9/1/2010 11:46:11 AM | Computer Name = eugenemachine | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\091001044606.xml
File not created by asset agent
Error - 10/1/2010 7:13:17 PM | Computer Name = eugenemachine | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\101002121313.xml
File not created by asset agent
Error - 3/23/2011 3:35:04 AM | Computer Name = eugenemachine | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\031123073501.xml
File not created by asset agent
Error - 4/27/2011 2:06:56 AM | Computer Name = eugenemachine | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\041127070652.xml
File not created by asset agent
Error - 4/27/2011 2:06:59 AM | Computer Name = eugenemachine | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\041127070656.xml
File not created by asset agent
Error - 5/4/2011 2:57:09 AM | Computer Name = eugenemachine | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\051104075705.xml
File not created by asset agent
[ Media Center Events ]
Error - 1/24/2010 2:32:42 AM | Computer Name = eugenemachine | Source = MCUpdate | ID = 0
Description = 06:32:41 - Error connecting to the internet. 06:32:41 - Unable
to contact server..
Error - 1/24/2010 2:32:51 AM | Computer Name = eugenemachine | Source = MCUpdate | ID = 0
Description = 06:32:47 - Error connecting to the internet. 06:32:47 - Unable
to contact server..
Error - 3/11/2010 5:16:57 AM | Computer Name = eugenemachine | Source = MCUpdate | ID = 0
Description = 09:16:57 - Error connecting to the internet. 09:16:57 - Unable
to contact server..
Error - 3/11/2010 5:17:06 AM | Computer Name = eugenemachine | Source = MCUpdate | ID = 0
Description = 09:17:02 - Error connecting to the internet. 09:17:02 - Unable
to contact server..
Error - 3/11/2010 6:17:11 AM | Computer Name = eugenemachine | Source = MCUpdate | ID = 0
Description = 10:17:11 - Error connecting to the internet. 10:17:11 - Unable
to contact server..
Error - 3/11/2010 6:17:17 AM | Computer Name = eugenemachine | Source = MCUpdate | ID = 0
Description = 10:17:16 - Error connecting to the internet. 10:17:16 - Unable
to contact server..
Error - 3/11/2010 7:17:22 AM | Computer Name = eugenemachine | Source = MCUpdate | ID = 0
Description = 11:17:22 - Error connecting to the internet. 11:17:22 - Unable
to contact server..
Error - 3/11/2010 7:17:28 AM | Computer Name = eugenemachine | Source = MCUpdate | ID = 0
Description = 11:17:27 - Error connecting to the internet. 11:17:27 - Unable
to contact server..
Error - 3/11/2010 8:17:33 AM | Computer Name = eugenemachine | Source = MCUpdate | ID = 0
Description = 12:17:33 - Error connecting to the internet. 12:17:33 - Unable
to contact server..
Error - 3/11/2010 8:17:39 AM | Computer Name = eugenemachine | Source = MCUpdate | ID = 0
Description = 12:17:38 - Error connecting to the internet. 12:17:38 - Unable
to contact server..
[ System Events ]
Error - 7/22/2011 12:43:36 PM | Computer Name = eugenemachine | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk1\DR1, has a bad block.
Error - 7/22/2011 12:43:38 PM | Computer Name = eugenemachine | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk1\DR1, has a bad block.
Error - 7/22/2011 12:43:40 PM | Computer Name = eugenemachine | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk1\DR1, has a bad block.
Error - 7/22/2011 12:43:42 PM | Computer Name = eugenemachine | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk1\DR1, has a bad block.
Error - 7/22/2011 12:43:44 PM | Computer Name = eugenemachine | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk1\DR1, has a bad block.
Error - 7/22/2011 12:43:47 PM | Computer Name = eugenemachine | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk1\DR1, has a bad block.
Error - 7/22/2011 12:43:49 PM | Computer Name = eugenemachine | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk1\DR1, has a bad block.
Error - 7/22/2011 12:43:49 PM | Computer Name = eugenemachine | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.
Error - 7/22/2011 12:43:51 PM | Computer Name = eugenemachine | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk1\DR1, has a bad block.
Error - 7/22/2011 12:43:51 PM | Computer Name = eugenemachine | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.
< End of report >
OTL Extras logfile created on: 7/22/2011 5:48:54 PM - Run 2
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\eugene\Desktop
An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
2.97 Gb Total Physical Memory | 1.47 Gb Available Physical Memory | 49.55% Memory free
5.93 Gb Paging File | 4.01 Gb Available in Paging File | 67.62% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 448.47 Gb Total Space | 145.07 Gb Free Space | 32.35% Space Free | Partition Type: NTFS
Drive D: | 93.16 Gb Total Space | 60.45 Gb Free Space | 64.89% Space Free | Partition Type: NTFS
Drive E: | 1.99 Gb Total Space | 1.91 Gb Free Space | 96.36% Space Free | Partition Type: FAT32
Computer Name: EUGENEMACHINE | User Name: eugene | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (All) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- C:\windows\hh.exe (Microsoft Corporation)
.cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\windows\System32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf [@ = inffile] -- C:\windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\windows\System32\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\windows\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\windows\System32\WScript.exe (Microsoft Corporation)
.reg [@ = regfile] -- C:\windows\regedit.exe (Microsoft Corporation)
.txt [@ = txtfile] -- C:\windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\windows\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\windows\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\windows\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\windows\System32\WScript.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- C:\Users\eugene\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\System32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{004739E9-9BBF-4A8B-9FAC-EB7CA5B7A9D9}" = HP User Guides 0136
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{085A087C-8559-AC21-F988-9B885923B58B}" = CCC Help Japanese
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{0934E41E-D8EE-478A-A540-AE9FAE399D5D}" = HP ProtectTools Security Manager
"{17BDCAD2-39E2-A44B-CDCA-6854FA71421E}" = Catalyst Control Center Localization All
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{19DC9559-9C20-4A46-A67D-7ECBA52A2788}" = Nokia PC Suite
"{1BE8806A-84F8-4655-A381-0D5524430944}" = ActivClient x86
"{1D61E881-43CD-447B-9E6B-D2C6138B2862}" = HP Webcam
"{1D7DBD8E-4E22-B307-81F4-D55080B16FC7}" = ccc-utility
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{20C53FA2-4307-4671-A93F-9463B29DFCF1}" = Symantec Technical Support Web Controls
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = Media Player Classic - Home Cinema v. 1.3.1249.0
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java 6 Update 21
"{299625B9-6C69-462C-9CEA-8E06D878B1C5}" = HP 3D DriveGuard
"{2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}" = iTunes
"{30A2A953-DEB1-466A-B660-F4399C7C6B9D}" = Roxio MyDVD
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver
"{31D9C74D-CD7A-4215-B1E4-DF8099AEA997}" = Catalyst Control Center - Branding
"{3291E190-DB36-45F8-A119-A5C58645D382}" = HP QuickLook
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons
"{37D6F9FA-A5F2-3040-AF7B-78BE92957D89}" = CCC Help Thai
"{38CA1644-39F5-44EB-F200-DFC6C5E9C5A8}" = CCC Help Chinese Standard
"{3B84CB71-78CA-4E9B-9167-1B877D60FB97}" = HP JavaCard for HP ProtectTools
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CD5E925-0EFE-4E0E-849E-BAF2E6D9E1C5}" = Credential Manager for HP ProtectTools
"{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D568C38-0552-4CDD-A643-01FAFA2957EF}" = Nokia Software Updater
"{4D833CF3-A3AE-2863-584B-3AD3A0D70981}" = CCC Help Russian
"{511376F5-7E5A-4EC9-B603-193B1D425BC3}" = HP ESU for Microsoft Windows 7
"{52AD35F5-FDA6-6E74-27E4-5EC2BD8A8B29}" = CCC Help Korean
"{52B24A16-729C-BDB9-D921-01556B19283D}" = CCC Help Greek
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Creator Business
"{54CC7901-804D-4155-B353-21F0CC9112AB}" = HP Wireless Assistant
"{565AEE5D-35E5-0A21-02E2-3DC8CEA652FB}" = Catalyst Control Center Graphics Light
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57115A63-203E-8864-8951-4D5864D23956}" = CCC Help Norwegian
"{572964E9-BE64-1F57-B672-4D2B7595FAA1}" = Catalyst Control Center Graphics Full Existing
"{5AE47629-FA38-4747-4CEA-1DD2983FA8BF}" = CCC Help German
"{5E984B44-B441-5361-B00B-91441EE7B5B4}" = CCC Help English
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{602C75D1-0C09-D216-D83D-F3126AC24A27}" = CCC Help French
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669A032D-4E28-3D11-BB26-8AD5D51EFE87}" = Google Talk Plugin
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{74656168-CF28-40BD-9D87-700B07BAF9B6}" = HTC Sync
"{75D7BB3A-9AB7-4ad1-AD5E-0059B90C624B}" = HP ProtectTools Security Manager Suite
"{76AF1F61-BB44-4694-A0EA-C6830C8BEF41}" = HP Software Setup
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{7B20C1C7-2766-DDB8-A02E-D6F9C7341864}" = CCC Help Finnish
"{7EFEE754-EA7D-A79B-8DDA-65CADCAF1AB4}" = Catalyst Control Center InstallProxy
"{7FFAA34E-0AA6-BF03-D37C-7AC5C380CF2F}" = CCC Help Chinese Traditional
"{805F8590-510E-74AD-FC88-ADE4224B8854}" = CCC Help Polish
"{82EF29B1-9B60-4142-A155-0599216DD053}" = LightScribe System Software
"{853403A9-70A9-2C60-9E74-67BDC650E820}" = Catalyst Control Center Core Implementation
"{87CA636B-85B8-4611-A81D-F97E71024AFD}" = HP Common Access Service Library
"{8A75B387-6A34-7FBE-3512-89809AF89524}" = CCC Help Hungarian
"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Sonic CinePlayer Decoder Pack
"{8F0EDF80-31C2-FA10-DEE8-BD435A5F7D61}" = ATI Catalyst Install Manager
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9E4FC4A7-E9E1-1EF1-104B-ECFB738A1824}" = CCC Help Italian
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = HP Integrated Module with Bluetooth wireless technology
"{9EE30AB4-1D07-7C32-106D-7AE7CEEFD1EC}" = CCC Help Spanish
"{A45AF5E2-3648-EA45-2A62-C3EA975D57D9}" = Catalyst Control Center Graphics Full New
"{A5A70E61-FEAB-4CEC-977C-BE0EF8DC05AB}" = PC Connectivity Solution
"{A657B744-4F40-6973-D177-5FD028712702}" = ccc-core-static
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{B0344B38-378B-47E0-BDCC-977785D24768}" = Integrated Camera Driver Installer Package Ver.1.30.110.0
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B53E61D7-7C80-40DF-82D2-CF5390D6D20A}" = HP Advisor
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{BA728FCC-0B8C-6F7F-B29C-583829D1E8BB}" = CCC Help Dutch
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{BD7A7136-1E88-4EB8-985C-1326DCE5612A}" = AuthenTec Fingerprint System
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C4518D5B-C62C-4984-A615-1FC1DD55B86A}" = Drive Encryption for HP ProtectTools
"{c48c12e9-16cb-4048-8c88-8bafcafd8add}" = Nero 9 Lite
"{C7AE4EC3-9C13-4213-8457-74D16B353F91}" = HP Web Camera
"{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade
"{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}" = Apple Mobile Device Support
"{D0BFE65D-C320-4FC9-88D2-B9C32FB95DA0}" = HP Setup
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D796ABCD-73D4-F18D-CF80-9BA1BE403933}" = CCC Help Swedish
"{E045FAC9-0B70-4796-AD3A-7035E89CE536}" = SCR3xxx Smart Card Reader
"{E48D0275-B2E0-C879-4B86-506757A16DC7}" = CCC Help Turkish
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{E70E6183-F6EC-45B4-AFA4-0C3C36D4B664}" = Windows 7 Default Setting
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{E9B0164A-27EA-4C31-5526-867C6882B60D}" = CCC Help Czech
"{EA891D60-C20D-03C4-88CB-E4597A1753AA}" = CCC Help Portuguese
"{EC877639-07AB-495C-BFD1-D63AF9140810}" = Roxio Activation Module
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator Business v10
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F173C2B3-296F-458C-98FF-1676A42EBA02}" = HP Wallpaper
"{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL
"{F1FDAA01-988C-423F-AC12-0D8F333943FD}" = Nokia Connectivity Cable Driver
"{F3818CCA-B7E4-2B53-F86E-2D4F195F66F3}" = CCC Help Danish
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"05B59228C7E1C21DFBE89260F879BD95880548D8" = Windows Driver Package - Nokia Modem (10/05/2009 4.2)
"43442AE9-6512-4392-B5DD-9167BECD1114_is1" = Infix 4.13
"504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Windows Driver Package - Nokia Modem (06/01/2009 7.01.0.4)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"DivX Setup.divx.com" = DivX Setup
"FaceDub" = FaceDub
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.1.1800
"Marvell Miniport Driver" = Marvell Miniport Driver
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox (3.5.9)" = Mozilla Firefox (3.5.9)
"Nokia PC Suite" = Nokia PC Suite
"PDF Complete" = PDF Complete Special Edition
"Spotify" = Spotify
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TrueCrypt" = TrueCrypt
"Veetle Broadcaster" = Veetle Broadcaster 0.9.18
"Veetle TV" = Veetle TV 0.9.18
"VideoPad" = VideoPad Video Editor
"VLC media player" = VLC media player 1.1.4
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Advanced Archive Password Recovery" = Advanced Archive Password Recovery
"Google Chrome" = Google Chrome
"GoToMeeting" = GoToMeeting 4.5.0.457
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 1/9/2011 7:13:18 PM | Computer Name = eugenemachine | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1279
Error - 1/9/2011 7:13:19 PM | Computer Name = eugenemachine | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 1/9/2011 7:13:19 PM | Computer Name = eugenemachine | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2324
Error - 1/9/2011 7:13:19 PM | Computer Name = eugenemachine | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2324
Error - 1/9/2011 7:13:20 PM | Computer Name = eugenemachine | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 1/9/2011 7:13:20 PM | Computer Name = eugenemachine | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 3354
Error - 1/9/2011 7:13:20 PM | Computer Name = eugenemachine | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 3354
Error - 1/9/2011 7:15:35 PM | Computer Name = eugenemachine | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 1/9/2011 7:15:35 PM | Computer Name = eugenemachine | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 138435
Error - 1/9/2011 7:15:35 PM | Computer Name = eugenemachine | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 138435
[ Credential Manager Events ]
Error - 7/10/2011 7:44:44 AM | Computer Name = eugenemachine | Source = AuthServer | ID = 100811779
Description = The system failed to authenticate the submitted user credentials. User:
[email protected] Client GUID: {Password} Error: 0xC516020B Client Host: localhost
Client
Address: 127.0.0.1 Authority: HP Server Host: localhost Protocol: HTTP
Error - 7/10/2011 7:44:44 AM | Computer Name = eugenemachine | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User:
[email protected]Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.
Error - 7/10/2011 7:44:46 AM | Computer Name = eugenemachine | Source = AuthServer | ID = 100811779
Description = The system failed to authenticate the submitted user credentials. User:
[email protected] Client GUID: {Password} Error: 0xC516020B Client Host: localhost
Client
Address: 127.0.0.1 Authority: HP Server Host: localhost Protocol: HTTP
Error - 7/10/2011 7:44:46 AM | Computer Name = eugenemachine | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User:
[email protected]Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.
Error - 7/10/2011 8:16:32 AM | Computer Name = eugenemachine | Source = AuthServer | ID = 100811779
Description = The system failed to authenticate the submitted user credentials. User:
[email protected] Client GUID: {Password} Error: 0xC516020B Client Host: localhost
Client
Address: 127.0.0.1 Authority: HP Server Host: localhost Protocol: HTTP
Error - 7/10/2011 8:16:32 AM | Computer Name = eugenemachine | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User:
[email protected]Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.
Error - 7/19/2011 1:45:56 AM | Computer Name = eugenemachine | Source = AuthServer | ID = 100811779
Description = The system failed to authenticate the submitted user credentials. User:
[email protected] Client GUID: {Password} Error: 0xC516020B Client Host: localhost
Client
Address: 127.0.0.1 Authority: HP Server Host: localhost Protocol: HTTP
Error - 7/19/2011 1:45:56 AM | Computer Name = eugenemachine | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User:
[email protected]Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.
Error - 7/20/2011 5:50:47 AM | Computer Name = eugenemachine | Source = AuthServer | ID = 100811779
Description = The system failed to authenticate the submitted user credentials. User:
[email protected] Client GUID: {Password} Error: 0xC516020B Client Host: localhost
Client
Address: 127.0.0.1 Authority: HP Server Host: localhost Protocol: HTTP
Error - 7/20/2011 5:50:47 AM | Computer Name = eugenemachine | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User:
[email protected]Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.
[ Hewlett-Packard Events ]
Error - 6/29/2010 7:49:47 AM | Computer Name = eugenemachine | Source = Hewlett-Packard | ID = 0
Description = en-GB Exception has been thrown by the target of an invocation. mscorlib
at System.RuntimeMethodHandle._InvokeMethodFast(Object target, Object[] arguments,
SignatureStruct& sig, MethodAttributes methodAttributes, RuntimeTypeHandle typeOwner)
at System.RuntimeMethodHandle.InvokeMethodFast(Object target, Object[] arguments,
Signature sig, MethodAttributes methodAttributes, RuntimeTypeHandle typeOwner)
at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr,
Binder binder, Object[] parameters, CultureInfo culture, Boolean skipVisibilityChecks)
at System.Delegate.DynamicInvokeImpl(Object[] args) at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate
callback, Object args, Boolean isSingleParameter) at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object
source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler)
Object
reference not set to an instance of an object.
Error - 6/29/2010 7:49:53 AM | Computer Name = eugenemachine | Source = Hewlett-Packard | ID = 0
Description = en-GB Exception has been thrown by the target of an invocation. mscorlib
at System.RuntimeMethodHandle._InvokeMethodFast(Object target, Object[] arguments,
SignatureStruct& sig, MethodAttributes methodAttributes, RuntimeTypeHandle typeOwner)
at System.RuntimeMethodHandle.InvokeMethodFast(Object target, Object[] arguments,
Signature sig, MethodAttributes methodAttributes, RuntimeTypeHandle typeOwner)
at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr,
Binder binder, Object[] parameters, CultureInfo culture, Boolean skipVisibilityChecks)
at System.Delegate.DynamicInvokeImpl(Object[] args) at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate
callback, Object args, Boolean isSingleParameter) at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object
source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler)
Object
reference not set to an instance of an object.
Error - 6/29/2010 7:50:01 AM | Computer Name = eugenemachine | Source = Hewlett-Packard | ID = 0
Description = en-GB Exception has been thrown by the target of an invocation. mscorlib
at System.RuntimeMethodHandle._InvokeMethodFast(Object target, Object[] arguments,
SignatureStruct& sig, MethodAttributes methodAttributes, RuntimeTypeHandle typeOwner)
at System.RuntimeMethodHandle.InvokeMethodFast(Object target, Object[] arguments,
Signature sig, MethodAttributes methodAttributes, RuntimeTypeHandle typeOwner)
at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr,
Binder binder, Object[] parameters, CultureInfo culture, Boolean skipVisibilityChecks)
at System.Delegate.DynamicInvokeImpl(Object[] args) at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate
callback, Object args, Boolean isSingleParameter) at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object
source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler)
Object
reference not set to an instance of an object.
Error - 6/29/2010 7:50:05 AM | Computer Name = eugenemachine | Source = Hewlett-Packard | ID = 0
Description = en-GB Exception has been thrown by the target of an invocation. mscorlib
at System.RuntimeMethodHandle._InvokeMethodFast(Object target, Object[] arguments,
SignatureStruct& sig, MethodAttributes methodAttributes, RuntimeTypeHandle typeOwner)
at System.RuntimeMethodHandle.InvokeMethodFast(Object target, Object[] arguments,
Signature sig, MethodAttributes methodAttributes, RuntimeTypeHandle typeOwner)
at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr,
Binder binder, Object[] parameters, CultureInfo culture, Boolean skipVisibilityChecks)
at System.Delegate.DynamicInvokeImpl(Object[] args) at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate
callback, Object args, Boolean isSingleParameter) at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object
source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler)
Object
reference not set to an instance of an object.
Error - 9/1/2010 11:46:11 AM | Computer Name = eugenemachine | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\091001044606.xml
File not created by asset agent
Error - 10/1/2010 7:13:17 PM | Computer Name = eugenemachine | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\101002121313.xml
File not created by asset agent
Error - 3/23/2011 3:35:04 AM | Computer Name = eugenemachine | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\031123073501.xml
File not created by asset agent
Error - 4/27/2011 2:06:56 AM | Computer Name = eugenemachine | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\041127070652.xml
File not created by asset agent
Error - 4/27/2011 2:06:59 AM | Computer Name = eugenemachine | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\041127070656.xml
File not created by asset agent
Error - 5/4/2011 2:57:09 AM | Computer Name = eugenemachine | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\051104075705.xml
File not created by asset agent
[ Media Center Events ]
Error - 1/24/2010 2:32:42 AM | Computer Name = eugenemachine | Source = MCUpdate | ID = 0
Description = 06:32:41 - Error connecting to the internet. 06:32:41 - Unable
to contact server..
Error - 1/24/2010 2:32:51 AM | Computer Name = eugenemachine | Source = MCUpdate | ID = 0
Description = 06:32:47 - Error connecting to the internet. 06:32:47 - Unable
to contact server..
Error - 3/11/2010 5:16:57 AM | Computer Name = eugenemachine | Source = MCUpdate | ID = 0
Description = 09:16:57 - Error connecting to the internet. 09:16:57 - Unable
to contact server..
Error - 3/11/2010 5:17:06 AM | Computer Name = eugenemachine | Source = MCUpdate | ID = 0
Description = 09:17:02 - Error connecting to the internet. 09:17:02 - Unable
to contact server..
Error - 3/11/2010 6:17:11 AM | Computer Name = eugenemachine | Source = MCUpdate | ID = 0
Description = 10:17:11 - Error connecting to the internet. 10:17:11 - Unable
to contact server..
Error - 3/11/2010 6:17:17 AM | Computer Name = eugenemachine | Source = MCUpdate | ID = 0
Description = 10:17:16 - Error connecting to the internet. 10:17:16 - Unable
to contact server..
Error - 3/11/2010 7:17:22 AM | Computer Name = eugenemachine | Source = MCUpdate | ID = 0
Description = 11:17:22 - Error connecting to the internet. 11:17:22 - Unable
to contact server..
Error - 3/11/2010 7:17:28 AM | Computer Name = eugenemachine | Source = MCUpdate | ID = 0
Description = 11:17:27 - Error connecting to the internet. 11:17:27 - Unable
to contact server..
Error - 3/11/2010 8:17:33 AM | Computer Name = eugenemachine | Source = MCUpdate | ID = 0
Description = 12:17:33 - Error connecting to the internet. 12:17:33 - Unable
to contact server..
Error - 3/11/2010 8:17:39 AM | Computer Name = eugenemachine | Source = MCUpdate | ID = 0
Description = 12:17:38 - Error connecting to the internet. 12:17:38 - Unable
to contact server..
[ System Events ]
Error - 7/22/2011 12:43:36 PM | Computer Name = eugenemachine | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk1\DR1, has a bad block.
Error - 7/22/2011 12:43:38 PM | Computer Name = eugenemachine | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk1\DR1, has a bad block.
Error - 7/22/2011 12:43:40 PM | Computer Name = eugenemachine | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk1\DR1, has a bad block.
Error - 7/22/2011 12:43:42 PM | Computer Name = eugenemachine | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk1\DR1, has a bad block.
Error - 7/22/2011 12:43:44 PM | Computer Name = eugenemachine | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk1\DR1, has a bad block.
Error - 7/22/2011 12:43:47 PM | Computer Name = eugenemachine | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk1\DR1, has a bad block.
Error - 7/22/2011 12:43:49 PM | Computer Name = eugenemachine | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk1\DR1, has a bad block.
Error - 7/22/2011 12:43:49 PM | Computer Name = eugenemachine | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.
Error - 7/22/2011 12:43:51 PM | Computer Name = eugenemachine | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk1\DR1, has a bad block.
Error - 7/22/2011 12:43:51 PM | Computer Name = eugenemachine | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.
< End of report >
i don't know if i'm being thick but can't find the scan logs, but if i look at the virus chest i can see there are 5 files in there.
also it seems like all those 'programs' don't seem to be running in the background anymore