Render,
Thank you. In the logs I see "Antiphishing domain advisor" in my programs which may be related to the partner37 thing as those words appear on that redirect page. It says in my windows uninstall programs list it comes from visicom - pandasecurity and that it was installed on 7/30, which is the day I uninstalled bullguard and superanitspy and put in Avira. (not trying to do your job for you but just thought if I see something funny, I should say).
Last log first, followed by the OTL logs:
Local Area Connection:
Node IpAddress: [10.0.0.3] Scope Id: []
NetBIOS Local Name Table
Name Type Status
---------------------------------------------
CYPRESSHP <20> UNIQUE Registered
CYPRESSHP <00> UNIQUE Registered
WORKGROUP <00> GROUP Registered
Bluetooth Network Connection:
Node IpAddress: [0.0.0.0] Scope Id: []
No names in cache
Wireless Network Connection:
Node IpAddress: [0.0.0.0] Scope Id: []
No names in cache
Windows IP Configuration
Host Name . . . . . . . . . . . . : CypressHP
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
Wireless LAN adapter Wireless Network Connection:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom 43224AG 802.11a/b/g/draft-n Wi-Fi Adapter
Physical Address. . . . . . . . . : 20-10-7A-45-13-A2
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Ethernet adapter Bluetooth Network Connection:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 40-2C-F4-29-77-0B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® 82579LM Gigabit Network Connection
Physical Address. . . . . . . . . : 00-9C-02-93-27-4E
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::61ab:60f0:508b:4be1%10(Preferred)
IPv4 Address. . . . . . . . . . . : 10.0.0.3(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, July 30, 2012 10:02:00 PM
Lease Expires . . . . . . . . . . : Thursday, August 02, 2012 8:11:24 AM
Default Gateway . . . . . . . . . : 10.0.0.1
DHCP Server . . . . . . . . . . . : 10.0.0.1
DHCPv6 IAID . . . . . . . . . . . : 238832274
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-FA-DE-B2-00-9C-02-93-27-4E
DNS Servers . . . . . . . . . . . : 10.0.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter isatap.{E96F5685-C65F-4776-A433-E6FD5A090BE9}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter isatap.{672FB6AB-8FCA-454A-961A-108F7F9DB738}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter isatap.{12D84F0F-F828-4D8C-B372-E0859B917957}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Teredo Tunneling Pseudo-Interface:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:2848:310d:f5ff:fffc(Preferred)
Link-local IPv6 Address . . . . . : fe80::2848:310d:f5ff:fffc%17(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Pinging Yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=218ms TTL=45
Reply from 72.30.38.140: bytes=32 time=148ms TTL=45
Reply from 72.30.38.140: bytes=32 time=146ms TTL=45
Reply from 72.30.38.140: bytes=32 time=242ms TTL=45
Ping statistics for 72.30.38.140:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 146ms, Maximum = 242ms, Average = 188ms
Pinging Google.com [74.125.130.113] with 32 bytes of data:
Reply from 74.125.130.113: bytes=32 time=74ms TTL=42
Reply from 74.125.130.113: bytes=32 time=77ms TTL=42
Reply from 74.125.130.113: bytes=32 time=76ms TTL=42
Reply from 74.125.130.113: bytes=32 time=76ms TTL=42
Ping statistics for 74.125.130.113:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 74ms, Maximum = 77ms, Average = 75ms
These Windows services are started:
Adobe Acrobat Update Service
AMD External Events Utility
Andrea ST Filters Service
Application Information
Application Management
ArcCapture
Audio Service
Authentication Service
Avira Realtime Protection
Avira Scheduler
Background Intelligent Transfer Service
Base Filtering Engine
Bluetooth Service
Broadcom Wireless LAN Tray Service
Certificate Propagation
CNG Key Isolation
COM+ Event System
Cryptographic Services
DCOM Server Process Launcher
Desktop Window Manager Session Manager
DHCP Client
Diagnostic Policy Service
Diagnostic Service Host
Distributed Link Tracking Client
DNS Client
Encrypting File System (EFS)
EPSON V3 Service4(04)
EPSON V5 Service4(04)
Extensible Authentication Protocol
File Sanitizer for HP ProtectTools
Function Discovery Provider Host
Function Discovery Resource Publication
Group Policy Client
HomeGroup Listener
HomeGroup Provider
HP DayStarter Service
HP Power Assistant Service
HP ProtectTools Service
HP Quick Synchronization Service
HP Service
HP Software Framework Service
HP Support Assistant Service
IKE and AuthIP IPsec Keying Modules
Intel® Identity Protection Technology Host Interface Service
Intel® Management and Security Application Local Management Service
Intel® Management and Security Application User Notification Service
Intel® Rapid Storage Technology
IP Helper
LightScribeService Direct Disc Labeling Service
McAfee Endpoint Encryption Agent
McciCMService
McciCMService64
Multimedia Class Scheduler
Network Connections
Network List Service
Network Location Awareness
Network Store Interface Service
Office Software Protection Platform
Offline Files
OnlineStorageService
Peer Name Resolution Protocol
Peer Networking Grouping
Peer Networking Identity Manager
Personal Secure Drive Service
Plug and Play
PnP-X IP Bus Enumerator
Portrait Displays SDK Service
Power
Print Spooler
Program Compatibility Assistant Service
Remote Access Connection Manager
Remote Procedure Call (RPC)
RPC Endpoint Mapper
Secondary Logon
Secunia PSI Agent
Secure Socket Tunneling Protocol Service
Security Accounts Manager
Security Center
Security Platform Management Service
Server
Shell Hardware Detection
Skype C2C Service
Smart Card
SSDP Discovery
Superfetch
System Event Notification Service
Tablet PC Input Service
Task Scheduler
TCP/IP NetBIOS Helper
Telephony
Themes
TPM Base Services
Trusted Platform Core Service
UPnP Device Host
User Profile Service
Validity VCS Fingerprint Service
Windows Audio
Windows Audio Endpoint Builder
Windows Backup
Windows Driver Foundation - User-mode Driver Framework
Windows Event Log
Windows Firewall
Windows Font Cache Service
Windows Image Acquisition (WIA)
Windows Live ID Sign-in Assistant
Windows Management Instrumentation
Windows Media Player Network Sharing Service
Windows Presentation Foundation Font Cache 3.0.0.0
Windows Search
Windows Update
WinHTTP Web Proxy Auto-Discovery Service
WLAN AutoConfig
Workstation
The command completed successfully.
.
Afd
[SC] QueryServiceConfig SUCCESS
SERVICE_NAME: Afd
TYPE : 1 KERNEL_DRIVER
START_TYPE : 1 SYSTEM_START
ERROR_CONTROL : 1 NORMAL
BINARY_PATH_NAME : \SystemRoot\system32\drivers\afd.sys
LOAD_ORDER_GROUP : PNP_TDI
TAG : 0
DISPLAY_NAME : Ancillary Function Driver for Winsock
DEPENDENCIES :
SERVICE_START_NAME :
SERVICE_NAME: Afd
TYPE : 1 KERNEL_DRIVER
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0
PID : 0
FLAGS :
dhcp
[SC] QueryServiceConfig SUCCESS
SERVICE_NAME: dhcp
TYPE : 20 WIN32_SHARE_PROCESS
START_TYPE : 2 AUTO_START
ERROR_CONTROL : 1 NORMAL
BINARY_PATH_NAME : C:\windows\system32\svchost.exe -k LocalServiceNetworkRestricted
LOAD_ORDER_GROUP : TDI
TAG : 0
DISPLAY_NAME : DHCP Client
DEPENDENCIES : NSI
: Tdx
: Afd
SERVICE_START_NAME : NT Authority\LocalService
SERVICE_NAME: dhcp
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0
PID : 524
FLAGS :
Dnscache
[SC] QueryServiceConfig SUCCESS
SERVICE_NAME: Dnscache
TYPE : 20 WIN32_SHARE_PROCESS
START_TYPE : 2 AUTO_START
ERROR_CONTROL : 1 NORMAL
BINARY_PATH_NAME : C:\windows\system32\svchost.exe -k NetworkService
LOAD_ORDER_GROUP : TDI
TAG : 0
DISPLAY_NAME : DNS Client
DEPENDENCIES : Tdx
: nsi
SERVICE_START_NAME : NT AUTHORITY\NetworkService
SERVICE_NAME: Dnscache
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0
PID : 1568
FLAGS :
gpsvc
[SC] QueryServiceConfig SUCCESS
SERVICE_NAME: gpsvc
TYPE : 10 WIN32_OWN_PROCESS
START_TYPE : 2 AUTO_START
ERROR_CONTROL : 1 NORMAL
BINARY_PATH_NAME : C:\windows\system32\svchost.exe -k GPSvcGroup
LOAD_ORDER_GROUP : ProfSvc_Group
TAG : 0
DISPLAY_NAME : Group Policy Client
DEPENDENCIES : RPCSS
: Mup
SERVICE_START_NAME : LocalSystem
SERVICE_NAME: gpsvc
TYPE : 10 WIN32_OWN_PROCESS
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, ACCEPTS_PRESHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0
PID : 1284
FLAGS :
iphlpsvc
[SC] QueryServiceConfig SUCCESS
SERVICE_NAME: iphlpsvc
TYPE : 20 WIN32_SHARE_PROCESS
START_TYPE : 2 AUTO_START
ERROR_CONTROL : 1 NORMAL
BINARY_PATH_NAME : C:\windows\System32\svchost.exe -k NetSvcs
LOAD_ORDER_GROUP :
TAG : 0
DISPLAY_NAME : IP Helper
DEPENDENCIES : RpcSS
: Tdx
: winmgmt
: tcpip
: nsi
SERVICE_START_NAME : LocalSystem
SERVICE_NAME: iphlpsvc
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0
PID : 428
FLAGS :
lanmanserver
[SC] QueryServiceConfig SUCCESS
SERVICE_NAME: lanmanserver
TYPE : 20 WIN32_SHARE_PROCESS
START_TYPE : 2 AUTO_START
ERROR_CONTROL : 1 NORMAL
BINARY_PATH_NAME : C:\windows\system32\svchost.exe -k netsvcs
LOAD_ORDER_GROUP :
TAG : 0
DISPLAY_NAME : Server
DEPENDENCIES : SamSS
: Srv
SERVICE_START_NAME : LocalSystem
SERVICE_NAME: lanmanserver
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE, PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0
PID : 428
FLAGS :
Lmhosts
[SC] QueryServiceConfig SUCCESS
SERVICE_NAME: Lmhosts
TYPE : 20 WIN32_SHARE_PROCESS
START_TYPE : 2 AUTO_START
ERROR_CONTROL : 1 NORMAL
BINARY_PATH_NAME : C:\windows\system32\svchost.exe -k LocalServiceNetworkRestricted
LOAD_ORDER_GROUP : TDI
TAG : 0
DISPLAY_NAME : TCP/IP NetBIOS Helper
DEPENDENCIES : NetBT
: Afd
SERVICE_START_NAME : NT AUTHORITY\LocalService
SERVICE_NAME: Lmhosts
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0
PID : 524
FLAGS :
NetBIOS
[SC] QueryServiceConfig SUCCESS
SERVICE_NAME: NetBIOS
TYPE : 2 FILE_SYSTEM_DRIVER
START_TYPE : 1 SYSTEM_START
ERROR_CONTROL : 1 NORMAL
BINARY_PATH_NAME : system32\DRIVERS\netbios.sys
LOAD_ORDER_GROUP : NetBIOSGroup
TAG : 2
DISPLAY_NAME : NetBIOS Interface
DEPENDENCIES :
SERVICE_START_NAME :
SERVICE_NAME: NetBIOS
TYPE : 2 FILE_SYSTEM_DRIVER
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0
PID : 0
FLAGS :
NetBT
[SC] QueryServiceConfig SUCCESS
SERVICE_NAME: NetBT
TYPE : 1 KERNEL_DRIVER
START_TYPE : 1 SYSTEM_START
ERROR_CONTROL : 1 NORMAL
BINARY_PATH_NAME : System32\DRIVERS\netbt.sys
LOAD_ORDER_GROUP : PNP_TDI
TAG : 87
DISPLAY_NAME : NetBT
DEPENDENCIES : Tdx
: tcpip
SERVICE_START_NAME :
SERVICE_NAME: NetBT
TYPE : 1 KERNEL_DRIVER
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0
PID : 0
FLAGS :
Netman
[SC] QueryServiceConfig SUCCESS
SERVICE_NAME: Netman
TYPE : 20 WIN32_SHARE_PROCESS
START_TYPE : 3 DEMAND_START
ERROR_CONTROL : 1 NORMAL
BINARY_PATH_NAME : C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
LOAD_ORDER_GROUP :
TAG : 0
DISPLAY_NAME : Network Connections
DEPENDENCIES : RpcSs
: nsi
SERVICE_START_NAME : LocalSystem
SERVICE_NAME: Netman
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0
PID : 596
FLAGS :
netprofm
[SC] QueryServiceConfig SUCCESS
SERVICE_NAME: netprofm
TYPE : 20 WIN32_SHARE_PROCESS
START_TYPE : 3 DEMAND_START
ERROR_CONTROL : 1 NORMAL
BINARY_PATH_NAME : C:\windows\System32\svchost.exe -k LocalService
LOAD_ORDER_GROUP :
TAG : 0
DISPLAY_NAME : Network List Service
DEPENDENCIES : RpcSs
: nlasvc
SERVICE_START_NAME : NT AUTHORITY\LocalService
SERVICE_NAME: netprofm
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0
PID : 1320
FLAGS :
NlaSvc
[SC] QueryServiceConfig SUCCESS
SERVICE_NAME: NlaSvc
TYPE : 20 WIN32_SHARE_PROCESS
START_TYPE : 2 AUTO_START
ERROR_CONTROL : 1 NORMAL
BINARY_PATH_NAME : C:\windows\System32\svchost.exe -k NetworkService
LOAD_ORDER_GROUP :
TAG : 0
DISPLAY_NAME : Network Location Awareness
DEPENDENCIES : NSI
: RpcSs
: TcpIp
SERVICE_START_NAME : NT AUTHORITY\NetworkService
SERVICE_NAME: NlaSvc
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0
PID : 1568
FLAGS :
nsi
[SC] QueryServiceConfig SUCCESS
SERVICE_NAME: nsi
TYPE : 20 WIN32_SHARE_PROCESS
START_TYPE : 2 AUTO_START
ERROR_CONTROL : 1 NORMAL
BINARY_PATH_NAME : C:\windows\system32\svchost.exe -k LocalService
LOAD_ORDER_GROUP :
TAG : 0
DISPLAY_NAME : Network Store Interface Service
DEPENDENCIES : nsiproxy
SERVICE_START_NAME : NT Authority\LocalService
SERVICE_NAME: nsi
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0
PID : 1320
FLAGS :
PolicyAgent
[SC] QueryServiceConfig SUCCESS
SERVICE_NAME: PolicyAgent
TYPE : 20 WIN32_SHARE_PROCESS
START_TYPE : 3 DEMAND_START
ERROR_CONTROL : 1 NORMAL
BINARY_PATH_NAME : C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
LOAD_ORDER_GROUP :
TAG : 0
DISPLAY_NAME : IPsec Policy Agent
DEPENDENCIES : Tcpip
: bfe
SERVICE_START_NAME : NT Authority\NetworkService
SERVICE_NAME: PolicyAgent
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 1 STOPPED
WIN32_EXIT_CODE : 1077 (0x435)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0
PID : 0
FLAGS :
RasMan
[SC] QueryServiceConfig SUCCESS
SERVICE_NAME: RasMan
TYPE : 20 WIN32_SHARE_PROCESS
START_TYPE : 3 DEMAND_START
ERROR_CONTROL : 1 NORMAL
BINARY_PATH_NAME : C:\windows\System32\svchost.exe -k netsvcs
LOAD_ORDER_GROUP :
TAG : 0
DISPLAY_NAME : Remote Access Connection Manager
DEPENDENCIES : Tapisrv
: SstpSvc
SERVICE_START_NAME : localSystem
SERVICE_NAME: RasMan
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0
PID : 428
FLAGS :
RPCSS
[SC] QueryServiceConfig SUCCESS
SERVICE_NAME: RPCSS
TYPE : 20 WIN32_SHARE_PROCESS
START_TYPE : 2 AUTO_START
ERROR_CONTROL : 1 NORMAL
BINARY_PATH_NAME : C:\windows\system32\svchost.exe -k rpcss
LOAD_ORDER_GROUP : COM Infrastructure
TAG : 0
DISPLAY_NAME : Remote Procedure Call (RPC)
DEPENDENCIES : RpcEptMapper
: DcomLaunch
SERVICE_START_NAME : NT AUTHORITY\NetworkService
SERVICE_NAME: RPCSS
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(NOT_STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0
PID : 948
FLAGS :
SstpSvc
[SC] QueryServiceConfig SUCCESS
SERVICE_NAME: SstpSvc
TYPE : 20 WIN32_SHARE_PROCESS
START_TYPE : 3 DEMAND_START
ERROR_CONTROL : 1 NORMAL
BINARY_PATH_NAME : C:\windows\system32\svchost.exe -k LocalService
LOAD_ORDER_GROUP :
TAG : 0
DISPLAY_NAME : Secure Socket Tunneling Protocol Service
DEPENDENCIES :
SERVICE_START_NAME : NT Authority\LocalService
SERVICE_NAME: SstpSvc
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0
PID : 1320
FLAGS :
TCPIP
[SC] QueryServiceConfig SUCCESS
SERVICE_NAME: TCPIP
TYPE : 1 KERNEL_DRIVER
START_TYPE : 0 BOOT_START
ERROR_CONTROL : 1 NORMAL
BINARY_PATH_NAME : \SystemRoot\System32\drivers\tcpip.sys
LOAD_ORDER_GROUP : PNP_TDI
TAG : 3
DISPLAY_NAME : TCP/IP Protocol Driver
DEPENDENCIES :
SERVICE_START_NAME :
SERVICE_NAME: TCPIP
TYPE : 1 KERNEL_DRIVER
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0
PID : 0
FLAGS :
WebClient
[SC] QueryServiceConfig SUCCESS
SERVICE_NAME: WebClient
TYPE : 20 WIN32_SHARE_PROCESS
START_TYPE : 3 DEMAND_START
ERROR_CONTROL : 1 NORMAL
BINARY_PATH_NAME : C:\windows\system32\svchost.exe -k LocalService
LOAD_ORDER_GROUP : NetworkProvider
TAG : 0
DISPLAY_NAME : WebClient
DEPENDENCIES : MRxDAV
SERVICE_START_NAME : NT AUTHORITY\LocalService
SERVICE_NAME: WebClient
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 1 STOPPED
WIN32_EXIT_CODE : 1077 (0x435)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0
PID : 0
FLAGS :
start OTL hereOTL logfile created on: 8/1/2012 1:56:39 PM - Run 1
OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\Peter\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.95 Gb Total Physical Memory | 2.10 Gb Available Physical Memory | 53.11% Memory free
7.90 Gb Paging File | 5.27 Gb Available in Paging File | 66.73% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 445.52 Gb Total Space | 368.81 Gb Free Space | 82.78% Space Free | Partition Type: NTFS
Drive E: | 14.95 Gb Total Space | 2.23 Gb Free Space | 14.89% Space Free | Partition Type: NTFS
Drive F: | 4.98 Gb Total Space | 2.12 Gb Free Space | 42.62% Space Free | Partition Type: FAT32
Drive H: | 731.81 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Computer Name: CYPRESSHP | User Name: Peter | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2012/07/30 20:40:01 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\Peter\Desktop\OTL(2).exe
PRC - [2012/07/25 04:46:44 | 001,326,176 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe
PRC - [2012/07/25 04:46:42 | 000,572,000 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
PRC - [2012/07/19 16:58:04 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/07/03 14:04:56 | 002,656,536 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2012/07/03 14:04:55 | 000,325,912 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2012/06/19 17:32:30 | 003,048,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012/06/11 03:33:54 | 000,410,942 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe InDesign CS6\Utilities\adb.exe
PRC - [2012/05/03 14:07:40 | 000,217,256 | ---- | M] (Visicom Media Inc. (Powered by Panda Security)) -- C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe
PRC - [2012/05/02 01:42:31 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012/05/02 00:34:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012/05/02 00:31:38 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012/04/08 21:16:38 | 001,760,016 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro SafeSync\HrfsClient.exe
PRC - [2012/04/04 06:25:00 | 000,295,584 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
PRC - [2012/04/04 01:53:56 | 000,815,512 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
PRC - [2012/04/04 01:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/03/14 10:28:28 | 000,197,504 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2012/02/08 12:44:04 | 000,200,704 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
PRC - [2012/02/08 12:10:00 | 001,323,008 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
PRC - [2011/12/01 16:24:20 | 002,624,512 | ---- | M] () -- C:\Users\Peter\AppData\Roaming\CBS Interactive\CNET TechTracker\TechTracker.exe
PRC - [2011/03/16 11:26:40 | 000,113,264 | ---- | M] (Portrait Displays, Inc.) -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
PRC - [2011/02/10 20:44:28 | 000,076,344 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
PRC - [2011/02/07 15:41:42 | 012,274,688 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
PRC - [2011/02/07 15:41:26 | 000,320,000 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
PRC - [2011/01/28 12:41:30 | 000,133,688 | ---- | M] (Hewlett-Packard Company) -- c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
PRC - [2011/01/26 13:00:32 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2011/01/26 13:00:00 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011/01/20 01:55:18 | 001,125,728 | ---- | M] (Infineon Technologies AG) -- c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe
PRC - [2011/01/20 01:50:16 | 000,329,056 | ---- | M] (Infineon Technologies AG) -- c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\PSDrt.exe
PRC - [2011/01/20 01:43:00 | 000,203,104 | ---- | M] (Infineon Technologies AG) -- c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe
PRC - [2011/01/20 00:49:00 | 000,980,320 | ---- | M] (Infineon Technologies AG) -- c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe
PRC - [2011/01/12 15:12:06 | 000,036,864 | ---- | M] (Hewlett-Packard Development Company, L.P) -- c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
PRC - [2010/11/29 15:10:32 | 000,210,896 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
PRC - [2010/11/26 07:31:18 | 000,267,128 | ---- | M] () -- C:\Program Files (x86)\HP HD Webcam [Fixed]\Monitor.exe
PRC - [2010/11/17 13:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2010/11/11 03:43:00 | 000,502,464 | ---- | M] (ArcSoft, Inc.) -- C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
PRC - [2009/12/03 10:12:12 | 000,976,320 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
========== Modules (No Company Name) ========== MOD - [2012/07/30 12:27:38 | 000,877,952 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\HP.SupportFramework\1.0.0.0__2a4860322af7ba08\HP.SupportFramework.dll
MOD - [2012/07/19 16:58:03 | 002,003,424 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/06/11 03:33:54 | 000,410,942 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe InDesign CS6\Utilities\adb.exe
MOD - [2012/04/23 18:35:09 | 000,630,784 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MOD - [2012/03/21 18:32:36 | 005,025,792 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MOD - [2012/02/10 19:31:42 | 001,253,376 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
MOD - [2012/02/08 12:44:04 | 000,200,704 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
MOD - [2012/01/08 09:41:12 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
MOD - [2012/01/03 22:51:03 | 003,190,784 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2012/01/03 22:50:59 | 004,550,656 | ---- | M] () -- C:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
MOD - [2011/12/01 16:24:20 | 002,624,512 | ---- | M] () -- C:\Users\Peter\AppData\Roaming\CBS Interactive\CNET TechTracker\TechTracker.exe
MOD - [2011/03/28 23:32:26 | 001,316,878 | ---- | M] () -- C:\Program Files\Trend Micro SafeSync\avcodec-52.dll
MOD - [2011/03/28 23:32:26 | 000,165,902 | ---- | M] () -- C:\Program Files\Trend Micro SafeSync\avformat-52.dll
MOD - [2011/03/28 23:32:26 | 000,098,830 | ---- | M] () -- C:\Program Files\Trend Micro SafeSync\avutil-50.dll
MOD - [2010/11/26 07:31:18 | 000,267,128 | ---- | M] () -- C:\Program Files (x86)\HP HD Webcam [Fixed]\Monitor.exe
MOD - [2010/11/04 21:58:14 | 002,048,000 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2010/11/04 21:58:10 | 000,303,104 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2010/11/04 21:58:04 | 000,425,984 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2009/06/10 17:22:40 | 000,010,752 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
========== Win32 Services (SafeList) ========== SRV:
64bit: - [2012/07/03 14:05:57 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:
64bit: - [2012/05/13 14:03:52 | 000,301,568 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\STacSV64.exe -- (STacSV)
SRV:
64bit: - [2012/05/13 14:03:52 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV:
64bit: - [2012/04/08 21:16:30 | 007,612,176 | ---- | M] (Trend Micro Inc.) [On_Demand | Running] -- C:\Program Files\Trend Micro SafeSync\hrfscore.exe -- (OnlineStorageService)
SRV:
64bit: - [2012/03/20 21:01:59 | 000,048,128 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE -- (wltrysvc)
SRV:
64bit: - [2012/02/08 12:10:00 | 001,323,008 | ---- | M] () [Auto | Running] -- C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe -- (McAfee Endpoint Encryption Agent)
SRV:
64bit: - [2011/08/23 04:37:04 | 003,175,728 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\windows\SysNative\vcsFPService.exe -- (vcsFPService)
SRV:
64bit: - [2011/07/15 14:09:38 | 000,137,272 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe -- (HP Power Assistant Service)
SRV:
64bit: - [2011/05/13 18:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\windows\SysNative\Hpservice.exe -- (hpsrv)
SRV:
64bit: - [2011/02/12 00:07:16 | 000,481,104 | R--- | M] (DigitalPersona, Inc.) [Auto | Running] -- c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe -- (DpHost)
SRV:
64bit: - [2011/01/28 12:41:30 | 000,133,688 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe -- (HPDayStarterService)
SRV:
64bit: - [2010/07/29 22:39:24 | 000,951,584 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:
64bit: - [2009/09/14 01:00:00 | 000,166,400 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE -- (EPSON_EB_RPCV4_04)
SRV:
64bit: - [2009/09/14 01:00:00 | 000,128,512 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE -- (EPSON_PM_RPCV4_04)
SRV:
64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:
64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012/07/27 15:05:12 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/25 04:46:44 | 001,326,176 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent)
SRV - [2012/07/19 16:58:04 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/07/03 14:04:56 | 002,656,536 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/07/03 14:04:55 | 000,325,912 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/06/19 17:32:30 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/06/07 19:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/05/02 01:42:31 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012/05/02 00:34:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012/04/04 01:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/03/14 10:28:28 | 000,197,504 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2011/09/09 17:10:28 | 000,086,072 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe -- (HP Support Assistant Service)
SRV - [2011/09/05 09:57:24 | 000,476,728 | ---- | M] (Hewlett-Packard Company) [On_Demand | Stopped] -- c:\Windows\SysWOW64\flcdlock.exe -- (FLCDLOCK)
SRV - [2011/08/23 04:23:48 | 002,774,320 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\windows\SysWow64\vcsFPService.exe -- (vcsFPService)
SRV - [2011/03/16 11:26:40 | 000,113,264 | ---- | M] (Portrait Displays, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe -- (PdiService)
SRV - [2011/02/07 15:41:26 | 000,320,000 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe -- (HPFSService)
SRV - [2011/01/26 13:00:00 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011/01/20 01:55:18 | 001,125,728 | ---- | M] (Infineon Technologies AG) [Auto | Running] -- c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe -- (IFXSpMgtSrv)
SRV - [2011/01/20 01:43:00 | 000,203,104 | ---- | M] (Infineon Technologies AG) [Auto | Running] -- c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe -- (PersonalSecureDriveService)
SRV - [2011/01/20 00:49:00 | 000,980,320 | ---- | M] (Infineon Technologies AG) [Auto | Running] -- c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe -- (IFXTCS)
SRV - [2011/01/12 15:12:06 | 000,036,864 | ---- | M] (Hewlett-Packard Development Company, L.P) [On_Demand | Running] -- c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe -- (HP ProtectTools Service)
SRV - [2010/11/29 15:10:32 | 000,210,896 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe -- (jhi_service)
SRV - [2010/11/11 03:43:00 | 000,502,464 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe -- (uArcCapture)
SRV - [2010/03/18 17:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ========== DRV:
64bit: - [2012/07/11 11:15:09 | 000,173,656 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:
64bit: - [2012/07/11 11:15:09 | 000,026,200 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\johci.sys -- (johci)
DRV:
64bit: - [2012/07/03 14:06:08 | 000,095,248 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:
64bit: - [2012/07/03 14:05:57 | 010,497,536 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:
64bit: - [2012/07/03 14:05:57 | 000,326,656 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:
64bit: - [2012/05/13 14:03:52 | 000,528,384 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:
64bit: - [2012/05/12 06:48:17 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:
64bit: - [2012/05/02 15:24:12 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:
64bit: - [2012/04/27 10:20:04 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:
64bit: - [2012/04/25 00:32:27 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:
64bit: - [2012/03/20 21:01:58 | 000,022,592 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)
DRV:
64bit: - [2012/03/20 21:01:53 | 003,065,408 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:
64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:
64bit: - [2012/02/28 13:15:16 | 000,043,800 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:
64bit: - [2012/02/28 13:15:16 | 000,029,976 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:
64bit: - [2012/02/22 13:54:08 | 000,360,624 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress)
DRV:
64bit: - [2012/02/08 12:55:20 | 000,100,808 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\MfeEpeOpal.sys -- (MfeEpeOpal)
DRV:
64bit: - [2012/02/08 12:54:56 | 000,158,920 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\MfeEpePc.sys -- (MfeEpePc)
DRV:
64bit: - [2011/09/16 01:34:38 | 000,392,752 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:
64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:
64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:
64bit: - [2011/02/07 11:50:26 | 000,063,336 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\DAMDrv64.sys -- (DAMDrv)
DRV:
64bit: - [2011/01/13 06:14:04 | 000,040,448 | ---- | M] (Generic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SzCCID.sys -- (SzCCID)
DRV:
64bit: - [2011/01/12 21:51:44 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:
64bit: - [2011/01/12 14:11:20 | 002,611,704 | ---- | M] (Sunplus Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SPUVCBv_x64.sys -- (SPUVCbv)
DRV:
64bit: - [2010/12/10 17:50:36 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:
64bit: - [2010/12/10 17:50:36 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:
64bit: - [2010/12/02 21:02:58 | 000,025,912 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:
64bit: - [2010/11/20 09:34:02 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:
64bit: - [2010/11/20 09:34:02 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:
64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:
64bit: - [2010/11/20 07:35:32 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:
64bit: - [2010/11/20 07:35:20 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:
64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:
64bit: - [2010/11/20 05:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:
64bit: - [2010/11/11 03:46:00 | 000,032,192 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftVCapture.sys -- (ARCVCAM)
DRV:
64bit: - [2010/10/19 20:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:
64bit: - [2010/09/01 04:30:58 | 000,017,976 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\psi_mf.sys -- (PSI)
DRV:
64bit: - [2010/07/20 17:26:42 | 000,102,952 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:
64bit: - [2010/07/20 17:26:38 | 000,135,720 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:
64bit: - [2010/07/20 17:26:34 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:
64bit: - [2010/07/14 10:25:38 | 000,344,616 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:
64bit: - [2010/03/19 07:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:
64bit: - [2010/03/02 18:37:40 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:
64bit: - [2010/01/26 01:31:08 | 000,044,576 | ---- | M] (Infineon Technologies AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\psd.sys -- (PersonalSecureDrive)
DRV:
64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:
64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:
64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:
64bit: - [2009/07/13 19:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:
64bit: - [2009/06/10 17:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:
64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:
64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:
64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:
64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/08/14 09:45:24 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2009/08/14 09:45:24 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:
64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://g.msn.com/HPCOM/1IE:
64bit: - HKLM\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43}
IE:
64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" =
http://search.ask.co...&l=dis&o=CMNTDFIE:
64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" =
http://search.yahoo....psg&type=CMNTDFIE:
64bit: - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" =
http://www.bing.com/...rc=IE-SearchBoxIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://g.msn.com/HPCOM/1IE - HKLM\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43}
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" =
http://search.ask.co...&l=dis&o=CMNTDFIE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" =
http://search.yahoo....psg&type=CMNTDFIE - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" =
http://www.bing.com/...rc=IE-SearchBox IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2887097447-186780515-742582406-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://g.msn.com/HPCOM/1IE - HKU\S-1-5-21-2887097447-186780515-742582406-1002\..\SearchScopes,DefaultScope = {9A3E76CB-CFD2-4B3F-A89E-9E715EA4DAC0}
IE - HKU\S-1-5-21-2887097447-186780515-742582406-1002\..\SearchScopes\{9A3E76CB-CFD2-4B3F-A89E-9E715EA4DAC0}: "URL" =
http://www.google.co...utputEncoding?}IE - HKU\S-1-5-21-2887097447-186780515-742582406-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - user.js - File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_3_300_268.dll File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files (x86)\Common Files\Motive\npMotive.dll (Motive, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\
[email protected]: c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\ [2011/03/06 18:16:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\
[email protected]: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012/07/06 20:20:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/07/19 16:58:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2012/06/20 08:36:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Peter\AppData\Roaming\Mozilla\Extensions
[2012/07/20 12:07:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\xt8mvko7.default\extensions
[2012/07/20 12:07:22 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\xt8mvko7.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2012/07/19 10:04:36 | 000,000,000 | ---D | M] (DoNotTrackPlus) -- C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\xt8mvko7.default\extensions\
[email protected][2012/06/20 08:18:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/07/19 10:00:59 | 000,047,822 | ---- | M] () (No name found) -- C:\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT8MVKO7.DEFAULT\EXTENSIONS\
[email protected][2012/07/19 16:58:04 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/07/17 16:18:49 | 000,003,771 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/06/14 18:19:40 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/06/14 18:19:40 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
========== Chrome ========== CHR - homepage:
http://www.google.comCHR - homepage:
http://www.google.comCHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.57\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.57\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Peter\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.0.0.10297_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Motive Plugin (Enabled) = C:\Program Files (x86)\Common Files\Motive\npMotive.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.2.183.29\npGoogleOneClick8.dll
CHR - plugin: Java Platform SE 7 U5 (Enabled) = C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Skype Click to Call = C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.0.0.10297_0\
CHR - Extension: Gmail = C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2012/07/26 07:56:22 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (File Sanitizer for HP ProtectTools) - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-2887097447-186780515-742582406-1002\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4:
64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:
64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.exe (Broadcom Corporation)
O4:
64bit: - HKLM..\Run: [itype] c:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4:
64bit: - HKLM..\Run: [MfeEpePcMonitor] C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe ()
O4:
64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Anti-phishing Domain Advisor] C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe (Visicom Media Inc. (Powered by Panda Security))
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe (Hewlett-Packard)
O4 - HKLM..\Run: [FUFAXSTM] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [HP HD Webcam [Fixed]_Monitor] C:\Program Files (x86)\HP HD Webcam [Fixed]\monitor.exe ()
O4 - HKLM..\Run: [HPQuickWebProxy] c:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [IFXSPMGT] c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe (Infineon Technologies AG)
O4 - HKLM..\Run: [NUSB3MON] c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-21-2887097447-186780515-742582406-1002..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - Startup: C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CNET TechTracker.lnk = C:\Users\Peter\AppData\Roaming\CBS Interactive\CNET TechTracker\TechTracker.exe ()
O4 - Startup: C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sfax Printer Driver - Auto Update.lnk = C:\Sfax\SfaxDriverUpdate.exe (SecureCare Technologies)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2887097447-186780515-742582406-1002\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2887097447-186780515-742582406-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:
64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8:
64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:
64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:
64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:
64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967}
http://dlm.tools.aka...vex-2.2.6.0.cab (DLM Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{672FB6AB-8FCA-454A-961A-108F7F9DB738}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E96F5685-C65F-4776-A433-E6FD5A090BE9}: DhcpNameServer = 10.0.0.1
O18:
64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:
64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:
64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:
64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:
64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\windows\SysNative\userinit.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\DeviceNP: DllName - (DeviceNP.dll) - C:\windows\SysWow64\DeviceNP.dll (Hewlett-Packard Company)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/03/22 00:24:09 | 000,000,175 | R--- | M] () - H:\autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:
64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
NetSvcs:
64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ========== [2012/07/30 20:40:17 | 000,597,504 | ---- | C] (OldTimer Tools) -- C:\Users\Peter\Desktop\OTL(2).exe
[2012/07/30 17:32:17 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\Avira
[2012/07/30 17:28:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012/07/30 17:28:11 | 000,132,832 | ---- | C] (Avira GmbH) -- C:\windows\SysNative\drivers\avipbb.sys
[2012/07/30 17:28:11 | 000,098,848 | ---- | C] (Avira GmbH) -- C:\windows\SysNative\drivers\avgntflt.sys
[2012/07/30 17:28:11 | 000,027,760 | ---- | C] (Avira GmbH) -- C:\windows\SysNative\drivers\avkmgr.sys
[2012/07/30 17:28:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012/07/30 17:28:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2012/07/30 11:54:34 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2012/07/30 11:21:36 | 000,000,000 | ---D | C] -- C:\AMD
[2012/07/30 09:58:09 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Local\Secunia PSI
[2012/07/30 09:58:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Secunia
[2012/07/27 14:24:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2012/07/25 19:53:54 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2012/07/25 19:39:46 | 000,000,000 | ---D | C] -- C:\windows\erdnt
[2012/07/24 10:42:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvisoft
[2012/07/24 10:42:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Anvisoft
[2012/07/21 11:45:14 | 000,000,000 | ---D | C] -- C:\ProgramData\BDLogging
[2012/07/21 11:44:53 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\windows\capicom.dll
[2012/07/21 11:34:27 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\QuickScan
[2012/07/21 11:31:07 | 000,000,000 | ---D | C] -- C:\Program Files\Bitdefender
[2012/07/21 11:30:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bitdefender
[2012/07/21 10:44:25 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2012/07/21 10:37:31 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\Roxio Log Files
[2012/07/20 13:27:47 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Local\blekkotb_031
[2012/07/20 10:52:20 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Local\ElevatedDiagnostics
[2012/07/20 10:46:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/07/20 10:44:08 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERSetup
[2012/07/20 10:44:07 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\SUPERAntiSpyware.com
[2012/07/20 10:43:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2012/07/20 10:43:08 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012/07/19 17:37:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeaTimer (Spybot - Search & Destroy)
[2012/07/19 17:37:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SDHelper (Spybot - Search & Destroy)
[2012/07/19 17:37:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Misc. Support Library (Spybot - Search & Destroy)
[2012/07/19 17:37:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\File Scanner Library (Spybot - Search & Destroy)
[2012/07/19 17:35:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012/07/19 17:03:38 | 000,000,000 | ---D | C] -- C:\ProgramData\PDFC
[2012/07/19 17:03:21 | 000,000,000 | ---D | C] -- C:\My Documents
[2012/07/17 16:18:53 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Local\SlimWare Utilities Inc
[2012/07/17 16:17:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SlimCleaner
[2012/07/17 16:17:18 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Downloaded Installers
[2012/07/17 14:40:20 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\Anvisoft
[2012/07/17 14:40:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Anvisoft
[2012/07/17 14:11:43 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/07/11 14:50:51 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
[2012/07/11 14:50:51 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll
[2012/07/11 14:50:51 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2012/07/11 14:50:51 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2012/07/11 14:50:50 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2012/07/11 14:50:50 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2012/07/11 14:50:50 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2012/07/11 14:50:50 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2012/07/11 14:50:49 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2012/07/11 14:50:49 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2012/07/11 14:50:49 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2012/07/11 14:50:49 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2012/07/11 14:50:49 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2012/07/11 11:15:14 | 000,173,656 | ---- | C] (JMicron Technology Corporation) -- C:\windows\SysNative\drivers\jmcr.sys
[2012/07/11 11:15:13 | 000,026,200 | ---- | C] (JMicron Technology Corp.) -- C:\windows\SysNative\drivers\johci.sys
[2012/07/11 11:14:08 | 000,360,624 | ---- | C] (Intel Corporation) -- C:\windows\SysNative\drivers\e1c62x64.sys
[2012/07/11 11:13:22 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbport.sys
[2012/07/11 11:13:22 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbd.sys
[2012/07/11 11:12:45 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wwanprotdim.dll
[2012/07/11 08:07:44 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msxml3r.dll
[2012/07/11 08:07:44 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msxml3r.dll
[2012/07/11 08:07:34 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncrypt.dll
[2012/07/11 08:07:33 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cdosys.dll
[2012/07/11 08:07:33 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cdosys.dll
[2012/07/10 17:39:43 | 000,000,000 | ---D | C] -- C:\Users\Peter\Desktop\sitebackup
[2012/07/10 07:40:22 | 000,000,000 | ---D | C] -- C:\Users\Peter\Documents\Peter
[2012/07/09 09:45:27 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Adobe
[2012/07/09 09:45:26 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012/07/09 09:44:22 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012/07/06 07:57:13 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2012/07/06 07:51:57 | 000,000,000 | ---D | C] -- C:\ProgramData\ALM
[2012/07/06 07:47:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2
[2012/07/06 07:42:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Design and Web Premium CS6
[2012/07/06 07:39:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2012/07/06 07:24:56 | 000,000,000 | ---D | C] -- C:\Users\Peter\Desktop\Adobe CS6 Design and Web Premium
[2012/07/05 21:42:19 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2012/07/03 14:23:28 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\Hewlett-Packard Company
[2012/07/03 14:11:16 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012/07/03 14:10:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2012/07/03 14:06:42 | 001,828,864 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\windows\SysWow64\atiumdmv.dll
[2012/07/03 14:06:42 | 001,113,088 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\windows\SysNative\atiumd6v.dll
[2012/07/03 14:06:42 | 000,423,424 | ---- | C] (ATI Technologies, Inc.) -- C:\windows\SysNative\atipdl64.dll
[2012/07/03 14:06:42 | 000,120,320 | ---- | C] (AMD) -- C:\windows\SysNative\atitmm64.dll
[2012/07/03 14:06:42 | 000,095,248 | ---- | C] (Advanced Micro Devices) -- C:\windows\SysNative\drivers\AtihdW76.sys
[2012/07/03 14:06:42 | 000,031,744 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\windows\SysWow64\atiuxpag.dll
[2012/07/03 14:06:41 | 024,866,816 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\windows\SysNative\atio6axx.dll
[2012/07/03 14:06:41 | 018,757,120 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\windows\SysWow64\atioglxx.dll
[2012/07/03 14:06:41 | 010,497,536 | ---- | C] (ATI Technologies Inc.) -- C:\windows\SysNative\drivers\atikmdag.sys
[2012/07/03 14:06:41 | 009,978,880 | ---- | C] (Advanced Micro Devices Inc.) -- C:\windows\SysNative\aticaldd64.dll
[2012/07/03 14:06:41 | 008,449,024 | ---- | C] (Advanced Micro Devices Inc.) -- C:\windows\SysWow64\aticaldd.dll
[2012/07/03 14:06:41 | 004,292,096 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\windows\SysWow64\atidxx32.dll
[2012/07/03 14:06:41 | 000,517,120 | ---- | C] (AMD) -- C:\windows\SysNative\atieclxx.exe
[2012/07/03 14:06:41 | 000,486,912 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\windows\SysNative\atiadlxx.dll
[2012/07/03 14:06:41 | 000,466,944 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\windows\SysNative\ATIDEMGX.dll
[2012/07/03 14:06:41 | 000,326,656 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\windows\SysNative\drivers\atikmpag.sys
[2012/07/03 14:06:41 | 000,204,288 | ---- | C] (AMD) -- C:\windows\SysNative\atiesrxx.exe
[2012/07/03 14:06:41 | 000,159,744 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\windows\SysNative\atiapfxx.exe
[2012/07/03 14:06:41 | 000,059,392 | ---- | C] (ATI Technologies, Inc.) -- C:\windows\SysNative\atiedu64.dll
[2012/07/03 14:06:41 | 000,054,784 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\windows\SysNative\atimpc64.dll
[2012/07/03 14:06:41 | 000,054,784 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\windows\SysNative\amdpcom64.dll
[2012/07/03 14:06:41 | 000,053,760 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\windows\SysWow64\atimpc32.dll
[2012/07/03 14:06:41 | 000,053,760 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\windows\SysWow64\amdpcom32.dll
[2012/07/03 14:06:41 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\windows\SysNative\drivers\ati2erec.dll
[2012/07/03 14:06:41 | 000,051,200 | ---- | C] (Advanced Micro Devices Inc.) -- C:\windows\SysNative\aticalrt64.dll
[2012/07/03 14:06:41 | 000,046,080 | ---- | C] (Advanced Micro Devices Inc.) -- C:\windows\SysWow64\aticalrt.dll
[2012/07/03 14:06:41 | 000,044,544 | ---- | C] (Advanced Micro Devices Inc.) -- C:\windows\SysNative\aticalcl64.dll
[2012/07/03 14:06:41 | 000,044,032 | ---- | C] (Advanced Micro Devices Inc.) -- C:\windows\SysWow64\aticalcl.dll
[2012/07/03 14:06:41 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\windows\SysWow64\ati2edxx.dll
[2012/07/03 14:06:41 | 000,039,936 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\windows\SysNative\atig6txx.dll
[2012/07/03 14:06:41 | 000,032,768 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\windows\SysWow64\atigktxx.dll
[2012/07/03 14:06:41 | 000,021,504 | ---- | C] (AMD) -- C:\windows\SysNative\atimuixx.dll
[2012/07/03 14:06:41 | 000,017,408 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\windows\SysNative\atig6pxx.dll
[2012/07/03 14:06:41 | 000,014,336 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\windows\SysWow64\atiglpxx.dll
[2012/07/03 14:06:41 | 000,014,336 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\windows\SysNative\atiglpxx.dll
========== Files - Modified Within 30 Days ========== [2012/08/01 14:02:01 | 000,000,896 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/08/01 13:05:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2012/08/01 11:02:16 | 000,000,892 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/08/01 08:59:45 | 000,020,944 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/01 08:59:45 | 000,020,944 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/01 08:11:27 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/07/30 22:01:15 | 4242,911,232 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/30 21:57:50 | 000,000,114 | ---- | M] () -- C:\Users\Peter\Desktop\winsock.bat
[2012/07/30 20:40:01 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\Peter\Desktop\OTL(2).exe
[2012/07/30 17:28:22 | 000,002,066 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012/07/30 16:24:02 | 000,039,338 | ---- | M] () -- C:\Users\Peter\Desktop\Koala.jpg
[2012/07/30 12:16:05 | 000,002,179 | ---- | M] () -- C:\Users\Public\Desktop\HP Support Assistant.lnk
[2012/07/30 09:58:04 | 000,001,106 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2012/07/27 15:05:12 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2012/07/27 15:05:12 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/07/27 14:22:23 | 141,399,160 | ---- | M] () -- C:\Users\Peter\Desktop\setup_11.0.0.1245.x01_2012_07_27_21_02.exe
[2012/07/26 07:56:22 | 000,000,098 | ---- | M] () -- C:\windows\SysNative\drivers\etc\Hosts
[2012/07/24 10:41:39 | 000,782,922 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2012/07/24 10:41:39 | 000,664,872 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2012/07/24 10:41:39 | 000,122,698 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2012/07/22 07:53:03 | 000,000,000 | ---- | M] () -- C:\windows\ativpsrm.bin
[2012/07/21 17:33:51 | 000,000,359 | ---- | M] () -- C:\windows\SysNative\checkdnsid.xml
[2012/07/21 14:48:03 | 005,037,248 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2012/07/21 11:45:43 | 000,000,385 | ---- | M] () -- C:\windows\SysNative\user_gensett.xml
[2012/07/21 11:45:20 | 000,000,000 | -H-- | M] () -- C:\windows\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf
[2012/07/20 10:46:32 | 000,002,255 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012/07/20 10:46:32 | 000,002,239 | ---- | M] () -- C:\Users\Peter\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/07/20 09:52:03 | 000,001,280 | ---- | M] () -- C:\Users\Peter\Documents\SPI - Shortcut.lnk
[2012/07/19 18:00:21 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/19 09:43:22 | 000,002,052 | ---- | M] () -- C:\windows\epplauncher.mif
[2012/07/18 08:14:36 | 000,000,332 | ---- | M] () -- C:\windows\tasks\HPCeeScheduleForPeter.job
[2012/07/17 14:14:36 | 000,105,808 | ---- | M] () -- C:\Users\Peter\Documents\cc_20120717_141427.reg
[2012/07/11 11:15:09 | 000,173,656 | ---- | M] (JMicron Technology Corporation) -- C:\windows\SysNative\drivers\jmcr.sys
[2012/07/11 11:15:09 | 000,026,200 | ---- | M] (JMicron Technology Corp.) -- C:\windows\SysNative\drivers\johci.sys
[2012/07/11 11:09:30 | 000,000,000 | RHS- | M] () -- C:\windows\SysNative\drivers\103C_HP_bNB_EliteBook 8560p_Y5336AN_0U_Q5CB2113YCX_E629175-001_4A_I1618_SHP_V97.4A_B68SCF F.22_T111222_W748-1_L409_M4047_J500_7Intel_86A7_92.50_#110306_N80861502;14E44353_(LJ548UT#ABA)_XMOBILE_CN10_Z_2A0001D02.MRK
[2012/07/09 14:55:23 | 000,001,131 | ---- | M] () -- C:\Users\Peter\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2012/07/06 20:20:54 | 000,002,026 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
[2012/07/03 14:23:49 | 000,000,178 | ---- | M] () -- C:\windows\SysNative\HPPA.ini
[2012/07/03 14:10:58 | 000,000,473 | ---- | M] () -- C:\windows\SysNative\MAPISVC.INF
[2012/07/03 14:10:57 | 000,000,976 | ---- | M] () -- C:\windows\SysWow64\mapisvc.inf
[2012/07/03 14:06:08 | 000,095,248 | ---- | M] (Advanced Micro Devices) -- C:\windows\SysNative\drivers\AtihdW76.sys
[2012/07/03 14:06:00 | 000,204,952 | ---- | M] () -- C:\windows\SysWow64\ativvsvl.dat
[2012/07/03 14:06:00 | 000,204,952 | ---- | M] () -- C:\windows\SysNative\ativvsvl.dat
[2012/07/03 14:06:00 | 000,157,144 | ---- | M] () -- C:\windows\SysWow64\ativvsva.dat
[2012/07/03 14:06:00 | 000,157,144 | ---- | M] () -- C:\windows\SysNative\ativvsva.dat
[2012/07/03 14:06:00 | 000,058,880 | ---- | M] (AMD) -- C:\windows\SysNative\coinst.dll
[2012/07/03 14:06:00 | 000,040,960 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\windows\SysNative\atiuxp64.dll
[2012/07/03 14:06:00 | 000,031,744 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\windows\SysWow64\atiuxpag.dll
[2012/07/03 14:05:59 | 004,353,536 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\windows\SysWow64\atiumdag.dll
[2012/07/03 14:05:59 | 004,189,184 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\windows\SysWow64\atiumdva.dll
[2012/07/03 14:05:59 | 001,988,768 | ---- | M] () -- C:\windows\SysWow64\atiumdva.cap
[2012/07/03 14:05:59 | 001,828,864 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\windows\SysWow64\atiumdmv.dll
[2012/07/03 14:05:57 | 024,866,816 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\windows\SysNative\atio6axx.dll
[2012/07/03 14:05:57 | 018,757,120 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\windows\SysWow64\atioglxx.dll
[2012/07/03 14:05:57 | 010,497,536 | ---- | M] (ATI Technologies Inc.) -- C:\windows\SysNative\drivers\atikmdag.sys
[2012/07/03 14:05:57 | 005,510,144 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\windows\SysNative\atiumd64.dll
[2012/07/03 14:05:57 | 005,041,664 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\windows\SysNative\atidxx64.dll
[2012/07/03 14:05:57 | 004,292,096 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\windows\SysWow64\atidxx32.dll
[2012/07/03 14:05:57 | 004,044,288 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\windows\SysNative\atiumd6a.dll
[2012/07/03 14:05:57 | 001,987,040 | ---- | M] () -- C:\windows\SysNative\atiumd6a.cap
[2012/07/03 14:05:57 | 001,113,088 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\windows\SysNative\atiumd6v.dll
[2012/07/03 14:05:57 | 000,892,416 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\windows\SysNative\aticfx64.dll
[2012/07/03 14:05:57 | 000,517,120 | ---- | M] (AMD) -- C:\windows\SysNative\atieclxx.exe
[2012/07/03 14:05:57 | 000,466,944 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\windows\SysNative\ATIDEMGX.dll
[2012/07/03 14:05:57 | 000,423,424 | ---- | M] (ATI Technologies, Inc.) -- C:\windows\SysNative\atipdl64.dll
[2012/07/03 14:05:57 | 000,356,352 | ---- | M] (ATI Technologies, Inc.) -- C:\windows\SysWow64\atipdlxx.dll
[2012/07/03 14:05:57 | 000,326,656 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\windows\SysNative\drivers\atikmpag.sys
[2012/07/03 14:05:57 | 000,239,869 | ---- | M] () -- C:\windows\SysNative\atiicdxx.dat
[2012/07/03 14:05:57 | 000,204,288 | ---- | M] (AMD) -- C:\windows\SysNative\atiesrxx.exe
[2012/07/03 14:05:57 | 000,120,320 | ---- | M] (AMD) -- C:\windows\SysNative\atitmm64.dll
[2012/07/03 14:05:57 | 000,059,392 | ---- | M] (ATI Technologies, Inc.) -- C:\windows\SysNative\atiedu64.dll
[2012/07/03 14:05:57 | 000,054,784 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\windows\SysNative\atimpc64.dll
[2012/07/03 14:05:57 | 000,054,784 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\windows\SysNative\amdpcom64.dll
[2012/07/03 14:05:57 | 000,053,760 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\windows\SysWow64\atimpc32.dll
[2012/07/03 14:05:57 | 000,053,760 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\windows\SysWow64\amdpcom32.dll
[2012/07/03 14:05:57 | 000,039,936 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\windows\SysNative\atig6txx.dll
[2012/07/03 14:05:57 | 000,038,912 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\windows\SysNative\atiu9p64.dll
[2012/07/03 14:05:57 | 000,036,194 | ---- | M] () -- C:\windows\atiogl.xml
[2012/07/03 14:05:57 | 000,032,768 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\windows\SysWow64\atigktxx.dll
[2012/07/03 14:05:57 | 000,029,184 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\windows\SysWow64\atiu9pag.dll
[2012/07/03 14:05:57 | 000,021,504 | ---- | M] (AMD) -- C:\windows\SysNative\atimuixx.dll
[2012/07/03 14:05:57 | 000,017,408 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\windows\SysNative\atig6pxx.dll
[2012/07/03 14:05:57 | 000,014,336 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\windows\SysWow64\atiglpxx.dll
[2012/07/03 14:05:57 | 000,014,336 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\windows\SysNative\atiglpxx.dll
[2012/07/03 14:05:57 | 000,003,917 | ---- | M] () -- C:\windows\SysWow64\atipblag.dat
[2012/07/03 14:05:57 | 000,003,917 | ---- | M] () -- C:\windows\SysNative\atipblag.dat
[2012/07/03 14:05:56 | 009,978,880 | ---- | M] (Advanced Micro Devices Inc.) -- C:\windows\SysNative\aticaldd64.dll
[2012/07/03 14:05:56 | 008,449,024 | ---- | M] (Advanced Micro Devices Inc.) -- C:\windows\SysWow64\aticaldd.dll
[2012/07/03 14:05:56 | 000,748,544 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\windows\SysWow64\aticfx32.dll
[2012/07/03 14:05:56 | 000,486,912 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\windows\SysNative\atiadlxx.dll
[2012/07/03 14:05:56 | 000,339,968 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\windows\SysWow64\atiadlxy.dll
[2012/07/03 14:05:56 | 000,205,720 | ---- | M] () -- C:\windows\SysWow64\atiapfxx.blb
[2012/07/03 14:05:56 | 000,205,720 | ---- | M] () -- C:\windows\SysNative\atiapfxx.blb
[2012/07/03 14:05:56 | 000,159,744 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\windows\SysNative\atiapfxx.exe
[2012/07/03 14:05:56 | 000,053,248 | ---- | M] (ATI Technologies Inc.) -- C:\windows\SysNative\drivers\ati2erec.dll
[2012/07/03 14:05:56 | 000,051,200 | ---- | M] (Advanced Micro Devices Inc.) -- C:\windows\SysNative\aticalrt64.dll
[2012/07/03 14:05:56 | 000,046,080 | ---- | M] (Advanced Micro Devices Inc.) -- C:\windows\SysWow64\aticalrt.dll
[2012/07/03 14:05:56 | 000,044,544 | ---- | M] (Advanced Micro Devices Inc.) -- C:\windows\SysNative\aticalcl64.dll
[2012/07/03 14:05:56 | 000,044,032 | ---- | M] (Advanced Micro Devices Inc.) -- C:\windows\SysWow64\aticalcl.dll
[2012/07/03 14:05:56 | 000,043,520 | ---- | M] (ATI Technologies, Inc.) -- C:\windows\SysWow64\ati2edxx.dll
[2012/07/03 14:04:55 | 000,008,192 | ---- | M] () -- C:\windows\SysNative\drivers\IntelMEFWVer.dll
[2012/07/03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
========== Files Created - No Company Name ========== [2012/07/30 21:58:07 | 000,000,114 | ---- | C] () -- C:\Users\Peter\Desktop\winsock.bat
[2012/07/30 17:28:22 | 000,002,066 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012/07/30 16:24:02 | 000,039,338 | ---- | C] () -- C:\Users\Peter\Desktop\Koala.jpg
[2012/07/30 12:16:05 | 000,002,179 | ---- | C] () -- C:\Users\Public\Desktop\HP Support Assistant.lnk
[2012/07/30 09:58:04 | 000,001,106 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2012/07/30 09:58:04 | 000,001,069 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
[2012/07/27 14:20:20 | 141,399,160 | ---- | C] () -- C:\Users\Peter\Desktop\setup_11.0.0.1245.x01_2012_07_27_21_02.exe
[2012/07/22 07:53:03 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2012/07/21 12:07:15 | 000,000,359 | ---- | C] () -- C:\windows\SysNative\checkdnsid.xml
[2012/07/21 11:45:43 | 000,000,385 | ---- | C] () -- C:\windows\SysNative\user_gensett.xml
[2012/07/21 11:45:20 | 000,000,000 | -H-- | C] () -- C:\windows\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf
[2012/07/20 10:46:32 | 000,002,255 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012/07/20 10:46:32 | 000,002,239 | ---- | C] () -- C:\Users\Peter\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/07/20 10:44:02 | 000,000,896 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/07/20 10:44:01 | 000,000,892 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/07/20 09:52:03 | 000,001,280 | ---- | C] () -- C:\Users\Peter\Documents\SPI - Shortcut.lnk
[2012/07/19 09:43:22 | 000,002,052 | ---- | C] () -- C:\windows\epplauncher.mif
[2012/07/17 14:14:29 | 000,105,808 | ---- | C] () -- C:\Users\Peter\Documents\cc_20120717_141427.reg
[2012/07/10 07:36:52 | 000,001,097 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Content Viewer.lnk
[2012/07/09 14:55:23 | 000,001,131 | ---- | C] () -- C:\Users\Peter\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2012/07/06 07:47:55 | 000,002,026 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
[2012/07/06 07:47:51 | 000,002,465 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
[2012/07/06 07:47:51 | 000,002,453 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk
[2012/07/06 07:45:18 | 000,001,097 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Widget Browser.lnk
[2012/07/06 07:42:41 | 000,000,997 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
[2012/07/03 14:10:58 | 000,000,473 | ---- | C] () -- C:\windows\SysNative\MAPISVC.INF
[2012/07/03 14:06:42 | 001,988,768 | ---- | C] () -- C:\windows\SysWow64\atiumdva.cap
[2012/07/03 14:06:42 | 001,987,040 | ---- | C] () -- C:\windows\SysNative\atiumd6a.cap
[2012/07/03 14:06:42 | 000,204,952 | ---- | C] () -- C:\windows\SysWow64\ativvsvl.dat
[2012/07/03 14:06:42 | 000,204,952 | ---- | C] () -- C:\windows\SysNative\ativvsvl.dat
[2012/07/03 14:06:42 | 000,157,144 | ---- | C] () -- C:\windows\SysWow64\ativvsva.dat
[2012/07/03 14:06:42 | 000,157,144 | ---- | C] () -- C:\windows\SysNative\ativvsva.dat
[2012/07/03 14:06:41 | 000,239,869 | ---- | C] () -- C:\windows\SysNative\atiicdxx.dat
[2012/07/03 14:06:41 | 000,205,720 | ---- | C] () -- C:\windows\SysWow64\atiapfxx.blb
[2012/07/03 14:06:41 | 000,205,720 | ---- | C] () -- C:\windows\SysNative\atiapfxx.blb
[2012/07/03 14:06:41 | 000,036,194 | ---- | C] () -- C:\windows\atiogl.xml
[2012/07/03 14:06:41 | 000,003,917 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat
[2012/07/03 14:06:41 | 000,003,917 | ---- | C] () -- C:\windows\SysNative\atipblag.dat
[2012/06/21 10:53:46 | 000,012,355 | ---- | C] () -- C:\Users\Peter\.recently-used.xbel
[2012/05/21 10:55:19 | 000,073,220 | ---- | C] () -- C:\windows\SysWow64\EPPICPrinterDB.dat
[2012/05/21 10:55:19 | 000,031,053 | ---- | C] () -- C:\windows\SysWow64\EPPICPattern131.dat
[2012/05/21 10:55:19 | 000,029,114 | ---- | C] () -- C:\windows\SysWow64\EPPICPattern1.dat
[2012/05/21 10:55:19 | 000,027,417 | ---- | C] () -- C:\windows\SysWow64\EPPICPattern121.dat
[2012/05/21 10:55:19 | 000,021,021 | ---- | C] () -- C:\windows\SysWow64\EPPICPattern3.dat
[2012/05/21 10:55:19 | 000,015,670 | ---- | C] () -- C:\windows\SysWow64\EPPICPattern5.dat
[2012/05/21 10:55:19 | 000,013,280 | ---- | C] () -- C:\windows\SysWow64\EPPICPattern2.dat
[2012/05/21 10:55:19 | 000,010,673 | ---- | C] () -- C:\windows\SysWow64\EPPICPattern4.dat
[2012/05/21 10:55:19 | 000,004,943 | ---- | C] () -- C:\windows\SysWow64\EPPICPattern6.dat
[2012/05/21 10:55:19 | 000,001,140 | ---- | C] () -- C:\windows\SysWow64\EPPICPresetData_PT.dat
[2012/05/21 10:55:19 | 000,001,140 | ---- | C] () -- C:\windows\SysWow64\EPPICPresetData_BP.dat
[2012/05/21 10:55:19 | 000,001,137 | ---- | C] () -- C:\windows\SysWow64\EPPICPresetData_ES.dat
[2012/05/21 10:55:19 | 000,001,130 | ---- | C] () -- C:\windows\SysWow64\EPPICPresetData_FR.dat
[2012/05/21 10:55:19 | 000,001,130 | ---- | C] () -- C:\windows\SysWow64\EPPICPresetData_CF.dat
[2012/05/21 10:55:19 | 000,001,104 | ---- | C] () -- C:\windows\SysWow64\EPPICPresetData_EN.dat
[2012/05/21 10:55:19 | 000,000,097 | ---- | C] () -- C:\windows\SysWow64\PICSDK.ini
[2012/05/21 10:53:39 | 000,000,060 | ---- | C] () -- C:\windows\EWF630.ini
[2012/05/12 13:27:23 | 000,000,059 | ---- | C] () -- C:\windows\settings.INI
[2012/03/20 21:35:49 | 000,003,120 | ---- | C] () -- C:\windows\SysWow64\drivers\wddchdg.sys
[2012/03/20 21:13:36 | 000,094,776 | ---- | C] () -- C:\windows\un_dext.exe
[2012/03/20 21:13:36 | 000,087,928 | ---- | C] () -- C:\windows\SPRemove_x64.exe
[2012/03/20 21:13:36 | 000,014,409 | ---- | C] () -- C:\windows\TWAIN2080.ini
[2012/03/20 21:13:36 | 000,003,892 | ---- | C] () -- C:\windows\Dext_27.ini
[2012/03/20 21:13:36 | 000,003,884 | ---- | C] () -- C:\windows\Dext_25.ini
[2012/03/20 21:13:36 | 000,003,672 | ---- | C] () -- C:\windows\Dext_31.ini
[2012/03/20 21:13:36 | 000,003,648 | ---- | C] () -- C:\windows\Dext_36.ini
[2012/03/20 21:13:36 | 000,003,450 | ---- | C] () -- C:\windows\Dext_29.ini
[2012/03/20 21:13:36 | 000,003,342 | ---- | C] () -- C:\windows\Dext_30.ini
[2012/03/20 21:13:36 | 000,002,153 | ---- | C] () -- C:\windows\remove.ini
[2012/03/20 21:13:35 | 000,003,926 | ---- | C] () -- C:\windows\Dext_12.ini
[2012/03/20 21:13:35 | 000,003,882 | ---- | C] () -- C:\windows\Dext_21.ini
[2012/03/20 21:13:35 | 000,003,820 | ---- | C] () -- C:\windows\Dext_11.ini
[2012/03/20 21:13:35 | 000,003,802 | ---- | C] () -- C:\windows\Dext_14.ini
[2012/03/20 21:13:35 | 000,003,802 | ---- | C] () -- C:\windows\Dext_05.ini
[2012/03/20 21:13:35 | 000,003,704 | ---- | C] () -- C:\windows\Dext_10.ini
[2012/03/20 21:13:35 | 000,003,700 | ---- | C] () -- C:\windows\Dext_16.ini
[2012/03/20 21:13:35 | 000,003,682 | ---- | C] () -- C:\windows\Dext_08.ini
[2012/03/20 21:13:35 | 000,003,624 | ---- | C] () -- C:\windows\Dext_1046.ini
[2012/03/20 21:13:35 | 000,003,622 | ---- | C] () -- C:\windows\Dext_20.ini
[2012/03/20 21:13:35 | 000,003,588 | ---- | C] () -- C:\windows\Dext_06.ini
[2012/03/20 21:13:35 | 000,003,586 | ---- | C] () -- C:\windows\Dext_22.ini
[2012/03/20 21:13:35 | 000,003,550 | ---- | C] () -- C:\windows\Dext_19.ini
[2012/03/20 21:13:35 | 000,003,550 | ---- | C] () -- C:\windows\Dext_07.ini
[2012/03/20 21:13:35 | 000,003,522 | ---- | C] () -- C:\windows\Dext_02.ini
[2012/03/20 21:13:35 | 000,003,492 | ---- | C] () -- C:\windows\Dext_24.ini
[2012/03/20 21:13:35 | 000,003,416 | ---- | C] () -- C:\windows\Dext_01.ini
[2012/03/20 21:13:35 | 000,003,220 | ---- | C] () -- C:\windows\Dext_09.ini
[2012/03/20 21:13:35 | 000,003,174 | ---- | C] () -- C:\windows\Dext_13.ini
[2012/03/20 21:13:35 | 000,002,850 | ---- | C] () -- C:\windows\Dext_04.ini
[2012/03/20 21:13:35 | 000,002,750 | ---- | C] () -- C:\windows\Dext_17.ini
[2012/03/20 21:13:35 | 000,002,674 | ---- | C] () -- C:\windows\Dext_18.ini
[2012/03/20 21:13:35 | 000,002,638 | ---- | C] () -- C:\windows\Dext_2052.ini
[2012/01/21 23:25:26 | 000,056,832 | ---- | C] () -- C:\windows\SysWow64\OpenVideo.dll
[2012/01/21 23:25:14 | 000,056,832 | ---- | C] () -- C:\windows\SysWow64\OVDecoder.dll
[2011/09/05 09:57:34 | 000,366,136 | ---- | C] () -- C:\windows\SysWow64\flcdlmsg.dll
[2011/08/23 10:10:44 | 000,000,256 | ---- | C] () -- C:\windows\SysWow64\vcsAPIShared.dll.hpsign
[2011/05/30 21:58:34 | 000,185,168 | ---- | C] () -- C:\windows\SysWow64\PassThroughOTP.dll
[2011/05/30 21:58:34 | 000,000,256 | ---- | C] () -- C:\windows\SysWow64\PassThroughOTP.dll.hpsign
[2011/03/06 18:31:06 | 000,003,120 | ---- | C] () -- C:\windows\SysWow64\drivers\wddbidc.sys
[2011/03/06 18:16:23 | 000,003,120 | ---- | C] () -- C:\windows\SysWow64\drivers\wddbiai.sys
[2011/03/06 17:49:18 | 000,798,674 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2011/02/25 18:32:12 | 000,012,144 | ---- | C] () -- C:\windows\HPun2430Version.dll
[2011/02/12 00:07:16 | 000,000,256 | ---- | C] () -- C:\windows\SysWow64\DPSCEL.dll.hpsign
[2011/02/12 00:07:16 | 000,000,256 | ---- | C] () -- C:\windows\SysWow64\DPFPApi.dll.hpsign
[2011/02/12 00:07:16 | 000,000,256 | ---- | C] () -- C:\windows\SysWow64\DPClback.dll.hpsign
[2011/02/12 00:04:36 | 000,000,256 | ---- | C] () -- C:\windows\SysWow64\DPLic.dll.hpsign
[2011/02/03 00:49:02 | 000,000,256 | ---- | C] () -- C:\windows\SysWow64\DPFPApiUI.dll.hpsign
[2011/02/03 00:47:42 | 000,000,256 | ---- | C] () -- C:\windows\SysWow64\DPPassFilter.dll.hpsign
[2011/02/03 00:47:42 | 000,000,256 | ---- | C] () -- C:\windows\SysWow64\DPCrProv.dll.hpsign
[2011/01/29 19:49:32 | 000,017,232 | ---- | C] () -- C:\windows\SysWow64\CoHpCasl.exe
[2011/01/10 23:03:08 | 086,271,980 | ---- | C] () -- C:\windows\SysWow64\BioTrustFace.dat
========== LOP Check ========== [2012/07/26 06:36:19 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\Anvisoft
[2012/05/24 12:57:08 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\CBS Interactive
[2012/07/09 09:45:26 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012/06/01 11:52:19 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\com.dwuser.erwizard.EasyRotatorWizard
[2012/05/12 12:20:08 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\ContinuousClient
[2012/07/17 14:13:59 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\DAEMON Tools Lite
[2012/05/05 15:42:19 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\DigitalPersona
[2012/07/10 07:38:15 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\Epson
[2012/07/17 14:13:59 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\FileZilla
[2012/05/05 15:42:43 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\Infineon
[2012/07/21 10:45:59 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\inkscape
[2012/05/09 09:38:33 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\IrfanView
[2012/07/21 11:34:27 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\QuickScan
[2012/06/26 09:57:32 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\Scribus
[2012/05/25 15:42:15 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\SecondLife
[2012/07/09 09:44:22 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012/05/05 15:54:49 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\Synaptics
[2012/07/18 08:13:33 | 000,022,406 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT
========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe > < MD5 for: EXPLORER.EXE >[2011/02/26 02:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 01:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/13 21:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 01:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2010/10/28 23:06:46 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/26 01:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\erdnt\cache86\explorer.exe
[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 02:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 08:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2010/10/28 23:03:01 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/10/28 23:06:46 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2010/10/28 23:03:01 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 09:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2010/10/28 23:06:46 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2010/10/28 23:03:01 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/13 21:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2010/10/28 23:06:46 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011/02/26 02:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2010/10/28 23:03:01 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: SERVICES >[2009/06/10 17:00:26 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\services
< MD5 for: SERVICES.AIP >[2012/03/29 20:35:50 | 000,375,952 | ---- | M] (Adobe Systems Incorporated) MD5=5965DFD83E10938A579952EB58C10298 -- C:\Program Files (x86)\Adobe\Adobe Illustrator CS6\Plug-ins\Extensions\Services.aip
[2012/03/29 20:35:50 | 000,297,104 | ---- | M] (Adobe Systems Incorporated) MD5=8311BFD3FD21EB8089259C491406A7B0 -- C:\Program Files\Adobe\Adobe Illustrator CS6 (64 Bit)\Plug-ins\Extensions\Services.aip
< MD5 for: SERVICES.ASFX >[2012/04/04 01:54:04 | 000,002,626 | ---- | M] () MD5=8073B18DC740B965256CE0957E363AC5 -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Locale\fr_FR\Services\Services.asfx
[2012/04/04 01:54:04 | 000,002,655 | ---- | M] () MD5=ABFBB9D0398492D849690C344C1316BB -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Locale\de_DE\Services\Services.asfx
< MD5 for: SERVICES.CFG >[2012/04/04 01:54:06 | 000,585,987 | ---- | M] () MD5=7BAB089A4F862C6BC86E0201D5BF1779 -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Services\Services.cfg
[2012/04/04 01:53:54 | 000,585,987 | ---- | M] () MD5=7BAB089A4F862C6BC86E0201D5BF1779 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Services\Services.cfg
[2011/06/06 12:55:30 | 000,584,045 | R--- | M] () MD5=B82DD53FA8C260DDD7FDC42182DB816E -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\services.cfg
[2010/10/25 15:13:46 | 000,032,633 | R--- | M] () MD5=EA1C35DD541D60819D55482130BD585D -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\services.cfg
< MD5 for: SERVICES.EXE >[2009/07/13 21:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\erdnt\cache64\services.exe
[2009/07/13 21:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\windows\SysNative\services.exe
[2009/07/13 21:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
< MD5 for: SERVICES.EXE.MUI >[2009/07/13 22:25:40 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\windows\SysNative\en-US\services.exe.mui
[2009/07/13 22:25:40 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_c5f238be3fa63468\services.exe.mui
< MD5 for: SERVICES.LNK >[2009/07/14 00:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 00:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
< MD5 for: SERVICES.MOF >[2009/06/10 16:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\windows\SysNative\wbem\services.mof
[2009/06/10 16:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.mof
< MD5 for: SERVICES.MSC >[2009/07/13 22:23:30 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\windows\SysNative\en-US\services.msc
[2009/06/10 16:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\windows\SysNative\services.msc
[2009/07/13 22:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\en-US\services.msc
[2009/06/10 17:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\services.msc
[2009/07/13 22:23:30 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_003408aa160fce5b\services.msc
[2009/06/10 16:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_2b58d44b5f6beb8a\services.msc
[2009/07/13 22:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a4156d265db25d25\services.msc
[2009/06/10 17:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc
< MD5 for: SERVICES.PTXML >[2009/07/13 16:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\windows\SysNative\wdi\perftrack\Services.ptxml
[2009/07/13 16:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\Services.ptxml
< MD5 for: SERVICES.SBS >[2011/03/01 09:58:46 | 000,034,818 | ---- | M] () MD5=62AFD4B2025CE6D4706B36F4C4808F9B -- C:\Users\Peter\AppData\SpybotPortable\App\Spybot\Includes\Services.sbs
< MD5 for: SVCHOST.EXE >[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache86\svchost.exe
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2012/07/03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\erdnt\cache64\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\windows\SysNative\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: USERINIT.EXE >[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache86\userinit.exe
[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/13 21:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/13 21:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 09:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\erdnt\cache64\userinit.exe
[2010/11/20 09:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\windows\SysNative\userinit.exe
[2010/11/20 09:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >[2010/11/20 09:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\erdnt\cache64\winlogon.exe
[2010/11/20 09:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\windows\SysNative\winlogon.exe
[2010/11/20 09:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/13 21:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2012/07/03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010/10/28 23:06:46 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2010/10/28 23:06:46 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< HKEY_CURRENT_USER\Software\Microsoft\Windows Media\WMSDK\Local\AutoProxyCache /s > < %systemroot%\*. /mp /s > < %Temp%\smtmp\*.* /s > < hklm\software\clients\startmenuinternet|command /rs >HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/07/19 16:58:03 | 000,865,776 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/07/19 16:58:03 | 000,865,776 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/07/19 16:58:03 | 000,865,776 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files (x86)\Mozilla Firefox\firefox.exe [2012/07/19 16:58:04 | 000,913,888 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -preferences [2012/07/19 16:58:04 | 000,913,888 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -safe-mode [2012/07/19 16:58:04 | 000,913,888 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --show-icons [2012/07/10 00:09:02 | 001,250,328 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --hide-icons [2012/07/10 00:09:02 | 001,250,328 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/07/10 00:09:02 | 001,250,328 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [2012/07/10 00:09:02 | 001,250,328 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2012/05/16 03:10:59 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2012/05/16 03:10:59 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2012/05/16 03:10:59 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2012/06/02 05:08:27 | 000,748,664 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" [2012/06/02 05:08:27 | 000,748,664 | ---- | M] (Microsoft Corporation)
< hklm\software\clients\startmenuinternet|command /64 /rs >64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /HIDESHORTCUTS [2012/07/19 16:58:03 | 000,865,776 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SHOWSHORTCUTS [2012/07/19 16:58:03 | 000,865,776 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SETASDEFAULTAPPGLOBAL [2012/07/19 16:58:03 | 000,865,776 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE [2012/07/19 16:58:04 | 000,913,888 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -PREFERENCES [2012/07/19 16:58:04 | 000,913,888 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -SAFE-MODE [2012/07/19 16:58:04 | 000,913,888 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --SHOW-ICONS [2012/07/10 00:09:02 | 001,250,328 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --HIDE-ICONS [2012/07/10 00:09:02 | 001,250,328 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --MAKE-DEFAULT-BROWSER [2012/07/10 00:09:02 | 001,250,328 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" [2012/07/10 00:09:02 | 001,250,328 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2012/05/16 03:10:45 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2012/05/16 03:10:45 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2012/05/16 03:10:45 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2012/06/02 05:08:27 | 000,748,664 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" [2012/06/02 05:08:27 | 000,748,664 | ---- | M] (Microsoft Corporation)
< End of report >
OTL Extras logfile created on: 7/22/2012 10:53:25 AM - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\Peter\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.95 Gb Total Physical Memory | 1.30 Gb Available Physical Memory | 32.82% Memory free
7.90 Gb Paging File | 4.63 Gb Available in Paging File | 58.63% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 445.52 Gb Total Space | 362.11 Gb Free Space | 81.28% Space Free | Partition Type: NTFS
Drive E: | 14.95 Gb Total Space | 2.23 Gb Free Space | 14.89% Space Free | Partition Type: NTFS
Drive F: | 4.98 Gb Total Space | 2.13 Gb Free Space | 42.68% Space Free | Partition Type: FAT32
Drive H: | 731.81 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Computer Name: CYPRESSHP | User Name: Peter | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01297ADA-BF71-4690-976A-AB38756B45C8}" = lport=137 | protocol=17 | dir=in | app=system |
"{01E8E0BE-9E91-41B8-BC42-C21248682CAB}" = rport=138 | protocol=17 | dir=out | app=system |
"{08142414-B10D-40DB-9642-6AB98D7BFA70}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{118AE81B-0527-4C86-AF0B-D74A97BA8F0A}" = lport=10243 | protocol=6 | dir=in | app=system |
"{1C177D50-64EA-48B3-9A0C-86586782B2B1}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2E3BD507-D3E5-4915-A2EB-883F52D61E04}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4173B48C-BB26-4745-A454-1A2DEE3D968C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5D3BEB81-DB23-4A9A-8951-1B23810FB5C1}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{5EF376AA-A5FF-409B-A237-34D5A3BA3CCA}" = rport=139 | protocol=6 | dir=out | app=system |
"{66007390-31C2-46AC-99F3-29C21CCD479D}" = rport=445 | protocol=6 | dir=out | app=system |
"{85D52CC1-44E7-4332-8C73-D4D44291E5A2}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{949CB058-28DE-443B-8F52-6538359B14C0}" = lport=445 | protocol=6 | dir=in | app=system |
"{998E087F-E79C-444C-AAA9-DEA555FC1256}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9D72324D-E2C2-4C28-A5CB-EDAB0BBE1877}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{B0A6893A-4A40-4E61-9113-DE8C393C0225}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BD3618FC-DB95-4512-9D8D-66C2D8EDF80E}" = rport=10243 | protocol=6 | dir=out | app=system |
"{C1815ADB-7062-4797-8BC9-2183E6BFD1BD}" = lport=139 | protocol=6 | dir=in | app=system |
"{C472DDC3-4FC3-430B-B387-3B2EA0711D41}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C5B471B6-9B0B-4D71-94B7-5806F994CB5A}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{CF1BC53B-B462-4C4F-B0F4-8479DD92769B}" = lport=138 | protocol=17 | dir=in | app=system |
"{CF575B01-EB4A-49D7-B8D4-C0F9860DD0F3}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{DCA81571-CDD8-4533-8F01-40101D157A39}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss |
[email protected],-28539 |
"{E0998163-D809-42CB-B5A5-54AC08293EED}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EBB3FB6B-54EF-4023-AC41-80582482EB93}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F077CEDB-1798-44C6-9A59-A2688D2C13E1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F2044A18-7DC7-44E5-9D51-0801AD7E5038}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F88ED8A4-7AA6-4C7A-A8E4-E6574E4BA340}" = rport=137 | protocol=17 | dir=out | app=system |
========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D0C35BC-833E-4407-9C6A-226E4DD4327D}" = protocol=1 | dir=in |
[email protected],-28543 |
"{1F44A052-46CA-459F-B28F-E27524868922}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2001BF6B-70B9-43EB-A07E-38A51BBC2400}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{2B7E71AF-5E2F-4BBE-9282-D59EC53EBD8C}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{2E364FFB-E101-4444-A495-2E1134A942E3}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{3E4BC1BF-0E48-4923-9833-01BFDD50A9CC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{41E3FBD5-89DD-45F3-B9B7-9C8E7EC94DF0}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{56B9B125-7284-4138-8B50-5024C27B4F78}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{57025D2A-773E-42B8-8B13-2E8099C71E29}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6A994521-E02D-4DEE-BAB6-73A67E8F7DCC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6C21E0AD-3D40-4ACB-A1D9-B32393E83AC8}" = protocol=1 | dir=out |
[email protected],-28544 |
"{755356E6-2277-41D3-B028-FDE9C70CA839}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{88D11B8C-70EE-435F-B807-CECD9D829FFF}" = protocol=58 | dir=in |
[email protected],-28545 |
"{8B0320ED-3A45-4E63-A9B0-62C83EA4F7E2}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{8F02AF08-1DBA-4C5C-9CBC-C6C188A23740}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{ADA883EE-ABD9-4039-BD63-726BAA4B20EA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B109024C-FA98-4D06-B7C6-825E1AEB8532}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B61C576E-E278-4481-8484-03B721F03CD3}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B7D279B6-D65B-458B-A966-341A0C484BE1}" = protocol=6 | dir=out | app=system |
"{B92D48D4-7C53-4A3D-9885-D628348788CD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BF57B37D-C606-41B3-A359-3E687CC70D93}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C4B59F70-36FE-4C90-9759-98023C322355}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C6A809E0-8D77-4B8A-9B12-88C68CC17295}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C971D05B-F0FE-4A8F-AFA7-5E79DA685228}" = protocol=58 | dir=out |
[email protected],-28546 |
"{D6D240F2-07E9-4D75-A167-BD29F6DFEA01}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{E66CF36D-DCD1-411E-A3E0-3B06E0286ED8}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FDCE432B-62E8-41B3-BC97-B82F827F5A51}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"TCP Query User{06A0B1F5-C79C-4726-8B4E-B8DCBF841875}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
"TCP Query User{EB45A15B-346D-4DB6-91E7-0716427A54CD}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
"UDP Query User{20AC0A95-8A1E-430E-BE92-68D5C9C75B7E}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
"UDP Query User{B9E7D5FC-C75D-4C96-B2BE-A8F33760D5DD}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{422BA615-2133-4DC0-8673-09C8CC7557F2}" = HP ProtectTools Security Manager
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = Broadcom 2070 Bluetooth 3.0
"{483D5A49-A26B-4CB8-AA2D-0D1811322061}" = HP DayStarter
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5476AB75-E584-4497-80AF-7F205D8F6F54}" = Privacy Manager for HP ProtectTools
"{55B52830-024A-443E-AF61-61E1E71AFA1B}" = Device Access Manager for HP ProtectTools
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8219EDCB-CE5A-4348-B056-AAC0FE4E99D0}" = Microsoft IntelliType Pro 8.2
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{87821717-5688-4AE6-887A-6B11571D0CD7}" = Embedded Security for HP ProtectTools
"{8A0041CD-277C-4C1F-BFE4-7AC508B20B4C}" = Drive Encryption For HP ProtectTools
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{BFA2D2A7-4FAC-4862-B7A3-960B329C2177}" = Validity Fingerprint Sensor Driver
"{C7AE4EC3-9C13-4213-8457-74D16B353F91}" = HP Web Camera
"{C8E7F1B9-A304-D655-A7BD-669020C47536}" = ccc-utility64
"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{D0A76081-22E4-5B3F-5394-1229DDF73585}" = AMD Catalyst Install Manager
"{D3A775F2-2674-4452-8D80-1FC1446052EE}" = Face Recognition for HP ProtectTools
"{DFB497E0-CE3F-40FC-9596-FC7A48775DE4}" = HP 3D DriveGuard
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FBFC2FD4-DF47-4FBF-8D6D-275B488D87D5}" = HP Power Assistant
"Broadcom 802.11 Wireless LAN Adapter" = Broadcom 802.11 Wireless LAN Adapter
"Broadcom Wireless Utility" = Broadcom Wireless Utility
"BullGuard" = BullGuard Antivirus
"CCleaner" = CCleaner
"EPSON WorkForce 630 Series" = EPSON WorkForce 630 Series Printer Uninstall
"HFRS_is1" = Trend Micro SafeSync
"HPProtectTools" = HP ProtectTools Security Manager
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft IntelliType Pro 8.2" = Microsoft IntelliType Pro 8.2
"PROSet" = Intel® Network Connections Drivers
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{003E5796-EF64-E4F4-E2EE-1E9F0D10E491}" = CCC Help Danish
"{03046EBB-CB7C-4B98-BEFB-690EB955DA22}" = HP Setup
"{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}" = Epson Event Manager
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}" = Epson FAX Utility
"{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}" = SDK
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{11C9A461-DD9D-4C71-85A4-6DCE7F99CC44}" = HP Wallpaper
"{13C96625-28E4-4c58-ADE0-CDAFC64752EB}" = JMicron 1394 Filter Driver
"{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}" = ArcSoft Webcam Sharing Manager
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1D61E881-43CD-447B-9E6B-D2C6138B2862}" = HP Webcam
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20976B1F-E910-404D-9261-C16EE7E12DC8}" = HP QuickWeb
"{226F6E94-8E57-29D5-FD6D-7C89A3AD2F90}" = CCC Help German
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java 7 Update 5
"{26FE0551-FBE8-72A0-7584-D5BCDE41FE33}" = CCC Help Swedish
"{28D9389B-FB3E-B1D4-2EFD-EEAAFCD31523}" = CCC Help Italian
"{2B045220-B747-3DB3-AD03-A494DF676BA7}" = CCC Help Chinese Traditional
"{2C43790E-8470-1027-82D3-DF319F3C410F}" = Intel® Identity Protection Technology 1.0.71.0
"{2CAE55F0-5CD4-FCDE-5AF8-935622308F8D}" = EasyRotator Wizard
"{2E830895-851C-30C2-F3D2-3995E57896E7}" = CCC Help Polish
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{37F52BBE-2D75-55D4-8933-29D9C49A7197}" = CCC Help French
"{3E084D68-4C18-5565-9C14-E1C9218F8059}" = CCC Help Turkish
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{402F6F2E-5683-491C-977D-0CA599A07CAF}" = Adobe CS6 Design and Web Premium
"{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}" = LightScribe System Software
"{46C954CF-5417-04EE-409A-F473BC7AE6E6}" = CCC Help Norwegian
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4BE1D9D9-45B6-48D1-1CAE-F44E7936CD3B}" = Catalyst Control Center
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{52B18ABC-AD5F-4C3C-B391-04F57B380449}" = HP Client Automation Agent Preload
"{531000B3-DBEE-4115-BBF3-DA48B67C053F}" = HP Software Setup
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{62272D4E-78E9-4BAD-B7AA-63072D06AAA9}" = HP Documentation
"{6357258D-2BF9-49E7-A9EF-0C609D52C46D}" = HP ESU for Microsoft Windows 7
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{6807E675-7798-4566-AFEB-767DE67AF6B2}" = Office Timeline 2010
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}" = File Sanitizer For HP ProtectTools
"{6DE35E38-F7EE-4747-569A-0DBA92C51D66}" = Catalyst Control Center Localization All
"{6E9B0E05-5557-9148-0E22-C73F3343DBBE}" = CCC Help Russian
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.2.0
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76093D95-0E4A-D8A7-80AD-4B57B27FD417}" = CCC Help Greek
"{7A6B4340-7090-418F-8976-EE9650B35550}" = HP Connection Manager
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0409-1000-0000000FF1CE}_Office14.PROPLUS_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUS_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0116-0409-1000-0000000FF1CE}_Office14.PROPLUS_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93139A49-0360-4718-8B93-C1F9EB12E3D8}" = Roxio Secure Burn
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{962CB079-85E6-405F-8704-1C62365AE46F}" = HP Software Framework
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A424C13D-E878-FCC9-6129-D4FC425142ED}" = Catalyst Control Center Profiles Mobile
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A787E44A-57D1-CFEC-9551-502499996E23}" = CCC Help Korean
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A98F7C8E-72FE-E619-C3CC-AF4AF659801F}" = CCC Help Finnish
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC76BA86-1033-F400-7760-000000000005}" = Adobe Acrobat X Pro - English, Français, Deutsch
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
"{ADC70B7A-530B-46E3-8384-48D22681A41E}" = Theft Recovery for HP ProtectTools
"{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Secure Burn
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BCF5BFD6-BA3F-3970-6715-44147EBABAC1}" = CCC Help Portuguese
"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C837152A-3F26-DD7F-D144-4EAB6C619240}" = CCC Help Spanish
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF67CAEE-90A0-A12C-00D4-378F22190106}" = CCC Help Chinese Standard
"{D2738E50-4C79-40FC-B4E1-54FE984BE914}" = Catalyst Control Center - Branding
"{D2A2E5CD-801A-4B8D-8119-F79449A09B67}" = HP System Default Settings
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D5C9EB0B-CD13-4BB7-E884-39C436DCCD60}" = Catalyst Control Center Graphics Previews Common
"{D7782BD1-CD9A-0A73-083F-CB9779A17825}" = Adobe® Content Viewer
"{DD76BE0B-92AA-ADE0-513A-0B8A05C51FBA}" = CCC Help Thai
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E860BF84-1B83-0EA1-CDFD-399F137CFD68}" = Catalyst Control Center InstallProxy
"{EBD1C6DF-9F2D-4B5B-DBCF-9F3AC71490F6}" = CCC Help English
"{ED507148-8CD2-DC5F-11D9-83C7C6E60F04}" = CCC Help Dutch
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EFBE6DD5-B224-96E5-72B9-68D328CB12A6}" = Adobe Widget Browser
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F15D678A-D703-6D1E-9C30-AE88BDE85414}" = CCC Help Czech
"{F1742903-373B-F0BF-47D9-C80FAA1F8965}" = CCC Help Hungarian
"{F24F876B-7D71-4BD6-88E9-614D3BB84216}" = Alcor Micro Smart Card Reader Driver
"{F4EDA228-A919-0E9E-BBB0-1E4ADD332DCB}" = CCC Help Japanese
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE465061-894A-4023-8580-56FCDD4F23F9}" = HP SoftPaq Download Manager
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Anti-phishing Domain Advisor" = Anti-phishing Domain Advisor
"Anvi Smart Defender" = Anvi Smart Defender 1.02
"ATT-PRT22" = ATT-PRT22
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager
"com.adobe.dmp.contentviewer" = Adobe® Content Viewer
"com.adobe.WidgetBrowser" = Adobe Widget Browser
"com.dwuser.erwizard.EasyRotatorWizard" = EasyRotator Wizard
"DAEMON Tools Lite" = DAEMON Tools Lite
"EPSON Scanner" = EPSON Scan
"FileZilla Client" = FileZilla Client 3.5.3
"Google Chrome" = Google Chrome
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{ADC70B7A-530B-46E3-8384-48D22681A41E}" = Theft Recovery for HP ProtectTools
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.62.0.1300
"Mozilla Firefox 14.0.1 (x86 en-US)" = Mozilla Firefox 14.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Scribus 1.4.1" = Scribus 1.4.1
"Sfax Printer Driver" = Sfax Printer Driver
"Sunplus SPUVCb" = HP HD Webcam [Fixed]
"SZCCID" = Alcor Micro Smart Card Reader Driver
"VIP Access SDK" = VIP Access SDK x64(1.0.0.50)
"WinLiveSuite" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"CNET TechTracker" = CNET TechTracker
========== Last 20 Event Log Errors ========== [ Application Events ]
Error - 6/4/2012 11:33:11 AM | Computer Name = CypressHP | Source = CNET TechTracker | ID = 131074
Description = Unable to complete request due to error: The server name or address
could not be resolved
Error - 6/4/2012 11:33:13 AM | Computer Name = CypressHP | Source = CNET TechTracker | ID = 131074
Description = result: Scan Failed - General scan failure computer: CypressHP scanned
on: 6/1/2012 11:24 AM
Error - 6/11/2012 3:05:19 PM | Computer Name = CypressHP | Source = MsiInstaller | ID = 11500
Description =
Error - 6/14/2012 3:12:44 PM | Computer Name = CypressHP | Source = CNET TechTracker | ID = 131074
Description = Unable to complete request due to error: A connection with the server
could not be established
Error - 6/14/2012 3:12:44 PM | Computer Name = CypressHP | Source = CNET TechTracker | ID = 131074
Description = Unable to complete request due to error: The server was busy and could
not check for updates.
Error - 6/14/2012 3:12:46 PM | Computer Name = CypressHP | Source = CNET TechTracker | ID = 131074
Description = result: Scan Failed - General scan failure computer: CypressHP scanned
on: 6/14/2012 7:34 AM
Error - 6/21/2012 4:16:50 PM | Computer Name = CypressHP | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16446,
time stamp: 0x4fb57c8f Faulting module name: MSHTML.dll, version: 9.0.8112.16446,
time stamp: 0x4fb58407 Exception code: 0xc0000005 Fault offset: 0x0016d318 Faulting
process id: 0x850 Faulting application start time: 0x01cd4fea5c6f438d Faulting application
path: C:\Program Files (x86)\Internet Explorer\iexplore.exe Faulting module path:
C:\windows\system32\MSHTML.dll Report Id: 08157c63-bbde-11e1-881a-402cf429770b
Error - 6/22/2012 3:54:34 PM | Computer Name = CypressHP | Source = CNET TechTracker | ID = 131074
Description = Unable to complete request due to error: The server name or address
could not be resolved
Error - 6/22/2012 3:54:36 PM | Computer Name = CypressHP | Source = CNET TechTracker | ID = 131074
Description = result: Scan Failed - Error submitting scan results to server computer:
CypressHP scanned on: 6/21/2012 3:16 PM
Error - 6/25/2012 8:06:14 AM | Computer Name = CypressHP | Source = Validity USDK | ID = 262184
Description = SSL alert by host: Description is: 47.
[ Broadcom Wireless LAN Events ]
Error - 5/5/2012 3:55:10 PM | Computer Name = CypressHP | Source = WLAN-Tray | ID = 0
Description = 15:55:10, Sat, May 05, 12 Error - Unable to get current user admin
status
Error - 5/5/2012 3:56:26 PM | Computer Name = CypressHP | Source = WLAN-Tray | ID = 0
Description = 15:56:26, Sat, May 05, 12 Error - Unable to get current user admin
status
Error - 5/5/2012 3:58:03 PM | Computer Name = CypressHP | Source = WLAN-Tray | ID = 0
Description = 12:58:03, Sat, May 05, 12 Error - Unable to switch user context, authentication
information not set correctly
Error - 5/5/2012 5:50:10 PM | Computer Name = CypressHP | Source = WLAN-Tray | ID = 0
Description = 17:50:09, Sat, May 05, 12 Error - Unable to switch user context, authentication
information not set correctly
[ Hewlett-Packard Events ]
Error - 5/13/2012 2:11:12 PM | Computer Name = CypressHP | Source = HPSF.exe | ID = 4000
Description = HP Error ID: -2146233087 Server stack trace: at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage
methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage
message) Exception rethrown at [0] Message: The server did not provide a meaningful
reply; this might be caused by a contract mismatch, a premature session shutdown
or an internal server error. StackTrace: Server stack trace: at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage
methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage
message) Exception rethrown at [0]: at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage
reqMsg, IMessage retMsg) at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData&
msgData, Int32 type) at HP.SupportFramework.Communicator.MessengerComm.IMessengerCommunicator.UpdateTimer()
at HP.SupportAssistant.UI.MessengerCommunication.sendTimerUpdate() Source: mscorlib
Name:
HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\HPSF.exe Format: en-US RAM: 4046 Ram Utilization: 70 TargetSite: Void HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage,
System.Runtime.Remoting.Messaging.IMessage)
Error - 5/13/2012 2:11:32 PM | Computer Name = CypressHP | Source = HPSF.exe | ID = 4000
Description =
Error - 5/13/2012 2:11:50 PM | Computer Name = CypressHP | Source = HPSF.exe | ID = 4000
Description =
Error - 5/13/2012 2:14:49 PM | Computer Name = CypressHP | Source = HPSF.exe | ID = 4000
Description =
[ HP Connection Manager Events ]
Error - 5/28/2012 5:55:47 AM | Computer Name = CypressHP | Source = hpMobile | ID = 5
Description = 2012/05/28 05:55:47.941|00001FDC|Error |[HP.Mobile]Wlan::.ctor{}|Retrieving
the COM class factory for component with CLSID {000098D5-6857-477B-B1D2-8B04CD9EB234}
failed due to the following error: 80080005.
Error - 5/28/2012 5:56:47 AM | Computer Name = CypressHP | Source = hpMobile | ID = 5
Description = 2012/05/28 05:56:47.995|00001FDC|Error |[HP.Mobile]Bluetooth::.ctor{}|Retrieving
the COM class factory for component with CLSID {2A8DDB1F-EE72-4FB7-A2F8-7B1530D94850}
failed due to the following error: 80080005.
Error - 6/14/2012 5:05:24 PM | Computer Name = CypressHP | Source = hpCMSrv | ID = 5
Description = 2012/06/14 17:05:24.057|00000784|Error |CWLAN::StateChanged|Fire_StateChanged
failed [hr:0x800706BA]
Error - 6/30/2012 1:28:44 PM | Computer Name = CypressHP | Source = hpCMSrv | ID = 5
Description = 2012/06/30 13:28:44.148|00001D78|Error |CWLAN::StateChanged|Fire_StateChanged
failed [hr:0x800706BA]
Error - 7/6/2012 11:54:49 AM | Computer Name = CypressHP | Source = hpCMSrv | ID = 5
Description = 2012/07/06 11:54:49.973|00001EB8|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]
Error - 7/19/2012 5:34:37 PM | Computer Name = CypressHP | Source = HPConnectionManager | ID = 5
Description = 2012/07/19 17:34:37.327|00001B48|Error |App::CurrentDomain_AssemblyResolve{System.Reflection.Assembly(object,System.ResolveEventArgs)}|Application
is exiting because it cannot load the assembly: CaslShared, Version=3.5.1.1, Culture=neutral,
PublicKeyToken=9c6f83d5b7f3d097
Error - 7/20/2012 10:42:11 AM | Computer Name = CypressHP | Source = HPConnectionManager | ID = 5
Description = 2012/07/20 10:42:11.454|00001980|Error |App::CurrentDomain_AssemblyResolve{System.Reflection.Assembly(object,System.ResolveEventArgs)}|Application
is exiting because it cannot load the assembly: CaslShared, Version=3.5.1.1, Culture=neutral,
PublicKeyToken=9c6f83d5b7f3d097
Error - 7/20/2012 1:28:16 PM | Computer Name = CypressHP | Source = HPConnectionManager | ID = 5
Description = 2012/07/20 13:28:16.996|00001460|Error |App::CurrentDomain_AssemblyResolve{System.Reflection.Assembly(object,System.ResolveEventArgs)}|Application
is exiting because it cannot load the assembly: CaslShared, Version=3.5.1.1, Culture=neutral,
PublicKeyToken=9c6f83d5b7f3d097
Error - 7/21/2012 10:11:31 AM | Computer Name = CypressHP | Source = HPConnectionManager | ID = 5
Description = 2012/07/21 10:11:31.694|000007D0|Error |App::CurrentDomain_AssemblyResolve{System.Reflection.Assembly(object,System.ResolveEventArgs)}|Application
is exiting because it cannot load the assembly: CaslShared, Version=3.5.1.1, Culture=neutral,
PublicKeyToken=9c6f83d5b7f3d097
Error - 7/21/2012 2:53:15 PM | Computer Name = CypressHP | Source = HPConnectionManager | ID = 5
Description = 2012/07/21 14:53:15.610|00001578|Error |App::CurrentDomain_AssemblyResolve{System.Reflection.Assembly(object,System.ResolveEventArgs)}|Application
is exiting because it cannot load the assembly: CaslShared, Version=3.5.1.1, Culture=neutral,
PublicKeyToken=9c6f83d5b7f3d097
[ HP Power Assistant Events ]
Error - 7/20/2012 12:11:15 PM | Computer Name = CypressHP | Source = HP PA Service | ID = 1006
Description = The Power Assistant service has crashed due to an unhandled exception.
Please
restart HP Power Assistant application. Additional details may be available in the
Details section. DETAILS Exception has been thrown by the target of an invocation.ServiceWorkerMethod
ABORTED! -
Error - 7/21/2012 10:10:52 AM | Computer Name = CypressHP | Source = HP PA Service | ID = 1027
Description = An error occured in HP Power Assistant application, module [HPPA_Service].
Please
restart HP Power Assistant application. Additional details may be available in the
Details section. DETAILS Could not load file or assembly 'CaslShared, Version=3.5.1.1,
Culture=neutral, PublicKeyToken=9c6f83d5b7f3d097' or one of its dependencies. The
system cannot find the file specified.
Error - 7/21/2012 10:10:52 AM | Computer Name = CypressHP | Source = HP PA Service | ID = 1027
Description = An error occured in HP Power Assistant application, module [HPPA_Service].
Please
restart HP Power Assistant application. Additional details may be available in the
Details section. DETAILS Could not load file or assembly 'CaslShared, Version=3.5.1.1,
Culture=neutral, PublicKeyToken=9c6f83d5b7f3d097' or one of its dependencies. The
system cannot find the file specified.
Error - 7/21/2012 10:10:53 AM | Computer Name = CypressHP | Source = HP PA Service | ID = 1006
Description = The Power Assistant service has crashed due to an unhandled exception.
Please
restart HP Power Assistant application. Additional details may be available in the
Details section. DETAILS Exception has been thrown by the target of an invocation.ServiceWorkerMethod
ABORTED! -
Error - 7/21/2012 2:51:03 PM | Computer Name = CypressHP | Source = HP PA Service | ID = 1027
Description = An error occured in HP Power Assistant application, module [HPPA_Service].
Please
restart HP Power Assistant application. Additional details may be available in the
Details section. DETAILS Could not load file or assembly 'CaslShared, Version=3.5.1.1,
Culture=neutral, PublicKeyToken=9c6f83d5b7f3d097' or one of its dependencies. The
system cannot find the file specified.
Error - 7/21/2012 2:51:03 PM | Computer Name = CypressHP | Source = HP PA Service | ID = 1027
Description = An error occured in HP Power Assistant application, module [HPPA_Service].
Please
restart HP Power Assistant application. Additional details may be available in the
Details section. DETAILS Could not load file or assembly 'CaslShared, Version=3.5.1.1,
Culture=neutral, PublicKeyToken=9c6f83d5b7f3d097' or one of its dependencies. The
system cannot find the file specified.
Error - 7/21/2012 2:51:03 PM | Computer Name = CypressHP | Source = HP PA Service | ID = 1006
Description = The Power Assistant service has crashed due to an unhandled exception.
Please
restart HP Power Assistant application. Additional details may be available in the
Details section. DETAILS Exception has been thrown by the target of an invocation.ServiceWorkerMethod
ABORTED! -
Error - 7/22/2012 7:55:51 AM | Computer Name = CypressHP | Source = HP PA Service | ID = 1027
Description = An error occured in HP Power Assistant application, module [HPPA_Service].
Please
restart HP Power Assistant application. Additional details may be available in the
Details section. DETAILS Could not load file or assembly 'CaslShared, Version=3.5.1.1,
Culture=neutral, PublicKeyToken=9c6f83d5b7f3d097' or one of its dependencies. The
system cannot find the file specified.
Error - 7/22/2012 7:55:51 AM | Computer Name = CypressHP | Source = HP PA Service | ID = 1027
Description = An error occured in HP Power Assistant application, module [HPPA_Service].
Please
restart HP Power Assistant application. Additional details may be available in the
Details section. DETAILS Could not load file or assembly 'CaslShared, Version=3.5.1.1,
Culture=neutral, PublicKeyToken=9c6f83d5b7f3d097' or one of its dependencies. The
system cannot find the file specified.
Error - 7/22/2012 7:55:51 AM | Computer Name = CypressHP | Source = HP PA Service | ID = 1006
Description = The Power Assistant service has crashed due to an unhandled exception.
Please
restart HP Power Assistant application. Additional details may be available in the
Details section. DETAILS Exception has been thrown by the target of an invocation.ServiceWorkerMethod
ABORTED! -
[ HP Software Framework Events ]
Error - 7/11/2012 11:14:40 AM | Computer Name = CypressHP | Source = CaslSmBios | ID = 5
Description = 2012/07/11 11:14:40.433|00000858|Error |[CaslWmi]A::A{bool(object,object)}|Error
invoking subscriber delegate. Exception: No handler registered for event, Wireless.GlobalChanged.2.0
Error - 7/11/2012 11:14:40 AM | Computer Name = CypressHP | Source = CaslSmBios | ID = 5
Description = 2012/07/11 11:14:40.576|00001298|Error |[CaslWmi]A::A{bool(object,object)}|Error
invoking subscriber delegate. Exception: No handler registered for event, Wireless.GlobalChanged.2.0
Error - 7/11/2012 11:14:40 AM | Computer Name = CypressHP | Source = CaslSmBios | ID = 5
Description = 2012/07/11 11:14:40.765|00000858|Error |[CaslWmi]A::A{bool(object,object)}|Error
invoking subscriber delegate. Exception: No handler registered for event, Wireless.GlobalChanged.2.0
Error - 7/11/2012 11:14:40 AM | Computer Name = CypressHP | Source = CaslSmBios | ID = 5
Description = 2012/07/11 11:14:40.890|00000858|Error |[CaslWmi]A::A{bool(object,object)}|Error
invoking subscriber delegate. Exception: No handler registered for event, Wireless.GlobalChanged.2.0
Error - 7/11/2012 2:54:55 PM | Computer Name = CypressHP | Source = CaslSmBios | ID = 5
Description = 2012/07/11 14:54:54.398|00000FB4|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the PMC.Data event. Exception: Object reference not set to an instance
of an object.
Error - 7/11/2012 2:54:55 PM | Computer Name = CypressHP | Source = CaslSmBios | ID = 5
Description = 2012/07/11 14:54:55.661|00000FB4|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the QuickSynch.Bitlocker.Changed event. Exception: Object reference
not set to an instance of an object.
Error - 7/11/2012 4:47:44 PM | Computer Name = CypressHP | Source = CaslSmBios | ID = 5
Description = 2012/07/11 16:47:44.526|00000A80|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the PMC.Data event. Exception: Object reference not set to an instance
of an object.
Error - 7/11/2012 4:47:44 PM | Computer Name = CypressHP | Source = CaslSmBios | ID = 5
Description = 2012/07/11 16:47:44.697|00000A80|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the QuickSynch.Bitlocker.Changed event. Exception: Object reference
not set to an instance of an object.
Error - 7/11/2012 8:42:33 PM | Computer Name = CypressHP | Source = CaslSmBios | ID = 5
Description = 2012/07/11 20:42:33.747|0000185C|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the PMC.Data event. Exception: Object reference not set to an instance
of an object.
Error - 7/11/2012 8:42:33 PM | Computer Name = CypressHP | Source = CaslSmBios | ID = 5
Description = 2012/07/11 20:42:33.888|0000185C|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the QuickSynch.Bitlocker.Changed event. Exception: Object reference
not set to an instance of an object.
[ Media Center Events ]
Error - 5/23/2012 2:33:06 PM | Computer Name = CypressHP | Source = MCUpdate | ID = 0
Description = 2:33:06 PM - Failed to retrieve SportsSchedule.enc (Error: HTTP status
404: The requested URL does not exist on the server. )
Error - 5/23/2012 3:33:38 PM | Computer Name = CypressHP | Source = MCUpdate | ID = 0
Description = 3:33:38 PM - Failed to retrieve SportsSchedule.enc (Error: HTTP status
404: The requested URL does not exist on the server. )
Error - 5/23/2012 4:33:48 PM | Computer Name = CypressHP | Source = MCUpdate | ID = 0
Description = 4:33:48 PM - Failed to retrieve SportsSchedule.enc (Error: HTTP status
404: The requested URL does not exist on the server. )
Error - 6/14/2012 6:38:27 AM | Computer Name = CypressHP | Source = MCUpdate | ID = 0
Description = 6:38:27 AM - Error connecting to the internet. 6:38:27 AM - Unable
to contact server..
Error - 6/28/2012 8:11:09 AM | Computer Name = CypressHP | Source = MCUpdate | ID = 0
Description = 8:11:09 AM - Failed to retrieve Directory (Error: The underlying connection
was closed: An unexpected error occurred on a receive.)
Error - 7/3/2012 7:32:38 AM | Computer Name = CypressHP | Source = MCUpdate | ID = 0
Description = 7:32:38 AM - Error connecting to the internet. 7:32:38 AM - Unable
to contact server..
Error - 7/18/2012 8:14:37 AM | Computer Name = CypressHP | Source = MCUpdate | ID = 0
Description = 8:14:36 AM - Error connecting to the internet. 8:14:37 AM - Unable
to contact server..
Error - 7/18/2012 8:15:42 AM | Computer Name = CypressHP | Source = MCUpdate | ID = 0
Description = 8:15:14 AM - Error connecting to the internet. 8:15:14 AM - Unable
to contact server..
[ System Events ]
Error - 6/14/2012 3:11:09 PM | Computer Name = CypressHP | Source = Service Control Manager | ID = 7000
Description = The hpHotkeyMonitor service failed to start due to the following error:
%%2
Error - 6/14/2012 3:11:12 PM | Computer Name = CypressHP | Source = Service Control Manager | ID = 7000
Description = The Online Backup Service service failed to start due to the following
error: %%2
Error - 6/14/2012 3:12:02 PM | Computer Name = CypressHP | Source = Microsoft-Windows-TBS | ID = 16385
Description = An internal TBS error was detected. The error code was 0x800703e3.
This is usually caused by unexpected TPM or driver behavior and may be transient.
Error - 6/14/2012 4:28:07 PM | Computer Name = CypressHP | Source = Microsoft-Windows-TBS | ID = 16385
Description = An internal TBS error was detected. The error code was 0x800703e3.
This is usually caused by unexpected TPM or driver behavior and may be transient.
Error - 6/15/2012 7:17:04 AM | Computer Name = CypressHP | Source = Service Control Manager | ID = 7000
Description = The hpHotkeyMonitor service failed to start due to the following error:
%%2
Error - 6/15/2012 7:17:04 AM | Computer Name = CypressHP | Source = Service Control Manager | ID = 7000
Description = The Online Backup Service service failed to start due to the following
error: %%2
Error - 6/15/2012 7:24:09 AM | Computer Name = CypressHP | Source = Service Control Manager | ID = 7000
Description = The hpHotkeyMonitor service failed to start due to the following error:
%%2
Error - 6/15/2012 7:24:11 AM | Computer Name = CypressHP | Source = Service Control Manager | ID = 7000
Description = The Online Backup Service service failed to start due to the following
error: %%2
Error - 6/17/2012 1:45:36 PM | Computer Name = CypressHP | Source = Microsoft-Windows-TBS | ID = 16385
Description = An internal TBS error was detected. The error code was 0x800703e3.
This is usually caused by unexpected TPM or driver behavior and may be transient.
Error - 6/17/2012 2:26:41 PM | Computer Name = CypressHP | Source = Microsoft-Windows-TBS | ID = 16385
Description = An internal TBS error was detected. The error code was 0x800703e3.
This is usually caused by unexpected TPM or driver behavior and may be transient.
< End of report >