Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

PC is suddenly slow and programs display not responding for awhile. MW


  • This topic is locked This topic is locked

#1
whizzhard

whizzhard

    Member

  • Member
  • PipPip
  • 34 posts
hello.
my PC has been running slow for almost two month now, itz a year and half old hp 630 and it has been doing fine till bout two months ago when i noticed that explore was using almost 50% of CPU resource of which i discovered it was desktop icon toy messing with ma system, i disabled it but still ma PC has never remain the same ever since, programs that normally opens swiftly now takes up to minutes to open and if i click any part of the loading program window it ends up showing not responding for awhile and then loads later, I've perform full Norton scan but it came up with tracking cookies only, i just scanned with malwarebytes which detected the following
Malwarebytes Anti-Malware (Trial) 1.70.0.1100
www.malwarebytes.org

Database version: v2013.03.18.12

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Shawlhar :: SHAWLHAR-HP [administrator]

Protection: Enabled

18-Mar-13 20:10:12
mbam-log-2013-03-18 (20-10-12).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 241254
Time elapsed: 7 minute(s), 3 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 2
HKLM\SYSTEM\CurrentControlSet\Services\IBUpdaterService (PUP.InstallBrain) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service (PUP.InstallBrain) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 1
C:\ProgramData\IBUpdaterService (PUP.InstallBrain) -> Quarantined and deleted successfully.

Files Detected: 3
C:\Users\Shawlhar\Documents\chrome.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\ProgramData\IBUpdaterService\ibsvc.exe (PUP.InstallBrain) -> Quarantined and deleted successfully.
C:\ProgramData\IBUpdaterService\repository.xml (PUP.InstallBrain) -> Quarantined and deleted successfully.

(end)

though the there was no change in system performance when i restarted ma PC
here is my OTL log
OTL logfile created on: 18-Mar-13 14:07:48 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Shawlhar\Desktop\ol
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: dd-MMM-yy

3.80 Gb Total Physical Memory | 2.45 Gb Available Physical Memory | 64.48% Memory free
9.50 Gb Paging File | 7.28 Gb Available in Paging File | 76.58% Paging File free
Paging file location(s): C:\pagefile.sys 5839 5839 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 284.05 Gb Total Space | 48.32 Gb Free Space | 17.01% Space Free | Partition Type: NTFS
Drive D: | 13.74 Gb Total Space | 1.71 Gb Free Space | 12.46% Space Free | Partition Type: NTFS
Drive F: | 99.34 Mb Total Space | 84.99 Mb Free Space | 85.56% Space Free | Partition Type: FAT32

Computer Name: SHAWLHAR-HP | User Name: Shawlhar | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013-03-18 13:46:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Shawlhar\Desktop\ol\OTL.exe
PRC - [2013-03-12 12:08:06 | 002,074,768 | ---- | M] () -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
PRC - [2013-02-19 20:14:56 | 005,063,456 | ---- | M] (Connectify) -- C:\Program Files (x86)\Connectify\Connectify.exe
PRC - [2013-02-19 20:14:56 | 003,101,984 | ---- | M] (Connectify) -- C:\Program Files (x86)\Connectify\Connectifyd.exe
PRC - [2013-02-19 20:14:16 | 000,217,088 | ---- | M] (Connectify) -- C:\Program Files (x86)\Connectify\ConnectifyService.exe
PRC - [2013-02-15 15:28:54 | 000,601,976 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-Agent.exe
PRC - [2013-02-15 15:28:12 | 000,417,656 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-LogRotator.exe
PRC - [2013-02-15 15:28:12 | 000,384,888 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
PRC - [2012-12-24 04:33:29 | 000,144,520 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton AntiVirus\Engine\20.3.0.36\ccsvchst.exe
PRC - [2012-12-19 22:24:32 | 000,240,128 | ---- | M] () -- C:\Users\Shawlhar\AppData\Roaming\Adobe\Plugins\adobe_plugin.exe
PRC - [2012-12-19 08:01:24 | 000,200,400 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe
PRC - [2012-12-19 08:01:24 | 000,190,672 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe
PRC - [2012-12-19 08:01:24 | 000,070,352 | ---- | M] (Comodo Security Solutions Inc.) -- C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe
PRC - [2012-11-26 13:21:38 | 001,851,088 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe
PRC - [2012-10-09 23:26:10 | 001,634,304 | ---- | M] (Don HO [email protected]) -- C:\Program Files (x86)\Notepad++\notepad++.exe
PRC - [2012-08-19 02:03:19 | 000,143,928 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Identity Safe\Engine\2013.1.0.32\ccSvcHst.exe
PRC - [2012-07-11 12:48:34 | 000,933,464 | ---- | M] (Research In Motion) -- C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.AutoUpdate.exe
PRC - [2012-07-09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
PRC - [2011-08-19 14:48:44 | 000,379,960 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
PRC - [2011-05-20 10:10:26 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011-05-20 10:10:12 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2011-02-10 01:57:36 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2010-12-28 01:30:22 | 001,817,088 | ---- | M] (Realsil Microelectronics Inc.) -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
PRC - [2010-11-16 14:37:30 | 000,230,912 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe
PRC - [2010-07-23 20:43:54 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010-07-23 20:43:52 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2009-12-02 22:23:38 | 000,209,768 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2009-12-02 22:23:32 | 000,483,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2007-07-24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe


========== Modules (No Company Name) ==========

MOD - [2013-03-14 17:44:02 | 013,319,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web\273389de0b6e286cb2bdc83ecb428704\System.Web.ni.dll
MOD - [2013-03-14 17:43:51 | 000,641,024 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\1aea3525c318ac7218966d7b91c52ff1\System.Transactions.ni.dll
MOD - [2013-03-14 17:43:42 | 001,156,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\95623e12dc6a64d28bad5b85f4c730ae\System.Management.ni.dll
MOD - [2013-03-14 17:43:42 | 000,786,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runt73a1fc9d#\4cfa42c8b69a64e192f3255ec900457d\System.Runtime.Remoting.ni.dll
MOD - [2013-03-14 17:43:28 | 012,692,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\22ae167d586450ad3a9b9a9ee43ebc86\System.Windows.Forms.ni.dll
MOD - [2013-03-14 17:43:12 | 001,630,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\72269ea7cc6281139e4d155e7c57dc67\System.Drawing.ni.dll
MOD - [2013-03-14 17:43:09 | 002,785,280 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\293cfe2c05a8ee921726927fd00ea81c\System.Runtime.Serialization.ni.dll
MOD - [2013-03-14 17:43:09 | 000,121,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\98e3281d79512c9a2a0a89e3bc2e554f\SMDiagnostics.ni.dll
MOD - [2013-03-14 17:43:06 | 000,802,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\df55f04bc0ebe6c1abde4bc467bf4d03\System.ServiceModel.Internals.ni.dll
MOD - [2013-03-14 17:42:59 | 001,920,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.V9921e851#\536f3c2e6e4137a628f2f64e0dfd407e\Microsoft.VisualBasic.ni.dll
MOD - [2013-03-14 17:42:46 | 007,559,680 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\9ba07396ae369d010c5c3927a82ef426\System.Xml.ni.dll
MOD - [2013-03-14 17:42:42 | 000,706,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Security\e772a7e6cc572d7d8ff8ba9c0fa78215\System.Security.ni.dll
MOD - [2013-03-14 17:42:32 | 000,958,464 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\28586400bcaf94c13a9fd0dff4a1e090\System.Configuration.ni.dll
MOD - [2013-03-14 17:41:41 | 006,995,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\b9f7adbc90a2bcbe8eb9e6e8d2bb975b\System.Core.ni.dll
MOD - [2013-03-14 17:41:15 | 009,925,120 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\e40da7a49f8c3f0108e7c835b342f382\System.ni.dll
MOD - [2013-03-14 17:41:03 | 016,501,248 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\51e2934144ba15628ba5a31be2dae7dc\mscorlib.ni.dll
MOD - [2013-03-07 15:54:27 | 000,644,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\HD-Agent\2cdaaf7fc82937fff1f133e24e65b8ba\HD-Agent.ni.exe
MOD - [2013-03-07 15:54:24 | 000,155,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\JSON\ae97c0f341676fee3bdde96cf3458dda\JSON.ni.dll
MOD - [2013-02-19 20:14:56 | 000,119,584 | ---- | M] () -- C:\Program Files (x86)\Connectify\NativeLibrary.dll
MOD - [2012-12-19 22:24:32 | 000,240,128 | ---- | M] () -- C:\Users\Shawlhar\AppData\Roaming\Adobe\Plugins\adobe_plugin.exe
MOD - [2012-11-22 18:57:06 | 000,056,424 | ---- | M] () -- C:\Windows\SysWOW64\PrxerNsp.dll
MOD - [2012-10-12 00:21:53 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\69ca4a43ba14b66689715ad62aed70e6\System.ServiceProcess.ni.dll
MOD - [2012-10-12 00:21:42 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll
MOD - [2012-10-12 00:21:31 | 001,658,368 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\163517c8a195fb48f7ef6ee17c585bdb\PresentationUI.ni.dll
MOD - [2012-10-12 00:21:26 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012-10-09 14:41:23 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\95f275871e34cd8613d0582e0d5bac7e\IAStorUtil.ni.dll
MOD - [2012-10-09 14:33:50 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll
MOD - [2012-10-09 14:32:45 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012-10-09 14:32:39 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll
MOD - [2012-06-06 11:06:10 | 000,302,592 | ---- | M] () -- C:\Users\Shawlhar\AppData\Roaming\Adobe\Plugins\libcurl.dll
MOD - [2012-05-30 15:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files (x86)\Norton Identity Safe\Engine\2013.1.0.32\wincfi39.dll
MOD - [2012-05-12 23:24:23 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\dfd33f59a5803a3c73cf408362e6e0b7\System.Core.ni.dll
MOD - [2012-05-11 10:21:13 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\91c0c5d99a36e8fca9cf739731ddb3e1\IAStorCommon.ni.dll
MOD - [2012-05-10 11:50:45 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e56489276063ededde74e597a121df3\PresentationFramework.Aero.ni.dll
MOD - [2012-05-10 11:50:22 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012-05-10 11:49:24 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012-05-10 11:49:18 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012-05-10 11:49:12 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012-05-10 11:49:11 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012-05-10 11:49:03 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2011-09-21 21:46:28 | 001,673,728 | ---- | M] () -- C:\Program Files (x86)\Notepad++\plugins\NppFTP.dll
MOD - [2011-07-18 22:07:28 | 000,014,336 | ---- | M] () -- C:\Program Files (x86)\Notepad++\plugins\NppExport.dll


========== Services (SafeList) ==========

SRV:64bit: - [2012-04-25 07:01:27 | 000,089,824 | ---- | M] (Totalidea Software) [Disabled | Stopped] -- C:\Windows\SysNative\Tweak7SystemService.exe -- (Tweak7SystemService)
SRV:64bit: - [2010-12-28 09:00:34 | 001,296,728 | ---- | M] (www.BitComet.com) [Disabled | Stopped] -- C:\Program Files\BitComet\tools\BitCometService.exe -- (BITCOMET_HELPER_SERVICE)
SRV:64bit: - [2010-07-21 22:33:00 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Disabled | Stopped] -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service)
SRV:64bit: - [2010-01-18 15:04:08 | 000,020,480 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV:64bit: - [2009-11-18 03:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV:64bit: - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009-07-14 02:38:59 | 000,019,456 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\CISVC.EXE -- (CISVC)
SRV - [2013-03-12 12:08:06 | 002,074,768 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe -- (DragonUpdater)
SRV - [2013-03-08 13:08:06 | 000,115,608 | ---- | M] (Mozilla Foundation) [Disabled | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013-02-19 20:14:16 | 000,217,088 | ---- | M] (Connectify) [Auto | Running] -- C:\Program Files (x86)\Connectify\ConnectifyService.exe -- (Connectify)
SRV - [2013-02-15 15:28:12 | 000,384,888 | ---- | M] (BlueStack Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe -- (BstHdLogRotatorSvc)
SRV - [2013-02-15 15:27:52 | 000,393,080 | ---- | M] (BlueStack Systems, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\BlueStacks\HD-Service.exe -- (BstHdAndroidSvc)
SRV - [2012-12-24 04:33:29 | 000,144,520 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton AntiVirus\Engine\20.3.0.36\ccSvcHst.exe -- (NAV)
SRV - [2012-12-19 08:01:24 | 000,070,352 | ---- | M] (Comodo Security Solutions Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe -- (CLPSLauncher)
SRV - [2012-12-07 18:27:50 | 000,167,424 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2012-11-26 13:21:38 | 001,851,088 | ---- | M] (Comodo Security Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe -- (GeekBuddyRSP)
SRV - [2012-11-13 03:07:57 | 000,042,504 | ---- | M] (COMPANYVERS_NAME) [Disabled | Stopped] -- C:\Program Files (x86)\ReadingFanatic_6x\bar\1.bin\6xbarsvc.exe -- (ReadingFanatic_6xService)
SRV - [2012-10-30 13:50:43 | 000,584,032 | ---- | M] () [Disabled | Stopped] -- C:\ProgramData\IBUpdaterService\ibsvc.exe -- (IBUpdaterService)
SRV - [2012-10-11 19:45:56 | 000,655,712 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\GLO NETPRO\UpdateDog\ouc.exe -- (GLO NETPRO. RunOuc)
SRV - [2012-09-27 11:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2012-08-19 02:03:19 | 000,143,928 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Identity Safe\Engine\2013.1.0.32\ccSvcHst.exe -- (NCO)
SRV - [2012-07-27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012-07-09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012-06-16 23:15:28 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011-10-27 10:34:30 | 000,718,384 | ---- | M] (Nokia) [Disabled | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011-10-25 22:55:32 | 000,265,928 | ---- | M] (SpeedBit Ltd.) [Disabled | Stopped] -- C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAcceleratorService.exe -- (VideoAcceleratorService)
SRV - [2011-05-20 10:10:26 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011-03-14 16:27:34 | 000,346,976 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\HWDeviceService64.exe -- (HWDeviceService64.exe)
SRV - [2011-02-25 01:08:46 | 000,062,184 | ---- | M] (Xobni Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Xobni\XobniService.exe -- (XobniService)
SRV - [2010-12-28 01:30:22 | 001,817,088 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2010-10-12 18:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010-07-23 20:43:54 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010-07-23 20:43:52 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009-12-02 22:23:38 | 000,209,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2009-12-02 22:23:32 | 000,483,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2009-07-13 01:08:04 | 000,024,168 | ---- | M] (The Within Network, LLC) [Auto | Running] -- C:\Windows\UnsignedThemesSvc.exe -- (UnsignedThemes)
SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008-11-09 21:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008-04-17 19:13:44 | 005,750,784 | ---- | M] () [Disabled | Stopped] -- c:\wamp\bin\mysql\mysql5.0.51b\bin\mysqld-nt.exe -- (wampmysqld)
SRV - [2008-01-18 01:37:26 | 000,024,635 | ---- | M] (Apache Software Foundation) [Disabled | Stopped] -- c:\wamp\bin\apache\apache2.2.8\bin\httpd.exe -- (wampapache)
SRV - [2007-12-18 09:59:56 | 000,312,320 | ---- | M] (OptionNV) [Disabled | Stopped] -- C:\Program Files (x86)\Option\GlobeTrotter Connect\GtDetectSc.exe -- (GtDetectSc)
SRV - [2007-07-24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013-03-15 00:36:08 | 000,034,840 | ---- | M] (Connectify) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\cnnctfy3.sys -- (cnnctfy3)
DRV:64bit: - [2013-01-31 04:18:18 | 000,432,800 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1403000.024\symnets.sys -- (SymNetS)
DRV:64bit: - [2013-01-31 04:18:06 | 001,139,800 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NAVx64\1403000.024\symefa64.sys -- (SymEFA)
DRV:64bit: - [2013-01-29 02:45:19 | 000,796,248 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NAVx64\1403000.024\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2013-01-29 02:45:19 | 000,036,952 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1403000.024\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2013-01-22 03:15:33 | 000,493,656 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NAVx64\1403000.024\symds64.sys -- (SymDS)
DRV:64bit: - [2013-01-17 10:49:32 | 000,177,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2012-11-23 05:09:34 | 000,878,184 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192ce.sys -- (RTL8192Ce)
DRV:64bit: - [2012-11-22 01:43:14 | 000,165,112 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\idmwfp.sys -- (IDMWFP)
DRV:64bit: - [2012-11-16 03:22:01 | 000,224,416 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1403000.024\ironx64.sys -- (SymIRON)
DRV:64bit: - [2012-11-16 03:18:04 | 000,168,096 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1403000.024\ccsetx64.sys -- (ccSet_NAV)
DRV:64bit: - [2012-10-28 16:09:54 | 000,038,624 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2012-10-11 19:45:57 | 000,421,888 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbwwan.sys -- (ewusbmbb)
DRV:64bit: - [2012-10-11 19:45:57 | 000,223,744 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_juwwanecm.sys -- (huawei_wwanecm)
DRV:64bit: - [2012-10-11 19:45:57 | 000,223,232 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2012-10-11 19:45:57 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV:64bit: - [2012-10-11 19:45:57 | 000,098,304 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_jucdcacm.sys -- (huawei_cdcacm)
DRV:64bit: - [2012-10-11 19:45:57 | 000,087,040 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV:64bit: - [2012-10-11 19:45:57 | 000,028,672 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_juextctrl.sys -- (huawei_ext_ctrl)
DRV:64bit: - [2012-10-11 19:45:57 | 000,013,952 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter)
DRV:64bit: - [2012-08-23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012-08-23 15:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012-08-23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012-08-20 17:23:52 | 000,147,288 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2012-08-07 02:24:46 | 000,168,096 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NSTx64\7DD01000.020\ccSetx64.sys -- (ccSet_NST)
DRV:64bit: - [2012-03-01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012-01-10 22:28:18 | 012,311,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011-11-05 20:11:33 | 000,062,552 | ---- | M] (Toolkit Development, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\toolkitdisk.sys -- (ToolkitDisk)
DRV:64bit: - [2011-10-14 04:37:44 | 000,396,848 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011-09-30 07:48:32 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2011-08-17 13:04:34 | 000,171,008 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)
DRV:64bit: - [2011-08-17 13:04:28 | 000,012,800 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys -- (nmwcdnsucx64)
DRV:64bit: - [2011-08-17 12:58:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2011-08-17 12:58:22 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2011-08-17 12:58:20 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2011-08-17 12:58:16 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2011-07-25 17:44:46 | 000,074,752 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2011-07-20 13:58:22 | 000,044,032 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys -- (RimVSerPort)
DRV:64bit: - [2011-05-20 09:53:44 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011-03-11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011-03-11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011-03-05 08:16:20 | 000,436,840 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011-02-15 20:37:10 | 000,335,464 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2011-02-10 01:58:06 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2011-01-15 17:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2010-12-16 23:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010-11-21 04:23:48 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010-11-21 04:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010-11-21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010-08-30 13:17:36 | 000,289,280 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010-06-25 16:08:10 | 000,036,928 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot)
DRV:64bit: - [2009-12-02 22:23:38 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2009-12-02 22:23:34 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2009-12-02 22:23:32 | 000,269,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2009-12-02 22:23:26 | 000,721,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2009-11-02 11:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:64bit: - [2009-09-17 22:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-07-14 01:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:64bit: - [2009-07-14 01:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009-07-13 01:09:20 | 000,030,568 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\uxpatch.sys -- (uxpatch)
DRV:64bit: - [2009-06-10 22:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009-06-10 22:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009-06-10 22:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009-06-10 21:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009-06-10 21:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008-09-01 17:40:20 | 000,118,144 | ---- | M] (Mobile) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qcusbser.sys -- (qcusbser)
DRV:64bit: - [2008-08-28 12:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2007-11-13 15:51:12 | 000,124,416 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Gt51Ip.sys -- (GT72NDISIPXP)
DRV:64bit: - [2007-10-09 12:53:30 | 000,080,896 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gt72ubus.sys -- (GT72UBUS)
DRV:64bit: - [2007-03-30 12:38:16 | 000,010,624 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gtptser.sys -- (GTPTSER)
DRV - [2013-03-07 16:47:18 | 002,087,664 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\VirusDefs\20130315.004\ex64.sys -- (NAVEX15)
DRV - [2013-03-07 16:47:18 | 000,126,192 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\VirusDefs\20130315.004\eng64.sys -- (NAVENG)
DRV - [2013-03-06 16:29:22 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\IPSDefs\20130313.001\IDSviA64.sys -- (IDSVia64)
DRV - [2013-02-15 15:28:06 | 000,071,032 | ---- | M] (BlueStack Systems) [Kernel | Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys -- (BstHdDrv)
DRV - [2013-01-16 03:51:11 | 001,388,120 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\BASHDefs\20130301.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2012-08-18 10:00:00 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2012-08-18 10:00:00 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCOM/1
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43}
IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=CMNTDF
IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=CMNTDF
IE:64bit: - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCOM/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43}
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=CMNTDF
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=CMNTDF
IE - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/...rc=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCOM/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,DefaultNetworkProfile = 18863554
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/...008&form=ZGAPHP
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = about:blank
IE - HKCU\..\URLSearchHook: {421fb3de-4b9f-48e5-abf1-f96f8aaca70a} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {CFA8F49C-14BC-329F-07B1-850E39C04E4D}
IE - HKCU\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=CMNTDF
IE - HKCU\..\SearchScopes\{30750DD1-EADD-4cf1-A485-C736C96936AB}: "URL" = http://search.etoolk...976b7bc8a28&s=p
IE - HKCU\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=CMNTDF
IE - HKCU\..\SearchScopes\{CFA8F49C-14BC-329F-07B1-850E39C04E4D}: "URL" = http://www.bing.com/...008&form=ZGAIDF
IE - HKCU\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 127.0.0.1:8080

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:blank"
FF - prefs.js..extensions.enabledAddons: firedownload%40mozilla.org:3.2.0
FF - prefs.js..extensions.enabledAddons: personas%40christopher.beard:1.6.5
FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0037-ABCDEFFEDCBA%7D:6.0.37
FF - prefs.js..extensions.enabledAddons: mozilla_cc%40internetdownloadmanager.com:7.3.38
FF - prefs.js..extensions.enabledAddons: %7BBBDA0591-3099-440a-AA10-41764D9DB4DB%7D:11.1.1.5%20-%203
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - prefs.js..extensions.enabledItems: [email protected]:2.0.1
FF - prefs.js..extensions.enabledItems: [email protected]:2
FF - prefs.js..extensions.enabledItems: 5
FF - prefs.js..extensions.enabledItems: 3
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: [email protected]:3.5
FF - prefs.js..extensions.enabledItems: [email protected]:1.6.2
FF - prefs.js..extensions.enabledItems: {33e0daa6-3af3-d8b5-6752-10e949c61516}:1.1
FF - prefs.js..extensions.enabledItems: [email protected]:12.0.0.477
FF - prefs.js..extensions.enabledItems: [email protected]:12.0.0.477
FF - prefs.js..extensions.enabledItems: [email protected]:12.0.0.477
FF - prefs.js..extensions.enabledItems: [email protected]:7.3.19
FF - prefs.js..keyword.URL: "http://www.bing.com/...form=ZGAADF&q="
FF - prefs.js..network.proxy.backup.ftp: "127.0.0.1"
FF - prefs.js..network.proxy.backup.ftp_port: 8080
FF - prefs.js..network.proxy.backup.socks: "127.0.0.1"
FF - prefs.js..network.proxy.backup.socks_port: 8080
FF - prefs.js..network.proxy.backup.ssl: "127.0.0.1"
FF - prefs.js..network.proxy.backup.ssl_port: 8080
FF - prefs.js..network.proxy.ftp: "127.0.0.1"
FF - prefs.js..network.proxy.ftp_port: 8080
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.no_proxies_on: ""
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "127.0.0.1"
FF - prefs.js..network.proxy.socks_port: 8080
FF - prefs.js..network.proxy.socks_version: 4
FF - prefs.js..network.proxy.ssl: "127.0.0.1"
FF - prefs.js..network.proxy.ssl_port: 8080
FF - prefs.js..network.proxy.type: 4


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_135.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Program Files (x86)\TVUPlayer\npTVUAx.dll (TVU networks)
FF - HKLM\Software\MozillaPlugins\@ReadingFanatic_6x.com/Plugin: C:\Program Files (x86)\ReadingFanatic_6x\bar\1.bin\NP6xStub.dll (MindSpark)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Shawlhar\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Shawlhar\AppData\Local\Google\Update\1.3.21.129\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Shawlhar\AppData\Local\Google\Update\1.3.21.129\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0329E7D6-6F54-462D-93F6-F5C3118BADF2}: C:\Program Files (x86)\SpeedBit Video Downloader\SPFireFox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\SearchPredict\PRFireFox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]_6x.com: C:\Program Files (x86)\ReadingFanatic_6x\bar\1.bin [2012-11-13 03:08:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\IPSFFPlgn\ [2013-01-17 11:12:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F04D2D30-776C-4d02-8627-8E4385ECA58D}: C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2013.1.0.32\coFFPlgn\ [2013-03-16 03:01:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013-03-08 13:08:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-11-27 13:36:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_7.0 [2011-11-26 17:24:50 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Shawlhar\AppData\Roaming\IDM\idmmzcc5 [2013-03-08 14:34:27 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\[email protected]: C:\Users\Shawlhar\AppData\Roaming\IDM\idmmzcc5 [2013-03-08 14:34:27 | 000,000,000 | ---D | M]

[2011-10-16 02:08:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Shawlhar\AppData\Roaming\Mozilla\Extensions
[2013-03-07 11:38:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Shawlhar\AppData\Roaming\Mozilla\Firefox\Profiles\ic548cx7.default\extensions
[2012-11-07 20:30:45 | 000,000,000 | ---D | M] (User Agent Switcher) -- C:\Users\Shawlhar\AppData\Roaming\Mozilla\Firefox\Profiles\ic548cx7.default\extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}
[2013-02-17 08:24:37 | 000,000,000 | ---D | M] (FoxyProxy Standard) -- C:\Users\Shawlhar\AppData\Roaming\Mozilla\Firefox\Profiles\ic548cx7.default\extensions\[email protected]
[2013-01-29 22:13:30 | 000,031,788 | ---- | M] () (No name found) -- C:\Users\Shawlhar\AppData\Roaming\Mozilla\Firefox\Profiles\ic548cx7.default\extensions\[email protected]
[2013-03-07 11:38:38 | 000,386,363 | ---- | M] () (No name found) -- C:\Users\Shawlhar\AppData\Roaming\Mozilla\Firefox\Profiles\ic548cx7.default\extensions\[email protected]
[2012-06-02 10:02:50 | 000,001,919 | ---- | M] () -- C:\Users\Shawlhar\AppData\Roaming\Mozilla\Firefox\Profiles\ic548cx7.default\searchplugins\bing-zugo.xml
[2012-11-13 14:35:56 | 000,009,632 | ---- | M] () -- C:\Users\Shawlhar\AppData\Roaming\Mozilla\Firefox\Profiles\ic548cx7.default\searchplugins\my-web-search.xml
[2013-01-17 18:31:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012-11-27 13:36:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2013-01-17 11:12:08 | 000,000,000 | ---D | M] (Norton Vulnerability Protection) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\IPSFFPLGN
[2013-03-08 14:34:27 | 000,000,000 | ---D | M] (IDM CC) -- C:\USERS\SHAWLHAR\APPDATA\ROAMING\IDM\IDMMZCC5
[2013-03-08 13:08:07 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012-01-12 09:58:30 | 000,917,816 | ---- | M] (BitComet) -- C:\Program Files (x86)\mozilla firefox\plugins\npBitCometAgent.dll
[2013-01-05 04:45:12 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012-02-16 11:42:53 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml.old
[2011-11-05 20:11:38 | 000,002,193 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\toolkitsearch.xml
[2013-03-07 18:17:39 | 000,002,086 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Shawlhar\AppData\Local\Google\Chrome\Application\24.0.1312.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Shawlhar\AppData\Local\Google\Chrome\Application\24.0.1312.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Shawlhar\AppData\Local\Google\Chrome\Application\24.0.1312.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Shawlhar\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Shawlhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\plugin/npUrlAdvisor.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Shawlhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: BitCometAgent (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npBitCometAgent.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: TVU Web Player for FireFox (Enabled) = C:\Program Files (x86)\TVUPlayer\npTVUAx.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Shawlhar\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\3.0.40818.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\Shawlhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Google Search = C:\Users\Shawlhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: IDM Integration = C:\Users\Shawlhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmolcgpienlcieaajfkkdamlngancncm\6.15.5_0\
CHR - Extension: Norton Identity Protection = C:\Users\Shawlhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob\2013.1.0.32_0\
CHR - Extension: Gmail = C:\Users\Shawlhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2012-11-12 01:33:30 | 000,001,213 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 tonec.com
O1 - Hosts: 127.0.0.1 www.tonec.com
O1 - Hosts: 127.0.0.1 registeridm.com
O1 - Hosts: 127.0.0.1 www.registeridm.com
O1 - Hosts: 127.0.0.1 secure.registeridm.com
O1 - Hosts: 127.0.0.1 internetdownloadmanager.com
O1 - Hosts: 127.0.0.1 www.internetdownloadmanager.com
O1 - Hosts: 127.0.0.1 secure.internetdownloadmanager.com
O1 - Hosts: 127.0.0.1 mirror.internetdownloadmanager.com
O1 - Hosts: 127.0.0.1 mirror2.internetdownloadmanager.com
O2:64bit: - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
O2:64bit: - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Shawlhar\AppData\Roaming\Complitly\64\Complitly64.dll (SimplyGen)
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Shawlhar\AppData\Roaming\Complitly\Complitly.dll (SimplyGen)
O2 - BHO: (Search Assistant BHO) - {2d948797-8fe3-4508-9b6f-4bf349a9ea34} - C:\Program Files (x86)\ReadingFanatic_6x\bar\1.bin\6xSrcAs.dll (MindSpark)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\20.3.0.36\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll ()
O2 - BHO: (Norton Identity Protection) - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.1.0.32\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O2 - BHO: (Toolbar BHO) - {f149b372-5830-4d88-b8f6-2853d12c1af5} - C:\Program Files (x86)\ReadingFanatic_6x\bar\1.bin\6xbar.dll (MindSpark)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (WebScout FileBulldog Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files (x86)\WebScout FileBulldog Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll ()
O3 - HKLM\..\Toolbar: (Norton Identity Safe Toolbar) - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.1.0.32\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (ReadingFanatic) - {b36151d1-7770-4480-87e4-f89fb54e173d} - C:\Program Files (x86)\ReadingFanatic_6x\bar\1.bin\6xbar.dll (MindSpark)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D3B22A92-87A2-47B6-B3E6-A64877B5C242} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Connectify Dispatch] C:\Program Files (x86)\Connectify\DispatchUI.exe (Connectify)
O4:64bit: - HKLM..\Run: [Connectify Hotspot] C:\Program Files (x86)\Connectify\Connectify.exe (Connectify)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [HP Quick Launch] C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Company)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe (BlueStack Systems, Inc.)
O4 - HKLM..\Run: [Driver Genius] File not found
O4 - HKLM..\Run: [gbrspcontrol] C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe (Comodo Security Solutions, Inc.)
O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKCU..\Run: [] File not found
O4 - HKCU..\Run: [AdobePlugins] C:\Users\Shawlhar\AppData\Roaming\Adobe\Plugins\invis.vbs ()
O4 - HKCU..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 65536
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O8:64bit: - Extra context menu item: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8:64bit: - Extra context menu item: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8:64bit: - Extra context menu item: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm ()
O8:64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8:64bit: - Extra context menu item: Send To &Bluetooth - Reg Error: Value error. File not found
O8 - Extra context menu item: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Send To &Bluetooth - Reg Error: Value error. File not found
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Windows\SysNative\PrxerNsp.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\PrxerDrv.dll (Initex)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\PrxerDrv.dll (Initex)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\PrxerDrv.dll (Initex)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\PrxerDrv.dll (Initex)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000016 - C:\Windows\SysNative\PrxerDrv.dll (Initex)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Windows\SysWOW64\PrxerNsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\PrxerDrv.dll (Initex)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\PrxerDrv.dll (Initex)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\PrxerDrv.dll (Initex)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\PrxerDrv.dll (Initex)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\SysWOW64\PrxerDrv.dll (Initex)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_37)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{00004DDE-21E3-4787-9349-6D4B8998527F}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{141A3F81-F276-4A08-9819-353D6DAA02E6}: NameServer = 10.71.165.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{32DB6BF4-4C50-4790-B708-6C6921136CD9}: NameServer = 172.24.8.50 141.1.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8784BAD3-0F16-4198-95E4-C07A58FF16C3}: NameServer = 172.24.8.50 141.1.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AC0F8338-EC1E-4573-B39C-55D11969FA30}: NameServer = 172.24.8.50 141.1.1.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\SysWOW64\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22:64bit: - SharedTaskScheduler: {F791A188-699D-4FD4-955A-EB59E89B1907} - Theme Resource Changer - \Program Files\Theme Resource Changer\ThemeResourceChanger.dll ()
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{023f71d9-13fa-11e2-8db3-3cd92b23f3c3}\Shell - "" = AutoRun
O33 - MountPoints2\{023f71d9-13fa-11e2-8db3-3cd92b23f3c3}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{023f71fc-13fa-11e2-8db3-3cd92b23f3c3}\Shell - "" = AutoRun
O33 - MountPoints2\{023f71fc-13fa-11e2-8db3-3cd92b23f3c3}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{27d3038a-9855-11e1-ad96-00f1d000f1d0}\Shell - "" = AutoRun
O33 - MountPoints2\{27d3038a-9855-11e1-ad96-00f1d000f1d0}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{3235bb04-b637-11e1-afb9-d0df9a9391a4}\Shell - "" = AutoRun
O33 - MountPoints2\{3235bb04-b637-11e1-afb9-d0df9a9391a4}\Shell\AutoRun\command - "" = G:\autorun.exe
O33 - MountPoints2\{3235bb14-b637-11e1-afb9-d0df9a9391a4}\Shell - "" = AutoRun
O33 - MountPoints2\{3235bb14-b637-11e1-afb9-d0df9a9391a4}\Shell\AutoRun\command - "" = G:\autorun.exe
O33 - MountPoints2\{489453c3-1959-11e2-8bde-001e101f4da1}\Shell - "" = AutoRun
O33 - MountPoints2\{489453c3-1959-11e2-8bde-001e101f4da1}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{489453c7-1959-11e2-8bde-001e101f4da1}\Shell - "" = AutoRun
O33 - MountPoints2\{489453c7-1959-11e2-8bde-001e101f4da1}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{51ad9292-76a0-11e1-ac92-d0df9a9391a4}\Shell - "" = AutoRun
O33 - MountPoints2\{51ad9297-76a0-11e1-ac92-d0df9a9391a4}\Shell - "" = AutoRun
O33 - MountPoints2\{7b5442be-392c-11e2-91ee-001e101f82a7}\Shell - "" = AutoRun
O33 - MountPoints2\{7b5442be-392c-11e2-91ee-001e101f82a7}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{7ffc9107-9f78-11e1-94f6-d0df9a9391a4}\Shell - "" = AutoRun
O33 - MountPoints2\{8ba63f2a-5d93-11e2-803e-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{8ba63f2a-5d93-11e2-803e-806e6f6e6963}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{95316bb2-913a-11e1-92c2-3cd92b23f3c3}\Shell - "" = AutoRun
O33 - MountPoints2\{b9cbc359-6de2-11e1-9db2-3cd92b23f3c3}\Shell - "" = AutoRun
O33 - MountPoints2\{b9cbc359-6de2-11e1-9db2-3cd92b23f3c3}\Shell\AutoRun\command - "" = H:\wubi.exe
O33 - MountPoints2\{b9cbc361-6de2-11e1-9db2-3cd92b23f3c3}\Shell - "" = AutoRun
O33 - MountPoints2\{b9cbc361-6de2-11e1-9db2-3cd92b23f3c3}\Shell\AutoRun\command - "" = K:\CDCheck.exe
O33 - MountPoints2\{bc4acf53-f7dc-11e0-a663-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{bc4acf89-f7dc-11e0-a663-d0df9a9391a4}\Shell - "" = AutoRun
O33 - MountPoints2\{c7cb2c58-83f6-11e1-b0b3-3cd92b23f3c3}\Shell - "" = AutoRun
O33 - MountPoints2\{cdbadb19-123d-11e2-aecc-001e101f2500}\Shell - "" = AutoRun
O33 - MountPoints2\{cdbadb19-123d-11e2-aecc-001e101f2500}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{cdbadb29-123d-11e2-aecc-001e101f2500}\Shell - "" = AutoRun
O33 - MountPoints2\{cdbadb29-123d-11e2-aecc-001e101f2500}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{d4ad3406-f0de-11e1-8de5-d0df9a9391a4}\Shell - "" = AutoRun
O33 - MountPoints2\{d4ad3406-f0de-11e1-8de5-d0df9a9391a4}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{e8a86451-febe-11e1-a8c2-001e101f1ed9}\Shell - "" = AutoRun
O33 - MountPoints2\{e8a86451-febe-11e1-a8c2-001e101f1ed9}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013-03-18 14:06:12 | 000,000,000 | ---D | C] -- C:\Users\Shawlhar\Desktop\ol
[2013-03-15 16:58:00 | 000,000,000 | ---D | C] -- C:\Users\Shawlhar\Desktop\Crack
[2013-03-15 16:04:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desktop Icon Toy
[2013-03-15 15:50:55 | 000,047,368 | ---- | C] (COMODO CA Limited) -- C:\Windows\SysWow64\certsentry.dll
[2013-03-15 15:50:52 | 000,056,072 | ---- | C] (COMODO CA Limited) -- C:\Windows\SysNative\certsentry.dll
[2013-03-15 14:39:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Genius
[2013-03-15 14:39:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Driver-Soft
[2013-03-15 00:38:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Connectify
[2013-03-15 00:36:08 | 000,034,840 | ---- | C] (Connectify) -- C:\Windows\SysNative\drivers\cnnctfy3.sys
[2013-03-15 00:33:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Connectify
[2013-03-15 00:33:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Connectify
[2013-03-14 17:25:34 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013-03-13 13:53:23 | 000,000,000 | ---D | C] -- C:\Users\Shawlhar\Desktop\halo
[2013-03-08 15:47:21 | 000,000,000 | ---D | C] -- C:\ProgramData\IDM
[2013-03-08 14:37:58 | 000,000,000 | --SD | C] -- C:\ProgramData\Shared Space
[2013-03-08 14:28:47 | 000,000,000 | ---D | C] -- C:\ProgramData\COMODO
[2013-03-08 14:28:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Comodo
[2013-03-08 14:26:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
[2013-03-08 14:26:41 | 000,000,000 | ---D | C] -- C:\Users\Shawlhar\AppData\Local\Comodo
[2013-03-08 14:26:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Comodo
[2013-03-08 14:26:17 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gdiplus.dll
[2013-03-07 15:52:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
[2013-03-07 15:52:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BlueStacks
[2013-03-07 15:51:31 | 000,000,000 | ---D | C] -- C:\ProgramData\BlueStacksSetup
[2013-03-07 15:51:30 | 000,000,000 | ---D | C] -- C:\ProgramData\BlueStacks
[2013-03-06 20:25:14 | 000,000,000 | ---D | C] -- C:\Users\Shawlhar\Desktop\A
[2013-03-01 13:04:38 | 000,165,112 | ---- | C] (Tonec Inc.) -- C:\Windows\SysNative\drivers\idmwfp.sys
[2013-02-21 13:14:49 | 000,000,000 | ---D | C] -- C:\Users\Shawlhar\psp
[2013-02-19 14:27:20 | 000,000,000 | ---D | C] -- C:\Users\Shawlhar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mortal Kombat 5 5
[2013-02-19 14:27:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WebSOFT
[2013-02-17 08:18:25 | 000,000,000 | ---D | C] -- C:\Users\Shawlhar\Documents\Symantec
[2012-12-24 12:46:50 | 014,986,984 | ---- | C] (Driver-Soft Inc. ) -- C:\Users\Shawlhar\AppData\Roaming\drvgenpro.exe
[2012-05-25 23:41:29 | 015,942,270 | ---- | C] (Mr GRiM) -- C:\Users\Shawlhar\HUD Evolution x64.exe
[2012-05-25 22:30:09 | 000,587,737 | ---- | C] (Bad [bleep] Apps) -- C:\Users\Shawlhar\ThemeResourceChangerX64-v10.exe
[7 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Users\Shawlhar\Documents\*.tmp files -> C:\Users\Shawlhar\Documents\*.tmp -> ]
[13 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Users\Shawlhar\Desktop\*.tmp files -> C:\Users\Shawlhar\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013-03-18 16:32:09 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013-03-18 16:30:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-03-18 13:56:09 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1397294529-3170872516-2112063622-1000UA.job
[2013-03-18 05:53:22 | 000,878,248 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013-03-18 05:53:22 | 000,729,910 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013-03-18 05:53:22 | 000,147,868 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013-03-17 14:40:48 | 000,000,780 | ---- | M] () -- C:\Users\Shawlhar\Desktop\TeraCopy.lnk
[2013-03-16 12:58:50 | 000,052,224 | ---- | M] () -- C:\Users\Shawlhar\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013-03-16 03:12:03 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013-03-16 03:12:03 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013-03-16 03:01:24 | 3062,251,520 | -HS- | M] () -- C:\hiberfil.sys
[2013-03-15 16:13:22 | 000,002,944 | ---- | M] () -- C:\{A436D713-5126-46DC-A75F-8E141F27CB27}
[2013-03-15 16:09:44 | 000,249,168 | ---- | M] () -- C:\{A1A59FEC-F135-49FD-8578-058BCF924CAC}
[2013-03-15 16:04:27 | 000,000,822 | ---- | M] () -- C:\Users\Shawlhar\Application Data\Microsoft\Internet Explorer\Quick Launch\Desktop Icon Toy.lnk
[2013-03-15 16:04:24 | 000,000,798 | ---- | M] () -- C:\Users\Shawlhar\Desktop\Desktop Icon Toy.lnk
[2013-03-15 15:50:55 | 000,047,368 | ---- | M] (COMODO CA Limited) -- C:\Windows\SysWow64\certsentry.dll
[2013-03-15 15:50:52 | 000,056,072 | ---- | M] (COMODO CA Limited) -- C:\Windows\SysNative\certsentry.dll
[2013-03-15 14:39:45 | 000,001,179 | ---- | M] () -- C:\Users\Shawlhar\Desktop\Driver Genius.lnk
[2013-03-15 00:39:12 | 001,548,283 | ---- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1403000.024\Cat.DB
[2013-03-15 00:38:45 | 000,000,374 | ---- | M] () -- C:\Users\Public\Desktop\Connectify Dispatch.lnk
[2013-03-15 00:38:45 | 000,000,358 | ---- | M] () -- C:\Users\Public\Desktop\Connectify Hotspot.lnk
[2013-03-15 00:36:08 | 000,034,840 | ---- | M] (Connectify) -- C:\Windows\SysNative\drivers\cnnctfy3.sys
[2013-03-14 17:31:00 | 000,870,862 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013-03-14 09:43:53 | 000,001,082 | ---- | M] () -- C:\Users\Shawlhar\Desktop\haloce (2).exe - Shortcut.lnk
[2013-03-12 08:47:44 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForShawlhar.job
[2013-03-08 16:15:40 | 000,162,560 | ---- | M] () -- C:\Windows\SysNative\drivers\sfi.dat
[2013-03-08 15:45:32 | 000,014,818 | ---- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1403000.024\VT20130115.021
[2013-03-08 14:47:08 | 000,001,985 | ---- | M] () -- C:\Users\Public\Desktop\Virtual Comodo Dragon.lnk
[2013-03-08 14:28:32 | 000,002,015 | ---- | M] () -- C:\Users\Public\Desktop\AntiError.lnk
[2013-03-08 14:28:32 | 000,002,011 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk
[2013-03-08 14:28:31 | 000,002,011 | ---- | M] () -- C:\Users\Public\Desktop\GeekBuddy.lnk
[2013-03-08 14:26:53 | 000,001,088 | ---- | M] () -- C:\Users\Public\Desktop\Comodo Dragon.lnk
[2013-03-08 14:26:17 | 001,700,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\gdiplus.dll
[2013-03-07 16:13:53 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1ce1b466152ff3d.job
[2013-03-07 15:52:39 | 000,001,829 | ---- | M] () -- C:\Users\Public\Desktop\Apps.lnk
[2013-03-07 15:52:37 | 000,001,775 | ---- | M] () -- C:\Users\Public\Desktop\Start BlueStacks.lnk
[2013-03-07 12:59:08 | 802,697,836 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013-03-07 10:05:22 | 000,005,807 | ---- | M] () -- C:\Users\Shawlhar\Documents\wand.dat
[2013-03-04 22:49:04 | 000,455,280 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013-02-20 19:44:11 | 000,002,672 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys
[2013-02-20 19:44:09 | 000,000,088 | RHS- | M] () -- C:\ProgramData\D07AFD0F8E.sys
[2013-02-19 14:27:20 | 000,002,019 | ---- | M] () -- C:\Users\Shawlhar\Desktop\Mortal Kombat 5.lnk
[2013-02-18 14:26:35 | 000,002,072 | ---- | M] () -- C:\{8228222D-978D-4260-B966-0019A746F026}
[2013-02-18 14:23:30 | 000,002,352 | ---- | M] () -- C:\{4649EF78-2E43-4F9B-A626-0BF73C746BFA}
[2013-02-18 14:20:49 | 000,002,200 | ---- | M] () -- C:\{9270DEFE-4ED3-4ADE-9930-433221453A75}
[2013-02-18 13:01:58 | 000,002,176 | ---- | M] () -- C:\{A48A0EBB-CB53-4C68-BD91-BA9EB25E3C01}
[2013-02-18 12:57:44 | 000,002,888 | ---- | M] () -- C:\{042857E6-1F4A-4CFF-8644-A78427FC1046}
[2013-02-18 12:53:22 | 000,002,888 | ---- | M] () -- C:\{768B306A-57EB-4A17-9911-12ECCAE674E4}
[2013-02-18 12:47:22 | 000,002,176 | ---- | M] () -- C:\{4B9BEA6F-1F0F-4FE2-B2BE-5607F312C1A2}
[2013-02-18 12:40:58 | 000,002,888 | ---- | M] () -- C:\{E8B1144E-707C-4F20-A5CE-9978149ECF3A}
[2013-02-18 12:37:01 | 000,002,888 | ---- | M] () -- C:\{7C00C7A5-BFD6-4DF6-A410-4B066C13907D}
[2013-02-18 12:30:23 | 000,002,176 | ---- | M] () -- C:\{E647FCE9-56D8-4703-91C0-9A9E9800DEF3}
[2013-02-18 12:26:46 | 000,002,624 | ---- | M] () -- C:\{ED5A96E0-2FC6-4750-93B4-6C16C7E5823F}
[2013-02-18 12:21:09 | 000,002,176 | ---- | M] () -- C:\{24A38634-7119-482A-B60E-11E789C81EF7}
[2013-02-18 12:17:48 | 000,002,624 | ---- | M] () -- C:\{B6C218A6-E325-480C-AD9B-D465BBB4E538}
[2013-02-18 12:11:35 | 000,002,968 | ---- | M] () -- C:\{C6FA91E0-D872-42B3-B919-456B1FBC2377}
[2013-02-18 12:06:05 | 000,002,976 | ---- | M] () -- C:\{EB1EC388-85A7-48BF-AE2F-F8756D827EB7}
[2013-02-18 11:54:51 | 000,002,936 | ---- | M] () -- C:\{A6F5C35D-36CA-4D51-8755-2DAF0E0ADEC0}
[2013-02-18 11:51:11 | 000,002,208 | ---- | M] () -- C:\{97BD3932-0C63-4B56-9C47-3F30656494C9}
[2013-02-18 11:49:27 | 000,002,216 | ---- | M] () -- C:\{2B1011CF-A6A5-4F8C-AAF4-E03E56072F7A}
[2013-02-18 11:46:10 | 000,002,184 | ---- | M] () -- C:\{54070F32-C62A-4D0A-A99D-C345B566C861}
[2013-02-18 11:41:15 | 000,002,416 | ---- | M] () -- C:\{D4A5380D-D330-4589-9B86-299F570C7E3A}
[2013-02-18 11:36:54 | 000,002,104 | ---- | M] () -- C:\{E6359CD4-A44B-40B4-8678-72935135FE33}
[2013-02-18 11:32:39 | 000,002,176 | ---- | M] () -- C:\{0481D40C-C7C7-4747-8CF7-F75254A4AF0C}
[2013-02-18 11:29:49 | 000,002,856 | ---- | M] () -- C:\{1C51F232-AD00-4BFD-A9C0-90E5ECE357FB}
[2013-02-18 11:25:10 | 000,002,368 | ---- | M] () -- C:\{125BAADF-CF28-4ABC-A126-34DD7F6614AE}
[2013-02-18 11:20:55 | 000,002,480 | ---- | M] () -- C:\{EA85DE5B-ECB9-48BC-A0B1-5DDFCA867DB1}
[2013-02-18 11:16:25 | 000,002,512 | ---- | M] () -- C:\{AB172253-515B-46AD-8232-69D5B359D6ED}
[2013-02-18 11:07:08 | 000,002,216 | ---- | M] () -- C:\{2525C0AA-05E0-4EF9-9C60-6286155CC4A0}
[2013-02-18 10:59:54 | 000,002,264 | ---- | M] () -- C:\{FF7855DC-FE7E-4727-A47A-AFEEBC70884F}
[2013-02-18 10:56:13 | 000,002,224 | ---- | M] () -- C:\{F79E8C71-6925-41EB-9BEB-24EBA31CD276}
[2013-02-18 10:44:55 | 000,002,240 | ---- | M] () -- C:\{C4E4C2F7-A83F-4934-92A6-321C4D719D74}
[2013-02-18 10:42:25 | 000,002,448 | ---- | M] () -- C:\{461C0A56-8F96-42F3-811D-2F6653FBC350}
[2013-02-18 10:37:01 | 000,002,136 | ---- | M] () -- C:\{7C628565-122B-49FC-A9D3-4D0B56D91D0F}
[7 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Users\Shawlhar\Documents\*.tmp files -> C:\Users\Shawlhar\Documents\*.tmp -> ]
[13 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Users\Shawlhar\Desktop\*.tmp files -> C:\Users\Shawlhar\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013-03-17 14:40:47 | 000,000,780 | ---- | C] () -- C:\Users\Shawlhar\Desktop\TeraCopy.lnk
[2013-03-15 16:13:20 | 000,002,944 | ---- | C] () -- C:\{A436D713-5126-46DC-A75F-8E141F27CB27}
[2013-03-15 16:09:44 | 000,249,168 | ---- | C] () -- C:\{A1A59FEC-F135-49FD-8578-058BCF924CAC}
[2013-03-15 16:04:27 | 000,000,822 | ---- | C] () -- C:\Users\Shawlhar\Application Data\Microsoft\Internet Explorer\Quick Launch\Desktop Icon Toy.lnk
[2013-03-15 16:04:24 | 000,000,798 | ---- | C] () -- C:\Users\Shawlhar\Desktop\Desktop Icon Toy.lnk
[2013-03-15 14:39:43 | 000,001,179 | ---- | C] () -- C:\Users\Shawlhar\Desktop\Driver Genius.lnk
[2013-03-15 00:38:45 | 000,000,374 | ---- | C] () -- C:\Users\Public\Desktop\Connectify Dispatch.lnk
[2013-03-15 00:38:45 | 000,000,358 | ---- | C] () -- C:\Users\Public\Desktop\Connectify Hotspot.lnk
[2013-03-14 09:41:56 | 000,001,082 | ---- | C] () -- C:\Users\Shawlhar\Desktop\haloce (2).exe - Shortcut.lnk
[2013-03-12 08:47:44 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForShawlhar.job
[2013-03-08 14:47:06 | 000,001,985 | ---- | C] () -- C:\Users\Public\Desktop\Virtual Comodo Dragon.lnk
[2013-03-08 14:46:32 | 000,162,560 | ---- | C] () -- C:\Windows\SysNative\drivers\sfi.dat
[2013-03-08 14:28:32 | 000,002,015 | ---- | C] () -- C:\Users\Public\Desktop\AntiError.lnk
[2013-03-08 14:28:31 | 000,002,011 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk
[2013-03-08 14:28:31 | 000,002,011 | ---- | C] () -- C:\Users\Public\Desktop\GeekBuddy.lnk
[2013-03-08 14:26:49 | 000,001,088 | ---- | C] () -- C:\Users\Public\Desktop\Comodo Dragon.lnk
[2013-03-07 16:13:53 | 000,000,894 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1ce1b466152ff3d.job
[2013-03-07 15:52:39 | 000,001,829 | ---- | C] () -- C:\Users\Public\Desktop\Apps.lnk
[2013-03-07 15:52:37 | 000,001,775 | ---- | C] () -- C:\Users\Public\Desktop\Start BlueStacks.lnk
[2013-03-07 13:35:50 | 000,005,807 | ---- | C] () -- C:\Users\Shawlhar\Documents\wand.dat
[2013-03-05 15:50:13 | 802,697,836 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2013-03-04 22:48:44 | 000,455,280 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013-02-19 14:27:18 | 000,002,019 | ---- | C] () -- C:\Users\Shawlhar\Desktop\Mortal Kombat 5.lnk
[2013-02-19 14:25:40 | 001,947,106 | ---- | C] () -- C:\Users\Shawlhar\Documents\female student_3.pdf
[2013-02-18 14:26:34 | 000,002,072 | ---- | C] () -- C:\{8228222D-978D-4260-B966-0019A746F026}
[2013-02-18 14:23:29 | 000,002,352 | ---- | C] () -- C:\{4649EF78-2E43-4F9B-A626-0BF73C746BFA}
[2013-02-18 14:19:22 | 000,002,200 | ---- | C] () -- C:\{9270DEFE-4ED3-4ADE-9930-433221453A75}
[2013-02-18 13:01:57 | 000,002,176 | ---- | C] () -- C:\{A48A0EBB-CB53-4C68-BD91-BA9EB25E3C01}
[2013-02-18 12:57:43 | 000,002,888 | ---- | C] () -- C:\{042857E6-1F4A-4CFF-8644-A78427FC1046}
[2013-02-18 12:53:21 | 000,002,888 | ---- | C] () -- C:\{768B306A-57EB-4A17-9911-12ECCAE674E4}
[2013-02-18 12:47:21 | 000,002,176 | ---- | C] () -- C:\{4B9BEA6F-1F0F-4FE2-B2BE-5607F312C1A2}
[2013-02-18 12:40:57 | 000,002,888 | ---- | C] () -- C:\{E8B1144E-707C-4F20-A5CE-9978149ECF3A}
[2013-02-18 12:37:00 | 000,002,888 | ---- | C] () -- C:\{7C00C7A5-BFD6-4DF6-A410-4B066C13907D}
[2013-02-18 12:30:22 | 000,002,176 | ---- | C] () -- C:\{E647FCE9-56D8-4703-91C0-9A9E9800DEF3}
[2013-02-18 12:26:45 | 000,002,624 | ---- | C] () -- C:\{ED5A96E0-2FC6-4750-93B4-6C16C7E5823F}
[2013-02-18 12:21:08 | 000,002,176 | ---- | C] () -- C:\{24A38634-7119-482A-B60E-11E789C81EF7}
[2013-02-18 12:17:47 | 000,002,624 | ---- | C] () -- C:\{B6C218A6-E325-480C-AD9B-D465BBB4E538}
[2013-02-18 12:11:33 | 000,002,968 | ---- | C] () -- C:\{C6FA91E0-D872-42B3-B919-456B1FBC2377}
[2013-02-18 12:06:04 | 000,002,976 | ---- | C] () -- C:\{EB1EC388-85A7-48BF-AE2F-F8756D827EB7}
[2013-02-18 11:54:49 | 000,002,936 | ---- | C] () -- C:\{A6F5C35D-36CA-4D51-8755-2DAF0E0ADEC0}
[2013-02-18 11:51:10 | 000,002,208 | ---- | C] () -- C:\{97BD3932-0C63-4B56-9C47-3F30656494C9}
[2013-02-18 11:49:26 | 000,002,216 | ---- | C] () -- C:\{2B1011CF-A6A5-4F8C-AAF4-E03E56072F7A}
[2013-02-18 11:46:09 | 000,002,184 | ---- | C] () -- C:\{54070F32-C62A-4D0A-A99D-C345B566C861}
[2013-02-18 11:41:14 | 000,002,416 | ---- | C] () -- C:\{D4A5380D-D330-4589-9B86-299F570C7E3A}
[2013-02-18 11:36:52 | 000,002,104 | ---- | C] () -- C:\{E6359CD4-A44B-40B4-8678-72935135FE33}
[2013-02-18 11:32:38 | 000,002,176 | ---- | C] () -- C:\{0481D40C-C7C7-4747-8CF7-F75254A4AF0C}
[2013-02-18 11:29:48 | 000,002,856 | ---- | C] () -- C:\{1C51F232-AD00-4BFD-A9C0-90E5ECE357FB}
[2013-02-18 11:25:09 | 000,002,368 | ---- | C] () -- C:\{125BAADF-CF28-4ABC-A126-34DD7F6614AE}
[2013-02-18 11:20:54 | 000,002,480 | ---- | C] () -- C:\{EA85DE5B-ECB9-48BC-A0B1-5DDFCA867DB1}
[2013-02-18 11:16:24 | 000,002,512 | ---- | C] () -- C:\{AB172253-515B-46AD-8232-69D5B359D6ED}
[2013-02-18 11:07:06 | 000,002,216 | ---- | C] () -- C:\{2525C0AA-05E0-4EF9-9C60-6286155CC4A0}
[2013-02-18 10:59:53 | 000,002,264 | ---- | C] () -- C:\{FF7855DC-FE7E-4727-A47A-AFEEBC70884F}
[2013-02-18 10:56:12 | 000,002,224 | ---- | C] () -- C:\{F79E8C71-6925-41EB-9BEB-24EBA31CD276}
[2013-02-18 10:44:54 | 000,002,240 | ---- | C] () -- C:\{C4E4C2F7-A83F-4934-92A6-321C4D719D74}
[2013-02-18 10:42:24 | 000,002,448 | ---- | C] () -- C:\{461C0A56-8F96-42F3-811D-2F6653FBC350}
[2013-02-18 10:36:59 | 000,002,136 | ---- | C] () -- C:\{7C628565-122B-49FC-A9D3-4D0B56D91D0F}
[2013-01-13 15:11:56 | 000,056,424 | ---- | C] () -- C:\Windows\SysWow64\PrxerNsp.dll
[2012-12-20 12:44:08 | 000,000,017 | ---- | C] () -- C:\Windows\SysWow64\shortcut_ex.dat
[2012-11-30 15:36:52 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012-11-25 04:00:28 | 000,286,720 | ---- | C] () -- C:\Windows\syswinconf.ini
[2012-08-31 11:26:39 | 000,000,218 | ---- | C] () -- C:\Users\Shawlhar\AppData\Local\recently-used.xbel
[2012-08-17 20:06:15 | 000,000,031 | ---- | C] () -- C:\Windows\wininit.ini
[2012-07-03 07:24:35 | 701,616,800 | ---- | C] () -- C:\Users\Shawlhar\AVSEQ01 (1) (1).avi
[2012-06-15 21:18:02 | 198,760,838 | ---- | C] () -- C:\Users\Shawlhar\AVSEQ01 (1).avi
[2012-06-07 18:19:05 | 000,037,980 | ---- | C] () -- C:\Users\Shawlhar\S-pics099.jpg
[2012-06-07 18:19:05 | 000,025,541 | ---- | C] () -- C:\Users\Shawlhar\S-pics105.jpg
[2012-06-06 16:19:46 | 000,024,983 | ---- | C] () -- C:\Users\Shawlhar\S-pics101.jpg
[2012-05-25 23:41:09 | 014,624,887 | ---- | C] () -- C:\Users\Shawlhar\7tsp_HUD_Evolution_Icons_Theme_Extras_Bottomshell.7z
[2012-05-25 22:37:14 | 003,350,148 | ---- | C] () -- C:\Users\Shawlhar\UXTheme Multi-Patcher 8.0.exe
[2012-05-19 22:06:14 | 000,005,207 | ---- | C] () -- C:\Users\Shawlhar\micheal.phpjpg
[2012-05-11 10:37:19 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2012-05-08 08:43:22 | 000,017,408 | ---- | C] () -- C:\Users\Shawlhar\AppData\Local\WebpageIcons.db
[2012-03-02 19:55:25 | 000,870,862 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012-02-04 22:15:53 | 000,001,854 | ---- | C] () -- C:\Users\Shawlhar\AppData\Roaming\GhostObjGAFix.xml
[2012-01-10 21:29:54 | 013,904,384 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011-12-12 17:18:36 | 000,000,909 | ---- | C] () -- C:\Users\Shawlhar\sec.bat
[2011-12-07 16:39:40 | 000,000,163 | ---- | C] () -- C:\Users\Shawlhar\MATRIX.bat
[2011-11-16 22:37:09 | 000,002,672 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2011-11-16 22:37:09 | 000,000,088 | RHS- | C] () -- C:\ProgramData\D07AFD0F8E.sys
[2011-11-14 14:07:19 | 000,000,297 | ---- | C] () -- C:\Users\Shawlhar\AppData\Roaming\Network Meter_Settings.ini
[2011-11-13 22:26:38 | 000,962,560 | ---- | C] () -- C:\Windows\tesseract.exe
[2011-11-12 11:14:01 | 000,007,598 | ---- | C] () -- C:\Users\Shawlhar\AppData\Local\resmon.resmoncfg
[2011-11-11 22:28:47 | 000,000,279 | ---- | C] () -- C:\Users\Shawlhar\kkk.cpp
[2011-11-09 20:37:31 | 000,000,298 | ---- | C] () -- C:\Users\Shawlhar\prac.htm
[2011-11-04 16:55:47 | 000,052,224 | ---- | C] () -- C:\Users\Shawlhar\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-10-31 21:42:10 | 000,837,282 | ---- | C] () -- C:\Users\Shawlhar\my docs result.zip
[2011-10-27 18:24:10 | 001,006,600 | ---- | C] () -- C:\Users\Shawlhar\Xeon_10 Xbox 360.rar
[2011-10-26 00:13:35 | 000,109,216 | ---- | C] () -- C:\Windows\SysWow64\EasyHook64.dll
[2011-10-26 00:13:35 | 000,084,480 | ---- | C] () -- C:\Windows\SysWow64\EasyHook32.dll
[2011-09-30 07:48:32 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2011-08-31 19:51:16 | 000,867,020 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2011-08-31 19:51:16 | 000,128,204 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2011-08-31 19:51:16 | 000,105,608 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2011-08-05 18:22:17 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe
[2011-05-13 21:15:06 | 000,000,188 | ---- | C] () -- C:\Windows\SysWow64\HPWA.ini
[2011-04-10 09:48:30 | 000,010,294 | ---- | C] () -- C:\Users\Shawlhar\Photo.jpg
[2011-04-09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat

========== ZeroAccess Check ==========

[2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Alternate Data Streams ==========

@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:661DFA1C
@Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:2B11E0DF
@Alternate Data Stream - 108 bytes -> C:\ProgramData\Temp:553CA6CA

< End of report >

and extra log file
OTL Extras logfile created on: 18-Mar-13 14:07:48 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Shawlhar\Desktop\ol
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: dd-MMM-yy

3.80 Gb Total Physical Memory | 2.45 Gb Available Physical Memory | 64.48% Memory free
9.50 Gb Paging File | 7.28 Gb Available in Paging File | 76.58% Paging File free
Paging file location(s): C:\pagefile.sys 5839 5839 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 284.05 Gb Total Space | 48.32 Gb Free Space | 17.01% Space Free | Partition Type: NTFS
Drive D: | 13.74 Gb Total Space | 1.71 Gb Free Space | 12.46% Space Free | Partition Type: NTFS
Drive F: | 99.34 Mb Total Space | 84.99 Mb Free Space | 85.56% Space Free | Partition Type: FAT32

Computer Name: SHAWLHAR-HP | User Name: Shawlhar | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files (x86)\File Scout\filescout.exe" /open "%1" ()
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" [2012-12-12 14:20:10 | 000,000,000 | ---D | M]
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files (x86)\File Scout\filescout.exe" /open "%1" ()
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" [2012-12-12 14:20:10 | 000,000,000 | ---D | M]
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"FirstRunDisabled" = 0
"UacDisableNotify" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Ubisoft\Scrabble2009\ScrabblePCR.exe" = C:\Program Files (x86)\Ubisoft\Scrabble2009\ScrabblePCR.exe:*:Enabled:ScrabblePCR -- ()
"C:\Program Files (x86)\Ubisoft\Scrabble2009\ScrabblePCR.exe" = C:\Program Files (x86)\Ubisoft\Scrabble2009\ScrabblePCR.exe:*:Enabled:ScrabblePCR -- ()

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Ubisoft\Scrabble2009\ScrabblePCR.exe" = C:\Program Files (x86)\Ubisoft\Scrabble2009\ScrabblePCR.exe:*:Enabled:ScrabblePCR -- ()
"C:\Program Files (x86)\Ubisoft\Scrabble2009\ScrabblePCR.exe" = C:\Program Files (x86)\Ubisoft\Scrabble2009\ScrabblePCR.exe:*:Enabled:ScrabblePCR -- ()


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00608B00-B3CC-4263-B815-16A66ACE717B}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{011B00F2-061A-4E45-8628-0ECFAB8FE821}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{080A88DE-9A21-4BEF-A1A8-33B68BEE401E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{086CFA0F-F788-4D3D-9A70-6ACAB39FC743}" = rport=2869 | protocol=6 | dir=out | app=system |
"{15DB24DE-E05A-458E-B35C-126D6587D749}" = lport=2987 | protocol=6 | dir=in | app=c:\program files (x86)\connectify\connectify.exe |
"{2181C836-14A8-4BAC-9685-70435564266B}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{2AE00993-740F-4CFA-AE21-678CB99DC0F7}" = lport=2869 | protocol=6 | dir=in | app=system |
"{2C949DDE-47EB-49A6-859C-6147D15A8ADE}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2D58716F-B28A-46FF-838E-1CDD0D6E45EC}" = lport=68 | protocol=17 | dir=in | app=c:\program files (x86)\connectify\connectifynetservices.exe |
"{33199742-7AB7-4A15-A089-D72FFFDF60BD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{33700767-94B0-44C6-973C-5FC9BC090A25}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{357B5957-46E9-44FC-BCEE-FBC1A5F7ECAE}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{37020931-6385-4EE0-9ECA-EB6FE3CADE6F}" = lport=547 | protocol=17 | dir=in | app=c:\windows\system32\svchost.exe |
"{387DB7A3-C82D-4A35-8B5F-911FA5BC12FF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{3C44BA14-1A6B-4779-BEE6-C07AE2F82EC5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3CE82190-EEB3-4B96-ACC9-F1476A313077}" = lport=4481 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer |
"{41AF1F50-81D8-4B86-B62B-848F0D7138E2}" = rport=1900 | protocol=17 | dir=out | app=c:\windows\system32\svchost.exe |
"{47F8D531-C56C-44C2-8AC9-7E8AE2408F4F}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{4F874E16-69E6-41C4-8EC0-6C6488751D0C}" = lport=138 | protocol=17 | dir=in | app=system |
"{53508C99-0D77-4E04-8804-CD47DCE291DD}" = lport=1900 | protocol=17 | dir=in | app=c:\windows\system32\svchost.exe |
"{6241FB8A-0F39-4026-A5BC-2436A965B1F2}" = rport=2869 | protocol=6 | dir=out | app=system |
"{650F4E26-1739-4CE4-B380-826F2B744032}" = lport=445 | protocol=6 | dir=in | app=system |
"{651F3A7D-C1A9-4AC3-9A26-671C82B5102E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{6B12A4ED-3782-448E-B82D-F66141E5F364}" = rport=10243 | protocol=6 | dir=out | app=system |
"{6B870417-7BAC-451D-B956-84B7536312FE}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{6C0180C3-15A7-414D-8116-AF0C5CB14AA9}" = lport=4482 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery |
"{6C2AD73A-0B5C-4280-A770-D8A9EB3A1BF2}" = lport=2869 | protocol=6 | dir=in | app=system |
"{700530B3-8A98-4414-923D-F02ED58D120C}" = rport=139 | protocol=6 | dir=out | app=system |
"{7B7DB0FC-6BE4-430B-8456-87ADBDBCD327}" = lport=139 | protocol=6 | dir=in | app=system |
"{7E98FE11-A630-4289-BF1F-A778FE245760}" = rport=2869 | protocol=6 | dir=out | app=system |
"{7EC79646-4499-438B-B4AC-FDE5ABD56EFE}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8569D9E9-03C3-47DB-B8B1-6E2ED2254508}" = lport=67 | protocol=17 | dir=in | app=c:\program files (x86)\connectify\connectifynetservices.exe |
"{8FEAD996-9E51-4917-9392-0ECE7775E09F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9562C3C9-E2D8-4F3F-9BD8-24EF6E8504B8}" = lport=26827 | protocol=17 | dir=in | name=bitcomet 26827 udp |
"{96319DC4-12FE-4C7F-A7BC-0439FFD4AA78}" = lport=26827 | protocol=6 | dir=in | name=bitcomet 26827 tcp |
"{99C6E2FD-C6E5-48E8-A2F3-52FC91ADE8B8}" = lport=2869 | protocol=6 | dir=in | app=system |
"{9CF40E3A-781E-4F41-9072-6DAD98B95C69}" = lport=53 | protocol=17 | dir=in | app=c:\program files (x86)\connectify\connectifynetservices.exe |
"{A16C2076-80B8-4022-92E7-CF49DAC07238}" = rport=445 | protocol=6 | dir=out | app=system |
"{A605112B-7157-4D8F-A937-8523FD3A4333}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{A9D5B6A3-6446-47D2-90B6-E5D6DEA3FDCB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AE55B278-63F6-4B80-A223-DEF35A929A01}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{AFA60950-43F6-431A-B6CA-28A0A361A8DC}" = lport=4482 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer |
"{BAEB86D8-2B27-403D-9F2C-F5BB331D0D41}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{C2A19392-9417-477D-A7D4-4DBED61C08A1}" = lport=4481 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery |
"{C7370735-B67D-49D1-9D4B-4073BE6C0A2D}" = lport=67 | protocol=17 | dir=in | app=c:\program files (x86)\connectify\connectifynetservices.exe |
"{C97E7ACD-0EC4-419E-9019-216D81D7E194}" = lport=137 | protocol=17 | dir=in | app=system |
"{D63BC7BC-3D68-4CB1-AE17-42AB19723C02}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{D6F45B18-9C6D-4131-A8EC-3510C9C7BECA}" = rport=138 | protocol=17 | dir=out | app=system |
"{D7F0FFAE-4915-4FB9-9DD5-F702F3F5AB2A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DB480AD2-1537-493A-977F-EAACB02C6638}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{E3377845-E05A-470B-BEEB-A7FE3EFBBCCD}" = rport=137 | protocol=17 | dir=out | app=system |
"{E655F285-5D77-42CE-A66C-62B61E1AB0C8}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{EBAADE09-F53F-4066-804F-C96C5550CAA5}" = lport=10243 | protocol=6 | dir=in | app=system |
"{EE569EA9-582A-4EEF-A100-6547A149A924}" = lport=53 | protocol=17 | dir=in | app=c:\program files (x86)\connectify\connectifynetservices.exe |
"{F8E202B7-208B-4865-801C-A16EE062E8C8}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FA310BCF-8BCE-4824-AEC1-B9AD76C31109}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{FAD6F6D8-89FC-4DFE-8489-F4B4AB54D4C1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FBD4106F-6A46-44A5-B85F-BAC992609C2A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01262FB7-CB2E-4003-97E7-74C8BAC5F72D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{09632DE4-21E6-4BDA-9827-D7F3126DCBEA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{0C0CBA35-726B-4973-B0A6-898E7DB641DD}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{0F3E4ADF-8412-4287-AAFE-7E924C70D249}" = protocol=6 | dir=in | app=c:\program files (x86)\konami\pro evolution soccer 2012\pes2012.exe |
"{132F6219-427D-4305-84E3-BCFCEA76D151}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{18F4DB85-B836-483F-9385-F38710A42334}" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"{1A4FC0F7-68BC-49F2-8C62-11A30F430D5C}" = protocol=1 | dir=in | [email protected],-28543 |
"{25C2A7A8-82EE-4D2A-A0CC-7A9635C1DB3E}" = protocol=58 | dir=in | name=internet connection sharing (router solicitation-in) |
"{27E721C8-8F59-41CA-BE6F-7FC0BBEF328C}" = protocol=6 | dir=out | app=c:\windows\system32\svchost.exe |
"{390528BB-0942-41A7-891E-DB567606D21D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{39DC8C75-3557-4F57-B596-136DC9020281}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{3A4B4684-08D9-4D25-8C82-9D65AEB86891}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{3CDCB107-7416-489E-B392-999C89AE745A}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{40F33556-7FCE-41CA-92F4-F36EE7EEDC7B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{461175E4-D7D5-4BFE-8D05-5158F89CEA61}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4676274B-37EA-46AF-8120-600A33D3B7A2}" = protocol=17 | dir=in | app=c:\program files (x86)\research in motion\blackberry desktop\rim.desktop.exe |
"{4940A154-602F-4F14-9837-49A836DBB904}" = protocol=6 | dir=in | app=c:\games\pro evolution soccer 2012\pes2012.exe |
"{4ABF71F8-2878-4028-8F16-DFE2072E36BC}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{4D5C3AF1-95D4-4EA7-A1BB-995F1BCA1E34}" = protocol=6 | dir=out | app=c:\program files (x86)\rosetta stone\rosetta stone version 3\rosettastoneversion3.exe |
"{4EF80F9E-E01D-4CC4-90D0-B9CCDD73D2A2}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{4FFEC4F3-141D-438D-AF79-7F441660AA52}" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{57F5FF07-0344-4C0B-AC3B-733C03022A21}" = protocol=6 | dir=out | app=system |
"{5B5EBB42-839F-4807-B4C0-9071857EFFC9}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{5BE3A469-CC8E-43FC-888D-0AF403D3F364}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5C4209FB-2835-47F5-99C2-A8C446CC21B1}" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"{5CEF5784-911F-456C-9137-6D57DDB4AE75}" = dir=in | app=c:\program files (x86)\rosetta stone\rosetta stone version 3\rosettastoneversion3.exe |
"{6562B6C2-9CFC-4D7D-8D21-BB4564F770C4}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{6607D035-093F-4C38-9384-7B1882CB03B3}" = protocol=17 | dir=in | app=c:\games\pro evolution soccer 2012\pes2012.exe |
"{68F57806-9C57-4D59-8AFD-A76CBEFF2E77}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{7111B196-4F57-4B5F-82BF-7D595FBE0420}" = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{749FE228-E450-4FD5-ACB7-4D4753EC029B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{75FB3187-EE3D-42B2-87F0-292E95B3E265}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |
"{7BF55AAE-66F3-425C-BD79-ACD8C6E4E812}" = protocol=58 | dir=out | [email protected],-28546 |
"{7D4B48D4-7BB1-49B8-A459-6525B9AE719D}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{869F48AD-234D-420E-A099-A50CC764949C}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\comodo\geekbuddyrsp.exe |
"{8E28629B-4C9B-4B01-AF5F-FDF60B8C64AE}" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"{8E65AE04-F92A-4E64-AEB9-7D31206E2E70}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{8F5299A9-BCA2-4A17-8537-3092AAD31503}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\scrabble2009\scrabblepcr.exe |
"{9777447A-4941-40B1-B06D-8C1BBB52027B}" = dir=out | app=c:\windows\system32\svchost.exe |
"{9838D0D4-8F7D-4602-BFEB-9CD5E19435C4}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\comodo\geekbuddyrsp.exe |
"{9896C725-0365-4898-B21C-9ECFC61A8AEA}" = protocol=1 | dir=out | [email protected],-28544 |
"{9CAB26E4-16FD-4EBF-8887-40DFA9FD55B3}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{A8A04C6B-65D0-4E09-8913-26CAB1C34DBA}" = protocol=6 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{AA4E05CE-CA41-41A2-93A6-2DBAC4910672}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\scrabble2009\scrabblepcr.exe |
"{B19259CD-6359-464B-9446-2C59A059ADC0}" = protocol=58 | dir=in | [email protected],-148 |
"{B3714DA3-A3A6-48A5-97A0-88296DF34F3A}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{B39051D7-AEF8-459B-B8A8-9F28342874DA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B57490AD-6139-4A25-8EC4-80DCC27603B9}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{B99BD407-6A39-41C5-A200-97DB84A7D3A4}" = protocol=17 | dir=in | app=c:\program files (x86)\konami\pro evolution soccer 2012\pes2012.exe |
"{BE7F6527-ED64-49B7-92A7-397648AC7164}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{C698FE8D-82A5-4B44-9602-74C89C4A9E63}" = protocol=6 | dir=out | app=c:\program files (x86)\rosetta stone\rosetta stone version 3\support\bin\win\rosettastoneltdservices.exe |
"{CDEB78EB-FE9A-4E06-8DD3-8CCD9C2898F6}" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"{CF44A7BA-1BC0-4C8F-9674-DCBBF8421E5F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D1789401-0632-4533-8B4A-A93DF0F8907F}" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{D4410C53-332C-4ED8-85A7-B8827EFE6283}" = dir=in | app=c:\users\shawlhar\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{D537F940-6B9E-4A24-94E8-455D7B474387}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{E2840EF8-5762-4834-9BFB-FA97CA6CFF38}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{E6B67DDF-A208-4CA5-8A08-47DCB37B4E91}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E78C551B-C876-4435-BCF9-C1FC86660674}" = dir=in | app=c:\program files (x86)\rosetta stone\rosetta stone version 3\support\bin\win\rosettastoneltdservices.exe |
"{E957EB7C-7CAA-4A0A-B1DB-3B62DF3A4D9A}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E9B40CF0-5BD7-47A7-84EF-6C8B441B1C6C}" = protocol=6 | dir=in | app=c:\program files (x86)\research in motion\blackberry desktop\rim.desktop.exe |
"{EA22AAA2-FC9C-453C-9A5C-D2C4F313756B}" = protocol=58 | dir=in | [email protected],-28545 |
"{F1CDD6B3-B796-4450-97EC-691BF47F45EE}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{F35C316E-ECCA-4DC1-8811-38E12AFD268B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F67BA54A-6AF2-4EB2-B65B-DCEC98ECB605}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F7121C46-E4BF-4E60-AB50-F0CF638DD56A}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{FD42B28A-D2FB-468C-9318-270DAA6E2798}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FFA87319-C208-45CE-809E-08F91F54EA46}" = protocol=58 | dir=in | [email protected],-148 |
"TCP Query User{0817F45D-C3DF-4227-91D9-0F74C8703F45}C:\program files (x86)\internet download manager\idman.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet download manager\idman.exe |
"TCP Query User{085DD408-551F-4C95-BE98-B19B9F553B10}C:\users\shawlhar\desktop\halo\haloce (2).exe" = protocol=6 | dir=in | app=c:\users\shawlhar\desktop\halo\haloce (2).exe |
"TCP Query User{086B9F40-C3ED-4977-9605-58A21E125A34}C:\windows\syswow64\javaw.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\javaw.exe |
"TCP Query User{0C632C43-FCDD-40E2-9F95-608B5ADA03A5}C:\program files (x86)\proxomitron naoko-4\proxomitron.exe" = protocol=6 | dir=in | app=c:\program files (x86)\proxomitron naoko-4\proxomitron.exe |
"TCP Query User{19C6767C-BA34-4125-84C0-B0319FF0D126}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{5C3E0AE0-1363-4D4F-919A-5027307568E8}C:\program files (x86)\wyzo\wyzo.exe" = protocol=6 | dir=in | app=c:\program files (x86)\wyzo\wyzo.exe |
"TCP Query User{6BF68736-7527-4A31-B835-7C073FF7EBA6}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{73DEBD2D-7648-4414-B670-933840757BB8}C:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"TCP Query User{742EFB5A-4463-44ED-9981-227D48B08C7D}C:\program files (x86)\connectify\connectify.exe" = protocol=6 | dir=in | app=c:\program files (x86)\connectify\connectify.exe |
"TCP Query User{753E308B-FCE6-4F1F-BFAC-94F138284BA2}C:\wamp\bin\apache\apache2.2.8\bin\httpd.exe" = protocol=6 | dir=in | app=c:\wamp\bin\apache\apache2.2.8\bin\httpd.exe |
"TCP Query User{809EA995-497A-43AC-90D4-DC6021359C26}C:\program files (x86)\tvuplayer\tvuplayer.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tvuplayer\tvuplayer.exe |
"TCP Query User{88CE023B-3E85-42C9-B083-A5FD1277C6D0}C:\program files (x86)\wyzo\wyzo.exe" = protocol=6 | dir=in | app=c:\program files (x86)\wyzo\wyzo.exe |
"TCP Query User{97208170-23CF-462E-BCE3-614777A073BD}C:\program files (x86)\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mirc\mirc.exe |
"TCP Query User{AAD0CF4C-5692-439B-91E5-32D538761A2B}C:\program files (x86)\your freedom\freedom.exe" = protocol=6 | dir=in | app=c:\program files (x86)\your freedom\freedom.exe |
"TCP Query User{AB0E5934-0038-4ACC-B7C9-1926FD855097}C:\program files (x86)\joshsoft corporation\joeadeoye web proxy\joeadeoye web proxy.exe" = protocol=6 | dir=in | app=c:\program files (x86)\joshsoft corporation\joeadeoye web proxy\joeadeoye web proxy.exe |
"TCP Query User{B3AC34B0-D325-47BF-8C36-64E1865E6433}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"TCP Query User{B7B86CAD-5C39-464F-AFF1-2449BDABACCE}C:\windows\system32\wfs.exe" = protocol=6 | dir=in | app=c:\windows\system32\wfs.exe |
"TCP Query User{C9FFFC3A-A390-46AC-AE05-B7AE36060AEB}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
"TCP Query User{CC271300-9B8A-4663-AB8C-C253F674E60E}C:\program files (x86)\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"TCP Query User{CCA96ABB-654A-4D8C-9240-A71A2B9DA3BF}C:\program files (x86)\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mirc\mirc.exe |
"TCP Query User{D3A336CE-76BA-4CAF-BE4C-05270F428F9B}C:\program files (x86)\vuze\azureus.exe" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"TCP Query User{F29139FB-867C-45CA-9D97-A723034D86E4}C:\program files (x86)\your freedom\freedom.exe" = protocol=6 | dir=in | app=c:\program files (x86)\your freedom\freedom.exe |
"TCP Query User{F38F4037-1773-4CB2-B13B-3990D21921B2}C:\users\shawlhar\documents\nfs mw\speed.exe" = protocol=6 | dir=in | app=c:\users\shawlhar\documents\nfs mw\speed.exe |
"UDP Query User{00FB9892-67F6-4477-9DA8-DB8E92068552}C:\program files (x86)\internet download manager\idman.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet download manager\idman.exe |
"UDP Query User{070C3E17-18BB-40A2-9EFF-C2FE48956D32}C:\program files (x86)\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mirc\mirc.exe |
"UDP Query User{08845A0A-E747-46EA-A86D-76623A77496C}C:\program files (x86)\your freedom\freedom.exe" = protocol=17 | dir=in | app=c:\program files (x86)\your freedom\freedom.exe |
"UDP Query User{0B846716-7E5E-4E7B-BA38-187DCD7CCB42}C:\program files (x86)\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"UDP Query User{0D86C88C-0921-4B1D-A99E-9890F4CDA410}C:\program files (x86)\proxomitron naoko-4\proxomitron.exe" = protocol=17 | dir=in | app=c:\program files (x86)\proxomitron naoko-4\proxomitron.exe |
"UDP Query User{1957923D-235D-45C5-BCB3-071E7E1D5C67}C:\program files (x86)\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mirc\mirc.exe |
"UDP Query User{1BD87A48-B708-411F-AB2D-175FE59D7B10}C:\program files (x86)\vuze\azureus.exe" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"UDP Query User{22213FBB-3967-4CC8-84D4-35D624EE4ECC}C:\wamp\bin\apache\apache2.2.8\bin\httpd.exe" = protocol=17 | dir=in | app=c:\wamp\bin\apache\apache2.2.8\bin\httpd.exe |
"UDP Query User{2276B498-1409-40D6-8424-497327985B8E}C:\program files (x86)\connectify\connectify.exe" = protocol=17 | dir=in | app=c:\program files (x86)\connectify\connectify.exe |
"UDP Query User{28564369-1AAB-4FAB-AA29-9A14E1CAC2E8}C:\program files (x86)\joshsoft corporation\joeadeoye web proxy\joeadeoye web proxy.exe" = protocol=17 | dir=in | app=c:\program files (x86)\joshsoft corporation\joeadeoye web proxy\joeadeoye web proxy.exe |
"UDP Query User{3F5E3C54-04B4-45A1-84A9-771BDB066FEC}C:\program files (x86)\wyzo\wyzo.exe" = protocol=17 | dir=in | app=c:\program files (x86)\wyzo\wyzo.exe |
"UDP Query User{50DFDB05-AEC1-4ED9-9078-B8A536A450CC}C:\users\shawlhar\documents\nfs mw\speed.exe" = protocol=17 | dir=in | app=c:\users\shawlhar\documents\nfs mw\speed.exe |
"UDP Query User{5234D5DE-C272-4085-B6EC-DC151F22E2CF}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"UDP Query User{5670ACA7-871B-47ED-AADA-4393189EEC51}C:\program files (x86)\wyzo\wyzo.exe" = protocol=17 | dir=in | app=c:\program files (x86)\wyzo\wyzo.exe |
"UDP Query User{5F99C095-0858-4FC0-B9CA-59B296BD3144}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
"UDP Query User{ACF3360F-9C5D-42AB-A8B6-3CCC8B046C43}C:\windows\system32\wfs.exe" = protocol=17 | dir=in | app=c:\windows\system32\wfs.exe |
"UDP Query User{AE886A24-B667-443E-A72B-E1C305EAF857}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{B195EBC8-37F9-49D8-9A32-683058DBBF4D}C:\users\shawlhar\desktop\halo\haloce (2).exe" = protocol=17 | dir=in | app=c:\users\shawlhar\desktop\halo\haloce (2).exe |
"UDP Query User{DC588E3F-8B54-4BFF-9391-2548CC062FA8}C:\program files (x86)\tvuplayer\tvuplayer.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tvuplayer\tvuplayer.exe |
"UDP Query User{E28C0210-729D-40D9-8955-13086B26B775}C:\program files (x86)\your freedom\freedom.exe" = protocol=17 | dir=in | app=c:\program files (x86)\your freedom\freedom.exe |
"UDP Query User{E48A0546-7F4D-44D6-8247-0E066149BFD9}C:\windows\syswow64\javaw.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\javaw.exe |
"UDP Query User{F4299C6E-AA14-485C-B915-EA408DD36962}C:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"UDP Query User{FD106309-7E84-4B21-8421-8DACDDC0B5BE}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{034106B5-54B7-467F-B477-5B7DBB492624}" = Microsoft Sync Framework Services v1.0 SP1 (x64)
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{08044040-959A-4B0D-8825-2C533F0DDB19}" = Encarta Search Bar (64-bit)
"{0826F9E4-787E-481D-83E0-BC6A57B056D5}" = Microsoft SQL Server VSS Writer
"{0F37D969-1260-419E-B308-EF7D29ABDE20}" = Web Deployment Tool
"{108A39BF-4ED1-4293-B11A-06BD521FB8F7}" = FreeOCR 3.0
"{10F539B1-31AF-43BF-9F0C-0EB66E918922}" = HP Quick Launch
"{13DCC2C7-454D-42F0-A892-E0E9A5DE4E67}" = HP Wireless Assistant
"{1AB7EDC5-D891-34C5-9FF1-BE6A85ACC44B}" = Microsoft Team Foundation Server 2010 Object Model - ENU
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1CB6C387-65A7-327F-B4A5-7DDC75A291AF}" = Microsoft Visual Studio 2010 Office Developer Tools (x64)
"{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}" = Microsoft Sync Services for ADO.NET v2.0 SP1 (x64)
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86416022FF}" = Java™ 6 Update 22 (64-bit)
"{2D7ED2A0-9553-412B-939F-D6E0AEB2ABE1}" = ISO Recorder
"{2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF}" = Sql Server Customer Experience Improvement Program
"{3D676E54-E6F7-4733-9F70-1AE7AFF586C8}" = GlobeTrotter Connect
"{4A8CE6D7-4D52-43B9-970B-03FC75FAD667}" = Microsoft SQL Server System CLR Types (x64)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{5340A3B5-3853-4745-BED2-DD9FF5371331}" = Microsoft SQL Server 2008 Common Files
"{662014D2-0450-37ED-ABAE-157C88127BEB}" = Visual Studio 2010 Prerequisites - English
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{7ACE202B-1B01-4B43-B6AE-03D66D621CDE}" = Microsoft SQL Server 2008 RsFx Driver
"{7F05E704-30A6-421A-97A7-8EEB1C7FF011}" = Corel Shell Extension - 64Bit
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8438EC02-B8A9-462D-AC72-1B521349C001}" = Microsoft Sync Framework Runtime v1.0 SP1 (x64)
"{88BAE373-00F4-3E33-828F-96E89E5E0CB9}" = Microsoft Visual Studio 2010 IntelliTrace Collection (x64)
"{893F27E6-D6BE-4B9F-80E6-0ADA694A31A8}" = Microsoft SQL Server 2008 Common Files
"{8E363055-15E5-4D8A-9C69-A0A9DE9A3337}" = UxStyle Core Beta
"{8FF0ACBD-17A5-3637-95F4-D7C69723E2BF}" = Microsoft Visual Studio 2010 Performance Collection Tools - ENU
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{94D70749-4281-39AC-AD90-B56A0E0A402E}" = Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A1D577BD-692D-4AC9-98DF-8E3C33B792E4}" = Oracle VM VirtualBox 4.1.20
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B40EE88B-400A-4266-A17B-E3DE64E94431}" = Microsoft SQL Server 2008 Setup Support Files
"{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}" = Microsoft SQL Server 2008 Native Client
"{C3600AE6-93A0-3DB7-B7AA-45BD58F133B5}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
"{CC8BA866-16A7-4667-BA0C-C494A1E7B2BF}" = Microsoft SQL Server 2008 Database Engine Shared
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{DA67488A-2689-4F10-B90F-D2F6977509D6}" = Microsoft SQL Server 2008 R2 Management Objects (x64)
"{DF167CE3-60E7-44EA-99EC-2507C51F37AE}" = Microsoft SQL Server 2008 Database Engine Shared
"{F5079164-1DB9-3BDA-853B-F78AF67CE071}" = Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319
"{FA7394B8-CE65-4F9E-AC99-F372AD365424}" = Microsoft SQL Server 2008 Database Engine Services
"{FBD367D1-642F-47CF-B79B-9BE48FB34007}" = Microsoft SQL Server 2008 Database Engine Services
"{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0
"0C5EDC3653FED5B121F464339EAC12534D253B25" = Windows Driver Package - Nokia Modem (02/15/2007 3.1)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"B726756F5B5A5AA9D798B399386FC6205A45F19E" = Windows Driver Package - Nokia Modem (02/15/2007 3.1)
"CCleaner" = CCleaner
"Connectify" = Connectify
"Desktop Icon Toy_is1" = Desktop Icon Toy 4.7
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft SQL Server 10" = Microsoft SQL Server 2008 (64-bit)
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008 (64-bit)
"Microsoft Team Foundation Server 2010 Object Model - ENU" = Microsoft Team Foundation Server 2010 Object Model - ENU
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"SynTPDeinstKey" = Synaptics TouchPad Driver
"TeraCopy_is1" = TeraCopy 2.27
"Theme Resource Changer X64 v1.0" = Theme Resource Changer X64 v1.0
"Tweak-7" = Tweak-7
"WinRAR archiver" = WinRAR 4.20 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{7F05E704-30A6-421A-97A7-8EEB1C7FF010}" = CorelDRAW® Graphics Suite X4
"_{CE2DA11A-917F-4CF5-AB55-755EC115DD10}" = CorelDRAW® Graphics Suite X4 - Windows Shell Extension
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{03046EBB-CB7C-4B98-BEFB-690EB955DA22}" = HP Setup
"{07043840-959A-4B0D-8825-2C533F0DDB19}" = Microsoft Math
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08208143-777D-4A06-BB54-71BF0AD1BB70}" = IPTInstaller
"{09041881-2C94-4A67-8E55-8483C019C7D2}" = Microsoft Student with Encarta Premium 2009
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0DDCEC37-369C-484B-B16D-B4413FD42FB9}" = Microsoft SQL Server 2008 R2 Data-Tier Application Framework
"{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}" = Microsoft Sync Framework SDK v1.0 SP1
"{112C23F2-C036-4D40-BED4-0CB47BF5555C}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
"{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{1798D459-6B8B-474B-868D-1229EADA3B95}" = Adobe AIR
"{1803A630-3C38-4D2B-9B9A-0CB37243539C}" = Microsoft ASP.NET MVC 2
"{1826D0CA-F479-4430-9EFE-86E8E783505B}_is1" = Opera Mobile Emulator
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2012098D-EEE9-4769-8DD3-B038050854D4}" = Microsoft Silverlight 3 SDK
"{26A24AE4-039D-4CA4-87B4-2F83216037FF}" = Java™ 6 Update 37
"{2A2F3AE8-246A-4252-BB26-1BEB45627074}" = Microsoft SQL Server System CLR Types
"{2BF8B295-A214-42AC-B4EC-2AE15E08B0E7}" = HP Documentation
"{2D9FEBEE-F1B7-344F-BFDF-760E18332D96}" = Microsoft Visual Studio 2010 SharePoint Developer Tools
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver
"{31EEA563-3544-4EA1-8773-BCBF83F9627A}" = HP Software Framework
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{38676C9C-270F-43D1-926A-E45DE8820A6B}" = BlackBerry Device Software Updater
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{40416836-56CC-4C0E-A6AF-5C34BADCE483}" = Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools
"{41B31ABE-5A6E-498A-8F28-3BA3B8779A41}" = Dotfuscator Software Services - Community Edition
"{43C0CACD-F9A8-4F17-A84C-0A203B2BAE6D}" = GeekBuddy
"{44A27085-0616-4181-A0C3-81C7ECA17F73}" = CorelDRAW Graphics Suite X4
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4CEEE5D0-F905-4688-B9F9-ECC710507796}" = HTC Driver Installer
"{4E968D9C-21A7-4915-B698-F7AEB913541D}" = Microsoft SQL Server 2008 R2 Management Objects
"{4FFBB818-B13C-11E0-931D-B2664824019B}_is1" = Complitly
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{55EB7967-5BB1-4EA2-8AFF-B2F9E487E553}" = PC Connectivity Solution
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{58F9D852-9443-4955-A1ED-12C9E0504DD0}" = Mavis Beacon Teaches Typing Platinum 20
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A86554B-8928-30E4-A53C-D7337689134D}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319
"{6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3}" = Microsoft Visual Studio Macro Tools
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.1.1
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{729A3000-BC8A-3B74-BA5D-5068FE12D70C}" = Microsoft Visual F# 2.0 Runtime
"{75F3A4B2-F6E8-434D-A2EF-DBBC016C6CB2}" = Learning Essentials for Microsoft Office
"{78C3657E-742C-40B1-9F53-E5A921D40F17}" = Microsoft SQL Server 2008 R2 Transact-SQL Language Service
"{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III
"{7F05E704-30A6-421A-97A7-8EEB1C7FF010}" = CorelDRAW Graphics SUite X4 - ICA
"{7F05E704-30A6-421A-97A7-8EEB1C7FF012}" = CorelDRAW Graphics Suite X4 - Capture
"{7F05E704-30A6-421A-97A7-8EEB1C7FF013}" = CorelDRAW Graphics Suite X4 - Draw
"{7F05E704-30A6-421A-97A7-8EEB1C7FF014}" = CorelDRAW Graphics Suite X4 - PP
"{7F05E704-30A6-421A-97A7-8EEB1C7FF016}" = CorelDRAW Graphics Suite X4 - Content
"{7F05E704-30A6-421A-97A7-8EEB1C7FF017}" = CorelDRAW Graphics Suite X4 - Filters
"{7F05E704-30A6-421A-97A7-8EEB1C7FF019}" = CorelDRAW Graphics Suite X4 - FontNav
"{7F05E704-30A6-421A-97A7-8EEB1C7FF100}" = CorelDRAW Graphics Suite X4 - Lang EN
"{80F7CA44-F3A5-4853-8BA6-DDF57CD4F078}" = Rosetta Stone Version 3
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DC069E7-893C-41E1-9442-DE89FEC33371}" = Xobni Core
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{943E4702-E767-47D8-801F-0C807BCC0601}_is1" = Microsoft Installer
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97B70991-5002-4241-8B0C-D74B8ADEB2B5}" = BlackBerry Desktop Software 7.1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D0798D0-AF6C-4E62-94B1-AEBF1A43E00A}" = CorelDRAW Graphics Suite X4 - IPM
"{9D3D8C60-A55F-4123-B2B9-173F09590E16}" = REALTEK Wireless LAN Driver
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC41D924-8C68-4BD5-A7A1-0AE4176C31A6}" = Crystal Reports for Visual Studio
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4)
"{ACE28263-76A4-4BF5-B6F4-8BD719595969}" = Microsoft SQL Server Database Publishing Wizard 1.4
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF88496B-4BBA-4922-97E9-2582D3A28358}" = Nokia Connectivity Cable Driver
"{B61D21B6-469D-4423-B161-62DB20B8A70E}" = Visual Basic for Applications ® Core - English
"{B78CFC07-B623-4995-ADCC-B2B4D59D083A}" = HTC Sync
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{BC0464FA-A0BA-3E38-85BF-DC5B3A401F48}" = Microsoft Visual Studio 2010 Ultimate - ENU
"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo
"{BF439B41-0252-48DE-8B8B-0430CB26A181}" = CorelDRAW Graphics Suite X4 - VBA
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C5DA59CF-2BB8-48D5-8E5B-17F2E0F0FEE4}" = System Requirements Lab for Intel
"{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser
"{C7231F7C-6530-4E65-ADA6-5B392CF5BEB1}" = Recovery Manager
"{CD9D0827-A6D6-4E2C-B31E-23F01577E27B}" = BlueStacks Notification Center
"{CE2DA11A-917F-4CF5-AB55-755EC115DD10}" = CorelDRAW® Graphics Suite X4 - Windows Shell Extension
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DB24A9E5-A068-43DD-88D0-B51BED3C0B99}" = Nokia Suite
"{DB81779E-7CC5-4630-BCFC-754004956444}" = Visual Basic for Applications ® Core
"{DF2035BE-5820-4965-BD97-7FAF8D4A7879}" = Microsoft_VC90_CRT_x86
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E44578C7-4667-4124-8BC2-1161BCA54978}" = HP Power Manager
"{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1" = Uniblue SpeedUpMyPC
"{E5AE9031-79A5-4627-9641-BEFA82819B08}" = Microsoft SQL Server 2008 R2 Data-Tier Application Project
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{E737A098-F161-4B6F-AF22-86AAE34F6FBD}" = Pro Evolution Soccer 2012
"{ED1BD69A-07E3-418C-91F1-D856582581BF}" = HP On Screen Display
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE202411-2C26-49E8-9784-1BC1DBF7DE96}" = HP Support Assistant
"{F025E1EC-CD19-4159-8E42-2CFB3E8BD599}_is1" = IFX DeskTop Quotes version 1.1
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote v. 4.2.2
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{Microsoft Student 2007_54A0E938-8390-489F-8F1A-563673334DFE}" = Microsoft Student 2007 for Learning Essentials
"7tsp_GUI" = 7tsp v0.3 Build(3003)
"8461-7759-5462-8226" = Vuze
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Airtel Mobile Internet" = Airtel Mobile Internet
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.14 (Unicode)
"BitComet_x64" = BitComet 1.32 64-bit
"BitTorrent" = BitTorrent
"BlackBerry_Desktop" = BlackBerry Desktop Software 7.1
"BlueStacks App Player" = BlueStacks App Player
"Cheatbook 10.2011" = Cheatbook 10.2011
"Comodo Dragon" = Comodo Dragon
"Driver Genius_is1" = Driver Genius
"DVD Decrypter" = DVD Decrypter (Remove Only)
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FLV Player" = FLV Player 2.0 (build 25)
"FX Graph 4_is1" = FX Graph 4
"Game Booster_is1" = Game Booster 3
"GLO 3G PLUS" = GLO 3G PLUS
"GLO NETPRO" = GLO NETPRO
"HxD Hex Editor_is1" = HxD Hex Editor version 1.7.7.0
"iCall 7.1.522" = iCall
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III
"Internet Download Manager" = Internet Download Manager
"JoeAdeoye Web Proxy 1.70" = JoeAdeoye Web Proxy 1.70
"KLiteCodecPack_is1" = K-Lite Codec Pack 9.5.5 (Full)
"MetaTrader - Finexo" = MetaTrader - Finexo
"Microsoft Visual Studio 2010 Ultimate - ENU" = Microsoft Visual Studio 2010 Ultimate - ENU
"Microsoft Visual Studio Macro Tools" = Microsoft Visual Studio Macro Tools
"mIRC" = mIRC
"Mortal Kombat 4_is1" = Mortal Kombat 4 - www.classic-gaming.net
"Mortal Kombat 5 5" = Mortal Kombat 5 5
"Mozilla Firefox 19.0.2 (x86 en-US)" = Mozilla Firefox 19.0.2 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP3 Cutter_is1" = MP3 Cutter 1.9
"NAV" = Norton AntiVirus
"Network Stumbler" = Network Stumbler 0.4.0 (remove only)
"Nmap" = Nmap 6.01
"Nokia Suite" = Nokia Suite
"Notepad++" = Notepad++
"NST" = Norton Identity Safe
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"Opera 12.11.1661" = Opera 12.11
"pcsx2-r4600" = PCSX2 - Playstation 2 Emulator
"PhotoScape" = PhotoScape
"Proxifier_is1" = Proxifier version 3.21
"Raptr" = Raptr
"ReadingFanatic_6xbar Uninstall" = ReadingFanatic Toolbar
"Resident Evil 4" = Resident Evil 4
"Scrabble™ Interactive 2009 Edition_is1" = Scrabble™ Interactive 2009 Edition
"Search Toolbar" = Search Toolbar
"SopCast" = SopCast 3.5.0
"SpeedBit Video Accelerator" = SpeedBit Video Accelerator
"Switch" = Switch Sound File Converter
"The Proxomitron - Universal Web Filter_is1" = The Proxomitron Ver. Naoko-4.5
"Total Video Converter 3.11_is1" = Total Video Converter 3.11
"TVUPlayer" = TVUPlayer 2.5.3.1
"UnLock Phone" = UnLock Phone 1.1
"Updater Service" = Updater Service
"Uploader" = Uploader
"uTorrent" = µTorrent
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 2.0.1
"Vuze Turbo Accelerator" = Vuze Turbo Accelerator
"WampServer 2_is1" = WampServer 2.0
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.2
"Wireshark" = Wireshark 1.8.2 (64-bit)
"WT087328" = Blackhawk Striker 2
"WT089308" = Blasterball 3
"WT089362" = Agatha Christie - Peril at End House
"WT089453" = Bejeweled 2 Deluxe
"WT089458" = Plants vs. Zombies - Game of the Year
"WT089470" = FATE - The Traitor Soul
"WT089484" = Namco All-Stars PAC-MAN
"WT089496" = Mystery P.I. - Stolen in San Francisco
"WT089498" = Bejeweled 3
"Wubi" = Linux Mint
"Wyzo" = Wyzo
"XobniMain" = Xobni
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
"Your_Deploy_0" = Your Freedom 20121126-01
"Zuma Deluxe RA" = Zuma Deluxe RA

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 16-Mar-13 11:56:10 | Computer Name = Shawlhar-HP | Source = Google Update | ID = 20
Description =

Error - 16-Mar-13 15:40:29 | Computer Name = Shawlhar-HP | Source = Google Update | ID = 20
Description =

Error - 17-Mar-13 00:43:42 | Computer Name = Shawlhar-HP | Source = Google Update | ID = 20
Description =

Error - 17-Mar-13 04:30:17 | Computer Name = Shawlhar-HP | Source = Google Update | ID = 20
Description =

Error - 17-Mar-13 05:56:09 | Computer Name = Shawlhar-HP | Source = Google Update | ID = 20
Description =

Error - 17-Mar-13 08:56:22 | Computer Name = Shawlhar-HP | Source = Google Update | ID = 20
Description =

Error - 17-Mar-13 11:56:07 | Computer Name = Shawlhar-HP | Source = Google Update | ID = 20
Description =

Error - 18-Mar-13 00:51:11 | Computer Name = Shawlhar-HP | Source = Google Update | ID = 20
Description =

Error - 18-Mar-13 03:08:01 | Computer Name = Shawlhar-HP | Source = Google Update | ID = 20
Description =

Error - 18-Mar-13 05:56:14 | Computer Name = Shawlhar-HP | Source = Google Update | ID = 20
Description =

Error - 18-Mar-13 08:56:09 | Computer Name = Shawlhar-HP | Source = Google Update | ID = 20
Description =

[ Hewlett-Packard Events ]
Error - 07-Jan-13 10:57:51 | Computer Name = Shawlhar-HP | Source = HPSF.exe | ID = 4000
Description =

Error - 07-Jan-13 10:59:32 | Computer Name = Shawlhar-HP | Source = HPSF.exe | ID = 4000
Description =

Error - 07-Jan-13 11:38:28 | Computer Name = Shawlhar-HP | Source = HPSF.exe | ID = 4000
Description =

Error - 07-Jan-13 11:38:43 | Computer Name = Shawlhar-HP | Source = HPSF.exe | ID = 4000
Description =

Error - 08-Jan-13 03:39:35 | Computer Name = Shawlhar-HP | Source = HPSF.exe | ID = 4000
Description =

Error - 08-Jan-13 03:40:25 | Computer Name = Shawlhar-HP | Source = HPSF.exe | ID = 4000
Description =

Error - 02-Feb-13 03:42:22 | Computer Name = Shawlhar-HP | Source = HPSFMsgr.exe | ID = 4000
Description = HP Error ID: -2147221164 at System.RuntimeTypeHandle.CreateInstance(RuntimeType
type, Boolean publicOnly, Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle&
ctor, Boolean& bNeedSecurityCheck) at System.RuntimeType.CreateInstanceSlow(Boolean
publicOnly, Boolean fillCache) at System.RuntimeType.CreateInstanceImpl(Boolean
publicOnly, Boolean skipVisibilityChecks, Boolean fillCache) at System.Activator.CreateInstance(Type
type, Boolean nonPublic) at HPSA_Messenger.MessengerCom.TrayDeskBand.isTaskbarDisplayed()
StackTrace:
at System.RuntimeTypeHandle.CreateInstance(RuntimeType type, Boolean publicOnly,
Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle& ctor, Boolean& bNeedSecurityCheck)

at System.RuntimeType.CreateInstanceSlow(Boolean publicOnly, Boolean fillCache)

at System.RuntimeType.CreateInstanceImpl(Boolean publicOnly, Boolean skipVisibilityChecks,
Boolean fillCache) at System.Activator.CreateInstance(Type type, Boolean nonPublic)

at HPSA_Messenger.MessengerCom.TrayDeskBand.isTaskbarDisplayed() Source: mscorlib

Name:
HPSFMsgr.exe Version: 01.00.00.00 Path: C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe Format: en-US RAM: 3893 Ram
Utilization: 40 TargetSite: System.Object CreateInstance(System.RuntimeType, Boolean,
Boolean, Boolean ByRef, System.RuntimeMethodHandle ByRef, Boolean ByRef)

Error - 10-Feb-13 13:57:41 | Computer Name = Shawlhar-HP | Source = HPSFMsgr.exe | ID = 4000
Description = HP Error ID: -2147221164 at System.RuntimeTypeHandle.CreateInstance(RuntimeType
type, Boolean publicOnly, Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle&
ctor, Boolean& bNeedSecurityCheck) at System.RuntimeType.CreateInstanceSlow(Boolean
publicOnly, Boolean fillCache) at System.RuntimeType.CreateInstanceImpl(Boolean
publicOnly, Boolean skipVisibilityChecks, Boolean fillCache) at System.Activator.CreateInstance(Type
type, Boolean nonPublic) at HPSA_Messenger.MessengerCom.TrayDeskBand.isTaskbarDisplayed()
StackTrace:
at System.RuntimeTypeHandle.CreateInstance(RuntimeType type, Boolean publicOnly,
Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle& ctor, Boolean& bNeedSecurityCheck)

at System.RuntimeType.CreateInstanceSlow(Boolean publicOnly, Boolean fillCache)

at System.RuntimeType.CreateInstanceImpl(Boolean publicOnly, Boolean skipVisibilityChecks,
Boolean fillCache) at System.Activator.CreateInstance(Type type, Boolean nonPublic)

at HPSA_Messenger.MessengerCom.TrayDeskBand.isTaskbarDisplayed() Source: mscorlib

Name:
HPSFMsgr.exe Version: 01.00.00.00 Path: C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe Format: en-US RAM: 3893 Ram
Utilization: 40 TargetSite: System.Object CreateInstance(System.RuntimeType, Boolean,
Boolean, Boolean ByRef, System.RuntimeMethodHandle ByRef, Boolean ByRef)

Error - 16-Feb-13 04:26:13 | Computer Name = Shawlhar-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Message:
Object reference not set to an instance of an object. StackTrace: at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Source:
HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US RAM: 3893
Ram
Utilization: 50 TargetSite: HP.SupportFramework.HPSFReporting._Property[] AddNavigationProperties()


Error - 16-Feb-13 08:12:08 | Computer Name = Shawlhar-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Message:
Object reference not set to an instance of an object. StackTrace: at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Source:
HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US RAM: 3893
Ram
Utilization: 50 TargetSite: HP.SupportFramework.HPSFReporting._Property[] AddNavigationProperties()


[ HP Wireless Assistant Events ]
Error - 13-Feb-13 03:07:51 | Computer Name = Shawlhar-HP | Source = HP WA Application | ID = 0
Description = MainWindow.ShowImpl; not initialized, closing application...

Error - 13-Feb-13 07:41:55 | Computer Name = Shawlhar-HP | Source = HP WA Service | ID = 0
Description = System.TypeInitializationException The type initializer for 'hpCASL.ChpCaslWireless'
threw an exception. at hpCASL.ChpCaslWireless..ctor() at HP_Common.CaslWrapper.get_CaslWireless()

at HP_Common.CaslWrapper.GetDeviceInfo(List`1& radioList) at HPPA_Service.CurrentConfiguration.ReloadRadioList()

Error - 13-Feb-13 07:41:55 | Computer Name = Shawlhar-HP | Source = HP WA Service | ID = 0
Description = System.TypeInitializationException The type initializer for 'hpCASL.ChpCASL'
threw an exception. at hpCASL.ChpCASL.c()

Error - 13-Feb-13 07:41:55 | Computer Name = Shawlhar-HP | Source = HP WA Service | ID = 0
Description = System.Exception Calling process C:\Program Files\Hewlett-Packard\HP
Wireless Assistant\HPWA_Service.exe does not have a valid signature. HP CASL loading
aborted at hpCASL.ChpCASL.a()

Error - 13-Feb-13 07:41:55 | Computer Name = Shawlhar-HP | Source = HP WA Service | ID = 0
Description = System.TypeInitializationException The type initializer for 'hpCASL.ChpCaslEvents'
threw an exception. at hpCASL.ChpCaslEvents..ctor() at HP_Common.CaslWrapper.Register(EventArrivedEventHandler
handler) at HPPA_Service.CurrentConfiguration..ctor()

Error - 13-Feb-13 07:41:55 | Computer Name = Shawlhar-HP | Source = HP WA Service | ID = 0
Description = System.TypeInitializationException The type initializer for 'hpCASL.ChpCASL'
threw an exception. at hpCASL.ChpCASL.c()

Error - 13-Feb-13 07:41:55 | Computer Name = Shawlhar-HP | Source = HP WA Service | ID = 0
Description = System.Exception Calling process C:\Program Files\Hewlett-Packard\HP
Wireless Assistant\HPWA_Service.exe does not have a valid signature. HP CASL loading
aborted at hpCASL.ChpCASL.a()

Error - 13-Feb-13 07:42:01 | Computer Name = Shawlhar-HP | Source = HP WA Service | ID = 0
Description = System.TypeInitializationException ServiceWorkerMethod ABORTED! - The
type initializer for 'hpCASL.ChpCaslSystem' threw an exception. at hpCASL.ChpCaslSystem..ctor()

at HP_Common.CaslWrapper.GetSystemID(String& systemID) at HPPA_Service.CurrentConfiguration..ctor()

at HPPA_Service.HPPA_Service.ServiceWorkerMethod()

Error - 13-Feb-13 07:42:01 | Computer Name = Shawlhar-HP | Source = HP WA Service | ID = 0
Description = System.TypeInitializationException ServiceWorkerMethod ABORTED! - The
type initializer for 'hpCASL.ChpCASL' threw an exception. at hpCASL.ChpCASL.c()

Error - 13-Feb-13 07:42:01 | Computer Name = Shawlhar-HP | Source = HP WA Service | ID = 0
Description = System.Exception ServiceWorkerMethod ABORTED! - Calling process C:\Program
Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe does not have a valid
signature. HP CASL loading aborted at hpCASL.ChpCASL.a()

[ Media Center Events ]
Error - 24-Oct-12 19:26:37 | Computer Name = Shawlhar-HP | Source = MCUpdate | ID = 0
Description = 00:26:36 - Error connecting to the internet. 00:26:36 - Unable
to contact server..

Error - 29-Oct-12 01:56:59 | Computer Name = Shawlhar-HP | Source = MCUpdate | ID = 0
Description = 06:56:59 - Error connecting to the internet. 06:56:59 - Unable
to contact server..

Error - 05-Nov-12 22:48:17 | Computer Name = Shawlhar-HP | Source = MCUpdate | ID = 0
Description = 03:48:16 - Error connecting to the internet. 03:48:17 - Unable
to contact server..

Error - 12-Nov-12 03:06:29 | Computer Name = Shawlhar-HP | Source = MCUpdate | ID = 0
Description = 08:06:27 - Error connecting to the internet. 08:06:27 - Unable
to contact server..

Error - 19-Nov-12 03:42:40 | Computer Name = Shawlhar-HP | Source = MCUpdate | ID = 0
Description = 08:42:39 - Error connecting to the internet. 08:42:39 - Unable
to contact server..

Error - 26-Nov-12 18:11:55 | Computer Name = Shawlhar-HP | Source = MCUpdate | ID = 0
Description = 23:11:54 - Error connecting to the internet. 23:11:55 - Unable
to contact server..

Error - 01-Dec-12 23:07:27 | Computer Name = Shawlhar-HP | Source = MCUpdate | ID = 0
Description = 04:06:41 - Error connecting to the internet. 04:06:47 - Unable
to contact server..

Error - 09-Dec-12 05:15:12 | Computer Name = Shawlhar-HP | Source = MCUpdate | ID = 0
Description = 10:15:11 - Error connecting to the internet. 10:15:11 - Unable
to contact server..

Error - 14-Dec-12 08:31:50 | Computer Name = Shawlhar-HP | Source = MCUpdate | ID = 0
Description = 13:31:49 - Error connecting to the internet. 13:31:49 - Unable
to contact server..

Error - 27-Dec-12 08:10:49 | Computer Name = Shawlhar-HP | Source = MCUpdate | ID = 0
Description = 13:10:49 - Error connecting to the internet. 13:10:49 - Unable
to contact server..

[ System Events ]
Error - 15-Mar-13 21:58:59 | Computer Name = Shawlhar-HP | Source = Service Control Manager | ID = 7000
Description = The Intel® Rapid Storage Technology service failed to start due
to the following error: %%1053

Error - 15-Mar-13 22:01:36 | Computer Name = Shawlhar-HP | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = WLAN Extensibility Module has failed to start. Module Path: C:\Windows\system32\Rtlihvs.dll
Error
Code: 126

Error - 15-Mar-13 22:01:55 | Computer Name = Shawlhar-HP | Source = Service Control Manager | ID = 7023
Description = The BlueStacks Android Service service terminated with the following
error: %%1064

Error - 15-Mar-13 22:12:23 | Computer Name = Shawlhar-HP | Source = Service Control Manager | ID = 7022
Description = The Windows Update service hung on starting.

Error - 15-Mar-13 22:34:24 | Computer Name = Shawlhar-HP | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR10.

Error - 16-Mar-13 07:38:25 | Computer Name = Shawlhar-HP | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the SysMain service.

Error - 16-Mar-13 08:09:52 | Computer Name = Shawlhar-HP | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR31.

Error - 17-Mar-13 07:01:22 | Computer Name = Shawlhar-HP | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR96.

Error - 18-Mar-13 00:50:43 | Computer Name = Shawlhar-HP | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the HWDeviceService64.exe service.

Error - 18-Mar-13 11:45:28 | Computer Name = Shawlhar-HP | Source = ipnathlp | ID = 31004
Description =


< End of report >

PS:the system seems to gain a little speed once i keep it on for a while but it slips back once i restart or wake it from hibernation.
  • 0

Advertisements


#2
1972vet

1972vet

    Trusted Helper

  • Malware Removal
  • 99 posts
Greetings whizzhard and Welcome to the Forums,

Please uninstall these:
BitComet
BitTorrent
uTorrent
Vuze

...Reboot the system when the uninstalls are complete.

Next, please disable the active protection component of your antivirus and antispyware programs by following the directions that apply Here.

Next, please download the free utility DDS from any of these locations...Here, Here...or Here.
Note - Some infections may prevent certain executable files from running on your computer. If one of these download locations results in a failed run of the utility, please try the next location until you find one that will work on your machine
If the first download link above worked well for you, then you should have the dds.scr utility on the desktop. Double click dds.scr to run the tool
  • When it completes, DDS will open two (2) logs:
    • DDS.txt
    • Attach.txt
  • Save both reports to your desktop.
Please remember to include the following logs in your next reply.
  • DDS.txt
  • Attach.txt

  • 0

#3
whizzhard

whizzhard

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
Thanks man for your quick reply, i have followed the steps above
Maybe this might help also, I noticed that some icons does not show on my taskbar and also in the icon tray, there are times the battery icon or wlan icon wont come up after startup though they later do if i restart the system, i'm sorry i forgot to include this initially
Thankz a zillion times for your help and time.these are the logs
DDS
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16521 BrowserJavaVersion: 1.6.0_37
Run by Shawlhar at 18:55:16 on 2013-03-19
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3894.1270 [GMT 1:00]
.
AV: Norton AntiVirus *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton AntiVirus *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\UnsignedThemesSvc.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\spoolsv.exe
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
C:\Program Files (x86)\Connectify\ConnectifyService.exe
C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe
C:\ProgramData\DatacardService\HWDeviceService64.exe
C:\Program Files (x86)\Connectify\ConnectifyD.exe
C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
C:\Program Files (x86)\Norton AntiVirus\Engine\20.3.0.36\ccSvcHst.exe
C:\Program Files (x86)\Norton Identity Safe\Engine\2013.1.0.32\ccSvcHst.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\System32\alg.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Norton Identity Safe\Engine\2013.1.0.32\ccSvcHst.exe
C:\Program Files (x86)\Norton AntiVirus\Engine\20.3.0.36\ccSvcHst.exe
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Connectify\Connectify.exe
C:\Program Files (x86)\Connectify\DispatchUI.exe
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Users\Shawlhar\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Users\Shawlhar\AppData\Roaming\Adobe\Plugins\adobe_plugin.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\BlueStacks\HD-Agent.exe
C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\Macromed\Flash\FlashUtil64_11_2_202_235_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Windows\System32\MsSpellCheckingFacility.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.bing.com/?pc=Z008&form=ZGAPHP
uProxyServer = 127.0.0.1:8080
uProxyOverride = <local>
uURLSearchHooks: <No Name>: {421fb3de-4b9f-48e5-abf1-f96f8aaca70a} - C:\Program Files (x86)\ReadingFanatic_6x\bar\1.bin\6xSrcAs.dll
mWinlogon: Userinit = C:\Windows\SysWOW64\userinit.exe,
BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
BHO: Complitly: {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Shawlhar\AppData\Roaming\Complitly\Complitly.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Search Assistant BHO: {2d948797-8fe3-4508-9b6f-4bf349a9ea34} - C:\Program Files (x86)\ReadingFanatic_6x\bar\1.bin\6xSrcAs.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\20.3.0.36\ips\ipsbho.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Search Toolbar: {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll
BHO: Norton Identity Protection: {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.1.0.32\CoIEPlg.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: Microsoft Web Test Recorder 10.0 Helper: {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - c:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
BHO: Toolbar BHO: {f149b372-5830-4d88-b8f6-2853d12c1af5} - C:\Program Files (x86)\ReadingFanatic_6x\bar\1.bin\6xbar.dll
BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
TB: Norton Identity Safe Toolbar: {A13C2648-91D4-4BF3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.1.0.32\CoIEPlg.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
TB: WebScout FileBulldog Toolbar: {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files (x86)\WebScout FileBulldog Toolbar\tbcore3.dll
TB: Search Toolbar: {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll
TB: ReadingFanatic: {b36151d1-7770-4480-87e4-f89fb54e173d} - C:\Program Files (x86)\ReadingFanatic_6x\bar\1.bin\6xbar.dll
TB: Norton Identity Safe Toolbar: {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.1.0.32\CoIEPlg.dll
EB: Web Test Recorder 10.0: {5802D092-1784-4908-8CDB-99B6842D353D} -
uRun: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
uRun: [AdobePlugins] wscript "C:\Users\Shawlhar\AppData\Roaming\Adobe\Plugins\invis.vbs" "C:\Users\Shawlhar\AppData\Roaming\Adobe\Plugins\bat.bat"
uRun: [Google Update] "C:\Users\Shawlhar\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [DesktopIconToy] C:\Program Files\Desktop Icon Toy\DesktopIconToy.exe
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
mRun: [gbrspcontrol] "C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe" -controlservice -slave
mRun: [Driver Genius] <no file>
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\STARTG~1.LNK - C:\Program Files (x86)\Comodo\GeekBuddy\launcher.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:149
uPolicies-Explorer: NoDriveAutoRun = dword:0
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: NoDrives = dword:65536
mPolicies-Explorer: NoDriveTypeAutoRun = dword:28
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-Windows\System: UseOEMBackground = dword:1
IE: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm
IE: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Send To &Bluetooth - <no file>
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - {552781AF-37E4-4FEE-920A-CED9E648EADD}
LSP: C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll
LSP: %SystemRoot%\system32\PrxerDrv.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
TCP: NameServer = 198.6.1.2 4.2.2.2 8.8.8.8
TCP: Interfaces\{00004DDE-21E3-4787-9349-6D4B8998527F} : DHCPNameServer = 192.168.42.129
TCP: Interfaces\{141A3F81-F276-4A08-9819-353D6DAA02E6} : NameServer = 10.71.165.25
TCP: Interfaces\{1809B326-59FA-4B2B-96FF-0B1CED3F066A} : DHCPNameServer = 198.6.1.2 4.2.2.2 8.8.8.8
TCP: Interfaces\{1809B326-59FA-4B2B-96FF-0B1CED3F066A}\348454D4943414C40254E47425021405 : DHCPNameServer = 198.6.1.2 4.2.2.2 8.8.8.8
TCP: Interfaces\{1809B326-59FA-4B2B-96FF-0B1CED3F066A}\348454D4943545259502140513 : DHCPNameServer = 172.28.0.1 198.6.1.2 8.8.8.8
TCP: Interfaces\{1809B326-59FA-4B2B-96FF-0B1CED3F066A}\34F4D43594450214050223 : DHCPNameServer = 172.32.0.1 198.6.1.2 8.8.8.8
TCP: Interfaces\{1809B326-59FA-4B2B-96FF-0B1CED3F066A}\7454F4C4F474950214050223 : DHCPNameServer = 198.6.1.2 4.2.2.2 8.8.8.8
TCP: Interfaces\{1809B326-59FA-4B2B-96FF-0B1CED3F066A}\94D40554259414C494E4455425E45445 : DHCPNameServer = 192.168.5.2 8.8.8.8 217.117.15.106
TCP: Interfaces\{32DB6BF4-4C50-4790-B708-6C6921136CD9} : NameServer = 172.24.8.50 141.1.1.1
TCP: Interfaces\{8784BAD3-0F16-4198-95E4-C07A58FF16C3} : NameServer = 172.24.8.50 141.1.1.1
TCP: Interfaces\{AC0F8338-EC1E-4573-B39C-55D11969FA30} : NameServer = 172.24.8.50 141.1.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
x64-BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll
x64-BHO: Complitly: {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Shawlhar\AppData\Roaming\Complitly\64\Complitly64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [HP Quick Launch] C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
x64-Run: [Connectify Hotspot] C:\Program Files (x86)\Connectify\Connectify.exe autorun
x64-Run: [Connectify Dispatch] C:\Program Files (x86)\Connectify\DispatchUI.exe autorun
x64-IE: {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - {552781AF-37E4-4FEE-920A-CED9E648EADD}
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-STS: CThemeResourceChangerObject Class - {F791A188-699D-4FD4-955A-EB59E89B1907} - \Program Files\Theme Resource Changer\ThemeResourceChanger.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Shawlhar\AppData\Roaming\Mozilla\Firefox\Profiles\ic548cx7.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - about:blank
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=Z008&form=ZGAADF&q=
FF - prefs.js: network.proxy.ftp - 127.0.0.1
FF - prefs.js: network.proxy.ftp_port - 8080
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 8080
FF - prefs.js: network.proxy.socks - 127.0.0.1
FF - prefs.js: network.proxy.socks_port - 8080
FF - prefs.js: network.proxy.ssl - 127.0.0.1
FF - prefs.js: network.proxy.ssl_port - 8080
FF - prefs.js: network.proxy.type - 4
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll
FF - plugin: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\ReadingFanatic_6x\bar\1.bin\NP6xStub.dll
FF - plugin: C:\Program Files (x86)\TVUPlayer\npTVUAx.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Shawlhar\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Users\Shawlhar\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\NAVx64\1403000.024\symds64.sys [2013-3-7 493656]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NAVx64\1403000.024\symefa64.sys [2013-3-7 1139800]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\BASHDefs\20130301.001\BHDrvx64.sys [2013-3-7 1388120]
R1 ccSet_NAV;Norton AntiVirus Settings Manager;C:\Windows\System32\drivers\NAVx64\1403000.024\ccsetx64.sys [2013-3-7 168096]
R1 ccSet_NST;Norton Identity Safe Settings Manager;C:\Windows\System32\drivers\NSTx64\7DD01000.020\ccSetx64.sys [2013-1-17 168096]
R1 cnnctfy3;Connectify LightWeight Filter;C:\Windows\System32\drivers\cnnctfy3.sys [2013-3-15 34840]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\IPSDefs\20130316.002\IDSviA64.sys [2013-3-19 513184]
R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\NAVx64\1403000.024\ironx64.sys [2013-3-7 224416]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\NAVx64\1403000.024\symnets.sys [2013-3-7 432800]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2011-8-5 98208]
R2 BstHdDrv;BlueStacks Hypervisor;C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2013-2-15 71032]
R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2013-2-15 384888]
R2 CLPSLauncher;COMODO LPS Launcher;C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe [2012-12-19 70352]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-8 123856]
R2 Connectify;Connectify;C:\Program Files (x86)\Connectify\ConnectifyService.exe [2013-3-15 217088]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2010-2-28 821664]
R2 DragonUpdater;COMODO Dragon Update Service;C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2013-3-12 2074768]
R2 GeekBuddyRSP;GeekBuddyRSP Service;C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe [2012-11-26 1851088]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]
R2 HWDeviceService64.exe;HWDeviceService64.exe;C:\ProgramData\DatacardService\HWDeviceService64.exe [2011-3-14 346976]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-8-5 13592]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-8-5 1817088]
R2 IDMWFP;IDMWFP;C:\Windows\System32\drivers\idmwfp.sys [2013-3-1 165112]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-3-18 398184]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-3-18 682344]
R2 NAV;Norton AntiVirus;C:\Program Files (x86)\Norton AntiVirus\Engine\20.3.0.36\ccsvchst.exe [2013-3-7 144520]
R2 NCO;Norton Identity Safe;C:\Program Files (x86)\Norton Identity Safe\Engine\2013.1.0.32\ccSvcHst.exe [2013-1-17 143928]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-4-24 483688]
R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-8-5 2320920]
R2 UnsignedThemes;Unsigned Themes;C:\Windows\UnsignedThemesSvc.exe [2009-7-13 24168]
R2 uxpatch;uxpatch;C:\Windows\System32\drivers\uxpatch.sys [2009-7-13 30568]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2011-2-10 31088]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-2-2 138912]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344]
R3 huawei_enumerator;huawei_enumerator;C:\Windows\System32\drivers\ew_jubusenum.sys [2012-10-11 87040]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-8-30 289280]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-3-18 24176]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2011-8-5 335464]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-8-5 436840]
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\System32\drivers\rtl8192ce.sys [2011-8-5 878184]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2010-4-24 721768]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2010-4-24 269672]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2010-4-24 25960]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2010-4-24 22376]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-4-24 209768]
S2 BstHdAndroidSvc;BlueStacks Android Service;C:\Program Files (x86)\BlueStacks\HD-Service.exe [2013-2-15 393080]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:\Windows\System32\drivers\ew_hwusbdev.sys [2012-10-11 117248]
S3 ew_usbenumfilter;huawei_CompositeFilter;C:\Windows\System32\drivers\ew_usbenumfilter.sys [2012-10-11 13952]
S3 ewusbmbb;HUAWEI USB-WWAN miniport;C:\Windows\System32\drivers\ewusbwwan.sys [2012-10-11 421888]
S3 GT72NDISIPXP;GT 72 IP NDIS;C:\Windows\System32\drivers\Gt51Ip.sys [2007-11-13 124416]
S3 GT72UBUS;GT 72 U BUS;C:\Windows\System32\drivers\gt72ubus.sys [2007-10-9 80896]
S3 HTCAND64;HTC Device Driver;C:\Windows\System32\drivers\ANDROIDUSB.sys [2009-11-2 33736]
S3 htcnprot;HTC NDIS Protocol Driver;C:\Windows\System32\drivers\htcnprot.sys [2010-6-25 36928]
S3 huawei_cdcacm;huawei_cdcacm;C:\Windows\System32\drivers\ew_jucdcacm.sys [2012-10-11 98304]
S3 huawei_ext_ctrl;huawei_ext_ctrl;C:\Windows\System32\drivers\ew_juextctrl.sys [2012-10-11 28672]
S3 huawei_wwanecm;huawei_wwanecm;C:\Windows\System32\drivers\ew_juwwanecm.sys [2012-10-11 223744]
S3 nmwcdnsucx64;Nokia USB Flashing Generic;C:\Windows\System32\drivers\nmwcdnsucx64.sys [2011-8-17 12800]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent;C:\Windows\System32\drivers\nmwcdnsux64.sys [2011-8-17 171008]
S3 qcusbser;Mobile Connector;C:\Windows\System32\drivers\qcusbser.sys [2008-9-1 118144]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-27 19456]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 ToolkitDisk;ToolkitDisk;C:\Windows\System32\drivers\toolkitdisk.sys [2011-11-5 62552]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-11-27 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-11-27 30208]
S3 VSPerfDrv100;Performance Tools Driver 10.0;C:\Program Files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [2010-3-17 68440]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-10-26 1255736]
S4 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S4 GLO NETPRO. RunOuc;GLO NETPRO. OUC;C:\Program Files (x86)\GLO NETPRO\UpdateDog\ouc.exe [2012-10-11 655712]
S4 GtDetectSc;GtDetectSc;C:\Program Files (x86)\Option\GlobeTrotter Connect\GtDetectSc.exe [2007-12-18 312320]
S4 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-7-21 103992]
S4 HPWMISVC;HPWMISVC;C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-1-18 20480]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-7-22 61976]
S4 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-12-7 167424]
S4 ReadingFanatic_6xService;ReadingFanaticService;C:\PROGRA~2\READIN~2\bar\1.bin\6xbarsvc.exe [2012-11-13 42504]
S4 RsFx0103;RsFx0103 Driver;C:\Windows\System32\drivers\RsFx0103.sys [2009-3-30 311656]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-3-30 427880]
S4 Tweak7SystemService;Tweak7SystemService;C:\Windows\System32\Tweak7SystemService.exe [2012-4-25 89824]
S4 VideoAcceleratorService;VideoAcceleratorService;C:\PROGRA~2\SPEEDB~2\VideoAcceleratorService.exe -start -scm --> C:\PROGRA~2\SPEEDB~2\VideoAcceleratorService.exe -start -scm [?]
S4 XobniService;XobniService;C:\Program Files (x86)\Xobni\XobniService.exe [2011-2-25 62184]
.
=============== File Associations ===============
.
FileExt: .vbs: Applications\notepad.exe=C:\Windows\System32\NOTEPAD.EXE %1 [UserChoice]
FileExt: .js: JSFile=C:\Windows\System32\WScript.exe "%1" %* [UserChoice]
.
=============== Created Last 30 ================
.
2013-03-19 17:29:37 -------- d--h--w- C:\Windows\AxInstSV
2013-03-19 17:16:43 2776576 ----a-w- C:\Windows\System32\msmpeg2vdec.dll
2013-03-19 17:03:14 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2013-03-19 17:02:45 46592 ----a-w- C:\Windows\SysWow64\fpb.rs
2013-03-19 07:00:36 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2013-03-19 07:00:36 2048 ----a-w- C:\Windows\System32\tzres.dll
2013-03-19 06:43:55 5553512 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-03-19 06:43:53 3967848 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-03-19 06:43:52 3913064 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-03-19 06:43:32 288088 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2013-03-19 06:43:32 1913192 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-03-19 06:16:23 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-03-19 06:16:23 215040 ----a-w- C:\Windows\System32\winsrv.dll
2013-03-19 06:16:23 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-03-19 06:16:22 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-03-19 06:16:22 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-03-19 06:16:21 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-03-19 05:57:54 0 ----a-w- C:\Windows\SysWow64\shoD8AD.tmp
2013-03-19 05:27:46 3153408 ----a-w- C:\Windows\System32\win32k.sys
2013-03-19 05:23:43 19968 ----a-w- C:\Windows\System32\drivers\usb8023x.sys
2013-03-19 05:23:43 19968 ----a-w- C:\Windows\System32\drivers\usb8023.sys
2013-03-18 18:58:37 -------- d-----w- C:\Users\Shawlhar\AppData\Roaming\Malwarebytes
2013-03-18 18:58:19 -------- d-----w- C:\ProgramData\Malwarebytes
2013-03-18 18:58:17 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-03-18 18:58:17 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-03-15 14:50:55 47368 ----a-w- C:\Windows\SysWow64\certsentry.dll
2013-03-15 14:50:52 56072 ----a-w- C:\Windows\System32\certsentry.dll
2013-03-15 13:39:36 -------- d-----w- C:\Program Files (x86)\Driver-Soft
2013-03-14 23:36:08 34840 ----a-w- C:\Windows\System32\drivers\cnnctfy3.sys
2013-03-14 23:33:36 -------- d-----w- C:\Program Files (x86)\Connectify
2013-03-14 23:33:25 -------- d-----w- C:\ProgramData\Connectify
2013-03-14 22:24:43 0 ----a-w- C:\Windows\SysWow64\sho1994.tmp
2013-03-08 14:47:21 -------- d-----w- C:\ProgramData\IDM
2013-03-08 13:37:58 -------- d-s---w- C:\ProgramData\Shared Space
2013-03-08 13:28:47 -------- d-----w- C:\ProgramData\COMODO
2013-03-08 13:28:28 -------- d-----w- C:\Program Files (x86)\Common Files\Comodo
2013-03-08 13:26:41 -------- d-----w- C:\Users\Shawlhar\AppData\Local\Comodo
2013-03-08 13:26:29 -------- d-----w- C:\Program Files (x86)\Comodo
2013-03-08 13:26:17 1700352 ----a-w- C:\Windows\SysWow64\gdiplus.dll
2013-03-07 16:16:39 168096 ----a-w- C:\Windows\System32\drivers\NSTx64\7DD03000.01A\ccsetx64.sys
2013-03-07 16:16:35 -------- d-----w- C:\Windows\System32\drivers\NSTx64\7DD03000.01A
2013-03-07 15:46:46 796248 ----a-w- C:\Windows\System32\drivers\NAVx64\1403000.024\srtsp64.sys
2013-03-07 15:46:46 493656 ----a-w- C:\Windows\System32\drivers\NAVx64\1403000.024\symds64.sys
2013-03-07 15:46:46 432800 ----a-w- C:\Windows\System32\drivers\NAVx64\1403000.024\symnets.sys
2013-03-07 15:46:46 36952 ----a-w- C:\Windows\System32\drivers\NAVx64\1403000.024\srtspx64.sys
2013-03-07 15:46:46 23448 ----a-r- C:\Windows\System32\drivers\NAVx64\1403000.024\symelam.sys
2013-03-07 15:46:46 224416 ----a-w- C:\Windows\System32\drivers\NAVx64\1403000.024\ironx64.sys
2013-03-07 15:46:46 168096 ----a-w- C:\Windows\System32\drivers\NAVx64\1403000.024\ccsetx64.sys
2013-03-07 15:46:46 1139800 ----a-w- C:\Windows\System32\drivers\NAVx64\1403000.024\symefa64.sys
2013-03-07 15:46:24 -------- d-----w- C:\Windows\System32\drivers\NAVx64\1403000.024
2013-03-07 14:52:16 -------- d-----w- C:\Program Files (x86)\BlueStacks
2013-03-07 14:51:31 -------- d-----w- C:\ProgramData\BlueStacksSetup
2013-03-07 14:51:30 -------- d-----w- C:\ProgramData\BlueStacks
2013-03-01 12:04:38 165112 ----a-w- C:\Windows\System32\drivers\idmwfp.sys
2013-02-19 13:27:12 -------- d-----w- C:\Program Files (x86)\WebSOFT
.
==================== Find3M ====================
.
2013-02-20 18:44:11 2672 --sha-w- C:\ProgramData\KGyGaAvL.sys
2013-02-20 18:44:09 88 --sh--r- C:\ProgramData\D07AFD0F8E.sys
2013-02-12 05:45:24 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45:22 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45:22 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45:22 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48:31 474112 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
2013-02-12 04:48:26 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
2013-02-05 16:16:12 0 ----a-w- C:\Windows\SysWow64\shoCE5F.tmp
2013-01-17 09:49:32 177312 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2013-01-13 21:17:03 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 21:17:02 2560 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 21:16:42 10752 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 21:12:46 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 21:11:21 4096 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 21:11:08 5632 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 21:11:07 5632 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 21:11:07 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 21:11:07 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:35:31 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 20:35:31 2560 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 20:35:18 10752 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 20:32:07 3584 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 20:31:48 4096 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 20:31:41 5632 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 20:31:40 5632 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 20:31:40 3072 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 20:31:40 3072 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:31:00 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll
2013-01-13 20:22:22 1988096 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2013-01-13 20:20:31 293376 ----a-w- C:\Windows\SysWow64\dxgi.dll
2013-01-13 20:09:00 249856 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll
2013-01-13 20:08:43 220160 ----a-w- C:\Windows\SysWow64\d3d10core.dll
2013-01-13 20:08:35 1504768 ----a-w- C:\Windows\SysWow64\d3d11.dll
2013-01-13 19:59:04 1643520 ----a-w- C:\Windows\System32\DWrite.dll
2013-01-13 19:58:28 1175552 ----a-w- C:\Windows\System32\FntCache.dll
2013-01-13 19:54:01 604160 ----a-w- C:\Windows\SysWow64\d3d10level9.dll
2013-01-13 19:53:58 207872 ----a-w- C:\Windows\SysWow64\WindowsCodecsExt.dll
2013-01-13 19:53:14 187392 ----a-w- C:\Windows\SysWow64\UIAnimation.dll
2013-01-13 19:51:30 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2013-01-13 19:49:17 363008 ----a-w- C:\Windows\System32\dxgi.dll
2013-01-13 19:48:47 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll
2013-01-13 19:46:25 1080832 ----a-w- C:\Windows\SysWow64\d3d10.dll
2013-01-13 19:43:21 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2013-01-13 19:38:39 333312 ----a-w- C:\Windows\System32\d3d10_1core.dll
2013-01-13 19:38:32 1887232 ----a-w- C:\Windows\System32\d3d11.dll
2013-01-13 19:38:21 296960 ----a-w- C:\Windows\System32\d3d10core.dll
2013-01-13 19:37:57 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll
2013-01-13 19:25:04 245248 ----a-w- C:\Windows\System32\WindowsCodecsExt.dll
2013-01-13 19:24:33 648192 ----a-w- C:\Windows\System32\d3d10level9.dll
2013-01-13 19:24:30 221184 ----a-w- C:\Windows\System32\UIAnimation.dll
2013-01-13 19:20:42 194560 ----a-w- C:\Windows\System32\d3d10_1.dll
2013-01-13 19:20:04 1238528 ----a-w- C:\Windows\System32\d3d10.dll
2013-01-13 19:15:40 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2013-01-13 19:10:36 3928064 ----a-w- C:\Windows\System32\d2d1.dll
2013-01-13 19:02:06 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2013-01-13 18:34:58 364544 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll
2013-01-13 18:32:43 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
2013-01-13 18:09:52 522752 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
2013-01-13 17:26:42 1158144 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
2013-01-13 17:05:09 1682432 ----a-w- C:\Windows\System32\XpsPrint.dll
2013-01-04 06:11:21 2284544 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll
2013-01-04 04:43:21 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2012-12-24 11:46:50 14986984 ----a-w- C:\Users\Shawlhar\AppData\Roaming\drvgenpro.exe
2012-12-20 17:00:52 0 ----a-w- C:\Windows\SysWow64\shoE044.tmp
2012-12-20 14:00:29 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-20 14:00:29 697272 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
.
============= FINISH: 18:57:38.48 ===============


attach
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 13-Oct-11 11:48:20
System Uptime: 19-Mar-13 18:28:17 (0 hours ago)
.
Motherboard: Hewlett-Packard | | 3674
Processor: Intel® Pentium® CPU P6200 @ 2.13GHz | CPU | 1045/1066mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 284 GiB total, 48.65 GiB free.
D: is FIXED (NTFS) - 14 GiB total, 1.712 GiB free.
E: is CDROM ()
F: is FIXED (FAT32) - 0 GiB total, 0.083 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: VirtualBox Host-Only Ethernet Adapter
Device ID: ROOT\NET\0000
Manufacturer: Oracle Corporation
Name: VirtualBox Host-Only Ethernet Adapter
PNP Device ID: ROOT\NET\0000
Service: VBoxNetAdp
.
==== System Restore Points ===================
.
RP237: 19-Mar-13 06:36:12 - Windows Update
RP238: 19-Mar-13 10:59:14 - Windows Update
RP239: 19-Mar-13 15:40:45 - Windows Update
RP240: 19-Mar-13 18:15:32 - Windows Update
.
==== Installed Programs ======================
.
7-Zip 9.20 (x64 edition)
7tsp v0.3 Build(3003)
Adobe AIR
Adobe Flash Player 11 ActiveX 64-bit
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.4)
Agatha Christie - Peril at End House
Age of Empires III
Airtel Mobile Internet
Audacity 1.3.14 (Unicode)
Auslogics Disk Defrag
Bejeweled 2 Deluxe
Bejeweled 3
BlackBerry Desktop Software 7.1
BlackBerry Device Software Updater
Blackhawk Striker 2
Blasterball 3
BlueStacks App Player
BlueStacks Notification Center
CCleaner
Cheatbook 10.2011
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Comodo Dragon
Complitly
Connectify
Corel Shell Extension - 64Bit
CorelDRAW Graphics Suite X4
CorelDRAW Graphics Suite X4 - Capture
CorelDRAW Graphics Suite X4 - Content
CorelDRAW Graphics Suite X4 - Draw
CorelDRAW Graphics Suite X4 - Filters
CorelDRAW Graphics Suite X4 - FontNav
CorelDRAW Graphics SUite X4 - ICA
CorelDRAW Graphics Suite X4 - IPM
CorelDRAW Graphics Suite X4 - Lang EN
CorelDRAW Graphics Suite X4 - PP
CorelDRAW Graphics Suite X4 - VBA
CorelDRAW® Graphics Suite X4
CorelDRAW® Graphics Suite X4 - Windows Shell Extension
Crystal Reports for Visual Studio
CyberLink YouCam
D3DX10
Desktop Icon Toy 4.7
Dotfuscator Software Services - Community Edition
Driver Genius
DVD Decrypter (Remove Only)
Encarta Search Bar (64-bit)
Energy Star Digital Logo
ESU for Microsoft Windows 7
Evernote v. 4.2.2
Facebook Video Calling 1.2.0.287
FATE - The Traitor Soul
FLV Player 2.0 (build 25)
FreeOCR 3.0
FX Graph 4
Game Booster 3
GeekBuddy
GLO 3G PLUS
GLO NETPRO
GlobeTrotter Connect
Google Chrome
Google Update Helper
Hewlett-Packard ACLM.NET v1.2.1.1
HP Auto
HP Customer Experience Enhancements
HP Documentation
HP Games
HP On Screen Display
HP Power Manager
HP Quick Launch
HP Setup
HP Software Framework
HP Support Assistant
HP Wireless Assistant
HTC BMP USB Driver
HTC Driver Installer
HTC Sync
HxD Hex Editor version 1.7.7.0
iCall
IFX DeskTop Quotes version 1.1
Intel® Control Center
Intel® Graphics Media Accelerator Driver
Intel® Management Engine Components
Intel® Rapid Storage Technology
Internet Download Manager
IPTInstaller
ISO Recorder
Java Auto Updater
Java™ 6 Update 22 (64-bit)
Java™ 6 Update 37
JoeAdeoye Web Proxy 1.70
K-Lite Codec Pack 9.5.5 (Full)
Learning Essentials for Microsoft Office
Linux Mint
Malwarebytes Anti-Malware version 1.70.0.1100
Mavis Beacon Teaches Typing Platinum 20
MetaTrader - Finexo
Microsoft .NET Framework 4 Multi-Targeting Pack
Microsoft .NET Framework 4.5
Microsoft Application Error Reporting
Microsoft ASP.NET MVC 2
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Help Viewer 1.0
Microsoft Installer
Microsoft Math
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Click-to-Run 2010
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Silverlight 3 SDK
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2008 (64-bit)
Microsoft SQL Server 2008 Browser
Microsoft SQL Server 2008 Common Files
Microsoft SQL Server 2008 Database Engine Services
Microsoft SQL Server 2008 Database Engine Shared
Microsoft SQL Server 2008 Native Client
Microsoft SQL Server 2008 R2 Data-Tier Application Framework
Microsoft SQL Server 2008 R2 Data-Tier Application Project
Microsoft SQL Server 2008 R2 Management Objects
Microsoft SQL Server 2008 R2 Management Objects (x64)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service
Microsoft SQL Server 2008 RsFx Driver
Microsoft SQL Server 2008 Setup Support Files
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft SQL Server Compact 3.5 SP2 x64 ENU
Microsoft SQL Server Database Publishing Wizard 1.4
Microsoft SQL Server System CLR Types
Microsoft SQL Server System CLR Types (x64)
Microsoft SQL Server VSS Writer
Microsoft Student 2007 for Learning Essentials
Microsoft Student with Encarta Premium 2009
Microsoft Sync Framework Runtime v1.0 SP1 (x64)
Microsoft Sync Framework SDK v1.0 SP1
Microsoft Sync Framework Services v1.0 SP1 (x64)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64)
Microsoft Team Foundation Server 2010 Object Model - ENU
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319
Microsoft Visual F# 2.0 Runtime
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
Microsoft Visual Studio 2010 IntelliTrace Collection (x64)
Microsoft Visual Studio 2010 Office Developer Tools (x64)
Microsoft Visual Studio 2010 Performance Collection Tools - ENU
Microsoft Visual Studio 2010 SharePoint Developer Tools
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
Microsoft Visual Studio 2010 Ultimate - ENU
Microsoft Visual Studio Macro Tools
Microsoft_VC100_CRT_SP1_x64
Microsoft_VC100_CRT_SP1_x86
Microsoft_VC90_CRT_x86
mIRC
Mortal Kombat 4 - www.classic-gaming.net
Mortal Kombat 5 5
Mozilla Firefox 19.0.2 (x86 en-US)
Mozilla Maintenance Service
MP3 Cutter 1.9
MSVC80_x64_v2
MSVC80_x86_v2
MSVC90_x64
MSVC90_x86
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2721691)
MSXML 4.0 SP3 Parser (KB2758694)
MSXML 4.0 SP3 Parser (KB973685)
Mystery P.I. - Stolen in San Francisco
Namco All-Stars PAC-MAN
Network Stumbler 0.4.0 (remove only)
Nmap 6.01
Nokia Connectivity Cable Driver
Nokia Suite
Norton AntiVirus
Norton Identity Safe
Notepad++
Opera 12.11
Opera Mobile Emulator
Oracle VM VirtualBox 4.1.20
PC Connectivity Solution
PCSX2 - Playstation 2 Emulator
PhotoScape
Plants vs. Zombies - Game of the Year
PowerDVD
Pro Evolution Soccer 2012
Proxifier version 3.21
Raptr
ReadingFanatic Toolbar
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Realtek PCIE Card Reader
REALTEK Wireless LAN Driver
Recovery Manager
Resident Evil 4
Rosetta Stone Version 3
Scrabble™ Interactive 2009 Edition
Search Toolbar
Security Update for Microsoft .NET Framework 4.5 (KB2737083)
Security Update for Microsoft .NET Framework 4.5 (KB2742613)
Security Update for Microsoft .NET Framework 4.5 (KB2789648)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
Security Update for Microsoft Visual Studio 2010 Ultimate - ENU (KB2251489)
Security Update for Microsoft Visual Studio 2010 Ultimate - ENU (KB2644980)
Service Pack 1 for SQL Server 2008 (KB968369) (64-bit)
Skype™ 5.1
SopCast 3.5.0
SpeedBit Video Accelerator
Sql Server Customer Experience Improvement Program
Switch Sound File Converter
Synaptics TouchPad Driver
System Requirements Lab for Intel
TeraCopy 2.27
The Proxomitron Ver. Naoko-4.5
Theme Resource Changer X64 v1.0
Total Video Converter 3.11
TVUPlayer 2.5.3.1
Tweak-7
Uniblue SpeedUpMyPC
UnLock Phone 1.1
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2768024) 32-Bit Edition
Update for Microsoft Office Script Editor Help (KB963671)
Update Installer for WildTangent Games App
Uploader
UxStyle Core Beta
VirtualCloneDrive
Visual Basic for Applications ® Core
Visual Basic for Applications ® Core - English
Visual Studio 2010 Prerequisites - English
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
VLC media player 2.0.1
WampServer 2.0
Web Deployment Tool
WildTangent Games App (HP Games)
Windows Driver Package - Nokia Modem (02/15/2007 3.1)
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
WinPcap 4.1.2
WinRAR 4.20 (64-bit)
Wireshark 1.8.2 (64-bit)
Wyzo
Xobni
Xobni Core
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
Your Freedom 20121126-01
Zuma Deluxe RA
.
==== Event Viewer Messages From Past Week ========
.
19-Mar-13 18:40:40, Error: Microsoft-Windows-SharedAccess_NAT [31004] - The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.
19-Mar-13 18:37:11, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
19-Mar-13 18:29:58, Error: Service Control Manager [7023] - The BlueStacks Android Service service terminated with the following error: An exception occurred in the service when handling the control request.
19-Mar-13 18:29:36, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\system32\Rtlihvs.dll Error Code: 126
19-Mar-13 17:49:48, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the HP Support Assistant Service service to connect.
19-Mar-13 17:49:48, Error: Service Control Manager [7000] - The HP Support Assistant Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
19-Mar-13 17:39:35, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AudioSrv service.
19-Mar-13 17:39:30, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WerSvc service.
19-Mar-13 17:39:05, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Dnscache service.
19-Mar-13 17:38:35, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
19-Mar-13 17:38:05, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the LanmanWorkstation service.
19-Mar-13 17:37:35, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Connectify service.
19-Mar-13 17:37:05, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NCO service.
19-Mar-13 17:36:35, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NAV service.
19-Mar-13 17:35:59, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.
19-Mar-13 15:53:25, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
19-Mar-13 15:53:25, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
19-Mar-13 14:21:43, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Software Protection service to connect.
19-Mar-13 14:21:43, Error: Service Control Manager [7000] - The Software Protection service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
19-Mar-13 09:59:53, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR5.
19-Mar-13 07:51:20, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
19-Mar-13 07:50:50, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the LanmanServer service.
19-Mar-13 07:50:09, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR3.
18-Mar-13 20:46:27, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Intel® Rapid Storage Technology service to connect.
18-Mar-13 20:46:27, Error: Service Control Manager [7000] - The Intel® Rapid Storage Technology service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
18-Mar-13 20:44:59, Error: Service Control Manager [7022] - The Windows Font Cache Service service hung on starting.
18-Mar-13 20:37:32, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X86 service to connect.
18-Mar-13 05:50:43, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HWDeviceService64.exe service.
17-Mar-13 12:01:22, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR96.
16-Mar-13 13:09:52, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR31.
16-Mar-13 12:38:25, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SysMain service.
16-Mar-13 03:34:24, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR10.
16-Mar-13 02:58:27, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the HP Software Framework Service service to connect.
16-Mar-13 02:58:27, Error: Service Control Manager [7000] - The HP Software Framework Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
16-Mar-13 02:48:39, Error: Service Control Manager [7023] -
16-Mar-13 02:47:24, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control.
16-Mar-13 02:34:29, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR42.
16-Mar-13 01:12:15, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.
16-Mar-13 01:12:15, Error: Service Control Manager [7000] - The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
15-Mar-13 22:05:15, Error: Service Control Manager [7022] - The Intel® Management & Security Application User Notification Service service hung on starting.
15-Mar-13 22:00:25, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect.
15-Mar-13 22:00:25, Error: Service Control Manager [7000] - The Google Update Service (gupdate) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
15-Mar-13 21:42:16, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Intel® Management & Security Application User Notification Service service to connect.
15-Mar-13 21:42:16, Error: Service Control Manager [7000] - The Intel® Management & Security Application User Notification Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
15-Mar-13 18:58:07, Error: Service Control Manager [7023] - The Internet Connection Sharing (ICS) service terminated with the following error: %%-2147467243
15-Mar-13 18:58:07, Error: Microsoft-Windows-SharedAccess_NAT [34001] - The ICS_IPV6 failed to configure IPv6 stack.
15-Mar-13 18:57:18, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the RasMan service.
15-Mar-13 18:56:48, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AeLookupSvc service.
15-Mar-13 18:56:48, Error: Service Control Manager [7000] - The Application Experience service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
15-Mar-13 18:54:28, Error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: After starting, the service hung in a start-pending state.
15-Mar-13 18:54:27, Error: Service Control Manager [7022] - The Internet Connection Sharing (ICS) service hung on starting.
15-Mar-13 18:54:24, Error: Service Control Manager [7022] - The Application Virtualization Client service hung on starting.
15-Mar-13 18:53:53, Error: Service Control Manager [7022] - The Net.Tcp Port Sharing Service service hung on starting.
15-Mar-13 15:44:17, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the wuauserv service.
15-Mar-13 15:26:05, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR10.
15-Mar-13 10:33:47, Error: Service Control Manager [7022] - The HP Support Assistant Service service hung on starting.
15-Mar-13 10:31:06, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X64 service to connect.
15-Mar-13 10:24:28, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the BlueStacks Android Service service to connect.
15-Mar-13 10:24:28, Error: Service Control Manager [7000] - The BlueStacks Android Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
15-Mar-13 02:00:32, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the UNS service.
15-Mar-13 01:19:28, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Client Virtualization Handler service to connect.
15-Mar-13 01:19:28, Error: Service Control Manager [7000] - The Client Virtualization Handler service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
15-Mar-13 00:42:52, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the DragonUpdater service.
14-Mar-13 17:05:20, Error: Service Control Manager [7034] - The Connectify service terminated unexpectedly. It has done this 1 time(s).
14-Mar-13 15:32:28, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR73.
14-Mar-13 07:39:15, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR43.
14-Mar-13 00:31:48, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR11.
13-Mar-13 10:44:16, Error: Tcpip [4199] - The system detected an address conflict for IP address 172.28.0.30 with the system having network hardware address 00-14-69-C6-60-C0. Network operations on this system may be disrupted as a result.
13-Mar-13 09:11:33, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IconMan_R service.
12-Mar-13 20:39:30, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\system32\Rtlihvs.dll Error Code: 21
12-Mar-13 12:35:30, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR47.
12-Mar-13 05:31:30, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR33.
.
==== End Of File ===========================
  • 0

#4
1972vet

1972vet

    Trusted Helper

  • Malware Removal
  • 99 posts
You have some woefully outdated software programs on board...specifically worth mentioning is the Adobe product "Flash", which is notoriously "hack" worthy among the script kiddies, (as is Java). It is imperative to keep software updated. When software programs are "hacked", it can be said then that it (they) have been exploited. Such exploited software makes for easy access to systems which are running these outdated programs (as yours). We can certainly update flash, but as for Java, you have more than one installed, and both of them are exploited. Please uninstall these:
Java™ 6 Update 22 (64-bit)
Java™ 6 Update 37

...and reboot the system once those uninstalls are completed. By the way, during our troubleshooting session, I may ask you to reboot often while rendering instructions for you. Please don't think that it's just a redundancy, as it is crucial for you to allow Windows the opportunity to record changes to the hard disk once you make them...and by following the instructions I render, I will from time to time, be asking you to make certain system changes, or else some utility I ask you to use may also require it. Please take the time to reboot when asked or prompted simply to allow the changes to be recorded to the hard disk.

In so doing, you are recording a good copy of the system's condition on reboot such that Windows will use it as the "Last Known Good Configuration That Worked" and list it as an option under your "safe" boot menu. Should you ever need to use it, you will be glad you did.

On to business...you can install the latest version of Java Here. Accept the license agreement, then scroll to and select jre-7u17-windows-x64.exe.

In order to make things much easier for you to keep your programs up to date, please download FileHippo's Update Checker. Double-click the FHSetup.exe file to install it. When the install completes, you'll find the Update Checker shortcut on the desk top. Double-click on it and a scan begins with the results showing in your browser. Any software it finds to be out of date, will be presented in your browser. Just click on the download link provided there to download your software updates. Ignore the beta software unless you want that...during the scanner initialization, you can click the settings link, then click the results tab and check the box "Hide beta versions". After clicking the OK button, click the "Retry" link to continue the scan with those settings. Please remember to post back your results regarding this software update scanner.

Next, please download the free utility AdwareCleaner to your desktop. When the download completes, right-click on the AdwClean.exe and select "Run as administrator"...then click on the Search button. When the search completes, a text file will open automatically. Please copy/paste the contents of that text file here on your next reply...along with the results of your software update scan. Thanks!
  • 0

#5
whizzhard

whizzhard

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
Surprisingly i did not noticed i had two java installed, still wondering how thatz possible till i was unable to uninstall java 6 update 22 64bit coz the uninstall dll package was missing.

This is the error windows displayed "error1723. There is a problem with this windows iinstaller package. A DLL required for this install to complete dcould not be run. Contact your support personnel or package vendor."

After a successful uninstall of the other java, i searched for java folder in my program files and could not find any so i checked ma registry and i did found 'javasoft' in there under the HKEY_LOCAL_MACHINE which was version 1.6.0_22.

Please what do you suggest i do.
  • 0

#6
1972vet

1972vet

    Trusted Helper

  • Malware Removal
  • 99 posts

Surprisingly i did not noticed i had two java installed, still wondering how thatz possible till i was unable to uninstall java 6 update 22 64bit coz the uninstall dll package was missing.

This is the error windows displayed "error1723. There is a problem with this windows iinstaller package. A DLL required for this install to complete dcould not be run. Contact your support personnel or package vendor."

After a successful uninstall of the other java, i searched for java folder in my program files and could not find any so i checked ma registry and i did found 'javasoft' in there under the HKEY_LOCAL_MACHINE which was version 1.6.0_22.

Please what do you suggest i do.

Well, for now...I suggest you post up the requested results of the software update scan and the AdwCleaner utility so we can continue from there as there is no point on commenting until we see those results as well. Thanks!
  • 0

#7
whizzhard

whizzhard

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
Alright.
9 Updates Detected
Icon
Adobe Reader 11.0.02
Installed Version: 10.1.6.1
48.03MB Download Now!
Icon
Auslogics Disk Defrag 3.6.1.0
Installed Version: 3.4.3.0
7.50MB Download Now!
Icon
CCleaner 3.28.1913
Installed Version: 3.18.0.1707
4.00MB Download Now!
Icon
Evernote 4.6.3.8096
Installed Version: 4.2.2.3979
52.32MB Download Now!
Icon
mIRC 7.29
Installed Version: 7.22.0.0
1.84MB Download Now!
Icon
Notepad++ 6.3.1
Installed Version: 6.2.0.0
5.67MB Download Now!
Icon
Opera 12.14
Installed Version: 12.11.1661.0
12.56MB Download Now!
Icon
Skype 6.3.0.105
Installed Version: 5.1.0.104
1.28MB Download Now!
Icon
VLC Media Player 2.0.5 (64-bit)
Installed Version: 2.0.1.0
22.42MB Download Now!
Total size: 155.60MB
7 Beta Updates Detected
Icon
7-Zip 9.22 Beta (64-bit)
Installed Version: 9.20.0.0
1.38MB Download Now!
Icon
Adobe Air 3.7.0.1240 Beta
Installed Version: 3.5.0.880
17.14MB Download Now!
Icon
Firefox 20.0 Beta 5
Installed Version: 19.0.2.0
20.64MB Download Now!
Icon
Flash Player 11.7.700.146 Beta (IE)
Installed Version: 11.6.602.180
26KB Download Now!
Icon
Flash Player 11.7.700.146 Beta (Non-IE)
Installed Version: 11.6.602.180
26KB Download Now!
Icon
Google Chrome 27.0.1444.3 Dev
Installed Version: 25.0.1364.172
31.85MB Download Now!
Icon
Wireshark 1.9.1 (64-bit) Beta
Installed Version: 1.8.2.44520
31.27MB Download Now!
Total size: 102.34MB
  • 0

#8
whizzhard

whizzhard

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
# AdwCleaner v2.115 - Logfile created 03/20/2013 at 15:10:25
# Updated 17/03/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Shawlhar - SHAWLHAR-HP
# Boot Mode : Normal
# Running from : C:\Users\Shawlhar\Downloads\Programs\AdwCleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\Users\Shawlhar\AppData\Roaming\Mozilla\Firefox\Profiles\ic548cx7.default\searchplugins\my-web-search.xml
Folder Found : C:\Program Files (x86)\Common Files\Speedbit
Folder Found : C:\Program Files (x86)\Complitly
Folder Found : C:\Program Files (x86)\file scout
Folder Found : C:\Program Files (x86)\Search Toolbar
Folder Found : C:\ProgramData\InstallMate
Folder Found : C:\ProgramData\Premium
Folder Found : C:\ProgramData\Speedbit
Folder Found : C:\ProgramData\Tarma Installer
Folder Found : C:\Users\Shawlhar\AppData\LocalLow\Speedbit
Folder Found : C:\Users\Shawlhar\AppData\LocalLow\Toolbar4
Folder Found : C:\Users\Shawlhar\AppData\Roaming\Complitly
Folder Found : C:\Users\Shawlhar\Documents\Save

***** [Registry] *****

Key Found : HKCU\Software\Complitly
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{603C4CC9-5DC6-4C44-873F-8281509DF953}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D425283-D487-4337-BAB6-AB8354A81457}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D425283-D487-4337-BAB6-AB8354A81457}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\Somoto
Key Found : HKCU\Software\SpeedBit
Key Found : HKCU\Software\Zugo
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKCU\Software\SMTTB2009
Key Found : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Found : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Classes\AppID\Complitly.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\SBConvert.SBConvert
Key Found : HKLM\SOFTWARE\Classes\SBConvert.SBConvert.3
Key Found : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar
Key Found : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar.1
Key Found : HKLM\SOFTWARE\Classes\SMTTB2009.SMTTB2009
Key Found : HKLM\SOFTWARE\Classes\SMTTB2009.SMTTB2009.3
Key Found : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO
Key Found : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO.1
Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{03119103-0854-469D-807A-171568457991}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{3BCF582D-CA87-4C6F-AF3D-B3548A976AB3}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\Software\SimplyGen
Key Found : HKLM\Software\SpeedBit
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{13119113-0854-469D-807A-171568457991}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{33119133-0854-469D-807A-171568457991}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9D425283-D487-4337-BAB6-AB8354A81457}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{603C4CC9-5DC6-4C44-873F-8281509DF953}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D425283-D487-4337-BAB6-AB8354A81457}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Found : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Found : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Found : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Found : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Found : HKLM\SOFTWARE\Tarma Installer
Key Found : HKU\S-1-5-21-1397294529-3170872516-2112063622-1000\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{0329E7D6-6F54-462D-93F6-F5C3118BADF2}]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [[email protected]]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{338B4DFE-2E2C-4338-9E41-E176D497299E}]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{9D425283-D487-4337-BAB6-AB8354A81457}]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16521

[OK] Registry is clean.

-\\ Mozilla Firefox v19.0.2 (en-US)

File : C:\Users\Shawlhar\AppData\Roaming\Mozilla\Firefox\Profiles\ic548cx7.default\prefs.js

Found : user_pref("extensions.mywebsearch.prevDefaultEngine", "");
Found : user_pref("extensions.mywebsearch.prevSelectedEngine", "");
Found : user_pref("extensions.toolbar.mindspark._6xMembers_.homepage", "hxxp://home.mywebsearch.com/index.jh[...]
Found : user_pref("speedbit.dap_installed", true);
Found : user_pref("speedbitvideodownloader.Var1", "0");
Found : user_pref("speedbitvideodownloader.Var10", "0");
Found : user_pref("speedbitvideodownloader.Var2", "0");
Found : user_pref("speedbitvideodownloader.Var3", "0");
Found : user_pref("speedbitvideodownloader.Var4", "0");
Found : user_pref("speedbitvideodownloader.Var5", "0");
Found : user_pref("speedbitvideodownloader.Var6", "0");
Found : user_pref("speedbitvideodownloader.Var7", "0");
Found : user_pref("speedbitvideodownloader.Var8", "0");
Found : user_pref("speedbitvideodownloader.Var9", "0");
Found : user_pref("speedbitvideodownloader.cache.tbs_include_xml_spd", "4/21/19/9/111");
Found : user_pref("speedbitvideodownloader.firstlaunch", "0");
Found : user_pref("speedbitvideodownloader.guid", "%7B451776A5-9636-E88A-594B-E21A31E1C178%7D");
Found : user_pref("speedbitvideodownloader.userId", "%12");
Found : user_pref("speedbitvideodownloader_installed_version", "2.2.9");

-\\ Google Chrome v25.0.1364.172

File : C:\Users\Shawlhar\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

-\\ Chromium vnstall: 20039

File : C:\Users\Shawlhar\AppData\Local\Chromium\User Data\Default\Preferences

[OK] File is clean.

-\\ Opera v12.11.1661.0

File : C:\Users\Shawlhar\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [12686 octets] - [20/03/2013 12:42:56]
AdwCleaner[R2].txt - [12652 octets] - [20/03/2013 15:10:25]

########## EOF - C:\AdwCleaner[R2].txt - [12713 octets] ##########
  • 0

#9
1972vet

1972vet

    Trusted Helper

  • Malware Removal
  • 99 posts
OK, while the AdwCleaner utility is opened, with those results, please click the Delete button. Post back that resulting log when you finish. Also, please be certain to follow up with the software update scanner and do what it tells you to do. That is, please click those download links and install those updated versions of software. When you finish all the above, I would like to see a fresh scan with the DDS utility.

On your next reply, please post these logs:
Latest results from the AdwCleaner utility
Latest results from a fresh software update scanner
Latest results from a fresh DDS scan

Thanks!
  • 0

#10
1972vet

1972vet

    Trusted Helper

  • Malware Removal
  • 99 posts
...Along with your next reply, please tell me if you know, what is on your D:\ drive. This may be your recovery partition (which is what I suspect) but if you DO know, I'd like to confirm that and...if you can say whether or not you (or anyone else who may have access to your system) has added any files to that drive. Thanks!

edit added:
Just a note to let you know I will be away this morning for a bit. I have to go to the V.A. which usually takes a few hours. If I don't respond by this afternoon, at least you will know why. As soon as I return, I will review any logs you may have posted and render more advice at that time. Thanks for understanding.
  • 0

Advertisements


#11
whizzhard

whizzhard

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
# AdwCleaner v2.115 - Logfile created 03/21/2013 at 02:48:40
# Updated 17/03/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Shawlhar - SHAWLHAR-HP
# Boot Mode : Normal
# Running from : C:\Users\Shawlhar\Downloads\Programs\AdwCleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\Users\Shawlhar\AppData\Local\Temp\Uninstall.exe

***** [Registry] *****

Key Found : HKCU\Software\Ask.com.tmp
Key Found : HKLM\Software\SpeedBit

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16521

[OK] Registry is clean.

-\\ Mozilla Firefox v19.0.2 (en-US)

File : C:\Users\Shawlhar\AppData\Roaming\Mozilla\Firefox\Profiles\ic548cx7.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v25.0.1364.172

File : C:\Users\Shawlhar\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

-\\ Chromium vnstall: 20039

File : C:\Users\Shawlhar\AppData\Local\Chromium\User Data\Default\Preferences

[OK] File is clean.

-\\ Opera v12.14.1738.0

File : C:\Users\Shawlhar\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [12686 octets] - [20/03/2013 12:42:56]
AdwCleaner[R2].txt - [12747 octets] - [20/03/2013 15:10:25]
AdwCleaner[R3].txt - [12808 octets] - [20/03/2013 22:10:45]
AdwCleaner[R4].txt - [1503 octets] - [20/03/2013 22:33:23]
AdwCleaner[R5].txt - [1477 octets] - [21/03/2013 02:48:40]
AdwCleaner[S1].txt - [13103 octets] - [20/03/2013 22:11:15]

########## EOF - C:\AdwCleaner[R5].txt - [1598 octets] ##########





Congratulations!
Your computer is up-to-date!
7 Beta Updates Detected
Icon
7-Zip 9.22 Beta (64-bit)
Installed Version: 9.20.0.0
1.38MB Download Now!
Icon
Adobe Air 3.7.0.1240 Beta
Installed Version: 3.6.0.6090
17.14MB Download Now!
Icon
Firefox 20.0 Beta 5
Installed Version: 19.0.2.0
20.64MB Download Now!
Icon
Flash Player 11.7.700.146 Beta (IE)
Installed Version: 11.6.602.180
26KB Download Now!
Icon
Flash Player 11.7.700.146 Beta (Non-IE)
Installed Version: 11.6.602.180
26KB Download Now!
Icon
Google Chrome 27.0.1444.3 Dev
Installed Version: 25.0.1364.172
31.85MB Download Now!
Icon
Wireshark 1.9.1 (64-bit) Beta
Installed Version: 1.8.2.44520
31.27MB Download Now!
Total size: 102.34MB




DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16521
Run by Shawlhar at 3:00:59 on 2013-03-21
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3894.1146 [GMT 1:00]
.
AV: Norton AntiVirus *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton AntiVirus *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\UnsignedThemesSvc.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\spoolsv.exe
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
C:\Program Files (x86)\Connectify\ConnectifyService.exe
C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
C:\Program Files (x86)\Connectify\ConnectifyD.exe
C:\ProgramData\DatacardService\HWDeviceService64.exe
C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
C:\Program Files (x86)\Norton AntiVirus\Engine\20.3.0.36\ccSvcHst.exe
C:\Program Files (x86)\Norton Identity Safe\Engine\2013.1.0.32\ccSvcHst.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\Dwm.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\Explorer.EXE
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\Norton Identity Safe\Engine\2013.1.0.32\ccSvcHst.exe
C:\Program Files (x86)\Norton AntiVirus\Engine\20.3.0.36\ccSvcHst.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Connectify\Connectify.exe
C:\Program Files (x86)\Connectify\DispatchUI.exe
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Users\Shawlhar\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\BlueStacks\HD-Agent.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Windows\System32\alg.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Users\Shawlhar\AppData\Roaming\Adobe\Plugins\adobe_plugin.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Windows\explorer.exe
C:\Windows\system32\taskhost.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\System32\NOTEPAD.EXE
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Opera\Opera.exe
C:\Windows\system32\msiexec.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\explorer.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
C:\Windows\system32\consent.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.bing.com/?pc=Z008&form=ZGAPHP
uProxyServer = 127.0.0.1:8080
uProxyOverride = <local>
mWinlogon: Userinit = C:\Windows\SysWOW64\userinit.exe,
BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\20.3.0.36\ips\ipsbho.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - <orphaned>
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Norton Identity Protection: {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.1.0.32\CoIEPlg.dll
BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - <orphaned>
BHO: Microsoft Web Test Recorder 10.0 Helper: {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - c:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
TB: Norton Identity Safe Toolbar: {A13C2648-91D4-4BF3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.1.0.32\CoIEPlg.dll
TB: Norton Identity Safe Toolbar: {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.1.0.32\CoIEPlg.dll
EB: Web Test Recorder 10.0: {5802D092-1784-4908-8CDB-99B6842D353D} -
uRun: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
uRun: [AdobePlugins] wscript "C:\Users\Shawlhar\AppData\Roaming\Adobe\Plugins\invis.vbs" "C:\Users\Shawlhar\AppData\Roaming\Adobe\Plugins\bat.bat"
uRun: [Google Update] "C:\Users\Shawlhar\AppData\Local\Google\Update\GoogleUpdate.exe" /c
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRunOnce: [ReadingFanatic_6xbar Uninstall] rundll32 C:\PROGRA~2\6XUNIN~1.DLL,O -3
uPolicies-Explorer: NoDriveTypeAutoRun = dword:149
uPolicies-Explorer: NoDriveAutoRun = dword:0
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: NoDrives = dword:65536
mPolicies-Explorer: NoDriveTypeAutoRun = dword:28
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-Windows\System: UseOEMBackground = dword:1
IE: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm
IE: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Send To &Bluetooth - <no file>
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - {552781AF-37E4-4FEE-920A-CED9E648EADD}
LSP: C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll
LSP: %SystemRoot%\system32\PrxerDrv.dll
TCP: NameServer = 198.6.1.2 4.2.2.2 8.8.8.8
TCP: Interfaces\{00004DDE-21E3-4787-9349-6D4B8998527F} : DHCPNameServer = 192.168.42.129
TCP: Interfaces\{141A3F81-F276-4A08-9819-353D6DAA02E6} : NameServer = 10.71.165.25
TCP: Interfaces\{1809B326-59FA-4B2B-96FF-0B1CED3F066A} : DHCPNameServer = 198.6.1.2 4.2.2.2 8.8.8.8
TCP: Interfaces\{1809B326-59FA-4B2B-96FF-0B1CED3F066A}\2494F4348454D4021405 : DHCPNameServer = 198.6.1.2 8.8.8.8
TCP: Interfaces\{1809B326-59FA-4B2B-96FF-0B1CED3F066A}\348454D4943414C40254E47425021405 : DHCPNameServer = 198.6.1.2 4.2.2.2 8.8.8.8
TCP: Interfaces\{1809B326-59FA-4B2B-96FF-0B1CED3F066A}\348454D4943545259502140513 : DHCPNameServer = 172.28.0.1 198.6.1.2 8.8.8.8
TCP: Interfaces\{1809B326-59FA-4B2B-96FF-0B1CED3F066A}\34F4D43594450214050223 : DHCPNameServer = 172.32.0.1 198.6.1.2 8.8.8.8
TCP: Interfaces\{1809B326-59FA-4B2B-96FF-0B1CED3F066A}\7454F4C4F474950214050223 : DHCPNameServer = 198.6.1.2 4.2.2.2 8.8.8.8
TCP: Interfaces\{1809B326-59FA-4B2B-96FF-0B1CED3F066A}\94D40554259414C494E4455425E45445 : DHCPNameServer = 192.168.5.2 8.8.8.8 217.117.15.106
TCP: Interfaces\{32DB6BF4-4C50-4790-B708-6C6921136CD9} : NameServer = 172.24.8.50 141.1.1.1
TCP: Interfaces\{8784BAD3-0F16-4198-95E4-C07A58FF16C3} : NameServer = 8.8.8.8 8.8.4.4
TCP: Interfaces\{AC0F8338-EC1E-4573-B39C-55D11969FA30} : NameServer = 172.24.8.50 141.1.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
x64-BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [HP Quick Launch] C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
x64-Run: [Connectify Hotspot] C:\Program Files (x86)\Connectify\Connectify.exe autorun
x64-Run: [Connectify Dispatch] C:\Program Files (x86)\Connectify\DispatchUI.exe autorun
x64-IE: {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - {552781AF-37E4-4FEE-920A-CED9E648EADD}
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-STS: CThemeResourceChangerObject Class - {F791A188-699D-4FD4-955A-EB59E89B1907} - \Program Files\Theme Resource Changer\ThemeResourceChanger.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Shawlhar\AppData\Roaming\Mozilla\Firefox\Profiles\ic548cx7.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - about:blank
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=Z008&form=ZGAADF&q=
FF - prefs.js: network.proxy.ftp - 127.0.0.1
FF - prefs.js: network.proxy.ftp_port - 6050
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 6050
FF - prefs.js: network.proxy.socks - 127.0.0.1
FF - prefs.js: network.proxy.socks_port - 6050
FF - prefs.js: network.proxy.ssl - 127.0.0.1
FF - prefs.js: network.proxy.ssl_port - 6050
FF - prefs.js: network.proxy.type - 4
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll
FF - plugin: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\TVUPlayer\npTVUAx.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Shawlhar\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Users\Shawlhar\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\NAVx64\1403000.024\symds64.sys [2013-3-7 493656]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NAVx64\1403000.024\symefa64.sys [2013-3-7 1139800]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\BASHDefs\20130301.001\BHDrvx64.sys [2013-3-7 1388120]
R1 ccSet_NAV;Norton AntiVirus Settings Manager;C:\Windows\System32\drivers\NAVx64\1403000.024\ccsetx64.sys [2013-3-7 168096]
R1 ccSet_NST;Norton Identity Safe Settings Manager;C:\Windows\System32\drivers\NSTx64\7DD01000.020\ccSetx64.sys [2013-1-17 168096]
R1 cnnctfy3;Connectify LightWeight Filter;C:\Windows\System32\drivers\cnnctfy3.sys [2013-3-15 34840]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\IPSDefs\20130320.001\IDSviA64.sys [2013-3-21 513184]
R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\NAVx64\1403000.024\ironx64.sys [2013-3-7 224416]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\NAVx64\1403000.024\symnets.sys [2013-3-7 432800]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2011-8-5 98208]
R2 BstHdDrv;BlueStacks Hypervisor;C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2013-2-15 71032]
R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2013-2-15 384888]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-8 123856]
R2 Connectify;Connectify;C:\Program Files (x86)\Connectify\ConnectifyService.exe [2013-3-15 217088]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2010-2-28 821664]
R2 DragonUpdater;COMODO Dragon Update Service;C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2013-3-12 2074768]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]
R2 HWDeviceService64.exe;HWDeviceService64.exe;C:\ProgramData\DatacardService\HWDeviceService64.exe [2011-3-14 346976]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-8-5 13592]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-8-5 1817088]
R2 IDMWFP;IDMWFP;C:\Windows\System32\drivers\idmwfp.sys [2013-3-1 165112]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-3-18 398184]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-3-18 682344]
R2 uxpatch;uxpatch;C:\Windows\System32\drivers\uxpatch.sys [2009-7-13 30568]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2011-2-10 31088]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-2-2 138912]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344]
R3 huawei_enumerator;huawei_enumerator;C:\Windows\System32\drivers\ew_jubusenum.sys [2012-10-11 87040]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-8-30 289280]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-3-18 24176]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2011-8-5 335464]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-8-5 436840]
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\System32\drivers\rtl8192ce.sys [2011-8-5 878184]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2010-4-24 721768]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2010-4-24 269672]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2010-4-24 25960]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2010-4-24 22376]
S2 BstHdAndroidSvc;BlueStacks Android Service;C:\Program Files (x86)\BlueStacks\HD-Service.exe [2013-2-15 393080]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:\Windows\System32\drivers\ew_hwusbdev.sys [2012-10-11 117248]
S3 ew_usbenumfilter;huawei_CompositeFilter;C:\Windows\System32\drivers\ew_usbenumfilter.sys [2012-10-11 13952]
S3 ewusbmbb;HUAWEI USB-WWAN miniport;C:\Windows\System32\drivers\ewusbwwan.sys [2012-10-11 421888]
S3 GT72NDISIPXP;GT 72 IP NDIS;C:\Windows\System32\drivers\Gt51Ip.sys [2007-11-13 124416]
S3 GT72UBUS;GT 72 U BUS;C:\Windows\System32\drivers\gt72ubus.sys [2007-10-9 80896]
S3 HTCAND64;HTC Device Driver;C:\Windows\System32\drivers\ANDROIDUSB.sys [2009-11-2 33736]
S3 htcnprot;HTC NDIS Protocol Driver;C:\Windows\System32\drivers\htcnprot.sys [2010-6-25 36928]
S3 huawei_cdcacm;huawei_cdcacm;C:\Windows\System32\drivers\ew_jucdcacm.sys [2012-10-11 98304]
S3 huawei_ext_ctrl;huawei_ext_ctrl;C:\Windows\System32\drivers\ew_juextctrl.sys [2012-10-11 28672]
S3 huawei_wwanecm;huawei_wwanecm;C:\Windows\System32\drivers\ew_juwwanecm.sys [2012-10-11 223744]
S3 nmwcdnsucx64;Nokia USB Flashing Generic;C:\Windows\System32\drivers\nmwcdnsucx64.sys [2011-8-17 12800]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent;C:\Windows\System32\drivers\nmwcdnsux64.sys [2011-8-17 171008]
S3 qcusbser;Mobile Connector;C:\Windows\System32\drivers\qcusbser.sys [2008-9-1 118144]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-27 19456]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 ToolkitDisk;ToolkitDisk;C:\Windows\System32\drivers\toolkitdisk.sys [2011-11-5 62552]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-11-27 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-11-27 30208]
S3 VSPerfDrv100;Performance Tools Driver 10.0;C:\Program Files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [2010-3-17 68440]
S4 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S4 GLO NETPRO. RunOuc;GLO NETPRO. OUC;C:\Program Files (x86)\GLO NETPRO\UpdateDog\ouc.exe [2012-10-11 655712]
S4 GtDetectSc;GtDetectSc;C:\Program Files (x86)\Option\GlobeTrotter Connect\GtDetectSc.exe [2007-12-18 312320]
S4 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-7-21 103992]
S4 HPWMISVC;HPWMISVC;C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-1-18 20480]
S4 RsFx0103;RsFx0103 Driver;C:\Windows\System32\drivers\RsFx0103.sys [2009-3-30 311656]
.
=============== File Associations ===============
.
FileExt: .vbs: Applications\notepad.exe=C:\Windows\System32\NOTEPAD.EXE %1 [UserChoice]
FileExt: .js: JSFile=C:\Windows\System32\WScript.exe "%1" %* [UserChoice]
.
=============== Created Last 30 ================
.
2073-10-27 09:55:34 2404352 ----a-w- C:\Program Files (x86)\Microsoft Games\Halo Custom Edition\haloce.exe
2073-10-27 09:55:34 1835008 ----a-w- C:\Program Files (x86)\Microsoft Games\Halo Custom Edition\haloceded.exe
2073-10-27 09:55:34 1118208 ----a-w- C:\Program Files (x86)\Microsoft Games\Halo Custom Edition\Strings.dll
2013-03-21 02:04:57 108448 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
2013-03-21 01:51:47 -------- d-----w- C:\Users\Shawlhar\AppData\Local\ElevatedDiagnostics
2013-03-20 23:06:02 -------- d-----w- C:\Program Files\VideoLAN
2013-03-20 23:01:29 -------- d-----w- C:\Program Files (x86)\Auslogics
2013-03-20 22:56:13 707728 ----a-w- C:\Program Files (x86)\6xUninstall ReadingFanatic.dll
2013-03-20 22:56:13 179328 ----a-w- C:\Program Files (x86)\6xres.dll
2013-03-20 12:01:09 -------- d-----w- C:\Program Files (x86)\SpeedFan
2013-03-20 11:46:51 -------- d-----w- C:\Program Files (x86)\FileHippo.com
2013-03-20 07:08:22 -------- d-----w- C:\Users\Shawlhar\AppData\Roaming\VSRevoGroup
2013-03-19 17:16:43 2776576 ----a-w- C:\Windows\System32\msmpeg2vdec.dll
2013-03-19 17:03:14 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2013-03-19 17:02:45 46592 ----a-w- C:\Windows\SysWow64\fpb.rs
2013-03-19 07:00:36 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2013-03-19 07:00:36 2048 ----a-w- C:\Windows\System32\tzres.dll
2013-03-19 06:43:55 5553512 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-03-19 06:43:53 3967848 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-03-19 06:43:52 3913064 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-03-19 06:43:32 288088 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2013-03-19 06:43:32 1913192 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-03-19 06:16:23 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-03-19 06:16:23 215040 ----a-w- C:\Windows\System32\winsrv.dll
2013-03-19 06:16:23 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-03-19 06:16:22 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-03-19 06:16:22 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-03-19 06:16:21 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-03-19 05:27:46 3153408 ----a-w- C:\Windows\System32\win32k.sys
2013-03-19 05:23:43 19968 ----a-w- C:\Windows\System32\drivers\usb8023x.sys
2013-03-19 05:23:43 19968 ----a-w- C:\Windows\System32\drivers\usb8023.sys
2013-03-18 18:58:37 -------- d-----w- C:\Users\Shawlhar\AppData\Roaming\Malwarebytes
2013-03-18 18:58:19 -------- d-----w- C:\ProgramData\Malwarebytes
2013-03-18 18:58:17 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-03-18 18:58:17 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-03-15 14:50:55 47368 ----a-w- C:\Windows\SysWow64\certsentry.dll
2013-03-15 14:50:52 56072 ----a-w- C:\Windows\System32\certsentry.dll
2013-03-15 13:39:36 -------- d-----w- C:\Program Files (x86)\Driver-Soft
2013-03-14 23:36:08 34840 ----a-w- C:\Windows\System32\drivers\cnnctfy3.sys
2013-03-14 23:33:36 -------- d-----w- C:\Program Files (x86)\Connectify
2013-03-14 23:33:25 -------- d-----w- C:\ProgramData\Connectify
2013-03-08 14:47:21 -------- d-----w- C:\ProgramData\IDM
2013-03-08 13:37:58 -------- d-s---w- C:\ProgramData\Shared Space
2013-03-08 13:28:47 -------- d-----w- C:\ProgramData\COMODO
2013-03-08 13:26:41 -------- d-----w- C:\Users\Shawlhar\AppData\Local\Comodo
2013-03-08 13:26:29 -------- d-----w- C:\Program Files (x86)\Comodo
2013-03-08 13:26:17 1700352 ----a-w- C:\Windows\SysWow64\gdiplus.dll
2013-03-07 16:16:39 168096 ----a-w- C:\Windows\System32\drivers\NSTx64\7DD03000.01A\ccsetx64.sys
2013-03-07 16:16:35 -------- d-----w- C:\Windows\System32\drivers\NSTx64\7DD03000.01A
2013-03-07 15:46:46 796248 ----a-w- C:\Windows\System32\drivers\NAVx64\1403000.024\srtsp64.sys
2013-03-07 15:46:46 493656 ----a-w- C:\Windows\System32\drivers\NAVx64\1403000.024\symds64.sys
2013-03-07 15:46:46 432800 ----a-w- C:\Windows\System32\drivers\NAVx64\1403000.024\symnets.sys
2013-03-07 15:46:46 36952 ----a-w- C:\Windows\System32\drivers\NAVx64\1403000.024\srtspx64.sys
2013-03-07 15:46:46 23448 ----a-r- C:\Windows\System32\drivers\NAVx64\1403000.024\symelam.sys
2013-03-07 15:46:46 224416 ----a-w- C:\Windows\System32\drivers\NAVx64\1403000.024\ironx64.sys
2013-03-07 15:46:46 168096 ----a-w- C:\Windows\System32\drivers\NAVx64\1403000.024\ccsetx64.sys
2013-03-07 15:46:46 1139800 ----a-w- C:\Windows\System32\drivers\NAVx64\1403000.024\symefa64.sys
2013-03-07 15:46:24 -------- d-----w- C:\Windows\System32\drivers\NAVx64\1403000.024
2013-03-07 14:52:16 -------- d-----w- C:\Program Files (x86)\BlueStacks
2013-03-07 14:51:31 -------- d-----w- C:\ProgramData\BlueStacksSetup
2013-03-07 14:51:30 -------- d-----w- C:\ProgramData\BlueStacks
2013-03-01 12:04:38 165112 ----a-w- C:\Windows\System32\drivers\idmwfp.sys
2013-02-19 13:27:12 -------- d-----w- C:\Program Files (x86)\WebSOFT
.
==================== Find3M ====================
.
2013-03-21 02:04:39 963488 ----a-w- C:\Windows\System32\deployJava1.dll
2013-03-21 02:04:39 1085344 ----a-w- C:\Windows\System32\npDeployJava1.dll
2013-03-20 06:43:37 73432 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-03-20 06:43:37 693976 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-02-20 18:44:11 2672 --sha-w- C:\ProgramData\KGyGaAvL.sys
2013-02-20 18:44:09 88 --sh--r- C:\ProgramData\D07AFD0F8E.sys
2013-02-12 05:45:24 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45:22 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45:22 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45:22 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48:31 474112 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
2013-02-12 04:48:26 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
2013-01-17 09:49:32 177312 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2013-01-13 21:17:03 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 21:17:02 2560 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 21:16:42 10752 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 21:12:46 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 21:11:21 4096 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 21:11:08 5632 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 21:11:07 5632 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 21:11:07 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 21:11:07 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:35:31 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 20:35:31 2560 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 20:35:18 10752 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 20:32:07 3584 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 20:31:48 4096 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 20:31:41 5632 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 20:31:40 5632 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 20:31:40 3072 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 20:31:40 3072 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:31:00 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll
2013-01-13 20:22:22 1988096 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2013-01-13 20:20:31 293376 ----a-w- C:\Windows\SysWow64\dxgi.dll
2013-01-13 20:09:00 249856 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll
2013-01-13 20:08:43 220160 ----a-w- C:\Windows\SysWow64\d3d10core.dll
2013-01-13 20:08:35 1504768 ----a-w- C:\Windows\SysWow64\d3d11.dll
2013-01-13 19:59:04 1643520 ----a-w- C:\Windows\System32\DWrite.dll
2013-01-13 19:58:28 1175552 ----a-w- C:\Windows\System32\FntCache.dll
2013-01-13 19:54:01 604160 ----a-w- C:\Windows\SysWow64\d3d10level9.dll
2013-01-13 19:53:58 207872 ----a-w- C:\Windows\SysWow64\WindowsCodecsExt.dll
2013-01-13 19:53:14 187392 ----a-w- C:\Windows\SysWow64\UIAnimation.dll
2013-01-13 19:51:30 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2013-01-13 19:49:17 363008 ----a-w- C:\Windows\System32\dxgi.dll
2013-01-13 19:48:47 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll
2013-01-13 19:46:25 1080832 ----a-w- C:\Windows\SysWow64\d3d10.dll
2013-01-13 19:43:21 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2013-01-13 19:38:39 333312 ----a-w- C:\Windows\System32\d3d10_1core.dll
2013-01-13 19:38:32 1887232 ----a-w- C:\Windows\System32\d3d11.dll
2013-01-13 19:38:21 296960 ----a-w- C:\Windows\System32\d3d10core.dll
2013-01-13 19:37:57 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll
2013-01-13 19:25:04 245248 ----a-w- C:\Windows\System32\WindowsCodecsExt.dll
2013-01-13 19:24:33 648192 ----a-w- C:\Windows\System32\d3d10level9.dll
2013-01-13 19:24:30 221184 ----a-w- C:\Windows\System32\UIAnimation.dll
2013-01-13 19:20:42 194560 ----a-w- C:\Windows\System32\d3d10_1.dll
2013-01-13 19:20:04 1238528 ----a-w- C:\Windows\System32\d3d10.dll
2013-01-13 19:15:40 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2013-01-13 19:10:36 3928064 ----a-w- C:\Windows\System32\d2d1.dll
2013-01-13 19:02:06 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2013-01-13 18:34:58 364544 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll
2013-01-13 18:32:43 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
2013-01-13 18:09:52 522752 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
2013-01-13 17:26:42 1158144 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
2013-01-13 17:05:09 1682432 ----a-w- C:\Windows\System32\XpsPrint.dll
2013-01-04 06:11:21 2284544 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll
2013-01-04 04:43:21 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2012-12-29 20:59:38 28664 ----a-w- C:\Windows\SysWow64\speedfan.sys
2012-12-24 11:46:50 14986984 ----a-w- C:\Users\Shawlhar\AppData\Roaming\drvgenpro.exe
.
============= FINISH: 3:09:14.83 ===============



.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 13-Oct-11 11:48:20
System Uptime: 20-Mar-13 22:14:19 (5 hours ago)
.
Motherboard: Hewlett-Packard | | 3674
Processor: Intel® Pentium® CPU P6200 @ 2.13GHz | CPU | 1322/1066mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 284 GiB total, 48.297 GiB free.
D: is FIXED (NTFS) - 14 GiB total, 1.712 GiB free.
E: is CDROM ()
F: is FIXED (FAT32) - 0 GiB total, 0.083 GiB free.
G: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: VirtualBox Host-Only Ethernet Adapter
Device ID: ROOT\NET\0000
Manufacturer: Oracle Corporation
Name: VirtualBox Host-Only Ethernet Adapter
PNP Device ID: ROOT\NET\0000
Service: VBoxNetAdp
.
==== System Restore Points ===================
.
RP241: 20-Mar-13 05:48:47 - Removed Java™ 6 Update 22 (64-bit)
RP242: 20-Mar-13 05:50:18 - Removed Java™ 6 Update 37
RP243: 20-Mar-13 05:52:47 - Removed Java™ 6 Update 22 (64-bit)
RP244: 20-Mar-13 05:59:56 - Removed Java™ 6 Update 22 (64-bit)
RP245: 20-Mar-13 22:49:20 - Removed Evernote v. 4.2.2
RP246: 20-Mar-13 23:26:23 - Installed Adobe Reader XI.
RP247: 20-Mar-13 23:48:11 - Removed Energy Star Digital Logo
RP248: 20-Mar-13 23:49:17 - Removed GeekBuddy.
RP249: 21-Mar-13 02:55:59 - Removed Skype™ 5.1
RP250: 21-Mar-13 03:03:57 - Installed Java 7 Update 17 (64-bit)
.
==== Installed Programs ======================
.
7-Zip 9.20 (x64 edition)
7tsp v0.3 Build(3003)
Adobe AIR
Adobe Flash Player 11 ActiveX 64-bit
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.02)
Agatha Christie - Peril at End House
Age of Empires III
Airtel Mobile Internet
Audacity 1.3.14 (Unicode)
Auslogics Disk Defrag
Bejeweled 2 Deluxe
Bejeweled 3
BlackBerry Desktop Software 7.1
BlackBerry Device Software Updater
Blackhawk Striker 2
Blasterball 3
BlueStacks App Player
BlueStacks Notification Center
CCleaner
Cheatbook 10.2011
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Connectify
Corel Shell Extension - 64Bit
CorelDRAW Graphics Suite X4
CorelDRAW Graphics Suite X4 - Capture
CorelDRAW Graphics Suite X4 - Content
CorelDRAW Graphics Suite X4 - Draw
CorelDRAW Graphics Suite X4 - Filters
CorelDRAW Graphics Suite X4 - FontNav
CorelDRAW Graphics SUite X4 - ICA
CorelDRAW Graphics Suite X4 - IPM
CorelDRAW Graphics Suite X4 - Lang EN
CorelDRAW Graphics Suite X4 - PP
CorelDRAW Graphics Suite X4 - VBA
CorelDRAW® Graphics Suite X4
CorelDRAW® Graphics Suite X4 - Windows Shell Extension
Crystal Reports for Visual Studio
CyberLink YouCam
D3DX10
Desktop Icon Toy 4.7
Dotfuscator Software Services - Community Edition
Driver Genius
DVD Decrypter (Remove Only)
Encarta Search Bar (64-bit)
ESU for Microsoft Windows 7
Facebook Video Calling 1.2.0.287
FATE - The Traitor Soul
FileHippo.com Update Checker
FLV Player 2.0 (build 25)
FreeOCR 3.0
FX Graph 4
Game Booster 3
GLO 3G PLUS
GLO NETPRO
GlobeTrotter Connect
Google Chrome
Google Update Helper
Hewlett-Packard ACLM.NET v1.2.1.1
HP Auto
HP Customer Experience Enhancements
HP Documentation
HP Games
HP On Screen Display
HP Power Manager
HP Quick Launch
HP Setup
HP Software Framework
HP Support Assistant
HP Wireless Assistant
HTC BMP USB Driver
HTC Driver Installer
HTC Sync
HxD Hex Editor version 1.7.7.0
iCall
IFX DeskTop Quotes version 1.1
Intel® Control Center
Intel® Graphics Media Accelerator Driver
Intel® Management Engine Components
Intel® Rapid Storage Technology
Internet Download Manager
IPTInstaller
ISO Recorder
Java 7 Update 17 (64-bit)
Java™ 6 Update 22 (64-bit)
JoeAdeoye Web Proxy 1.70
K-Lite Codec Pack 9.5.5 (Full)
Learning Essentials for Microsoft Office
Linux Mint
Malwarebytes Anti-Malware version 1.70.0.1100
Mavis Beacon Teaches Typing Platinum 20
MetaTrader - Finexo
Microsoft .NET Framework 4 Multi-Targeting Pack
Microsoft .NET Framework 4.5
Microsoft Application Error Reporting
Microsoft ASP.NET MVC 2
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Halo Custom Edition
Microsoft Help Viewer 1.0
Microsoft Installer
Microsoft Math
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Click-to-Run 2010
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Silverlight 3 SDK
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2008 (64-bit)
Microsoft SQL Server 2008 Browser
Microsoft SQL Server 2008 Common Files
Microsoft SQL Server 2008 Database Engine Services
Microsoft SQL Server 2008 Database Engine Shared
Microsoft SQL Server 2008 Native Client
Microsoft SQL Server 2008 R2 Data-Tier Application Framework
Microsoft SQL Server 2008 R2 Data-Tier Application Project
Microsoft SQL Server 2008 R2 Management Objects
Microsoft SQL Server 2008 R2 Management Objects (x64)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service
Microsoft SQL Server 2008 RsFx Driver
Microsoft SQL Server 2008 Setup Support Files
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft SQL Server Compact 3.5 SP2 x64 ENU
Microsoft SQL Server Database Publishing Wizard 1.4
Microsoft SQL Server System CLR Types
Microsoft SQL Server System CLR Types (x64)
Microsoft SQL Server VSS Writer
Microsoft Student 2007 for Learning Essentials
Microsoft Student with Encarta Premium 2009
Microsoft Sync Framework Runtime v1.0 SP1 (x64)
Microsoft Sync Framework SDK v1.0 SP1
Microsoft Sync Framework Services v1.0 SP1 (x64)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64)
Microsoft Team Foundation Server 2010 Object Model - ENU
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319
Microsoft Visual F# 2.0 Runtime
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
Microsoft Visual Studio 2010 IntelliTrace Collection (x64)
Microsoft Visual Studio 2010 Office Developer Tools (x64)
Microsoft Visual Studio 2010 Performance Collection Tools - ENU
Microsoft Visual Studio 2010 SharePoint Developer Tools
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
Microsoft Visual Studio 2010 Ultimate - ENU
Microsoft Visual Studio Macro Tools
Microsoft_VC100_CRT_SP1_x64
Microsoft_VC100_CRT_SP1_x86
Microsoft_VC90_CRT_x86
Mortal Kombat 4 - www.classic-gaming.net
Mortal Kombat 5 5
Mozilla Firefox 19.0.2 (x86 en-US)
Mozilla Maintenance Service
MP3 Cutter 1.9
MSVC80_x64_v2
MSVC80_x86_v2
MSVC90_x64
MSVC90_x86
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2721691)
MSXML 4.0 SP3 Parser (KB2758694)
MSXML 4.0 SP3 Parser (KB973685)
Mystery P.I. - Stolen in San Francisco
Namco All-Stars PAC-MAN
Network Stumbler 0.4.0 (remove only)
Nmap 6.01
Nokia Connectivity Cable Driver
Nokia Suite
Norton AntiVirus
Norton Identity Safe
Notepad++
Opera 12.14
Opera Mobile Emulator
Oracle VM VirtualBox 4.1.20
PC Connectivity Solution
PCSX2 - Playstation 2 Emulator
Plants vs. Zombies - Game of the Year
PowerDVD
Pro Evolution Soccer 2012
Proxifier version 3.21
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Realtek PCIE Card Reader
REALTEK Wireless LAN Driver
Recovery Manager
Resident Evil 4
Rosetta Stone Version 3
Scrabble™ Interactive 2009 Edition
Security Update for Microsoft .NET Framework 4.5 (KB2737083)
Security Update for Microsoft .NET Framework 4.5 (KB2742613)
Security Update for Microsoft .NET Framework 4.5 (KB2789648)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
Security Update for Microsoft Visual Studio 2010 Ultimate - ENU (KB2251489)
Security Update for Microsoft Visual Studio 2010 Ultimate - ENU (KB2644980)
Service Pack 1 for SQL Server 2008 (KB968369) (64-bit)
SpeedBit Video Accelerator
SpeedFan (remove only)
Sql Server Customer Experience Improvement Program
Switch Sound File Converter
Synaptics TouchPad Driver
System Requirements Lab for Intel
TeraCopy 2.27
The Proxomitron Ver. Naoko-4.5
Theme Resource Changer X64 v1.0
Total Video Converter 3.11
Uniblue SpeedUpMyPC
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2768024) 32-Bit Edition
Update for Microsoft Office Script Editor Help (KB963671)
Update Installer for WildTangent Games App
Uploader
UxStyle Core Beta
VirtualCloneDrive
Visual Basic for Applications ® Core
Visual Basic for Applications ® Core - English
Visual Studio 2010 Prerequisites - English
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
VLC media player 2.0.1
VLC media player 2.0.5
WampServer 2.0
Web Deployment Tool
WildTangent Games App (HP Games)
Windows Driver Package - Nokia Modem (02/15/2007 3.1)
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
WinPcap 4.1.2
WinRAR 4.20 (64-bit)
Wireshark 1.8.2 (64-bit)
Xobni Core
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
Your Freedom 20121126-01
Zuma Deluxe RA
.
==== Event Viewer Messages From Past Week ========
.
21-Mar-13 02:13:14, Error: Microsoft-Windows-SharedAccess_NAT [31004] - The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.
20-Mar-13 23:11:05, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR8.
20-Mar-13 22:15:53, Error: Service Control Manager [7023] - The BlueStacks Android Service service terminated with the following error: An exception occurred in the service when handling the control request.
20-Mar-13 22:15:20, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\system32\Rtlihvs.dll Error Code: 126
20-Mar-13 22:07:44, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{1809B326-59FA-4B2B-96FF-0B1CED3F066A} because another computer on the network has the same name. The server could not start.
20-Mar-13 22:07:44, Error: NetBT [4321] - The name "SHAWLHAR-HP :20" could not be registered on the interface with IP address 172.26.13.143. The computer with the IP address 169.254.77.5 did not allow the name to be claimed by this computer.
20-Mar-13 22:07:44, Error: NetBT [4321] - The name "SHAWLHAR-HP :0" could not be registered on the interface with IP address 172.26.13.143. The computer with the IP address 169.254.77.5 did not allow the name to be claimed by this computer.
20-Mar-13 21:34:06, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HP Support Assistant Service service.
20-Mar-13 14:56:31, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
20-Mar-13 09:14:57, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the SQL Server (SQLEXPRESS) service to connect.
20-Mar-13 09:14:57, Error: Service Control Manager [7000] - The SQL Server (SQLEXPRESS) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
20-Mar-13 09:11:16, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WerSvc service.
20-Mar-13 09:07:06, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X86 service to connect.
20-Mar-13 09:02:03, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Application Virtualization Client service to connect.
20-Mar-13 09:02:03, Error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion.
20-Mar-13 09:02:03, Error: Service Control Manager [7000] - The Application Virtualization Client service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
20-Mar-13 05:40:21, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the BFE service.
20-Mar-13 05:39:15, Error: NetBT [4321] - The name "SHAWLHAR-HP :20" could not be registered on the interface with IP address 172.26.11.151. The computer with the IP address 169.254.77.5 did not allow the name to be claimed by this computer.
20-Mar-13 05:39:15, Error: NetBT [4321] - The name "SHAWLHAR-HP :0" could not be registered on the interface with IP address 172.26.11.151. The computer with the IP address 169.254.77.5 did not allow the name to be claimed by this computer.
19-Mar-13 18:37:11, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
19-Mar-13 17:49:48, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the HP Support Assistant Service service to connect.
19-Mar-13 17:49:48, Error: Service Control Manager [7000] - The HP Support Assistant Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
19-Mar-13 17:39:35, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AudioSrv service.
19-Mar-13 17:39:05, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Dnscache service.
19-Mar-13 17:38:05, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the LanmanWorkstation service.
19-Mar-13 17:37:35, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Connectify service.
19-Mar-13 17:37:05, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NCO service.
19-Mar-13 17:36:35, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NAV service.
19-Mar-13 17:35:59, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.
19-Mar-13 15:53:25, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
19-Mar-13 15:53:25, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
19-Mar-13 14:21:43, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Software Protection service to connect.
19-Mar-13 14:21:43, Error: Service Control Manager [7000] - The Software Protection service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
19-Mar-13 09:59:53, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR5.
19-Mar-13 07:51:20, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
19-Mar-13 07:50:50, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the LanmanServer service.
19-Mar-13 07:50:09, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR3.
18-Mar-13 20:46:27, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Intel® Rapid Storage Technology service to connect.
18-Mar-13 20:46:27, Error: Service Control Manager [7000] - The Intel® Rapid Storage Technology service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
18-Mar-13 20:44:59, Error: Service Control Manager [7022] - The Windows Font Cache Service service hung on starting.
18-Mar-13 05:50:43, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HWDeviceService64.exe service.
17-Mar-13 12:01:22, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR96.
16-Mar-13 13:09:52, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR31.
16-Mar-13 12:38:25, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SysMain service.
16-Mar-13 03:34:24, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR10.
16-Mar-13 02:58:27, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the HP Software Framework Service service to connect.
16-Mar-13 02:58:27, Error: Service Control Manager [7000] - The HP Software Framework Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
16-Mar-13 02:48:39, Error: Service Control Manager [7023] -
16-Mar-13 02:47:24, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control.
16-Mar-13 02:34:29, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR42.
16-Mar-13 01:12:15, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.
16-Mar-13 01:12:15, Error: Service Control Manager [7000] - The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
15-Mar-13 22:05:15, Error: Service Control Manager [7022] - The Intel® Management & Security Application User Notification Service service hung on starting.
15-Mar-13 22:00:25, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect.
15-Mar-13 22:00:25, Error: Service Control Manager [7000] - The Google Update Service (gupdate) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
15-Mar-13 21:42:16, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Intel® Management & Security Application User Notification Service service to connect.
15-Mar-13 21:42:16, Error: Service Control Manager [7000] - The Intel® Management & Security Application User Notification Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
.
==== End Of File ===========================
  • 0

#12
whizzhard

whizzhard

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
Thank for your precious time

Yeah the D: drive is the recovery partition and I have never added or remove files from the drive neither did anyone with access to my account, it contains recovery folder HP WSD.dat and HPSF Rep.txt which are files 'posed to be there.

Alright that is absolutely fine by me, you can take the whole day off coz you have been truly helpful. thankz a milli times.

Have a great day.
  • 0

#13
1972vet

1972vet

    Trusted Helper

  • Malware Removal
  • 99 posts
Things look a little better now but tell me before I render the next instruction, have you set up a proxy server yourself?
  • 0

#14
whizzhard

whizzhard

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
Okay thanks so far, i did not setup any proxy server though i do use proxy application.
  • 0

#15
1972vet

1972vet

    Trusted Helper

  • Malware Removal
  • 99 posts
Alright then, please download RogueKiller to your desktop
  • Close all open programs
  • For Vista or Windows 7, right click -> run as administrator, for XP simply double-click RogueKiller.exe
  • Accept the agreement and the pre-scan begins. Please wait until it finishes, then click the Scan button.
  • When the scan completes, the RKreport.txt shall be generated and auto-saved to your desktop.
Note: If the program fails to run, don't hesitate to try several times. If several attempts still fail (it is possible), just rename it to winlogon.exe and try running it again.

Please post the contents of the RKreport.txt in your next reply and wait for further instructions...and please do nothing else with this tool until or unless directed.Thanks!
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP