This topic is locked
my PC has been running slow for almost two month now, itz a year and half old hp 630 and it has been doing fine till bout two months ago when i noticed that explore was using almost 50% of CPU resource of which i discovered it was desktop icon toy messing with ma system, i disabled it but still ma PC has never remain the same ever since, programs that normally opens swiftly now takes up to minutes to open and if i click any part of the loading program window it ends up showing not responding for awhile and then loads later, I've perform full Norton scan but it came up with tracking cookies only, i just scanned with malwarebytes which detected the following
Malwarebytes Anti-Malware (Trial) 1.70.0.1100
www.malwarebytes.org
Database version: v2013.03.18.12
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Shawlhar :: SHAWLHAR-HP [administrator]
Protection: Enabled
18-Mar-13 20:10:12
mbam-log-2013-03-18 (20-10-12).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 241254
Time elapsed: 7 minute(s), 3 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 2
HKLM\SYSTEM\CurrentControlSet\Services\IBUpdaterService (PUP.InstallBrain) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service (PUP.InstallBrain) -> Quarantined and deleted successfully.
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 1
C:\ProgramData\IBUpdaterService (PUP.InstallBrain) -> Quarantined and deleted successfully.
Files Detected: 3
C:\Users\Shawlhar\Documents\chrome.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\ProgramData\IBUpdaterService\ibsvc.exe (PUP.InstallBrain) -> Quarantined and deleted successfully.
C:\ProgramData\IBUpdaterService\repository.xml (PUP.InstallBrain) -> Quarantined and deleted successfully.
(end)
though the there was no change in system performance when i restarted ma PC
here is my OTL log
OTL logfile created on: 18-Mar-13 14:07:48 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Shawlhar\Desktop\ol
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: dd-MMM-yy
3.80 Gb Total Physical Memory | 2.45 Gb Available Physical Memory | 64.48% Memory free
9.50 Gb Paging File | 7.28 Gb Available in Paging File | 76.58% Paging File free
Paging file location(s): C:\pagefile.sys 5839 5839 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 284.05 Gb Total Space | 48.32 Gb Free Space | 17.01% Space Free | Partition Type: NTFS
Drive D: | 13.74 Gb Total Space | 1.71 Gb Free Space | 12.46% Space Free | Partition Type: NTFS
Drive F: | 99.34 Mb Total Space | 84.99 Mb Free Space | 85.56% Space Free | Partition Type: FAT32
Computer Name: SHAWLHAR-HP | User Name: Shawlhar | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013-03-18 13:46:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Shawlhar\Desktop\ol\OTL.exe
PRC - [2013-03-12 12:08:06 | 002,074,768 | ---- | M] () -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
PRC - [2013-02-19 20:14:56 | 005,063,456 | ---- | M] (Connectify) -- C:\Program Files (x86)\Connectify\Connectify.exe
PRC - [2013-02-19 20:14:56 | 003,101,984 | ---- | M] (Connectify) -- C:\Program Files (x86)\Connectify\Connectifyd.exe
PRC - [2013-02-19 20:14:16 | 000,217,088 | ---- | M] (Connectify) -- C:\Program Files (x86)\Connectify\ConnectifyService.exe
PRC - [2013-02-15 15:28:54 | 000,601,976 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-Agent.exe
PRC - [2013-02-15 15:28:12 | 000,417,656 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-LogRotator.exe
PRC - [2013-02-15 15:28:12 | 000,384,888 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
PRC - [2012-12-24 04:33:29 | 000,144,520 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton AntiVirus\Engine\20.3.0.36\ccsvchst.exe
PRC - [2012-12-19 22:24:32 | 000,240,128 | ---- | M] () -- C:\Users\Shawlhar\AppData\Roaming\Adobe\Plugins\adobe_plugin.exe
PRC - [2012-12-19 08:01:24 | 000,200,400 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe
PRC - [2012-12-19 08:01:24 | 000,190,672 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe
PRC - [2012-12-19 08:01:24 | 000,070,352 | ---- | M] (Comodo Security Solutions Inc.) -- C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe
PRC - [2012-11-26 13:21:38 | 001,851,088 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe
PRC - [2012-10-09 23:26:10 | 001,634,304 | ---- | M] (Don HO [email protected]) -- C:\Program Files (x86)\Notepad++\notepad++.exe
PRC - [2012-08-19 02:03:19 | 000,143,928 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Identity Safe\Engine\2013.1.0.32\ccSvcHst.exe
PRC - [2012-07-11 12:48:34 | 000,933,464 | ---- | M] (Research In Motion) -- C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.AutoUpdate.exe
PRC - [2012-07-09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
PRC - [2011-08-19 14:48:44 | 000,379,960 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
PRC - [2011-05-20 10:10:26 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011-05-20 10:10:12 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2011-02-10 01:57:36 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2010-12-28 01:30:22 | 001,817,088 | ---- | M] (Realsil Microelectronics Inc.) -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
PRC - [2010-11-16 14:37:30 | 000,230,912 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe
PRC - [2010-07-23 20:43:54 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010-07-23 20:43:52 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2009-12-02 22:23:38 | 000,209,768 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2009-12-02 22:23:32 | 000,483,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2007-07-24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
========== Modules (No Company Name) ==========
MOD - [2013-03-14 17:44:02 | 013,319,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web\273389de0b6e286cb2bdc83ecb428704\System.Web.ni.dll
MOD - [2013-03-14 17:43:51 | 000,641,024 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\1aea3525c318ac7218966d7b91c52ff1\System.Transactions.ni.dll
MOD - [2013-03-14 17:43:42 | 001,156,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\95623e12dc6a64d28bad5b85f4c730ae\System.Management.ni.dll
MOD - [2013-03-14 17:43:42 | 000,786,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runt73a1fc9d#\4cfa42c8b69a64e192f3255ec900457d\System.Runtime.Remoting.ni.dll
MOD - [2013-03-14 17:43:28 | 012,692,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\22ae167d586450ad3a9b9a9ee43ebc86\System.Windows.Forms.ni.dll
MOD - [2013-03-14 17:43:12 | 001,630,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\72269ea7cc6281139e4d155e7c57dc67\System.Drawing.ni.dll
MOD - [2013-03-14 17:43:09 | 002,785,280 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\293cfe2c05a8ee921726927fd00ea81c\System.Runtime.Serialization.ni.dll
MOD - [2013-03-14 17:43:09 | 000,121,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\98e3281d79512c9a2a0a89e3bc2e554f\SMDiagnostics.ni.dll
MOD - [2013-03-14 17:43:06 | 000,802,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\df55f04bc0ebe6c1abde4bc467bf4d03\System.ServiceModel.Internals.ni.dll
MOD - [2013-03-14 17:42:59 | 001,920,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.V9921e851#\536f3c2e6e4137a628f2f64e0dfd407e\Microsoft.VisualBasic.ni.dll
MOD - [2013-03-14 17:42:46 | 007,559,680 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\9ba07396ae369d010c5c3927a82ef426\System.Xml.ni.dll
MOD - [2013-03-14 17:42:42 | 000,706,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Security\e772a7e6cc572d7d8ff8ba9c0fa78215\System.Security.ni.dll
MOD - [2013-03-14 17:42:32 | 000,958,464 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\28586400bcaf94c13a9fd0dff4a1e090\System.Configuration.ni.dll
MOD - [2013-03-14 17:41:41 | 006,995,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\b9f7adbc90a2bcbe8eb9e6e8d2bb975b\System.Core.ni.dll
MOD - [2013-03-14 17:41:15 | 009,925,120 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\e40da7a49f8c3f0108e7c835b342f382\System.ni.dll
MOD - [2013-03-14 17:41:03 | 016,501,248 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\51e2934144ba15628ba5a31be2dae7dc\mscorlib.ni.dll
MOD - [2013-03-07 15:54:27 | 000,644,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\HD-Agent\2cdaaf7fc82937fff1f133e24e65b8ba\HD-Agent.ni.exe
MOD - [2013-03-07 15:54:24 | 000,155,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\JSON\ae97c0f341676fee3bdde96cf3458dda\JSON.ni.dll
MOD - [2013-02-19 20:14:56 | 000,119,584 | ---- | M] () -- C:\Program Files (x86)\Connectify\NativeLibrary.dll
MOD - [2012-12-19 22:24:32 | 000,240,128 | ---- | M] () -- C:\Users\Shawlhar\AppData\Roaming\Adobe\Plugins\adobe_plugin.exe
MOD - [2012-11-22 18:57:06 | 000,056,424 | ---- | M] () -- C:\Windows\SysWOW64\PrxerNsp.dll
MOD - [2012-10-12 00:21:53 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\69ca4a43ba14b66689715ad62aed70e6\System.ServiceProcess.ni.dll
MOD - [2012-10-12 00:21:42 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll
MOD - [2012-10-12 00:21:31 | 001,658,368 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\163517c8a195fb48f7ef6ee17c585bdb\PresentationUI.ni.dll
MOD - [2012-10-12 00:21:26 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012-10-09 14:41:23 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\95f275871e34cd8613d0582e0d5bac7e\IAStorUtil.ni.dll
MOD - [2012-10-09 14:33:50 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll
MOD - [2012-10-09 14:32:45 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012-10-09 14:32:39 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll
MOD - [2012-06-06 11:06:10 | 000,302,592 | ---- | M] () -- C:\Users\Shawlhar\AppData\Roaming\Adobe\Plugins\libcurl.dll
MOD - [2012-05-30 15:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files (x86)\Norton Identity Safe\Engine\2013.1.0.32\wincfi39.dll
MOD - [2012-05-12 23:24:23 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\dfd33f59a5803a3c73cf408362e6e0b7\System.Core.ni.dll
MOD - [2012-05-11 10:21:13 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\91c0c5d99a36e8fca9cf739731ddb3e1\IAStorCommon.ni.dll
MOD - [2012-05-10 11:50:45 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e56489276063ededde74e597a121df3\PresentationFramework.Aero.ni.dll
MOD - [2012-05-10 11:50:22 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012-05-10 11:49:24 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012-05-10 11:49:18 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012-05-10 11:49:12 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012-05-10 11:49:11 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012-05-10 11:49:03 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2011-09-21 21:46:28 | 001,673,728 | ---- | M] () -- C:\Program Files (x86)\Notepad++\plugins\NppFTP.dll
MOD - [2011-07-18 22:07:28 | 000,014,336 | ---- | M] () -- C:\Program Files (x86)\Notepad++\plugins\NppExport.dll
========== Services (SafeList) ==========
SRV:64bit: - [2012-04-25 07:01:27 | 000,089,824 | ---- | M] (Totalidea Software) [Disabled | Stopped] -- C:\Windows\SysNative\Tweak7SystemService.exe -- (Tweak7SystemService)
SRV:64bit: - [2010-12-28 09:00:34 | 001,296,728 | ---- | M] (www.BitComet.com) [Disabled | Stopped] -- C:\Program Files\BitComet\tools\BitCometService.exe -- (BITCOMET_HELPER_SERVICE)
SRV:64bit: - [2010-07-21 22:33:00 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Disabled | Stopped] -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service)
SRV:64bit: - [2010-01-18 15:04:08 | 000,020,480 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV:64bit: - [2009-11-18 03:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV:64bit: - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009-07-14 02:38:59 | 000,019,456 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\CISVC.EXE -- (CISVC)
SRV - [2013-03-12 12:08:06 | 002,074,768 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe -- (DragonUpdater)
SRV - [2013-03-08 13:08:06 | 000,115,608 | ---- | M] (Mozilla Foundation) [Disabled | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013-02-19 20:14:16 | 000,217,088 | ---- | M] (Connectify) [Auto | Running] -- C:\Program Files (x86)\Connectify\ConnectifyService.exe -- (Connectify)
SRV - [2013-02-15 15:28:12 | 000,384,888 | ---- | M] (BlueStack Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe -- (BstHdLogRotatorSvc)
SRV - [2013-02-15 15:27:52 | 000,393,080 | ---- | M] (BlueStack Systems, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\BlueStacks\HD-Service.exe -- (BstHdAndroidSvc)
SRV - [2012-12-24 04:33:29 | 000,144,520 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton AntiVirus\Engine\20.3.0.36\ccSvcHst.exe -- (NAV)
SRV - [2012-12-19 08:01:24 | 000,070,352 | ---- | M] (Comodo Security Solutions Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe -- (CLPSLauncher)
SRV - [2012-12-07 18:27:50 | 000,167,424 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2012-11-26 13:21:38 | 001,851,088 | ---- | M] (Comodo Security Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe -- (GeekBuddyRSP)
SRV - [2012-11-13 03:07:57 | 000,042,504 | ---- | M] (COMPANYVERS_NAME) [Disabled | Stopped] -- C:\Program Files (x86)\ReadingFanatic_6x\bar\1.bin\6xbarsvc.exe -- (ReadingFanatic_6xService)
SRV - [2012-10-30 13:50:43 | 000,584,032 | ---- | M] () [Disabled | Stopped] -- C:\ProgramData\IBUpdaterService\ibsvc.exe -- (IBUpdaterService)
SRV - [2012-10-11 19:45:56 | 000,655,712 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\GLO NETPRO\UpdateDog\ouc.exe -- (GLO NETPRO. RunOuc)
SRV - [2012-09-27 11:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2012-08-19 02:03:19 | 000,143,928 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Identity Safe\Engine\2013.1.0.32\ccSvcHst.exe -- (NCO)
SRV - [2012-07-27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012-07-09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012-06-16 23:15:28 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011-10-27 10:34:30 | 000,718,384 | ---- | M] (Nokia) [Disabled | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011-10-25 22:55:32 | 000,265,928 | ---- | M] (SpeedBit Ltd.) [Disabled | Stopped] -- C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAcceleratorService.exe -- (VideoAcceleratorService)
SRV - [2011-05-20 10:10:26 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011-03-14 16:27:34 | 000,346,976 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\HWDeviceService64.exe -- (HWDeviceService64.exe)
SRV - [2011-02-25 01:08:46 | 000,062,184 | ---- | M] (Xobni Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Xobni\XobniService.exe -- (XobniService)
SRV - [2010-12-28 01:30:22 | 001,817,088 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2010-10-12 18:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010-07-23 20:43:54 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010-07-23 20:43:52 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009-12-02 22:23:38 | 000,209,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2009-12-02 22:23:32 | 000,483,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2009-07-13 01:08:04 | 000,024,168 | ---- | M] (The Within Network, LLC) [Auto | Running] -- C:\Windows\UnsignedThemesSvc.exe -- (UnsignedThemes)
SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008-11-09 21:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008-04-17 19:13:44 | 005,750,784 | ---- | M] () [Disabled | Stopped] -- c:\wamp\bin\mysql\mysql5.0.51b\bin\mysqld-nt.exe -- (wampmysqld)
SRV - [2008-01-18 01:37:26 | 000,024,635 | ---- | M] (Apache Software Foundation) [Disabled | Stopped] -- c:\wamp\bin\apache\apache2.2.8\bin\httpd.exe -- (wampapache)
SRV - [2007-12-18 09:59:56 | 000,312,320 | ---- | M] (OptionNV) [Disabled | Stopped] -- C:\Program Files (x86)\Option\GlobeTrotter Connect\GtDetectSc.exe -- (GtDetectSc)
SRV - [2007-07-24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013-03-15 00:36:08 | 000,034,840 | ---- | M] (Connectify) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\cnnctfy3.sys -- (cnnctfy3)
DRV:64bit: - [2013-01-31 04:18:18 | 000,432,800 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1403000.024\symnets.sys -- (SymNetS)
DRV:64bit: - [2013-01-31 04:18:06 | 001,139,800 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NAVx64\1403000.024\symefa64.sys -- (SymEFA)
DRV:64bit: - [2013-01-29 02:45:19 | 000,796,248 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NAVx64\1403000.024\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2013-01-29 02:45:19 | 000,036,952 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1403000.024\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2013-01-22 03:15:33 | 000,493,656 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NAVx64\1403000.024\symds64.sys -- (SymDS)
DRV:64bit: - [2013-01-17 10:49:32 | 000,177,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2012-11-23 05:09:34 | 000,878,184 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192ce.sys -- (RTL8192Ce)
DRV:64bit: - [2012-11-22 01:43:14 | 000,165,112 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\idmwfp.sys -- (IDMWFP)
DRV:64bit: - [2012-11-16 03:22:01 | 000,224,416 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1403000.024\ironx64.sys -- (SymIRON)
DRV:64bit: - [2012-11-16 03:18:04 | 000,168,096 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1403000.024\ccsetx64.sys -- (ccSet_NAV)
DRV:64bit: - [2012-10-28 16:09:54 | 000,038,624 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2012-10-11 19:45:57 | 000,421,888 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbwwan.sys -- (ewusbmbb)
DRV:64bit: - [2012-10-11 19:45:57 | 000,223,744 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_juwwanecm.sys -- (huawei_wwanecm)
DRV:64bit: - [2012-10-11 19:45:57 | 000,223,232 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2012-10-11 19:45:57 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV:64bit: - [2012-10-11 19:45:57 | 000,098,304 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_jucdcacm.sys -- (huawei_cdcacm)
DRV:64bit: - [2012-10-11 19:45:57 | 000,087,040 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV:64bit: - [2012-10-11 19:45:57 | 000,028,672 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_juextctrl.sys -- (huawei_ext_ctrl)
DRV:64bit: - [2012-10-11 19:45:57 | 000,013,952 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter)
DRV:64bit: - [2012-08-23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012-08-23 15:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012-08-23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012-08-20 17:23:52 | 000,147,288 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2012-08-07 02:24:46 | 000,168,096 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NSTx64\7DD01000.020\ccSetx64.sys -- (ccSet_NST)
DRV:64bit: - [2012-03-01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012-01-10 22:28:18 | 012,311,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011-11-05 20:11:33 | 000,062,552 | ---- | M] (Toolkit Development, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\toolkitdisk.sys -- (ToolkitDisk)
DRV:64bit: - [2011-10-14 04:37:44 | 000,396,848 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011-09-30 07:48:32 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2011-08-17 13:04:34 | 000,171,008 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)
DRV:64bit: - [2011-08-17 13:04:28 | 000,012,800 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys -- (nmwcdnsucx64)
DRV:64bit: - [2011-08-17 12:58:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2011-08-17 12:58:22 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2011-08-17 12:58:20 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2011-08-17 12:58:16 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2011-07-25 17:44:46 | 000,074,752 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2011-07-20 13:58:22 | 000,044,032 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys -- (RimVSerPort)
DRV:64bit: - [2011-05-20 09:53:44 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011-03-11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011-03-11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011-03-05 08:16:20 | 000,436,840 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011-02-15 20:37:10 | 000,335,464 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2011-02-10 01:58:06 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2011-01-15 17:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2010-12-16 23:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010-11-21 04:23:48 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010-11-21 04:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010-11-21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010-08-30 13:17:36 | 000,289,280 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010-06-25 16:08:10 | 000,036,928 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot)
DRV:64bit: - [2009-12-02 22:23:38 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2009-12-02 22:23:34 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2009-12-02 22:23:32 | 000,269,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2009-12-02 22:23:26 | 000,721,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2009-11-02 11:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:64bit: - [2009-09-17 22:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-07-14 01:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:64bit: - [2009-07-14 01:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009-07-13 01:09:20 | 000,030,568 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\uxpatch.sys -- (uxpatch)
DRV:64bit: - [2009-06-10 22:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009-06-10 22:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009-06-10 22:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009-06-10 21:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009-06-10 21:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008-09-01 17:40:20 | 000,118,144 | ---- | M] (Mobile) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qcusbser.sys -- (qcusbser)
DRV:64bit: - [2008-08-28 12:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2007-11-13 15:51:12 | 000,124,416 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Gt51Ip.sys -- (GT72NDISIPXP)
DRV:64bit: - [2007-10-09 12:53:30 | 000,080,896 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gt72ubus.sys -- (GT72UBUS)
DRV:64bit: - [2007-03-30 12:38:16 | 000,010,624 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gtptser.sys -- (GTPTSER)
DRV - [2013-03-07 16:47:18 | 002,087,664 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\VirusDefs\20130315.004\ex64.sys -- (NAVEX15)
DRV - [2013-03-07 16:47:18 | 000,126,192 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\VirusDefs\20130315.004\eng64.sys -- (NAVENG)
DRV - [2013-03-06 16:29:22 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\IPSDefs\20130313.001\IDSviA64.sys -- (IDSVia64)
DRV - [2013-02-15 15:28:06 | 000,071,032 | ---- | M] (BlueStack Systems) [Kernel | Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys -- (BstHdDrv)
DRV - [2013-01-16 03:51:11 | 001,388,120 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\BASHDefs\20130301.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2012-08-18 10:00:00 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2012-08-18 10:00:00 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCOM/1
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43}
IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=CMNTDF
IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=CMNTDF
IE:64bit: - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCOM/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43}
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=CMNTDF
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=CMNTDF
IE - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCOM/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,DefaultNetworkProfile = 18863554
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/...008&form=ZGAPHP
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = about:blank
IE - HKCU\..\URLSearchHook: {421fb3de-4b9f-48e5-abf1-f96f8aaca70a} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {CFA8F49C-14BC-329F-07B1-850E39C04E4D}
IE - HKCU\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=CMNTDF
IE - HKCU\..\SearchScopes\{30750DD1-EADD-4cf1-A485-C736C96936AB}: "URL" = http://search.etoolk...976b7bc8a28&s=p
IE - HKCU\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=CMNTDF
IE - HKCU\..\SearchScopes\{CFA8F49C-14BC-329F-07B1-850E39C04E4D}: "URL" = http://www.bing.com/...008&form=ZGAIDF
IE - HKCU\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 127.0.0.1:8080
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:blank"
FF - prefs.js..extensions.enabledAddons: firedownload%40mozilla.org:3.2.0
FF - prefs.js..extensions.enabledAddons: personas%40christopher.beard:1.6.5
FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0037-ABCDEFFEDCBA%7D:6.0.37
FF - prefs.js..extensions.enabledAddons: mozilla_cc%40internetdownloadmanager.com:7.3.38
FF - prefs.js..extensions.enabledAddons: %7BBBDA0591-3099-440a-AA10-41764D9DB4DB%7D:11.1.1.5%20-%203
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - prefs.js..extensions.enabledItems: [email protected]:2.0.1
FF - prefs.js..extensions.enabledItems: [email protected]:2
FF - prefs.js..extensions.enabledItems: 5
FF - prefs.js..extensions.enabledItems: 3
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: [email protected]:3.5
FF - prefs.js..extensions.enabledItems: [email protected]:1.6.2
FF - prefs.js..extensions.enabledItems: {33e0daa6-3af3-d8b5-6752-10e949c61516}:1.1
FF - prefs.js..extensions.enabledItems: [email protected]:12.0.0.477
FF - prefs.js..extensions.enabledItems: [email protected]:12.0.0.477
FF - prefs.js..extensions.enabledItems: [email protected]:12.0.0.477
FF - prefs.js..extensions.enabledItems: [email protected]:7.3.19
FF - prefs.js..keyword.URL: "http://www.bing.com/...form=ZGAADF&q="
FF - prefs.js..network.proxy.backup.ftp: "127.0.0.1"
FF - prefs.js..network.proxy.backup.ftp_port: 8080
FF - prefs.js..network.proxy.backup.socks: "127.0.0.1"
FF - prefs.js..network.proxy.backup.socks_port: 8080
FF - prefs.js..network.proxy.backup.ssl: "127.0.0.1"
FF - prefs.js..network.proxy.backup.ssl_port: 8080
FF - prefs.js..network.proxy.ftp: "127.0.0.1"
FF - prefs.js..network.proxy.ftp_port: 8080
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.no_proxies_on: ""
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "127.0.0.1"
FF - prefs.js..network.proxy.socks_port: 8080
FF - prefs.js..network.proxy.socks_version: 4
FF - prefs.js..network.proxy.ssl: "127.0.0.1"
FF - prefs.js..network.proxy.ssl_port: 8080
FF - prefs.js..network.proxy.type: 4
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_135.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Program Files (x86)\TVUPlayer\npTVUAx.dll (TVU networks)
FF - HKLM\Software\MozillaPlugins\@ReadingFanatic_6x.com/Plugin: C:\Program Files (x86)\ReadingFanatic_6x\bar\1.bin\NP6xStub.dll (MindSpark)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Shawlhar\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Shawlhar\AppData\Local\Google\Update\1.3.21.129\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Shawlhar\AppData\Local\Google\Update\1.3.21.129\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0329E7D6-6F54-462D-93F6-F5C3118BADF2}: C:\Program Files (x86)\SpeedBit Video Downloader\SPFireFox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\SearchPredict\PRFireFox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\6xffxtbr@ReadingFanatic_6x.com: C:\Program Files (x86)\ReadingFanatic_6x\bar\1.bin [2012-11-13 03:08:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\IPSFFPlgn\ [2013-01-17 11:12:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F04D2D30-776C-4d02-8627-8E4385ECA58D}: C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2013.1.0.32\coFFPlgn\ [2013-03-16 03:01:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013-03-08 13:08:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-11-27 13:36:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_7.0 [2011-11-26 17:24:50 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Shawlhar\AppData\Roaming\IDM\idmmzcc5 [2013-03-08 14:34:27 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\[email protected]: C:\Users\Shawlhar\AppData\Roaming\IDM\idmmzcc5 [2013-03-08 14:34:27 | 000,000,000 | ---D | M]
[2011-10-16 02:08:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Shawlhar\AppData\Roaming\Mozilla\Extensions
[2013-03-07 11:38:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Shawlhar\AppData\Roaming\Mozilla\Firefox\Profiles\ic548cx7.default\extensions
[2012-11-07 20:30:45 | 000,000,000 | ---D | M] (User Agent Switcher) -- C:\Users\Shawlhar\AppData\Roaming\Mozilla\Firefox\Profiles\ic548cx7.default\extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}
[2013-02-17 08:24:37 | 000,000,000 | ---D | M] (FoxyProxy Standard) -- C:\Users\Shawlhar\AppData\Roaming\Mozilla\Firefox\Profiles\ic548cx7.default\extensions\[email protected]
[2013-01-29 22:13:30 | 000,031,788 | ---- | M] () (No name found) -- C:\Users\Shawlhar\AppData\Roaming\Mozilla\Firefox\Profiles\ic548cx7.default\extensions\[email protected]
[2013-03-07 11:38:38 | 000,386,363 | ---- | M] () (No name found) -- C:\Users\Shawlhar\AppData\Roaming\Mozilla\Firefox\Profiles\ic548cx7.default\extensions\[email protected]
[2012-06-02 10:02:50 | 000,001,919 | ---- | M] () -- C:\Users\Shawlhar\AppData\Roaming\Mozilla\Firefox\Profiles\ic548cx7.default\searchplugins\bing-zugo.xml
[2012-11-13 14:35:56 | 000,009,632 | ---- | M] () -- C:\Users\Shawlhar\AppData\Roaming\Mozilla\Firefox\Profiles\ic548cx7.default\searchplugins\my-web-search.xml
[2013-01-17 18:31:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012-11-27 13:36:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2013-01-17 11:12:08 | 000,000,000 | ---D | M] (Norton Vulnerability Protection) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\IPSFFPLGN
[2013-03-08 14:34:27 | 000,000,000 | ---D | M] (IDM CC) -- C:\USERS\SHAWLHAR\APPDATA\ROAMING\IDM\IDMMZCC5
[2013-03-08 13:08:07 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012-01-12 09:58:30 | 000,917,816 | ---- | M] (BitComet) -- C:\Program Files (x86)\mozilla firefox\plugins\npBitCometAgent.dll
[2013-01-05 04:45:12 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012-02-16 11:42:53 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml.old
[2011-11-05 20:11:38 | 000,002,193 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\toolkitsearch.xml
[2013-03-07 18:17:39 | 000,002,086 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
========== Chrome ==========
CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Shawlhar\AppData\Local\Google\Chrome\Application\24.0.1312.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Shawlhar\AppData\Local\Google\Chrome\Application\24.0.1312.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Shawlhar\AppData\Local\Google\Chrome\Application\24.0.1312.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Shawlhar\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Shawlhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\plugin/npUrlAdvisor.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Shawlhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: BitCometAgent (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npBitCometAgent.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: TVU Web Player for FireFox (Enabled) = C:\Program Files (x86)\TVUPlayer\npTVUAx.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Shawlhar\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\3.0.40818.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\Shawlhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Google Search = C:\Users\Shawlhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: IDM Integration = C:\Users\Shawlhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmolcgpienlcieaajfkkdamlngancncm\6.15.5_0\
CHR - Extension: Norton Identity Protection = C:\Users\Shawlhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob\2013.1.0.32_0\
CHR - Extension: Gmail = C:\Users\Shawlhar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2012-11-12 01:33:30 | 000,001,213 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 tonec.com
O1 - Hosts: 127.0.0.1 www.tonec.com
O1 - Hosts: 127.0.0.1 registeridm.com
O1 - Hosts: 127.0.0.1 www.registeridm.com
O1 - Hosts: 127.0.0.1 secure.registeridm.com
O1 - Hosts: 127.0.0.1 internetdownloadmanager.com
O1 - Hosts: 127.0.0.1 www.internetdownloadmanager.com
O1 - Hosts: 127.0.0.1 secure.internetdownloadmanager.com
O1 - Hosts: 127.0.0.1 mirror.internetdownloadmanager.com
O1 - Hosts: 127.0.0.1 mirror2.internetdownloadmanager.com
O2:64bit: - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
O2:64bit: - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Shawlhar\AppData\Roaming\Complitly\64\Complitly64.dll (SimplyGen)
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Shawlhar\AppData\Roaming\Complitly\Complitly.dll (SimplyGen)
O2 - BHO: (Search Assistant BHO) - {2d948797-8fe3-4508-9b6f-4bf349a9ea34} - C:\Program Files (x86)\ReadingFanatic_6x\bar\1.bin\6xSrcAs.dll (MindSpark)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\20.3.0.36\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll ()
O2 - BHO: (Norton Identity Protection) - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.1.0.32\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O2 - BHO: (Toolbar BHO) - {f149b372-5830-4d88-b8f6-2853d12c1af5} - C:\Program Files (x86)\ReadingFanatic_6x\bar\1.bin\6xbar.dll (MindSpark)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (WebScout FileBulldog Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files (x86)\WebScout FileBulldog Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll ()
O3 - HKLM\..\Toolbar: (Norton Identity Safe Toolbar) - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.1.0.32\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (ReadingFanatic) - {b36151d1-7770-4480-87e4-f89fb54e173d} - C:\Program Files (x86)\ReadingFanatic_6x\bar\1.bin\6xbar.dll (MindSpark)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D3B22A92-87A2-47B6-B3E6-A64877B5C242} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Connectify Dispatch] C:\Program Files (x86)\Connectify\DispatchUI.exe (Connectify)
O4:64bit: - HKLM..\Run: [Connectify Hotspot] C:\Program Files (x86)\Connectify\Connectify.exe (Connectify)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [HP Quick Launch] C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Company)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe (BlueStack Systems, Inc.)
O4 - HKLM..\Run: [Driver Genius] File not found
O4 - HKLM..\Run: [gbrspcontrol] C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe (Comodo Security Solutions, Inc.)
O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKCU..\Run: [] File not found
O4 - HKCU..\Run: [AdobePlugins] C:\Users\Shawlhar\AppData\Roaming\Adobe\Plugins\invis.vbs ()
O4 - HKCU..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 65536
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O8:64bit: - Extra context menu item: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8:64bit: - Extra context menu item: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8:64bit: - Extra context menu item: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm ()
O8:64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8:64bit: - Extra context menu item: Send To &Bluetooth - Reg Error: Value error. File not found
O8 - Extra context menu item: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Send To &Bluetooth - Reg Error: Value error. File not found
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Windows\SysNative\PrxerNsp.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\PrxerDrv.dll (Initex)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\PrxerDrv.dll (Initex)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\PrxerDrv.dll (Initex)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\PrxerDrv.dll (Initex)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000016 - C:\Windows\SysNative\PrxerDrv.dll (Initex)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Windows\SysWOW64\PrxerNsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\PrxerDrv.dll (Initex)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\PrxerDrv.dll (Initex)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\PrxerDrv.dll (Initex)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\PrxerDrv.dll (Initex)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\SysWOW64\PrxerDrv.dll (Initex)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_37)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{00004DDE-21E3-4787-9349-6D4B8998527F}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{141A3F81-F276-4A08-9819-353D6DAA02E6}: NameServer = 10.71.165.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{32DB6BF4-4C50-4790-B708-6C6921136CD9}: NameServer = 172.24.8.50 141.1.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8784BAD3-0F16-4198-95E4-C07A58FF16C3}: NameServer = 172.24.8.50 141.1.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AC0F8338-EC1E-4573-B39C-55D11969FA30}: NameServer = 172.24.8.50 141.1.1.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\SysWOW64\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22:64bit: - SharedTaskScheduler: {F791A188-699D-4FD4-955A-EB59E89B1907} - Theme Resource Changer - \Program Files\Theme Resource Changer\ThemeResourceChanger.dll ()
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{023f71d9-13fa-11e2-8db3-3cd92b23f3c3}\Shell - "" = AutoRun
O33 - MountPoints2\{023f71d9-13fa-11e2-8db3-3cd92b23f3c3}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{023f71fc-13fa-11e2-8db3-3cd92b23f3c3}\Shell - "" = AutoRun
O33 - MountPoints2\{023f71fc-13fa-11e2-8db3-3cd92b23f3c3}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{27d3038a-9855-11e1-ad96-00f1d000f1d0}\Shell - "" = AutoRun
O33 - MountPoints2\{27d3038a-9855-11e1-ad96-00f1d000f1d0}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{3235bb04-b637-11e1-afb9-d0df9a9391a4}\Shell - "" = AutoRun
O33 - MountPoints2\{3235bb04-b637-11e1-afb9-d0df9a9391a4}\Shell\AutoRun\command - "" = G:\autorun.exe
O33 - MountPoints2\{3235bb14-b637-11e1-afb9-d0df9a9391a4}\Shell - "" = AutoRun
O33 - MountPoints2\{3235bb14-b637-11e1-afb9-d0df9a9391a4}\Shell\AutoRun\command - "" = G:\autorun.exe
O33 - MountPoints2\{489453c3-1959-11e2-8bde-001e101f4da1}\Shell - "" = AutoRun
O33 - MountPoints2\{489453c3-1959-11e2-8bde-001e101f4da1}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{489453c7-1959-11e2-8bde-001e101f4da1}\Shell - "" = AutoRun
O33 - MountPoints2\{489453c7-1959-11e2-8bde-001e101f4da1}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{51ad9292-76a0-11e1-ac92-d0df9a9391a4}\Shell - "" = AutoRun
O33 - MountPoints2\{51ad9297-76a0-11e1-ac92-d0df9a9391a4}\Shell - "" = AutoRun
O33 - MountPoints2\{7b5442be-392c-11e2-91ee-001e101f82a7}\Shell - "" = AutoRun
O33 - MountPoints2\{7b5442be-392c-11e2-91ee-001e101f82a7}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{7ffc9107-9f78-11e1-94f6-d0df9a9391a4}\Shell - "" = AutoRun
O33 - MountPoints2\{8ba63f2a-5d93-11e2-803e-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{8ba63f2a-5d93-11e2-803e-806e6f6e6963}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{95316bb2-913a-11e1-92c2-3cd92b23f3c3}\Shell - "" = AutoRun
O33 - MountPoints2\{b9cbc359-6de2-11e1-9db2-3cd92b23f3c3}\Shell - "" = AutoRun
O33 - MountPoints2\{b9cbc359-6de2-11e1-9db2-3cd92b23f3c3}\Shell\AutoRun\command - "" = H:\wubi.exe
O33 - MountPoints2\{b9cbc361-6de2-11e1-9db2-3cd92b23f3c3}\Shell - "" = AutoRun
O33 - MountPoints2\{b9cbc361-6de2-11e1-9db2-3cd92b23f3c3}\Shell\AutoRun\command - "" = K:\CDCheck.exe
O33 - MountPoints2\{bc4acf53-f7dc-11e0-a663-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{bc4acf89-f7dc-11e0-a663-d0df9a9391a4}\Shell - "" = AutoRun
O33 - MountPoints2\{c7cb2c58-83f6-11e1-b0b3-3cd92b23f3c3}\Shell - "" = AutoRun
O33 - MountPoints2\{cdbadb19-123d-11e2-aecc-001e101f2500}\Shell - "" = AutoRun
O33 - MountPoints2\{cdbadb19-123d-11e2-aecc-001e101f2500}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{cdbadb29-123d-11e2-aecc-001e101f2500}\Shell - "" = AutoRun
O33 - MountPoints2\{cdbadb29-123d-11e2-aecc-001e101f2500}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{d4ad3406-f0de-11e1-8de5-d0df9a9391a4}\Shell - "" = AutoRun
O33 - MountPoints2\{d4ad3406-f0de-11e1-8de5-d0df9a9391a4}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{e8a86451-febe-11e1-a8c2-001e101f1ed9}\Shell - "" = AutoRun
O33 - MountPoints2\{e8a86451-febe-11e1-a8c2-001e101f1ed9}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013-03-18 14:06:12 | 000,000,000 | ---D | C] -- C:\Users\Shawlhar\Desktop\ol
[2013-03-15 16:58:00 | 000,000,000 | ---D | C] -- C:\Users\Shawlhar\Desktop\Crack
[2013-03-15 16:04:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desktop Icon Toy
[2013-03-15 15:50:55 | 000,047,368 | ---- | C] (COMODO CA Limited) -- C:\Windows\SysWow64\certsentry.dll
[2013-03-15 15:50:52 | 000,056,072 | ---- | C] (COMODO CA Limited) -- C:\Windows\SysNative\certsentry.dll
[2013-03-15 14:39:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Genius
[2013-03-15 14:39:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Driver-Soft
[2013-03-15 00:38:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Connectify
[2013-03-15 00:36:08 | 000,034,840 | ---- | C] (Connectify) -- C:\Windows\SysNative\drivers\cnnctfy3.sys
[2013-03-15 00:33:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Connectify
[2013-03-15 00:33:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Connectify
[2013-03-14 17:25:34 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013-03-13 13:53:23 | 000,000,000 | ---D | C] -- C:\Users\Shawlhar\Desktop\halo
[2013-03-08 15:47:21 | 000,000,000 | ---D | C] -- C:\ProgramData\IDM
[2013-03-08 14:37:58 | 000,000,000 | --SD | C] -- C:\ProgramData\Shared Space
[2013-03-08 14:28:47 | 000,000,000 | ---D | C] -- C:\ProgramData\COMODO
[2013-03-08 14:28:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Comodo
[2013-03-08 14:26:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
[2013-03-08 14:26:41 | 000,000,000 | ---D | C] -- C:\Users\Shawlhar\AppData\Local\Comodo
[2013-03-08 14:26:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Comodo
[2013-03-08 14:26:17 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gdiplus.dll
[2013-03-07 15:52:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
[2013-03-07 15:52:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BlueStacks
[2013-03-07 15:51:31 | 000,000,000 | ---D | C] -- C:\ProgramData\BlueStacksSetup
[2013-03-07 15:51:30 | 000,000,000 | ---D | C] -- C:\ProgramData\BlueStacks
[2013-03-06 20:25:14 | 000,000,000 | ---D | C] -- C:\Users\Shawlhar\Desktop\A
[2013-03-01 13:04:38 | 000,165,112 | ---- | C] (Tonec Inc.) -- C:\Windows\SysNative\drivers\idmwfp.sys
[2013-02-21 13:14:49 | 000,000,000 | ---D | C] -- C:\Users\Shawlhar\psp
[2013-02-19 14:27:20 | 000,000,000 | ---D | C] -- C:\Users\Shawlhar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mortal Kombat 5 5
[2013-02-19 14:27:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WebSOFT
[2013-02-17 08:18:25 | 000,000,000 | ---D | C] -- C:\Users\Shawlhar\Documents\Symantec
[2012-12-24 12:46:50 | 014,986,984 | ---- | C] (Driver-Soft Inc. ) -- C:\Users\Shawlhar\AppData\Roaming\drvgenpro.exe
[2012-05-25 23:41:29 | 015,942,270 | ---- | C] (Mr GRiM) -- C:\Users\Shawlhar\HUD Evolution x64.exe
[2012-05-25 22:30:09 | 000,587,737 | ---- | C] (Bad [bleep] Apps) -- C:\Users\Shawlhar\ThemeResourceChangerX64-v10.exe
[7 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Users\Shawlhar\Documents\*.tmp files -> C:\Users\Shawlhar\Documents\*.tmp -> ]
[13 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Users\Shawlhar\Desktop\*.tmp files -> C:\Users\Shawlhar\Desktop\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013-03-18 16:32:09 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013-03-18 16:30:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-03-18 13:56:09 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1397294529-3170872516-2112063622-1000UA.job
[2013-03-18 05:53:22 | 000,878,248 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013-03-18 05:53:22 | 000,729,910 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013-03-18 05:53:22 | 000,147,868 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013-03-17 14:40:48 | 000,000,780 | ---- | M] () -- C:\Users\Shawlhar\Desktop\TeraCopy.lnk
[2013-03-16 12:58:50 | 000,052,224 | ---- | M] () -- C:\Users\Shawlhar\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013-03-16 03:12:03 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013-03-16 03:12:03 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013-03-16 03:01:24 | 3062,251,520 | -HS- | M] () -- C:\hiberfil.sys
[2013-03-15 16:13:22 | 000,002,944 | ---- | M] () -- C:\{A436D713-5126-46DC-A75F-8E141F27CB27}
[2013-03-15 16:09:44 | 000,249,168 | ---- | M] () -- C:\{A1A59FEC-F135-49FD-8578-058BCF924CAC}
[2013-03-15 16:04:27 | 000,000,822 | ---- | M] () -- C:\Users\Shawlhar\Application Data\Microsoft\Internet Explorer\Quick Launch\Desktop Icon Toy.lnk
[2013-03-15 16:04:24 | 000,000,798 | ---- | M] () -- C:\Users\Shawlhar\Desktop\Desktop Icon Toy.lnk
[2013-03-15 15:50:55 | 000,047,368 | ---- | M] (COMODO CA Limited) -- C:\Windows\SysWow64\certsentry.dll
[2013-03-15 15:50:52 | 000,056,072 | ---- | M] (COMODO CA Limited) -- C:\Windows\SysNative\certsentry.dll
[2013-03-15 14:39:45 | 000,001,179 | ---- | M] () -- C:\Users\Shawlhar\Desktop\Driver Genius.lnk
[2013-03-15 00:39:12 | 001,548,283 | ---- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1403000.024\Cat.DB
[2013-03-15 00:38:45 | 000,000,374 | ---- | M] () -- C:\Users\Public\Desktop\Connectify Dispatch.lnk
[2013-03-15 00:38:45 | 000,000,358 | ---- | M] () -- C:\Users\Public\Desktop\Connectify Hotspot.lnk
[2013-03-15 00:36:08 | 000,034,840 | ---- | M] (Connectify) -- C:\Windows\SysNative\drivers\cnnctfy3.sys
[2013-03-14 17:31:00 | 000,870,862 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013-03-14 09:43:53 | 000,001,082 | ---- | M] () -- C:\Users\Shawlhar\Desktop\haloce (2).exe - Shortcut.lnk
[2013-03-12 08:47:44 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForShawlhar.job
[2013-03-08 16:15:40 | 000,162,560 | ---- | M] () -- C:\Windows\SysNative\drivers\sfi.dat
[2013-03-08 15:45:32 | 000,014,818 | ---- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1403000.024\VT20130115.021
[2013-03-08 14:47:08 | 000,001,985 | ---- | M] () -- C:\Users\Public\Desktop\Virtual Comodo Dragon.lnk
[2013-03-08 14:28:32 | 000,002,015 | ---- | M] () -- C:\Users\Public\Desktop\AntiError.lnk
[2013-03-08 14:28:32 | 000,002,011 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk
[2013-03-08 14:28:31 | 000,002,011 | ---- | M] () -- C:\Users\Public\Desktop\GeekBuddy.lnk
[2013-03-08 14:26:53 | 000,001,088 | ---- | M] () -- C:\Users\Public\Desktop\Comodo Dragon.lnk
[2013-03-08 14:26:17 | 001,700,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\gdiplus.dll
[2013-03-07 16:13:53 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1ce1b466152ff3d.job
[2013-03-07 15:52:39 | 000,001,829 | ---- | M] () -- C:\Users\Public\Desktop\Apps.lnk
[2013-03-07 15:52:37 | 000,001,775 | ---- | M] () -- C:\Users\Public\Desktop\Start BlueStacks.lnk
[2013-03-07 12:59:08 | 802,697,836 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013-03-07 10:05:22 | 000,005,807 | ---- | M] () -- C:\Users\Shawlhar\Documents\wand.dat
[2013-03-04 22:49:04 | 000,455,280 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013-02-20 19:44:11 | 000,002,672 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys
[2013-02-20 19:44:09 | 000,000,088 | RHS- | M] () -- C:\ProgramData\D07AFD0F8E.sys
[2013-02-19 14:27:20 | 000,002,019 | ---- | M] () -- C:\Users\Shawlhar\Desktop\Mortal Kombat 5.lnk
[2013-02-18 14:26:35 | 000,002,072 | ---- | M] () -- C:\{8228222D-978D-4260-B966-0019A746F026}
[2013-02-18 14:23:30 | 000,002,352 | ---- | M] () -- C:\{4649EF78-2E43-4F9B-A626-0BF73C746BFA}
[2013-02-18 14:20:49 | 000,002,200 | ---- | M] () -- C:\{9270DEFE-4ED3-4ADE-9930-433221453A75}
[2013-02-18 13:01:58 | 000,002,176 | ---- | M] () -- C:\{A48A0EBB-CB53-4C68-BD91-BA9EB25E3C01}
[2013-02-18 12:57:44 | 000,002,888 | ---- | M] () -- C:\{042857E6-1F4A-4CFF-8644-A78427FC1046}
[2013-02-18 12:53:22 | 000,002,888 | ---- | M] () -- C:\{768B306A-57EB-4A17-9911-12ECCAE674E4}
[2013-02-18 12:47:22 | 000,002,176 | ---- | M] () -- C:\{4B9BEA6F-1F0F-4FE2-B2BE-5607F312C1A2}
[2013-02-18 12:40:58 | 000,002,888 | ---- | M] () -- C:\{E8B1144E-707C-4F20-A5CE-9978149ECF3A}
[2013-02-18 12:37:01 | 000,002,888 | ---- | M] () -- C:\{7C00C7A5-BFD6-4DF6-A410-4B066C13907D}
[2013-02-18 12:30:23 | 000,002,176 | ---- | M] () -- C:\{E647FCE9-56D8-4703-91C0-9A9E9800DEF3}
[2013-02-18 12:26:46 | 000,002,624 | ---- | M] () -- C:\{ED5A96E0-2FC6-4750-93B4-6C16C7E5823F}
[2013-02-18 12:21:09 | 000,002,176 | ---- | M] () -- C:\{24A38634-7119-482A-B60E-11E789C81EF7}
[2013-02-18 12:17:48 | 000,002,624 | ---- | M] () -- C:\{B6C218A6-E325-480C-AD9B-D465BBB4E538}
[2013-02-18 12:11:35 | 000,002,968 | ---- | M] () -- C:\{C6FA91E0-D872-42B3-B919-456B1FBC2377}
[2013-02-18 12:06:05 | 000,002,976 | ---- | M] () -- C:\{EB1EC388-85A7-48BF-AE2F-F8756D827EB7}
[2013-02-18 11:54:51 | 000,002,936 | ---- | M] () -- C:\{A6F5C35D-36CA-4D51-8755-2DAF0E0ADEC0}
[2013-02-18 11:51:11 | 000,002,208 | ---- | M] () -- C:\{97BD3932-0C63-4B56-9C47-3F30656494C9}
[2013-02-18 11:49:27 | 000,002,216 | ---- | M] () -- C:\{2B1011CF-A6A5-4F8C-AAF4-E03E56072F7A}
[2013-02-18 11:46:10 | 000,002,184 | ---- | M] () -- C:\{54070F32-C62A-4D0A-A99D-C345B566C861}
[2013-02-18 11:41:15 | 000,002,416 | ---- | M] () -- C:\{D4A5380D-D330-4589-9B86-299F570C7E3A}
[2013-02-18 11:36:54 | 000,002,104 | ---- | M] () -- C:\{E6359CD4-A44B-40B4-8678-72935135FE33}
[2013-02-18 11:32:39 | 000,002,176 | ---- | M] () -- C:\{0481D40C-C7C7-4747-8CF7-F75254A4AF0C}
[2013-02-18 11:29:49 | 000,002,856 | ---- | M] () -- C:\{1C51F232-AD00-4BFD-A9C0-90E5ECE357FB}
[2013-02-18 11:25:10 | 000,002,368 | ---- | M] () -- C:\{125BAADF-CF28-4ABC-A126-34DD7F6614AE}
[2013-02-18 11:20:55 | 000,002,480 | ---- | M] () -- C:\{EA85DE5B-ECB9-48BC-A0B1-5DDFCA867DB1}
[2013-02-18 11:16:25 | 000,002,512 | ---- | M] () -- C:\{AB172253-515B-46AD-8232-69D5B359D6ED}
[2013-02-18 11:07:08 | 000,002,216 | ---- | M] () -- C:\{2525C0AA-05E0-4EF9-9C60-6286155CC4A0}
[2013-02-18 10:59:54 | 000,002,264 | ---- | M] () -- C:\{FF7855DC-FE7E-4727-A47A-AFEEBC70884F}
[2013-02-18 10:56:13 | 000,002,224 | ---- | M] () -- C:\{F79E8C71-6925-41EB-9BEB-24EBA31CD276}
[2013-02-18 10:44:55 | 000,002,240 | ---- | M] () -- C:\{C4E4C2F7-A83F-4934-92A6-321C4D719D74}
[2013-02-18 10:42:25 | 000,002,448 | ---- | M] () -- C:\{461C0A56-8F96-42F3-811D-2F6653FBC350}
[2013-02-18 10:37:01 | 000,002,136 | ---- | M] () -- C:\{7C628565-122B-49FC-A9D3-4D0B56D91D0F}
[7 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Users\Shawlhar\Documents\*.tmp files -> C:\Users\Shawlhar\Documents\*.tmp -> ]
[13 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Users\Shawlhar\Desktop\*.tmp files -> C:\Users\Shawlhar\Desktop\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013-03-17 14:40:47 | 000,000,780 | ---- | C] () -- C:\Users\Shawlhar\Desktop\TeraCopy.lnk
[2013-03-15 16:13:20 | 000,002,944 | ---- | C] () -- C:\{A436D713-5126-46DC-A75F-8E141F27CB27}
[2013-03-15 16:09:44 | 000,249,168 | ---- | C] () -- C:\{A1A59FEC-F135-49FD-8578-058BCF924CAC}
[2013-03-15 16:04:27 | 000,000,822 | ---- | C] () -- C:\Users\Shawlhar\Application Data\Microsoft\Internet Explorer\Quick Launch\Desktop Icon Toy.lnk
[2013-03-15 16:04:24 | 000,000,798 | ---- | C] () -- C:\Users\Shawlhar\Desktop\Desktop Icon Toy.lnk
[2013-03-15 14:39:43 | 000,001,179 | ---- | C] () -- C:\Users\Shawlhar\Desktop\Driver Genius.lnk
[2013-03-15 00:38:45 | 000,000,374 | ---- | C] () -- C:\Users\Public\Desktop\Connectify Dispatch.lnk
[2013-03-15 00:38:45 | 000,000,358 | ---- | C] () -- C:\Users\Public\Desktop\Connectify Hotspot.lnk
[2013-03-14 09:41:56 | 000,001,082 | ---- | C] () -- C:\Users\Shawlhar\Desktop\haloce (2).exe - Shortcut.lnk
[2013-03-12 08:47:44 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForShawlhar.job
[2013-03-08 14:47:06 | 000,001,985 | ---- | C] () -- C:\Users\Public\Desktop\Virtual Comodo Dragon.lnk
[2013-03-08 14:46:32 | 000,162,560 | ---- | C] () -- C:\Windows\SysNative\drivers\sfi.dat
[2013-03-08 14:28:32 | 000,002,015 | ---- | C] () -- C:\Users\Public\Desktop\AntiError.lnk
[2013-03-08 14:28:31 | 000,002,011 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk
[2013-03-08 14:28:31 | 000,002,011 | ---- | C] () -- C:\Users\Public\Desktop\GeekBuddy.lnk
[2013-03-08 14:26:49 | 000,001,088 | ---- | C] () -- C:\Users\Public\Desktop\Comodo Dragon.lnk
[2013-03-07 16:13:53 | 000,000,894 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1ce1b466152ff3d.job
[2013-03-07 15:52:39 | 000,001,829 | ---- | C] () -- C:\Users\Public\Desktop\Apps.lnk
[2013-03-07 15:52:37 | 000,001,775 | ---- | C] () -- C:\Users\Public\Desktop\Start BlueStacks.lnk
[2013-03-07 13:35:50 | 000,005,807 | ---- | C] () -- C:\Users\Shawlhar\Documents\wand.dat
[2013-03-05 15:50:13 | 802,697,836 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2013-03-04 22:48:44 | 000,455,280 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013-02-19 14:27:18 | 000,002,019 | ---- | C] () -- C:\Users\Shawlhar\Desktop\Mortal Kombat 5.lnk
[2013-02-19 14:25:40 | 001,947,106 | ---- | C] () -- C:\Users\Shawlhar\Documents\female student_3.pdf
[2013-02-18 14:26:34 | 000,002,072 | ---- | C] () -- C:\{8228222D-978D-4260-B966-0019A746F026}
[2013-02-18 14:23:29 | 000,002,352 | ---- | C] () -- C:\{4649EF78-2E43-4F9B-A626-0BF73C746BFA}
[2013-02-18 14:19:22 | 000,002,200 | ---- | C] () -- C:\{9270DEFE-4ED3-4ADE-9930-433221453A75}
[2013-02-18 13:01:57 | 000,002,176 | ---- | C] () -- C:\{A48A0EBB-CB53-4C68-BD91-BA9EB25E3C01}
[2013-02-18 12:57:43 | 000,002,888 | ---- | C] () -- C:\{042857E6-1F4A-4CFF-8644-A78427FC1046}
[2013-02-18 12:53:21 | 000,002,888 | ---- | C] () -- C:\{768B306A-57EB-4A17-9911-12ECCAE674E4}
[2013-02-18 12:47:21 | 000,002,176 | ---- | C] () -- C:\{4B9BEA6F-1F0F-4FE2-B2BE-5607F312C1A2}
[2013-02-18 12:40:57 | 000,002,888 | ---- | C] () -- C:\{E8B1144E-707C-4F20-A5CE-9978149ECF3A}
[2013-02-18 12:37:00 | 000,002,888 | ---- | C] () -- C:\{7C00C7A5-BFD6-4DF6-A410-4B066C13907D}
[2013-02-18 12:30:22 | 000,002,176 | ---- | C] () -- C:\{E647FCE9-56D8-4703-91C0-9A9E9800DEF3}
[2013-02-18 12:26:45 | 000,002,624 | ---- | C] () -- C:\{ED5A96E0-2FC6-4750-93B4-6C16C7E5823F}
[2013-02-18 12:21:08 | 000,002,176 | ---- | C] () -- C:\{24A38634-7119-482A-B60E-11E789C81EF7}
[2013-02-18 12:17:47 | 000,002,624 | ---- | C] () -- C:\{B6C218A6-E325-480C-AD9B-D465BBB4E538}
[2013-02-18 12:11:33 | 000,002,968 | ---- | C] () -- C:\{C6FA91E0-D872-42B3-B919-456B1FBC2377}
[2013-02-18 12:06:04 | 000,002,976 | ---- | C] () -- C:\{EB1EC388-85A7-48BF-AE2F-F8756D827EB7}
[2013-02-18 11:54:49 | 000,002,936 | ---- | C] () -- C:\{A6F5C35D-36CA-4D51-8755-2DAF0E0ADEC0}
[2013-02-18 11:51:10 | 000,002,208 | ---- | C] () -- C:\{97BD3932-0C63-4B56-9C47-3F30656494C9}
[2013-02-18 11:49:26 | 000,002,216 | ---- | C] () -- C:\{2B1011CF-A6A5-4F8C-AAF4-E03E56072F7A}
[2013-02-18 11:46:09 | 000,002,184 | ---- | C] () -- C:\{54070F32-C62A-4D0A-A99D-C345B566C861}
[2013-02-18 11:41:14 | 000,002,416 | ---- | C] () -- C:\{D4A5380D-D330-4589-9B86-299F570C7E3A}
[2013-02-18 11:36:52 | 000,002,104 | ---- | C] () -- C:\{E6359CD4-A44B-40B4-8678-72935135FE33}
[2013-02-18 11:32:38 | 000,002,176 | ---- | C] () -- C:\{0481D40C-C7C7-4747-8CF7-F75254A4AF0C}
[2013-02-18 11:29:48 | 000,002,856 | ---- | C] () -- C:\{1C51F232-AD00-4BFD-A9C0-90E5ECE357FB}
[2013-02-18 11:25:09 | 000,002,368 | ---- | C] () -- C:\{125BAADF-CF28-4ABC-A126-34DD7F6614AE}
[2013-02-18 11:20:54 | 000,002,480 | ---- | C] () -- C:\{EA85DE5B-ECB9-48BC-A0B1-5DDFCA867DB1}
[2013-02-18 11:16:24 | 000,002,512 | ---- | C] () -- C:\{AB172253-515B-46AD-8232-69D5B359D6ED}
[2013-02-18 11:07:06 | 000,002,216 | ---- | C] () -- C:\{2525C0AA-05E0-4EF9-9C60-6286155CC4A0}
[2013-02-18 10:59:53 | 000,002,264 | ---- | C] () -- C:\{FF7855DC-FE7E-4727-A47A-AFEEBC70884F}
[2013-02-18 10:56:12 | 000,002,224 | ---- | C] () -- C:\{F79E8C71-6925-41EB-9BEB-24EBA31CD276}
[2013-02-18 10:44:54 | 000,002,240 | ---- | C] () -- C:\{C4E4C2F7-A83F-4934-92A6-321C4D719D74}
[2013-02-18 10:42:24 | 000,002,448 | ---- | C] () -- C:\{461C0A56-8F96-42F3-811D-2F6653FBC350}
[2013-02-18 10:36:59 | 000,002,136 | ---- | C] () -- C:\{7C628565-122B-49FC-A9D3-4D0B56D91D0F}
[2013-01-13 15:11:56 | 000,056,424 | ---- | C] () -- C:\Windows\SysWow64\PrxerNsp.dll
[2012-12-20 12:44:08 | 000,000,017 | ---- | C] () -- C:\Windows\SysWow64\shortcut_ex.dat
[2012-11-30 15:36:52 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012-11-25 04:00:28 | 000,286,720 | ---- | C] () -- C:\Windows\syswinconf.ini
[2012-08-31 11:26:39 | 000,000,218 | ---- | C] () -- C:\Users\Shawlhar\AppData\Local\recently-used.xbel
[2012-08-17 20:06:15 | 000,000,031 | ---- | C] () -- C:\Windows\wininit.ini
[2012-07-03 07:24:35 | 701,616,800 | ---- | C] () -- C:\Users\Shawlhar\AVSEQ01 (1) (1).avi
[2012-06-15 21:18:02 | 198,760,838 | ---- | C] () -- C:\Users\Shawlhar\AVSEQ01 (1).avi
[2012-06-07 18:19:05 | 000,037,980 | ---- | C] () -- C:\Users\Shawlhar\S-pics099.jpg
[2012-06-07 18:19:05 | 000,025,541 | ---- | C] () -- C:\Users\Shawlhar\S-pics105.jpg
[2012-06-06 16:19:46 | 000,024,983 | ---- | C] () -- C:\Users\Shawlhar\S-pics101.jpg
[2012-05-25 23:41:09 | 014,624,887 | ---- | C] () -- C:\Users\Shawlhar\7tsp_HUD_Evolution_Icons_Theme_Extras_Bottomshell.7z
[2012-05-25 22:37:14 | 003,350,148 | ---- | C] () -- C:\Users\Shawlhar\UXTheme Multi-Patcher 8.0.exe
[2012-05-19 22:06:14 | 000,005,207 | ---- | C] () -- C:\Users\Shawlhar\micheal.phpjpg
[2012-05-11 10:37:19 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2012-05-08 08:43:22 | 000,017,408 | ---- | C] () -- C:\Users\Shawlhar\AppData\Local\WebpageIcons.db
[2012-03-02 19:55:25 | 000,870,862 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012-02-04 22:15:53 | 000,001,854 | ---- | C] () -- C:\Users\Shawlhar\AppData\Roaming\GhostObjGAFix.xml
[2012-01-10 21:29:54 | 013,904,384 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011-12-12 17:18:36 | 000,000,909 | ---- | C] () -- C:\Users\Shawlhar\sec.bat
[2011-12-07 16:39:40 | 000,000,163 | ---- | C] () -- C:\Users\Shawlhar\MATRIX.bat
[2011-11-16 22:37:09 | 000,002,672 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2011-11-16 22:37:09 | 000,000,088 | RHS- | C] () -- C:\ProgramData\D07AFD0F8E.sys
[2011-11-14 14:07:19 | 000,000,297 | ---- | C] () -- C:\Users\Shawlhar\AppData\Roaming\Network Meter_Settings.ini
[2011-11-13 22:26:38 | 000,962,560 | ---- | C] () -- C:\Windows\tesseract.exe
[2011-11-12 11:14:01 | 000,007,598 | ---- | C] () -- C:\Users\Shawlhar\AppData\Local\resmon.resmoncfg
[2011-11-11 22:28:47 | 000,000,279 | ---- | C] () -- C:\Users\Shawlhar\kkk.cpp
[2011-11-09 20:37:31 | 000,000,298 | ---- | C] () -- C:\Users\Shawlhar\prac.htm
[2011-11-04 16:55:47 | 000,052,224 | ---- | C] () -- C:\Users\Shawlhar\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-10-31 21:42:10 | 000,837,282 | ---- | C] () -- C:\Users\Shawlhar\my docs result.zip
[2011-10-27 18:24:10 | 001,006,600 | ---- | C] () -- C:\Users\Shawlhar\Xeon_10 Xbox 360.rar
[2011-10-26 00:13:35 | 000,109,216 | ---- | C] () -- C:\Windows\SysWow64\EasyHook64.dll
[2011-10-26 00:13:35 | 000,084,480 | ---- | C] () -- C:\Windows\SysWow64\EasyHook32.dll
[2011-09-30 07:48:32 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2011-08-31 19:51:16 | 000,867,020 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2011-08-31 19:51:16 | 000,128,204 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2011-08-31 19:51:16 | 000,105,608 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2011-08-05 18:22:17 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe
[2011-05-13 21:15:06 | 000,000,188 | ---- | C] () -- C:\Windows\SysWow64\HPWA.ini
[2011-04-10 09:48:30 | 000,010,294 | ---- | C] () -- C:\Users\Shawlhar\Photo.jpg
[2011-04-09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
========== ZeroAccess Check ==========
[2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== Alternate Data Streams ==========
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:661DFA1C
@Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:2B11E0DF
@Alternate Data Stream - 108 bytes -> C:\ProgramData\Temp:553CA6CA
< End of report >
and extra log file
OTL Extras logfile created on: 18-Mar-13 14:07:48 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Shawlhar\Desktop\ol
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: dd-MMM-yy
3.80 Gb Total Physical Memory | 2.45 Gb Available Physical Memory | 64.48% Memory free
9.50 Gb Paging File | 7.28 Gb Available in Paging File | 76.58% Paging File free
Paging file location(s): C:\pagefile.sys 5839 5839 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 284.05 Gb Total Space | 48.32 Gb Free Space | 17.01% Space Free | Partition Type: NTFS
Drive D: | 13.74 Gb Total Space | 1.71 Gb Free Space | 12.46% Space Free | Partition Type: NTFS
Drive F: | 99.34 Mb Total Space | 84.99 Mb Free Space | 85.56% Space Free | Partition Type: FAT32
Computer Name: SHAWLHAR-HP | User Name: Shawlhar | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files (x86)\File Scout\filescout.exe" /open "%1" ()
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" [2012-12-12 14:20:10 | 000,000,000 | ---D | M]
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files (x86)\File Scout\filescout.exe" /open "%1" ()
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" [2012-12-12 14:20:10 | 000,000,000 | ---D | M]
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"FirstRunDisabled" = 0
"UacDisableNotify" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Ubisoft\Scrabble2009\ScrabblePCR.exe" = C:\Program Files (x86)\Ubisoft\Scrabble2009\ScrabblePCR.exe:*:Enabled:ScrabblePCR -- ()
"C:\Program Files (x86)\Ubisoft\Scrabble2009\ScrabblePCR.exe" = C:\Program Files (x86)\Ubisoft\Scrabble2009\ScrabblePCR.exe:*:Enabled:ScrabblePCR -- ()
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Ubisoft\Scrabble2009\ScrabblePCR.exe" = C:\Program Files (x86)\Ubisoft\Scrabble2009\ScrabblePCR.exe:*:Enabled:ScrabblePCR -- ()
"C:\Program Files (x86)\Ubisoft\Scrabble2009\ScrabblePCR.exe" = C:\Program Files (x86)\Ubisoft\Scrabble2009\ScrabblePCR.exe:*:Enabled:ScrabblePCR -- ()
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00608B00-B3CC-4263-B815-16A66ACE717B}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{011B00F2-061A-4E45-8628-0ECFAB8FE821}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{080A88DE-9A21-4BEF-A1A8-33B68BEE401E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{086CFA0F-F788-4D3D-9A70-6ACAB39FC743}" = rport=2869 | protocol=6 | dir=out | app=system |
"{15DB24DE-E05A-458E-B35C-126D6587D749}" = lport=2987 | protocol=6 | dir=in | app=c:\program files (x86)\connectify\connectify.exe |
"{2181C836-14A8-4BAC-9685-70435564266B}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{2AE00993-740F-4CFA-AE21-678CB99DC0F7}" = lport=2869 | protocol=6 | dir=in | app=system |
"{2C949DDE-47EB-49A6-859C-6147D15A8ADE}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2D58716F-B28A-46FF-838E-1CDD0D6E45EC}" = lport=68 | protocol=17 | dir=in | app=c:\program files (x86)\connectify\connectifynetservices.exe |
"{33199742-7AB7-4A15-A089-D72FFFDF60BD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{33700767-94B0-44C6-973C-5FC9BC090A25}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{357B5957-46E9-44FC-BCEE-FBC1A5F7ECAE}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{37020931-6385-4EE0-9ECA-EB6FE3CADE6F}" = lport=547 | protocol=17 | dir=in | app=c:\windows\system32\svchost.exe |
"{387DB7A3-C82D-4A35-8B5F-911FA5BC12FF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{3C44BA14-1A6B-4779-BEE6-C07AE2F82EC5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3CE82190-EEB3-4B96-ACC9-F1476A313077}" = lport=4481 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer |
"{41AF1F50-81D8-4B86-B62B-848F0D7138E2}" = rport=1900 | protocol=17 | dir=out | app=c:\windows\system32\svchost.exe |
"{47F8D531-C56C-44C2-8AC9-7E8AE2408F4F}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{4F874E16-69E6-41C4-8EC0-6C6488751D0C}" = lport=138 | protocol=17 | dir=in | app=system |
"{53508C99-0D77-4E04-8804-CD47DCE291DD}" = lport=1900 | protocol=17 | dir=in | app=c:\windows\system32\svchost.exe |
"{6241FB8A-0F39-4026-A5BC-2436A965B1F2}" = rport=2869 | protocol=6 | dir=out | app=system |
"{650F4E26-1739-4CE4-B380-826F2B744032}" = lport=445 | protocol=6 | dir=in | app=system |
"{651F3A7D-C1A9-4AC3-9A26-671C82B5102E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{6B12A4ED-3782-448E-B82D-F66141E5F364}" = rport=10243 | protocol=6 | dir=out | app=system |
"{6B870417-7BAC-451D-B956-84B7536312FE}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{6C0180C3-15A7-414D-8116-AF0C5CB14AA9}" = lport=4482 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery |
"{6C2AD73A-0B5C-4280-A770-D8A9EB3A1BF2}" = lport=2869 | protocol=6 | dir=in | app=system |
"{700530B3-8A98-4414-923D-F02ED58D120C}" = rport=139 | protocol=6 | dir=out | app=system |
"{7B7DB0FC-6BE4-430B-8456-87ADBDBCD327}" = lport=139 | protocol=6 | dir=in | app=system |
"{7E98FE11-A630-4289-BF1F-A778FE245760}" = rport=2869 | protocol=6 | dir=out | app=system |
"{7EC79646-4499-438B-B4AC-FDE5ABD56EFE}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8569D9E9-03C3-47DB-B8B1-6E2ED2254508}" = lport=67 | protocol=17 | dir=in | app=c:\program files (x86)\connectify\connectifynetservices.exe |
"{8FEAD996-9E51-4917-9392-0ECE7775E09F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9562C3C9-E2D8-4F3F-9BD8-24EF6E8504B8}" = lport=26827 | protocol=17 | dir=in | name=bitcomet 26827 udp |
"{96319DC4-12FE-4C7F-A7BC-0439FFD4AA78}" = lport=26827 | protocol=6 | dir=in | name=bitcomet 26827 tcp |
"{99C6E2FD-C6E5-48E8-A2F3-52FC91ADE8B8}" = lport=2869 | protocol=6 | dir=in | app=system |
"{9CF40E3A-781E-4F41-9072-6DAD98B95C69}" = lport=53 | protocol=17 | dir=in | app=c:\program files (x86)\connectify\connectifynetservices.exe |
"{A16C2076-80B8-4022-92E7-CF49DAC07238}" = rport=445 | protocol=6 | dir=out | app=system |
"{A605112B-7157-4D8F-A937-8523FD3A4333}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{A9D5B6A3-6446-47D2-90B6-E5D6DEA3FDCB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AE55B278-63F6-4B80-A223-DEF35A929A01}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{AFA60950-43F6-431A-B6CA-28A0A361A8DC}" = lport=4482 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer |
"{BAEB86D8-2B27-403D-9F2C-F5BB331D0D41}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{C2A19392-9417-477D-A7D4-4DBED61C08A1}" = lport=4481 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery |
"{C7370735-B67D-49D1-9D4B-4073BE6C0A2D}" = lport=67 | protocol=17 | dir=in | app=c:\program files (x86)\connectify\connectifynetservices.exe |
"{C97E7ACD-0EC4-419E-9019-216D81D7E194}" = lport=137 | protocol=17 | dir=in | app=system |
"{D63BC7BC-3D68-4CB1-AE17-42AB19723C02}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{D6F45B18-9C6D-4131-A8EC-3510C9C7BECA}" = rport=138 | protocol=17 | dir=out | app=system |
"{D7F0FFAE-4915-4FB9-9DD5-F702F3F5AB2A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DB480AD2-1537-493A-977F-EAACB02C6638}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{E3377845-E05A-470B-BEEB-A7FE3EFBBCCD}" = rport=137 | protocol=17 | dir=out | app=system |
"{E655F285-5D77-42CE-A66C-62B61E1AB0C8}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{EBAADE09-F53F-4066-804F-C96C5550CAA5}" = lport=10243 | protocol=6 | dir=in | app=system |
"{EE569EA9-582A-4EEF-A100-6547A149A924}" = lport=53 | protocol=17 | dir=in | app=c:\program files (x86)\connectify\connectifynetservices.exe |
"{F8E202B7-208B-4865-801C-A16EE062E8C8}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FA310BCF-8BCE-4824-AEC1-B9AD76C31109}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{FAD6F6D8-89FC-4DFE-8489-F4B4AB54D4C1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FBD4106F-6A46-44A5-B85F-BAC992609C2A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01262FB7-CB2E-4003-97E7-74C8BAC5F72D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{09632DE4-21E6-4BDA-9827-D7F3126DCBEA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{0C0CBA35-726B-4973-B0A6-898E7DB641DD}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{0F3E4ADF-8412-4287-AAFE-7E924C70D249}" = protocol=6 | dir=in | app=c:\program files (x86)\konami\pro evolution soccer 2012\pes2012.exe |
"{132F6219-427D-4305-84E3-BCFCEA76D151}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{18F4DB85-B836-483F-9385-F38710A42334}" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"{1A4FC0F7-68BC-49F2-8C62-11A30F430D5C}" = protocol=1 | dir=in | [email protected],-28543 |
"{25C2A7A8-82EE-4D2A-A0CC-7A9635C1DB3E}" = protocol=58 | dir=in | name=internet connection sharing (router solicitation-in) |
"{27E721C8-8F59-41CA-BE6F-7FC0BBEF328C}" = protocol=6 | dir=out | app=c:\windows\system32\svchost.exe |
"{390528BB-0942-41A7-891E-DB567606D21D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{39DC8C75-3557-4F57-B596-136DC9020281}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{3A4B4684-08D9-4D25-8C82-9D65AEB86891}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{3CDCB107-7416-489E-B392-999C89AE745A}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{40F33556-7FCE-41CA-92F4-F36EE7EEDC7B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{461175E4-D7D5-4BFE-8D05-5158F89CEA61}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4676274B-37EA-46AF-8120-600A33D3B7A2}" = protocol=17 | dir=in | app=c:\program files (x86)\research in motion\blackberry desktop\rim.desktop.exe |
"{4940A154-602F-4F14-9837-49A836DBB904}" = protocol=6 | dir=in | app=c:\games\pro evolution soccer 2012\pes2012.exe |
"{4ABF71F8-2878-4028-8F16-DFE2072E36BC}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{4D5C3AF1-95D4-4EA7-A1BB-995F1BCA1E34}" = protocol=6 | dir=out | app=c:\program files (x86)\rosetta stone\rosetta stone version 3\rosettastoneversion3.exe |
"{4EF80F9E-E01D-4CC4-90D0-B9CCDD73D2A2}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{4FFEC4F3-141D-438D-AF79-7F441660AA52}" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{57F5FF07-0344-4C0B-AC3B-733C03022A21}" = protocol=6 | dir=out | app=system |
"{5B5EBB42-839F-4807-B4C0-9071857EFFC9}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{5BE3A469-CC8E-43FC-888D-0AF403D3F364}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5C4209FB-2835-47F5-99C2-A8C446CC21B1}" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"{5CEF5784-911F-456C-9137-6D57DDB4AE75}" = dir=in | app=c:\program files (x86)\rosetta stone\rosetta stone version 3\rosettastoneversion3.exe |
"{6562B6C2-9CFC-4D7D-8D21-BB4564F770C4}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{6607D035-093F-4C38-9384-7B1882CB03B3}" = protocol=17 | dir=in | app=c:\games\pro evolution soccer 2012\pes2012.exe |
"{68F57806-9C57-4D59-8AFD-A76CBEFF2E77}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{7111B196-4F57-4B5F-82BF-7D595FBE0420}" = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{749FE228-E450-4FD5-ACB7-4D4753EC029B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{75FB3187-EE3D-42B2-87F0-292E95B3E265}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |
"{7BF55AAE-66F3-425C-BD79-ACD8C6E4E812}" = protocol=58 | dir=out | [email protected],-28546 |
"{7D4B48D4-7BB1-49B8-A459-6525B9AE719D}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{869F48AD-234D-420E-A099-A50CC764949C}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\comodo\geekbuddyrsp.exe |
"{8E28629B-4C9B-4B01-AF5F-FDF60B8C64AE}" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"{8E65AE04-F92A-4E64-AEB9-7D31206E2E70}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{8F5299A9-BCA2-4A17-8537-3092AAD31503}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\scrabble2009\scrabblepcr.exe |
"{9777447A-4941-40B1-B06D-8C1BBB52027B}" = dir=out | app=c:\windows\system32\svchost.exe |
"{9838D0D4-8F7D-4602-BFEB-9CD5E19435C4}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\comodo\geekbuddyrsp.exe |
"{9896C725-0365-4898-B21C-9ECFC61A8AEA}" = protocol=1 | dir=out | [email protected],-28544 |
"{9CAB26E4-16FD-4EBF-8887-40DFA9FD55B3}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{A8A04C6B-65D0-4E09-8913-26CAB1C34DBA}" = protocol=6 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{AA4E05CE-CA41-41A2-93A6-2DBAC4910672}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\scrabble2009\scrabblepcr.exe |
"{B19259CD-6359-464B-9446-2C59A059ADC0}" = protocol=58 | dir=in | [email protected],-148 |
"{B3714DA3-A3A6-48A5-97A0-88296DF34F3A}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{B39051D7-AEF8-459B-B8A8-9F28342874DA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B57490AD-6139-4A25-8EC4-80DCC27603B9}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{B99BD407-6A39-41C5-A200-97DB84A7D3A4}" = protocol=17 | dir=in | app=c:\program files (x86)\konami\pro evolution soccer 2012\pes2012.exe |
"{BE7F6527-ED64-49B7-92A7-397648AC7164}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{C698FE8D-82A5-4B44-9602-74C89C4A9E63}" = protocol=6 | dir=out | app=c:\program files (x86)\rosetta stone\rosetta stone version 3\support\bin\win\rosettastoneltdservices.exe |
"{CDEB78EB-FE9A-4E06-8DD3-8CCD9C2898F6}" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"{CF44A7BA-1BC0-4C8F-9674-DCBBF8421E5F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D1789401-0632-4533-8B4A-A93DF0F8907F}" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{D4410C53-332C-4ED8-85A7-B8827EFE6283}" = dir=in | app=c:\users\shawlhar\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{D537F940-6B9E-4A24-94E8-455D7B474387}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{E2840EF8-5762-4834-9BFB-FA97CA6CFF38}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{E6B67DDF-A208-4CA5-8A08-47DCB37B4E91}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E78C551B-C876-4435-BCF9-C1FC86660674}" = dir=in | app=c:\program files (x86)\rosetta stone\rosetta stone version 3\support\bin\win\rosettastoneltdservices.exe |
"{E957EB7C-7CAA-4A0A-B1DB-3B62DF3A4D9A}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E9B40CF0-5BD7-47A7-84EF-6C8B441B1C6C}" = protocol=6 | dir=in | app=c:\program files (x86)\research in motion\blackberry desktop\rim.desktop.exe |
"{EA22AAA2-FC9C-453C-9A5C-D2C4F313756B}" = protocol=58 | dir=in | [email protected],-28545 |
"{F1CDD6B3-B796-4450-97EC-691BF47F45EE}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{F35C316E-ECCA-4DC1-8811-38E12AFD268B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F67BA54A-6AF2-4EB2-B65B-DCEC98ECB605}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F7121C46-E4BF-4E60-AB50-F0CF638DD56A}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{FD42B28A-D2FB-468C-9318-270DAA6E2798}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FFA87319-C208-45CE-809E-08F91F54EA46}" = protocol=58 | dir=in | [email protected],-148 |
"TCP Query User{0817F45D-C3DF-4227-91D9-0F74C8703F45}C:\program files (x86)\internet download manager\idman.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet download manager\idman.exe |
"TCP Query User{085DD408-551F-4C95-BE98-B19B9F553B10}C:\users\shawlhar\desktop\halo\haloce (2).exe" = protocol=6 | dir=in | app=c:\users\shawlhar\desktop\halo\haloce (2).exe |
"TCP Query User{086B9F40-C3ED-4977-9605-58A21E125A34}C:\windows\syswow64\javaw.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\javaw.exe |
"TCP Query User{0C632C43-FCDD-40E2-9F95-608B5ADA03A5}C:\program files (x86)\proxomitron naoko-4\proxomitron.exe" = protocol=6 | dir=in | app=c:\program files (x86)\proxomitron naoko-4\proxomitron.exe |
"TCP Query User{19C6767C-BA34-4125-84C0-B0319FF0D126}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{5C3E0AE0-1363-4D4F-919A-5027307568E8}C:\program files (x86)\wyzo\wyzo.exe" = protocol=6 | dir=in | app=c:\program files (x86)\wyzo\wyzo.exe |
"TCP Query User{6BF68736-7527-4A31-B835-7C073FF7EBA6}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{73DEBD2D-7648-4414-B670-933840757BB8}C:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"TCP Query User{742EFB5A-4463-44ED-9981-227D48B08C7D}C:\program files (x86)\connectify\connectify.exe" = protocol=6 | dir=in | app=c:\program files (x86)\connectify\connectify.exe |
"TCP Query User{753E308B-FCE6-4F1F-BFAC-94F138284BA2}C:\wamp\bin\apache\apache2.2.8\bin\httpd.exe" = protocol=6 | dir=in | app=c:\wamp\bin\apache\apache2.2.8\bin\httpd.exe |
"TCP Query User{809EA995-497A-43AC-90D4-DC6021359C26}C:\program files (x86)\tvuplayer\tvuplayer.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tvuplayer\tvuplayer.exe |
"TCP Query User{88CE023B-3E85-42C9-B083-A5FD1277C6D0}C:\program files (x86)\wyzo\wyzo.exe" = protocol=6 | dir=in | app=c:\program files (x86)\wyzo\wyzo.exe |
"TCP Query User{97208170-23CF-462E-BCE3-614777A073BD}C:\program files (x86)\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mirc\mirc.exe |
"TCP Query User{AAD0CF4C-5692-439B-91E5-32D538761A2B}C:\program files (x86)\your freedom\freedom.exe" = protocol=6 | dir=in | app=c:\program files (x86)\your freedom\freedom.exe |
"TCP Query User{AB0E5934-0038-4ACC-B7C9-1926FD855097}C:\program files (x86)\joshsoft corporation\joeadeoye web proxy\joeadeoye web proxy.exe" = protocol=6 | dir=in | app=c:\program files (x86)\joshsoft corporation\joeadeoye web proxy\joeadeoye web proxy.exe |
"TCP Query User{B3AC34B0-D325-47BF-8C36-64E1865E6433}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"TCP Query User{B7B86CAD-5C39-464F-AFF1-2449BDABACCE}C:\windows\system32\wfs.exe" = protocol=6 | dir=in | app=c:\windows\system32\wfs.exe |
"TCP Query User{C9FFFC3A-A390-46AC-AE05-B7AE36060AEB}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
"TCP Query User{CC271300-9B8A-4663-AB8C-C253F674E60E}C:\program files (x86)\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"TCP Query User{CCA96ABB-654A-4D8C-9240-A71A2B9DA3BF}C:\program files (x86)\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mirc\mirc.exe |
"TCP Query User{D3A336CE-76BA-4CAF-BE4C-05270F428F9B}C:\program files (x86)\vuze\azureus.exe" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"TCP Query User{F29139FB-867C-45CA-9D97-A723034D86E4}C:\program files (x86)\your freedom\freedom.exe" = protocol=6 | dir=in | app=c:\program files (x86)\your freedom\freedom.exe |
"TCP Query User{F38F4037-1773-4CB2-B13B-3990D21921B2}C:\users\shawlhar\documents\nfs mw\speed.exe" = protocol=6 | dir=in | app=c:\users\shawlhar\documents\nfs mw\speed.exe |
"UDP Query User{00FB9892-67F6-4477-9DA8-DB8E92068552}C:\program files (x86)\internet download manager\idman.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet download manager\idman.exe |
"UDP Query User{070C3E17-18BB-40A2-9EFF-C2FE48956D32}C:\program files (x86)\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mirc\mirc.exe |
"UDP Query User{08845A0A-E747-46EA-A86D-76623A77496C}C:\program files (x86)\your freedom\freedom.exe" = protocol=17 | dir=in | app=c:\program files (x86)\your freedom\freedom.exe |
"UDP Query User{0B846716-7E5E-4E7B-BA38-187DCD7CCB42}C:\program files (x86)\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"UDP Query User{0D86C88C-0921-4B1D-A99E-9890F4CDA410}C:\program files (x86)\proxomitron naoko-4\proxomitron.exe" = protocol=17 | dir=in | app=c:\program files (x86)\proxomitron naoko-4\proxomitron.exe |
"UDP Query User{1957923D-235D-45C5-BCB3-071E7E1D5C67}C:\program files (x86)\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mirc\mirc.exe |
"UDP Query User{1BD87A48-B708-411F-AB2D-175FE59D7B10}C:\program files (x86)\vuze\azureus.exe" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"UDP Query User{22213FBB-3967-4CC8-84D4-35D624EE4ECC}C:\wamp\bin\apache\apache2.2.8\bin\httpd.exe" = protocol=17 | dir=in | app=c:\wamp\bin\apache\apache2.2.8\bin\httpd.exe |
"UDP Query User{2276B498-1409-40D6-8424-497327985B8E}C:\program files (x86)\connectify\connectify.exe" = protocol=17 | dir=in | app=c:\program files (x86)\connectify\connectify.exe |
"UDP Query User{28564369-1AAB-4FAB-AA29-9A14E1CAC2E8}C:\program files (x86)\joshsoft corporation\joeadeoye web proxy\joeadeoye web proxy.exe" = protocol=17 | dir=in | app=c:\program files (x86)\joshsoft corporation\joeadeoye web proxy\joeadeoye web proxy.exe |
"UDP Query User{3F5E3C54-04B4-45A1-84A9-771BDB066FEC}C:\program files (x86)\wyzo\wyzo.exe" = protocol=17 | dir=in | app=c:\program files (x86)\wyzo\wyzo.exe |
"UDP Query User{50DFDB05-AEC1-4ED9-9078-B8A536A450CC}C:\users\shawlhar\documents\nfs mw\speed.exe" = protocol=17 | dir=in | app=c:\users\shawlhar\documents\nfs mw\speed.exe |
"UDP Query User{5234D5DE-C272-4085-B6EC-DC151F22E2CF}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"UDP Query User{5670ACA7-871B-47ED-AADA-4393189EEC51}C:\program files (x86)\wyzo\wyzo.exe" = protocol=17 | dir=in | app=c:\program files (x86)\wyzo\wyzo.exe |
"UDP Query User{5F99C095-0858-4FC0-B9CA-59B296BD3144}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
"UDP Query User{ACF3360F-9C5D-42AB-A8B6-3CCC8B046C43}C:\windows\system32\wfs.exe" = protocol=17 | dir=in | app=c:\windows\system32\wfs.exe |
"UDP Query User{AE886A24-B667-443E-A72B-E1C305EAF857}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{B195EBC8-37F9-49D8-9A32-683058DBBF4D}C:\users\shawlhar\desktop\halo\haloce (2).exe" = protocol=17 | dir=in | app=c:\users\shawlhar\desktop\halo\haloce (2).exe |
"UDP Query User{DC588E3F-8B54-4BFF-9391-2548CC062FA8}C:\program files (x86)\tvuplayer\tvuplayer.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tvuplayer\tvuplayer.exe |
"UDP Query User{E28C0210-729D-40D9-8955-13086B26B775}C:\program files (x86)\your freedom\freedom.exe" = protocol=17 | dir=in | app=c:\program files (x86)\your freedom\freedom.exe |
"UDP Query User{E48A0546-7F4D-44D6-8247-0E066149BFD9}C:\windows\syswow64\javaw.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\javaw.exe |
"UDP Query User{F4299C6E-AA14-485C-B915-EA408DD36962}C:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"UDP Query User{FD106309-7E84-4B21-8421-8DACDDC0B5BE}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{034106B5-54B7-467F-B477-5B7DBB492624}" = Microsoft Sync Framework Services v1.0 SP1 (x64)
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{08044040-959A-4B0D-8825-2C533F0DDB19}" = Encarta Search Bar (64-bit)
"{0826F9E4-787E-481D-83E0-BC6A57B056D5}" = Microsoft SQL Server VSS Writer
"{0F37D969-1260-419E-B308-EF7D29ABDE20}" = Web Deployment Tool
"{108A39BF-4ED1-4293-B11A-06BD521FB8F7}" = FreeOCR 3.0
"{10F539B1-31AF-43BF-9F0C-0EB66E918922}" = HP Quick Launch
"{13DCC2C7-454D-42F0-A892-E0E9A5DE4E67}" = HP Wireless Assistant
"{1AB7EDC5-D891-34C5-9FF1-BE6A85ACC44B}" = Microsoft Team Foundation Server 2010 Object Model - ENU
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1CB6C387-65A7-327F-B4A5-7DDC75A291AF}" = Microsoft Visual Studio 2010 Office Developer Tools (x64)
"{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}" = Microsoft Sync Services for ADO.NET v2.0 SP1 (x64)
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86416022FF}" = Java™ 6 Update 22 (64-bit)
"{2D7ED2A0-9553-412B-939F-D6E0AEB2ABE1}" = ISO Recorder
"{2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF}" = Sql Server Customer Experience Improvement Program
"{3D676E54-E6F7-4733-9F70-1AE7AFF586C8}" = GlobeTrotter Connect
"{4A8CE6D7-4D52-43B9-970B-03FC75FAD667}" = Microsoft SQL Server System CLR Types (x64)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{5340A3B5-3853-4745-BED2-DD9FF5371331}" = Microsoft SQL Server 2008 Common Files
"{662014D2-0450-37ED-ABAE-157C88127BEB}" = Visual Studio 2010 Prerequisites - English
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{7ACE202B-1B01-4B43-B6AE-03D66D621CDE}" = Microsoft SQL Server 2008 RsFx Driver
"{7F05E704-30A6-421A-97A7-8EEB1C7FF011}" = Corel Shell Extension - 64Bit
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8438EC02-B8A9-462D-AC72-1B521349C001}" = Microsoft Sync Framework Runtime v1.0 SP1 (x64)
"{88BAE373-00F4-3E33-828F-96E89E5E0CB9}" = Microsoft Visual Studio 2010 IntelliTrace Collection (x64)
"{893F27E6-D6BE-4B9F-80E6-0ADA694A31A8}" = Microsoft SQL Server 2008 Common Files
"{8E363055-15E5-4D8A-9C69-A0A9DE9A3337}" = UxStyle Core Beta
"{8FF0ACBD-17A5-3637-95F4-D7C69723E2BF}" = Microsoft Visual Studio 2010 Performance Collection Tools - ENU
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{94D70749-4281-39AC-AD90-B56A0E0A402E}" = Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A1D577BD-692D-4AC9-98DF-8E3C33B792E4}" = Oracle VM VirtualBox 4.1.20
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B40EE88B-400A-4266-A17B-E3DE64E94431}" = Microsoft SQL Server 2008 Setup Support Files
"{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}" = Microsoft SQL Server 2008 Native Client
"{C3600AE6-93A0-3DB7-B7AA-45BD58F133B5}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
"{CC8BA866-16A7-4667-BA0C-C494A1E7B2BF}" = Microsoft SQL Server 2008 Database Engine Shared
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{DA67488A-2689-4F10-B90F-D2F6977509D6}" = Microsoft SQL Server 2008 R2 Management Objects (x64)
"{DF167CE3-60E7-44EA-99EC-2507C51F37AE}" = Microsoft SQL Server 2008 Database Engine Shared
"{F5079164-1DB9-3BDA-853B-F78AF67CE071}" = Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319
"{FA7394B8-CE65-4F9E-AC99-F372AD365424}" = Microsoft SQL Server 2008 Database Engine Services
"{FBD367D1-642F-47CF-B79B-9BE48FB34007}" = Microsoft SQL Server 2008 Database Engine Services
"{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0
"0C5EDC3653FED5B121F464339EAC12534D253B25" = Windows Driver Package - Nokia Modem (02/15/2007 3.1)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"B726756F5B5A5AA9D798B399386FC6205A45F19E" = Windows Driver Package - Nokia Modem (02/15/2007 3.1)
"CCleaner" = CCleaner
"Connectify" = Connectify
"Desktop Icon Toy_is1" = Desktop Icon Toy 4.7
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft SQL Server 10" = Microsoft SQL Server 2008 (64-bit)
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008 (64-bit)
"Microsoft Team Foundation Server 2010 Object Model - ENU" = Microsoft Team Foundation Server 2010 Object Model - ENU
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"SynTPDeinstKey" = Synaptics TouchPad Driver
"TeraCopy_is1" = TeraCopy 2.27
"Theme Resource Changer X64 v1.0" = Theme Resource Changer X64 v1.0
"Tweak-7" = Tweak-7
"WinRAR archiver" = WinRAR 4.20 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{7F05E704-30A6-421A-97A7-8EEB1C7FF010}" = CorelDRAW® Graphics Suite X4
"_{CE2DA11A-917F-4CF5-AB55-755EC115DD10}" = CorelDRAW® Graphics Suite X4 - Windows Shell Extension
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{03046EBB-CB7C-4B98-BEFB-690EB955DA22}" = HP Setup
"{07043840-959A-4B0D-8825-2C533F0DDB19}" = Microsoft Math
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08208143-777D-4A06-BB54-71BF0AD1BB70}" = IPTInstaller
"{09041881-2C94-4A67-8E55-8483C019C7D2}" = Microsoft Student with Encarta Premium 2009
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0DDCEC37-369C-484B-B16D-B4413FD42FB9}" = Microsoft SQL Server 2008 R2 Data-Tier Application Framework
"{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}" = Microsoft Sync Framework SDK v1.0 SP1
"{112C23F2-C036-4D40-BED4-0CB47BF5555C}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
"{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{1798D459-6B8B-474B-868D-1229EADA3B95}" = Adobe AIR
"{1803A630-3C38-4D2B-9B9A-0CB37243539C}" = Microsoft ASP.NET MVC 2
"{1826D0CA-F479-4430-9EFE-86E8E783505B}_is1" = Opera Mobile Emulator
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2012098D-EEE9-4769-8DD3-B038050854D4}" = Microsoft Silverlight 3 SDK
"{26A24AE4-039D-4CA4-87B4-2F83216037FF}" = Java™ 6 Update 37
"{2A2F3AE8-246A-4252-BB26-1BEB45627074}" = Microsoft SQL Server System CLR Types
"{2BF8B295-A214-42AC-B4EC-2AE15E08B0E7}" = HP Documentation
"{2D9FEBEE-F1B7-344F-BFDF-760E18332D96}" = Microsoft Visual Studio 2010 SharePoint Developer Tools
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver
"{31EEA563-3544-4EA1-8773-BCBF83F9627A}" = HP Software Framework
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{38676C9C-270F-43D1-926A-E45DE8820A6B}" = BlackBerry Device Software Updater
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{40416836-56CC-4C0E-A6AF-5C34BADCE483}" = Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools
"{41B31ABE-5A6E-498A-8F28-3BA3B8779A41}" = Dotfuscator Software Services - Community Edition
"{43C0CACD-F9A8-4F17-A84C-0A203B2BAE6D}" = GeekBuddy
"{44A27085-0616-4181-A0C3-81C7ECA17F73}" = CorelDRAW Graphics Suite X4
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4CEEE5D0-F905-4688-B9F9-ECC710507796}" = HTC Driver Installer
"{4E968D9C-21A7-4915-B698-F7AEB913541D}" = Microsoft SQL Server 2008 R2 Management Objects
"{4FFBB818-B13C-11E0-931D-B2664824019B}_is1" = Complitly
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{55EB7967-5BB1-4EA2-8AFF-B2F9E487E553}" = PC Connectivity Solution
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{58F9D852-9443-4955-A1ED-12C9E0504DD0}" = Mavis Beacon Teaches Typing Platinum 20
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A86554B-8928-30E4-A53C-D7337689134D}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319
"{6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3}" = Microsoft Visual Studio Macro Tools
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.1.1
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{729A3000-BC8A-3B74-BA5D-5068FE12D70C}" = Microsoft Visual F# 2.0 Runtime
"{75F3A4B2-F6E8-434D-A2EF-DBBC016C6CB2}" = Learning Essentials for Microsoft Office
"{78C3657E-742C-40B1-9F53-E5A921D40F17}" = Microsoft SQL Server 2008 R2 Transact-SQL Language Service
"{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III
"{7F05E704-30A6-421A-97A7-8EEB1C7FF010}" = CorelDRAW Graphics SUite X4 - ICA
"{7F05E704-30A6-421A-97A7-8EEB1C7FF012}" = CorelDRAW Graphics Suite X4 - Capture
"{7F05E704-30A6-421A-97A7-8EEB1C7FF013}" = CorelDRAW Graphics Suite X4 - Draw
"{7F05E704-30A6-421A-97A7-8EEB1C7FF014}" = CorelDRAW Graphics Suite X4 - PP
"{7F05E704-30A6-421A-97A7-8EEB1C7FF016}" = CorelDRAW Graphics Suite X4 - Content
"{7F05E704-30A6-421A-97A7-8EEB1C7FF017}" = CorelDRAW Graphics Suite X4 - Filters
"{7F05E704-30A6-421A-97A7-8EEB1C7FF019}" = CorelDRAW Graphics Suite X4 - FontNav
"{7F05E704-30A6-421A-97A7-8EEB1C7FF100}" = CorelDRAW Graphics Suite X4 - Lang EN
"{80F7CA44-F3A5-4853-8BA6-DDF57CD4F078}" = Rosetta Stone Version 3
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DC069E7-893C-41E1-9442-DE89FEC33371}" = Xobni Core
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{943E4702-E767-47D8-801F-0C807BCC0601}_is1" = Microsoft Installer
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97B70991-5002-4241-8B0C-D74B8ADEB2B5}" = BlackBerry Desktop Software 7.1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D0798D0-AF6C-4E62-94B1-AEBF1A43E00A}" = CorelDRAW Graphics Suite X4 - IPM
"{9D3D8C60-A55F-4123-B2B9-173F09590E16}" = REALTEK Wireless LAN Driver
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC41D924-8C68-4BD5-A7A1-0AE4176C31A6}" = Crystal Reports for Visual Studio
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4)
"{ACE28263-76A4-4BF5-B6F4-8BD719595969}" = Microsoft SQL Server Database Publishing Wizard 1.4
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF88496B-4BBA-4922-97E9-2582D3A28358}" = Nokia Connectivity Cable Driver
"{B61D21B6-469D-4423-B161-62DB20B8A70E}" = Visual Basic for Applications ® Core - English
"{B78CFC07-B623-4995-ADCC-B2B4D59D083A}" = HTC Sync
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{BC0464FA-A0BA-3E38-85BF-DC5B3A401F48}" = Microsoft Visual Studio 2010 Ultimate - ENU
"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo
"{BF439B41-0252-48DE-8B8B-0430CB26A181}" = CorelDRAW Graphics Suite X4 - VBA
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C5DA59CF-2BB8-48D5-8E5B-17F2E0F0FEE4}" = System Requirements Lab for Intel
"{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser
"{C7231F7C-6530-4E65-ADA6-5B392CF5BEB1}" = Recovery Manager
"{CD9D0827-A6D6-4E2C-B31E-23F01577E27B}" = BlueStacks Notification Center
"{CE2DA11A-917F-4CF5-AB55-755EC115DD10}" = CorelDRAW® Graphics Suite X4 - Windows Shell Extension
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DB24A9E5-A068-43DD-88D0-B51BED3C0B99}" = Nokia Suite
"{DB81779E-7CC5-4630-BCFC-754004956444}" = Visual Basic for Applications ® Core
"{DF2035BE-5820-4965-BD97-7FAF8D4A7879}" = Microsoft_VC90_CRT_x86
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E44578C7-4667-4124-8BC2-1161BCA54978}" = HP Power Manager
"{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1" = Uniblue SpeedUpMyPC
"{E5AE9031-79A5-4627-9641-BEFA82819B08}" = Microsoft SQL Server 2008 R2 Data-Tier Application Project
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{E737A098-F161-4B6F-AF22-86AAE34F6FBD}" = Pro Evolution Soccer 2012
"{ED1BD69A-07E3-418C-91F1-D856582581BF}" = HP On Screen Display
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE202411-2C26-49E8-9784-1BC1DBF7DE96}" = HP Support Assistant
"{F025E1EC-CD19-4159-8E42-2CFB3E8BD599}_is1" = IFX DeskTop Quotes version 1.1
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote v. 4.2.2
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{Microsoft Student 2007_54A0E938-8390-489F-8F1A-563673334DFE}" = Microsoft Student 2007 for Learning Essentials
"7tsp_GUI" = 7tsp v0.3 Build(3003)
"8461-7759-5462-8226" = Vuze
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Airtel Mobile Internet" = Airtel Mobile Internet
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.14 (Unicode)
"BitComet_x64" = BitComet 1.32 64-bit
"BitTorrent" = BitTorrent
"BlackBerry_Desktop" = BlackBerry Desktop Software 7.1
"BlueStacks App Player" = BlueStacks App Player
"Cheatbook 10.2011" = Cheatbook 10.2011
"Comodo Dragon" = Comodo Dragon
"Driver Genius_is1" = Driver Genius
"DVD Decrypter" = DVD Decrypter (Remove Only)
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FLV Player" = FLV Player 2.0 (build 25)
"FX Graph 4_is1" = FX Graph 4
"Game Booster_is1" = Game Booster 3
"GLO 3G PLUS" = GLO 3G PLUS
"GLO NETPRO" = GLO NETPRO
"HxD Hex Editor_is1" = HxD Hex Editor version 1.7.7.0
"iCall 7.1.522" = iCall
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III
"Internet Download Manager" = Internet Download Manager
"JoeAdeoye Web Proxy 1.70" = JoeAdeoye Web Proxy 1.70
"KLiteCodecPack_is1" = K-Lite Codec Pack 9.5.5 (Full)
"MetaTrader - Finexo" = MetaTrader - Finexo
"Microsoft Visual Studio 2010 Ultimate - ENU" = Microsoft Visual Studio 2010 Ultimate - ENU
"Microsoft Visual Studio Macro Tools" = Microsoft Visual Studio Macro Tools
"mIRC" = mIRC
"Mortal Kombat 4_is1" = Mortal Kombat 4 - www.classic-gaming.net
"Mortal Kombat 5 5" = Mortal Kombat 5 5
"Mozilla Firefox 19.0.2 (x86 en-US)" = Mozilla Firefox 19.0.2 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP3 Cutter_is1" = MP3 Cutter 1.9
"NAV" = Norton AntiVirus
"Network Stumbler" = Network Stumbler 0.4.0 (remove only)
"Nmap" = Nmap 6.01
"Nokia Suite" = Nokia Suite
"Notepad++" = Notepad++
"NST" = Norton Identity Safe
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"Opera 12.11.1661" = Opera 12.11
"pcsx2-r4600" = PCSX2 - Playstation 2 Emulator
"PhotoScape" = PhotoScape
"Proxifier_is1" = Proxifier version 3.21
"Raptr" = Raptr
"ReadingFanatic_6xbar Uninstall" = ReadingFanatic Toolbar
"Resident Evil 4" = Resident Evil 4
"Scrabble™ Interactive 2009 Edition_is1" = Scrabble™ Interactive 2009 Edition
"Search Toolbar" = Search Toolbar
"SopCast" = SopCast 3.5.0
"SpeedBit Video Accelerator" = SpeedBit Video Accelerator
"Switch" = Switch Sound File Converter
"The Proxomitron - Universal Web Filter_is1" = The Proxomitron Ver. Naoko-4.5
"Total Video Converter 3.11_is1" = Total Video Converter 3.11
"TVUPlayer" = TVUPlayer 2.5.3.1
"UnLock Phone" = UnLock Phone 1.1
"Updater Service" = Updater Service
"Uploader" = Uploader
"uTorrent" = µTorrent
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 2.0.1
"Vuze Turbo Accelerator" = Vuze Turbo Accelerator
"WampServer 2_is1" = WampServer 2.0
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.2
"Wireshark" = Wireshark 1.8.2 (64-bit)
"WT087328" = Blackhawk Striker 2
"WT089308" = Blasterball 3
"WT089362" = Agatha Christie - Peril at End House
"WT089453" = Bejeweled 2 Deluxe
"WT089458" = Plants vs. Zombies - Game of the Year
"WT089470" = FATE - The Traitor Soul
"WT089484" = Namco All-Stars PAC-MAN
"WT089496" = Mystery P.I. - Stolen in San Francisco
"WT089498" = Bejeweled 3
"Wubi" = Linux Mint
"Wyzo" = Wyzo
"XobniMain" = Xobni
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
"Your_Deploy_0" = Your Freedom 20121126-01
"Zuma Deluxe RA" = Zuma Deluxe RA
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 16-Mar-13 11:56:10 | Computer Name = Shawlhar-HP | Source = Google Update | ID = 20
Description =
Error - 16-Mar-13 15:40:29 | Computer Name = Shawlhar-HP | Source = Google Update | ID = 20
Description =
Error - 17-Mar-13 00:43:42 | Computer Name = Shawlhar-HP | Source = Google Update | ID = 20
Description =
Error - 17-Mar-13 04:30:17 | Computer Name = Shawlhar-HP | Source = Google Update | ID = 20
Description =
Error - 17-Mar-13 05:56:09 | Computer Name = Shawlhar-HP | Source = Google Update | ID = 20
Description =
Error - 17-Mar-13 08:56:22 | Computer Name = Shawlhar-HP | Source = Google Update | ID = 20
Description =
Error - 17-Mar-13 11:56:07 | Computer Name = Shawlhar-HP | Source = Google Update | ID = 20
Description =
Error - 18-Mar-13 00:51:11 | Computer Name = Shawlhar-HP | Source = Google Update | ID = 20
Description =
Error - 18-Mar-13 03:08:01 | Computer Name = Shawlhar-HP | Source = Google Update | ID = 20
Description =
Error - 18-Mar-13 05:56:14 | Computer Name = Shawlhar-HP | Source = Google Update | ID = 20
Description =
Error - 18-Mar-13 08:56:09 | Computer Name = Shawlhar-HP | Source = Google Update | ID = 20
Description =
[ Hewlett-Packard Events ]
Error - 07-Jan-13 10:57:51 | Computer Name = Shawlhar-HP | Source = HPSF.exe | ID = 4000
Description =
Error - 07-Jan-13 10:59:32 | Computer Name = Shawlhar-HP | Source = HPSF.exe | ID = 4000
Description =
Error - 07-Jan-13 11:38:28 | Computer Name = Shawlhar-HP | Source = HPSF.exe | ID = 4000
Description =
Error - 07-Jan-13 11:38:43 | Computer Name = Shawlhar-HP | Source = HPSF.exe | ID = 4000
Description =
Error - 08-Jan-13 03:39:35 | Computer Name = Shawlhar-HP | Source = HPSF.exe | ID = 4000
Description =
Error - 08-Jan-13 03:40:25 | Computer Name = Shawlhar-HP | Source = HPSF.exe | ID = 4000
Description =
Error - 02-Feb-13 03:42:22 | Computer Name = Shawlhar-HP | Source = HPSFMsgr.exe | ID = 4000
Description = HP Error ID: -2147221164 at System.RuntimeTypeHandle.CreateInstance(RuntimeType
type, Boolean publicOnly, Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle&
ctor, Boolean& bNeedSecurityCheck) at System.RuntimeType.CreateInstanceSlow(Boolean
publicOnly, Boolean fillCache) at System.RuntimeType.CreateInstanceImpl(Boolean
publicOnly, Boolean skipVisibilityChecks, Boolean fillCache) at System.Activator.CreateInstance(Type
type, Boolean nonPublic) at HPSA_Messenger.MessengerCom.TrayDeskBand.isTaskbarDisplayed()
StackTrace:
at System.RuntimeTypeHandle.CreateInstance(RuntimeType type, Boolean publicOnly,
Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle& ctor, Boolean& bNeedSecurityCheck)
at System.RuntimeType.CreateInstanceSlow(Boolean publicOnly, Boolean fillCache)
at System.RuntimeType.CreateInstanceImpl(Boolean publicOnly, Boolean skipVisibilityChecks,
Boolean fillCache) at System.Activator.CreateInstance(Type type, Boolean nonPublic)
at HPSA_Messenger.MessengerCom.TrayDeskBand.isTaskbarDisplayed() Source: mscorlib
Name:
HPSFMsgr.exe Version: 01.00.00.00 Path: C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe Format: en-US RAM: 3893 Ram
Utilization: 40 TargetSite: System.Object CreateInstance(System.RuntimeType, Boolean,
Boolean, Boolean ByRef, System.RuntimeMethodHandle ByRef, Boolean ByRef)
Error - 10-Feb-13 13:57:41 | Computer Name = Shawlhar-HP | Source = HPSFMsgr.exe | ID = 4000
Description = HP Error ID: -2147221164 at System.RuntimeTypeHandle.CreateInstance(RuntimeType
type, Boolean publicOnly, Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle&
ctor, Boolean& bNeedSecurityCheck) at System.RuntimeType.CreateInstanceSlow(Boolean
publicOnly, Boolean fillCache) at System.RuntimeType.CreateInstanceImpl(Boolean
publicOnly, Boolean skipVisibilityChecks, Boolean fillCache) at System.Activator.CreateInstance(Type
type, Boolean nonPublic) at HPSA_Messenger.MessengerCom.TrayDeskBand.isTaskbarDisplayed()
StackTrace:
at System.RuntimeTypeHandle.CreateInstance(RuntimeType type, Boolean publicOnly,
Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle& ctor, Boolean& bNeedSecurityCheck)
at System.RuntimeType.CreateInstanceSlow(Boolean publicOnly, Boolean fillCache)
at System.RuntimeType.CreateInstanceImpl(Boolean publicOnly, Boolean skipVisibilityChecks,
Boolean fillCache) at System.Activator.CreateInstance(Type type, Boolean nonPublic)
at HPSA_Messenger.MessengerCom.TrayDeskBand.isTaskbarDisplayed() Source: mscorlib
Name:
HPSFMsgr.exe Version: 01.00.00.00 Path: C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe Format: en-US RAM: 3893 Ram
Utilization: 40 TargetSite: System.Object CreateInstance(System.RuntimeType, Boolean,
Boolean, Boolean ByRef, System.RuntimeMethodHandle ByRef, Boolean ByRef)
Error - 16-Feb-13 04:26:13 | Computer Name = Shawlhar-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Message:
Object reference not set to an instance of an object. StackTrace: at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Source:
HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US RAM: 3893
Ram
Utilization: 50 TargetSite: HP.SupportFramework.HPSFReporting._Property[] AddNavigationProperties()
Error - 16-Feb-13 08:12:08 | Computer Name = Shawlhar-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Message:
Object reference not set to an instance of an object. StackTrace: at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Source:
HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US RAM: 3893
Ram
Utilization: 50 TargetSite: HP.SupportFramework.HPSFReporting._Property[] AddNavigationProperties()
[ HP Wireless Assistant Events ]
Error - 13-Feb-13 03:07:51 | Computer Name = Shawlhar-HP | Source = HP WA Application | ID = 0
Description = MainWindow.ShowImpl; not initialized, closing application...
Error - 13-Feb-13 07:41:55 | Computer Name = Shawlhar-HP | Source = HP WA Service | ID = 0
Description = System.TypeInitializationException The type initializer for 'hpCASL.ChpCaslWireless'
threw an exception. at hpCASL.ChpCaslWireless..ctor() at HP_Common.CaslWrapper.get_CaslWireless()
at HP_Common.CaslWrapper.GetDeviceInfo(List`1& radioList) at HPPA_Service.CurrentConfiguration.ReloadRadioList()
Error - 13-Feb-13 07:41:55 | Computer Name = Shawlhar-HP | Source = HP WA Service | ID = 0
Description = System.TypeInitializationException The type initializer for 'hpCASL.ChpCASL'
threw an exception. at hpCASL.ChpCASL.c()
Error - 13-Feb-13 07:41:55 | Computer Name = Shawlhar-HP | Source = HP WA Service | ID = 0
Description = System.Exception Calling process C:\Program Files\Hewlett-Packard\HP
Wireless Assistant\HPWA_Service.exe does not have a valid signature. HP CASL loading
aborted at hpCASL.ChpCASL.a()
Error - 13-Feb-13 07:41:55 | Computer Name = Shawlhar-HP | Source = HP WA Service | ID = 0
Description = System.TypeInitializationException The type initializer for 'hpCASL.ChpCaslEvents'
threw an exception. at hpCASL.ChpCaslEvents..ctor() at HP_Common.CaslWrapper.Register(EventArrivedEventHandler
handler) at HPPA_Service.CurrentConfiguration..ctor()
Error - 13-Feb-13 07:41:55 | Computer Name = Shawlhar-HP | Source = HP WA Service | ID = 0
Description = System.TypeInitializationException The type initializer for 'hpCASL.ChpCASL'
threw an exception. at hpCASL.ChpCASL.c()
Error - 13-Feb-13 07:41:55 | Computer Name = Shawlhar-HP | Source = HP WA Service | ID = 0
Description = System.Exception Calling process C:\Program Files\Hewlett-Packard\HP
Wireless Assistant\HPWA_Service.exe does not have a valid signature. HP CASL loading
aborted at hpCASL.ChpCASL.a()
Error - 13-Feb-13 07:42:01 | Computer Name = Shawlhar-HP | Source = HP WA Service | ID = 0
Description = System.TypeInitializationException ServiceWorkerMethod ABORTED! - The
type initializer for 'hpCASL.ChpCaslSystem' threw an exception. at hpCASL.ChpCaslSystem..ctor()
at HP_Common.CaslWrapper.GetSystemID(String& systemID) at HPPA_Service.CurrentConfiguration..ctor()
at HPPA_Service.HPPA_Service.ServiceWorkerMethod()
Error - 13-Feb-13 07:42:01 | Computer Name = Shawlhar-HP | Source = HP WA Service | ID = 0
Description = System.TypeInitializationException ServiceWorkerMethod ABORTED! - The
type initializer for 'hpCASL.ChpCASL' threw an exception. at hpCASL.ChpCASL.c()
Error - 13-Feb-13 07:42:01 | Computer Name = Shawlhar-HP | Source = HP WA Service | ID = 0
Description = System.Exception ServiceWorkerMethod ABORTED! - Calling process C:\Program
Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe does not have a valid
signature. HP CASL loading aborted at hpCASL.ChpCASL.a()
[ Media Center Events ]
Error - 24-Oct-12 19:26:37 | Computer Name = Shawlhar-HP | Source = MCUpdate | ID = 0
Description = 00:26:36 - Error connecting to the internet. 00:26:36 - Unable
to contact server..
Error - 29-Oct-12 01:56:59 | Computer Name = Shawlhar-HP | Source = MCUpdate | ID = 0
Description = 06:56:59 - Error connecting to the internet. 06:56:59 - Unable
to contact server..
Error - 05-Nov-12 22:48:17 | Computer Name = Shawlhar-HP | Source = MCUpdate | ID = 0
Description = 03:48:16 - Error connecting to the internet. 03:48:17 - Unable
to contact server..
Error - 12-Nov-12 03:06:29 | Computer Name = Shawlhar-HP | Source = MCUpdate | ID = 0
Description = 08:06:27 - Error connecting to the internet. 08:06:27 - Unable
to contact server..
Error - 19-Nov-12 03:42:40 | Computer Name = Shawlhar-HP | Source = MCUpdate | ID = 0
Description = 08:42:39 - Error connecting to the internet. 08:42:39 - Unable
to contact server..
Error - 26-Nov-12 18:11:55 | Computer Name = Shawlhar-HP | Source = MCUpdate | ID = 0
Description = 23:11:54 - Error connecting to the internet. 23:11:55 - Unable
to contact server..
Error - 01-Dec-12 23:07:27 | Computer Name = Shawlhar-HP | Source = MCUpdate | ID = 0
Description = 04:06:41 - Error connecting to the internet. 04:06:47 - Unable
to contact server..
Error - 09-Dec-12 05:15:12 | Computer Name = Shawlhar-HP | Source = MCUpdate | ID = 0
Description = 10:15:11 - Error connecting to the internet. 10:15:11 - Unable
to contact server..
Error - 14-Dec-12 08:31:50 | Computer Name = Shawlhar-HP | Source = MCUpdate | ID = 0
Description = 13:31:49 - Error connecting to the internet. 13:31:49 - Unable
to contact server..
Error - 27-Dec-12 08:10:49 | Computer Name = Shawlhar-HP | Source = MCUpdate | ID = 0
Description = 13:10:49 - Error connecting to the internet. 13:10:49 - Unable
to contact server..
[ System Events ]
Error - 15-Mar-13 21:58:59 | Computer Name = Shawlhar-HP | Source = Service Control Manager | ID = 7000
Description = The Intel® Rapid Storage Technology service failed to start due
to the following error: %%1053
Error - 15-Mar-13 22:01:36 | Computer Name = Shawlhar-HP | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = WLAN Extensibility Module has failed to start. Module Path: C:\Windows\system32\Rtlihvs.dll
Error
Code: 126
Error - 15-Mar-13 22:01:55 | Computer Name = Shawlhar-HP | Source = Service Control Manager | ID = 7023
Description = The BlueStacks Android Service service terminated with the following
error: %%1064
Error - 15-Mar-13 22:12:23 | Computer Name = Shawlhar-HP | Source = Service Control Manager | ID = 7022
Description = The Windows Update service hung on starting.
Error - 15-Mar-13 22:34:24 | Computer Name = Shawlhar-HP | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR10.
Error - 16-Mar-13 07:38:25 | Computer Name = Shawlhar-HP | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the SysMain service.
Error - 16-Mar-13 08:09:52 | Computer Name = Shawlhar-HP | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR31.
Error - 17-Mar-13 07:01:22 | Computer Name = Shawlhar-HP | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR96.
Error - 18-Mar-13 00:50:43 | Computer Name = Shawlhar-HP | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the HWDeviceService64.exe service.
Error - 18-Mar-13 11:45:28 | Computer Name = Shawlhar-HP | Source = ipnathlp | ID = 31004
Description =
< End of report >
PS:the system seems to gain a little speed once i keep it on for a while but it slips back once i restart or wake it from hibernation.
Sign In
Create Account
