I have uninstalled software from my computer to see if I can make it run faster but for some reason it still seems to be slow. Anytime I check in task manager it seems im running most of my RAM. I have 2 gb of Ram and its always around 1.47 when Im just on the internet.
I ran a virus scan and it doesn't show any viruses found, so I thought that maybe I have a lot of programs but even after removing a lot, I still have high usage, CPU sometime will be running at 100% when I run programs or video from Youtube.
Here are the OTL Logs as of yesterday night. I appreciate the help.
**OTL**
*******
OTL logfile created on: 9/4/2013 10:14:35 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Da Biz\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.75 Gb Total Physical Memory | 0.72 Gb Available Physical Memory | 41.27% Memory free
3.49 Gb Paging File | 1.89 Gb Available in Paging File | 54.24% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 164.23 Gb Total Space | 36.64 Gb Free Space | 22.31% Space Free | Partition Type: NTFS
Computer Name: 9G-HP | User Name: 9g | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - File not found --
PRC - [2013/08/29 19:19:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Da Biz\Downloads\OTL.exe
PRC - [2013/08/20 08:45:47 | 000,276,376 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/08/14 11:10:26 | 003,291,008 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013/04/16 03:09:06 | 000,233,048 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
PRC - [2013/04/16 03:07:08 | 000,039,056 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2011/03/28 17:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2010/06/29 19:00:08 | 000,027,192 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2010/05/21 01:28:36 | 000,140,272 | ---- | M] (CinemaNow, Inc.) -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
PRC - [2010/02/28 03:33:14 | 000,077,664 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE
PRC - [2009/12/02 23:23:38 | 000,209,768 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2009/12/02 23:23:32 | 000,483,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
========== Modules (No Company Name) ==========
MOD - [2013/08/20 08:45:45 | 003,551,640 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2010/02/28 03:33:14 | 000,077,664 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE
========== Services (SafeList) ==========
SRV:64bit: - [2010/09/20 01:56:00 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/06/18 16:26:18 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service)
SRV:64bit: - [2010/04/19 18:55:18 | 000,315,392 | ---- | M] (Realtek Semiconductor Corp.) [Auto | Running] -- C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe -- (RtVOsdService)
SRV:64bit: - [2009/11/17 19:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV:64bit: - [2009/07/13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/08/20 08:45:46 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/08/14 11:10:26 | 003,291,008 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013/07/26 21:29:22 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/04/16 03:07:08 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2013/02/28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/09/09 17:10:28 | 000,086,072 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2011/03/28 17:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010/06/29 19:00:08 | 000,027,192 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2010/05/21 01:28:36 | 000,140,272 | ---- | M] (CinemaNow, Inc.) [Auto | Running] -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe -- (CinemaNow Service)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/12/02 23:23:38 | 000,209,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2009/12/02 23:23:32 | 000,483,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013/09/02 19:51:21 | 000,016,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SWDUMon.sys -- (SWDUMon)
DRV:64bit: - [2013/04/11 11:06:54 | 000,039,504 | ---- | M] (ThreatTrack Security) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gfiark.sys -- (gfiark)
DRV:64bit: - [2013/04/09 19:38:05 | 000,014,456 | ---- | M] (GFI Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\gfibto.sys -- (gfibto)
DRV:64bit: - [2012/02/29 23:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/01/09 11:31:02 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2011/08/24 21:43:54 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2011/08/24 21:43:54 | 000,095,544 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2011/06/01 22:47:22 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2011/06/01 22:47:22 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:64bit: - [2011/06/01 22:47:22 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV:64bit: - [2011/05/22 16:44:12 | 000,020,752 | ---- | M] (Mobile Stream) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\easytthr.sys -- (easytether)
DRV:64bit: - [2010/12/20 22:55:02 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2010/11/20 06:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 04:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 02:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/09/20 02:14:16 | 007,767,552 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/09/20 01:21:04 | 000,279,040 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/04/22 18:17:40 | 000,318,000 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/03/22 18:57:20 | 000,347,680 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/03/02 16:45:24 | 001,594,368 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/12/22 02:26:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2009/12/02 23:23:38 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2009/12/02 23:23:34 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2009/12/02 23:23:32 | 000,269,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2009/12/02 23:23:26 | 000,721,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2009/11/03 08:24:36 | 000,062,976 | ---- | M] (Beceem communications pvt ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BcmBusCtr_64.sys -- (bcmbusctr)
DRV:64bit: - [2009/11/03 07:01:04 | 000,318,336 | ---- | M] (Beceem communications pvt ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\drxvi314_64.sys -- (bcm)
DRV:64bit: - [2009/10/07 19:13:34 | 000,070,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/10/07 19:13:34 | 000,028,728 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/08/23 18:55:32 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 14:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 14:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 14:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 13:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 13:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/10 13:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {D600B306-325B-40F5-AF98-21458FD9C998}
IE:64bit: - HKLM\..\SearchScopes\{50A20F84-1F9C-4921-BA37-E1A2D92EC263}: "URL" = http://www.ask.com/w...}&l=dis&o=uscql
IE:64bit: - HKLM\..\SearchScopes\{9D2F7462-C565-4F93-B43B-CDF7F306DBA4}: "URL" = http://search.yahoo....psg&type=CPNTDF
IE:64bit: - HKLM\..\SearchScopes\{B5BED05A-A16A-469A-BB12-4A140BCC4DA7}: "URL" = http://en.wikipedia....h={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{D600B306-325B-40F5-AF98-21458FD9C998}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {D600B306-325B-40F5-AF98-21458FD9C998}
IE - HKLM\..\SearchScopes\{50A20F84-1F9C-4921-BA37-E1A2D92EC263}: "URL" = http://www.ask.com/w...}&l=dis&o=uscql
IE - HKLM\..\SearchScopes\{9D2F7462-C565-4F93-B43B-CDF7F306DBA4}: "URL" = http://search.yahoo....psg&type=CPNTDF
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...371934233128142
IE - HKLM\..\SearchScopes\{B5BED05A-A16A-469A-BB12-4A140BCC4DA7}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKLM\..\SearchScopes\{D600B306-325B-40F5-AF98-21458FD9C998}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-696807009-2496342843-4138137113-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/CQNOT/1
IE - HKU\S-1-5-21-696807009-2496342843-4138137113-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/CQNOT/1
IE - HKU\S-1-5-21-696807009-2496342843-4138137113-1000\..\SearchScopes,DefaultScope = {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
IE - HKU\S-1-5-21-696807009-2496342843-4138137113-1000\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://lavasoft.blek...q={searchTerms}
IE - HKU\S-1-5-21-696807009-2496342843-4138137113-1000\..\SearchScopes\{50A20F84-1F9C-4921-BA37-E1A2D92EC263}: "URL" = http://www.ask.com/w...}&l=dis&o=uscql
IE - HKU\S-1-5-21-696807009-2496342843-4138137113-1000\..\SearchScopes\{9D2F7462-C565-4F93-B43B-CDF7F306DBA4}: "URL" = http://search.yahoo....psg&type=CPNTDF
IE - HKU\S-1-5-21-696807009-2496342843-4138137113-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...371934233128142
IE - HKU\S-1-5-21-696807009-2496342843-4138137113-1000\..\SearchScopes\{B5BED05A-A16A-469A-BB12-4A140BCC4DA7}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKU\S-1-5-21-696807009-2496342843-4138137113-1000\..\SearchScopes\{D600B306-325B-40F5-AF98-21458FD9C998}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKU\S-1-5-21-696807009-2496342843-4138137113-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-696807009-2496342843-4138137113-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-696807009-2496342843-4138137113-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/CQNOT/1
IE - HKU\S-1-5-21-696807009-2496342843-4138137113-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-696807009-2496342843-4138137113-1001\..\SearchScopes,DefaultScope = {D600B306-325B-40F5-AF98-21458FD9C998}
IE - HKU\S-1-5-21-696807009-2496342843-4138137113-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.2.32: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.2.32: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@skyhookwireless.com/LokiPlugin,version=3.1.0.05: C:\Program Files (x86)\Skyhook Wireless\Loki ActiveX Component\versions\3.1.0.05\loki.dll (Skyhook Wireless)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}: C:\Program Files (x86)\PremierOpinion\firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FCE04E1F-9378-4f39-96F6-5689A9159E45}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/06/29 08:14:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/08/20 08:45:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
[2013/08/26 15:18:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\9g\AppData\Roaming\Mozilla\Extensions
[2013/05/15 14:09:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\9g\AppData\Roaming\Mozilla\Firefox\Profiles\dgnjckca.default\extensions
[2013/05/15 14:09:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\9g\AppData\Roaming\Mozilla\Firefox\Profiles\dgnjckca.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
[2013/08/20 08:45:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/08/21 18:01:19 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/08/20 08:45:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2013/08/20 08:45:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/08/21 18:01:19 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/08/20 08:45:48 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/04/09 19:41:32 | 000,000,628 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\adawaretb.xml
========== Chrome ==========
CHR - default_search_provider: SecureSearch (Enabled)
CHR - default_search_provider: search_url = http://lavasoft.blek...q={searchTerms}
CHR - default_search_provider: suggest_url =
CHR - homepage: http://securesearch....E39915164D13997
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.62\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.62\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.62\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java Platform SE 6 U33 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
CHR - plugin: Java Deployment Toolkit 6.0.330.5 (Enabled) = C:\Windows\SysWOW64\npdeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
CHR - Extension: RealDownloader = C:\Users\9g\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.2_0\
CHR - Extension: Skype Click to Call = C:\Users\9g\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.11.0.13348_0\
CHR - Extension: Chrome In-App Payments service = C:\Users\9g\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\
O1 HOSTS File: ([2009/06/10 14:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKU\S-1-5-21-696807009-2496342843-4138137113-1000\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKU\S-1-5-21-696807009-2496342843-4138137113-1001\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKU\S-1-5-21-696807009-2496342843-4138137113-1001\..\Toolbar\WebBrowser: (no name) - {F0E59437-6148-4A98-B0A6-60D557EF57F4} - No CLSID value found.
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-696807009-2496342843-4138137113-1001..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
O4 - HKU\.DEFAULT..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft....?LinkID=122915" /build:7601 File not found
O4 - HKU\S-1-5-18..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft....?LinkID=122915" /build:7601 File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.appl...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.21.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 68.105.28.11 68.105.29.11 68.105.28.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{091E1DEF-1170-4B1E-A111-D77334E86474}: DhcpNameServer = 8.8.8.8 8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0D04A0FC-3742-4DD7-99AD-8C633B5A0934}: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BD67B5E6-FB7E-4458-8651-A2D0043C59BF}: DhcpNameServer = 192.168.2.1 68.105.28.11 68.105.29.11 68.105.28.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E9E95B24-B8D2-4FBB-987B-15DD40F41CA2}: DhcpNameServer = 66.233.169.12 64.13.115.12
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013/08/28 18:03:53 | 000,000,000 | ---D | C] -- C:\Users\9g\Documents\My Recordings
[2013/08/27 22:09:58 | 000,000,000 | ---D | C] -- C:\Users\9g\Documents\New folder
[2013/08/26 15:14:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2013/08/24 23:10:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
[2013/08/24 23:10:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2013/08/24 23:07:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2013/08/24 23:07:03 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2013/08/24 23:07:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2013/08/20 08:45:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
========== Files - Modified Within 30 Days ==========
[2013/09/04 22:11:36 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/09/04 22:11:36 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/09/04 22:01:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/09/04 21:34:07 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/09/04 21:34:07 | 000,000,404 | ---- | M] () -- C:\Windows\tasks\SlimDrivers Startup.job
[2013/09/04 21:33:56 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/09/04 21:33:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/09/03 10:53:51 | 000,780,132 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/09/03 10:53:51 | 000,660,974 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/09/03 10:53:51 | 000,121,612 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/09/03 08:01:24 | 1405,276,160 | -HS- | M] () -- C:\hiberfil.sys
[2013/09/02 19:51:21 | 000,016,152 | ---- | M] () -- C:\Windows\SysNative\drivers\SWDUMon.sys
========== Files Created - No Company Name ==========
[2013/08/24 23:07:20 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2013/05/23 22:38:02 | 000,005,144 | ---- | C] () -- C:\Users\9g\.recently-used.xbel
[2013/05/14 19:07:54 | 000,007,610 | ---- | C] () -- C:\Users\9g\AppData\Local\Resmon.ResmonCfg
[2013/03/04 14:55:21 | 000,002,984 | ---- | C] () -- C:\Users\9g\photorec.cfg
[2012/12/30 12:21:23 | 000,004,608 | ---- | C] () -- C:\Users\9g\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/14 15:22:27 | 000,773,980 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/10/11 17:23:53 | 000,060,864 | ---- | C] () -- C:\Users\9g\g2mdlhlpx.exe
[2011/10/11 16:26:16 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/10/11 16:18:29 | 000,000,282 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog2.ini
[2011/10/11 16:18:29 | 000,000,223 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog.ini
========== ZeroAccess Check ==========
[2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/26 22:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/26 21:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 05:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013/04/10 16:29:29 | 000,000,000 | ---D | M] -- C:\Users\9g\AppData\Roaming\Ad-Aware Antivirus
[2013/02/19 20:42:33 | 000,000,000 | ---D | M] -- C:\Users\9g\AppData\Roaming\Article Marketing Robot
[2012/01/16 18:28:57 | 000,000,000 | ---D | M] -- C:\Users\9g\AppData\Roaming\ConverterLite
[2012/01/16 18:27:21 | 000,000,000 | ---D | M] -- C:\Users\9g\AppData\Roaming\DVDVideoSoft
[2013/05/23 22:38:02 | 000,000,000 | ---D | M] -- C:\Users\9g\AppData\Roaming\gtk-2.0
[2012/05/16 13:10:50 | 000,000,000 | ---D | M] -- C:\Users\9g\AppData\Roaming\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1
[2011/10/17 15:36:48 | 000,000,000 | ---D | M] -- C:\Users\9g\AppData\Roaming\OpenOffice.org
[2012/05/20 21:03:45 | 000,000,000 | ---D | M] -- C:\Users\9g\AppData\Roaming\redsn0w
[2013/04/09 19:41:31 | 000,000,000 | ---D | M] -- C:\Users\9g\AppData\Roaming\SecureSearch
[2013/08/26 16:19:53 | 000,000,000 | ---D | M] -- C:\Users\9g\AppData\Roaming\SoftGrid Client
[2013/03/18 13:17:24 | 000,000,000 | ---D | M] -- C:\Users\9g\AppData\Roaming\TestApp
[2011/12/14 15:24:40 | 000,000,000 | ---D | M] -- C:\Users\9g\AppData\Roaming\TP
[2013/02/19 16:51:30 | 000,000,000 | ---D | M] -- C:\Users\9g\AppData\Roaming\TuneUp Software
[2012/05/22 16:34:40 | 000,000,000 | ---D | M] -- C:\Users\9g\AppData\Roaming\Youtube Downloader HD
[2012/09/18 22:38:30 | 000,000,000 | ---D | M] -- C:\Users\9g\AppData\Roaming\Youtube to MP3 Converter
[2013/01/31 12:27:56 | 000,000,000 | ---D | M] -- C:\Users\Da Biz\AppData\Roaming\gtk-2.0
[2013/02/22 08:51:45 | 000,000,000 | ---D | M] -- C:\Users\Da Biz\AppData\Roaming\Iminent
[2013/05/17 22:13:32 | 000,000,000 | ---D | M] -- C:\Users\Da Biz\AppData\Roaming\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1
[2012/03/07 19:07:14 | 000,000,000 | ---D | M] -- C:\Users\Da Biz\AppData\Roaming\OpenOffice.org
[2012/08/16 23:43:20 | 000,000,000 | ---D | M] -- C:\Users\Da Biz\AppData\Roaming\Opera
[2013/08/29 19:31:53 | 000,000,000 | ---D | M] -- C:\Users\Da Biz\AppData\Roaming\SanDisk SecureAccess
[2013/09/04 10:10:48 | 000,000,000 | ---D | M] -- C:\Users\Da Biz\AppData\Roaming\SoftGrid Client
[2012/04/17 10:37:10 | 000,000,000 | ---D | M] -- C:\Users\Da Biz\AppData\Roaming\WildTangent
[2012/08/12 07:24:20 | 000,000,000 | ---D | M] -- C:\Users\Da Biz\AppData\Roaming\Youtube Downloader HD
[2013/03/20 10:09:15 | 000,000,000 | ---D | M] -- C:\Users\Da Biz\AppData\Roaming\Youtube to MP3 Converter
[2013/03/08 13:52:23 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software
[2013/03/08 13:52:23 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software
[2013/09/01 12:47:28 | 000,000,000 | ---D | M] -- C:\Users\Test\AppData\Roaming\gtk-2.0
[2013/08/26 16:42:00 | 000,000,000 | ---D | M] -- C:\Users\Test\AppData\Roaming\SoftGrid Client
[2013/03/08 13:52:23 | 000,000,000 | ---D | M] -- C:\Users\Test\AppData\Roaming\TuneUp Software
========== Purity Check ==========
========== Custom Scans ==========
< MD5 for: EXPLORER.EXE >
[2010/11/20 05:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SysWOW64\explorer.exe
[2010/11/20 05:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2010/11/20 06:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\explorer.exe
[2010/11/20 06:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
< MD5 for: SVCHOST.EXE >
[2009/07/13 18:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 18:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/13 18:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/13 18:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: USERINIT.EXE >
[2010/11/20 05:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 05:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/20 06:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 06:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010/11/20 06:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 06:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
< dir C:\ /S /A:L /C >
Volume in drive C has no label.
Volume Serial Number is 9424-07A7
Directory of C:\
07/13/2009 10:08 PM <JUNCTION> Documents and Settings [C:\Users]
0 File(s) 0 bytes
Directory of C:\ProgramData
07/13/2009 10:08 PM <JUNCTION> Application Data [C:\ProgramData]
07/13/2009 10:08 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
07/13/2009 10:08 PM <JUNCTION> Documents [C:\Users\Public\Documents]
07/13/2009 10:08 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
07/13/2009 10:08 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/13/2009 10:08 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users
07/13/2009 10:08 PM <SYMLINKD> All Users [C:\ProgramData]
07/13/2009 10:08 PM <JUNCTION> Default User [C:\Users\Default]
0 File(s) 0 bytes
Directory of C:\Users\9g
10/11/2011 05:01 PM <JUNCTION> Application Data [C:\Users\9g\AppData\Roaming]
10/11/2011 05:01 PM <JUNCTION> Cookies [C:\Users\9g\AppData\Roaming\Microsoft\Windows\Cookies]
10/11/2011 05:01 PM <JUNCTION> Local Settings [C:\Users\9g\AppData\Local]
10/11/2011 05:01 PM <JUNCTION> My Documents [C:\Users\9g\Documents]
10/11/2011 05:01 PM <JUNCTION> NetHood [C:\Users\9g\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
10/11/2011 05:01 PM <JUNCTION> PrintHood [C:\Users\9g\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
10/11/2011 05:01 PM <JUNCTION> Recent [C:\Users\9g\AppData\Roaming\Microsoft\Windows\Recent]
10/11/2011 05:01 PM <JUNCTION> SendTo [C:\Users\9g\AppData\Roaming\Microsoft\Windows\SendTo]
10/11/2011 05:01 PM <JUNCTION> Start Menu [C:\Users\9g\AppData\Roaming\Microsoft\Windows\Start Menu]
10/11/2011 05:01 PM <JUNCTION> Templates [C:\Users\9g\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\9g\AppData\Local
10/11/2011 05:01 PM <JUNCTION> Application Data [C:\Users\9g\AppData\Local]
10/11/2011 05:01 PM <JUNCTION> History [C:\Users\9g\AppData\Local\Microsoft\Windows\History]
10/11/2011 05:01 PM <JUNCTION> Temporary Internet Files [C:\Users\9g\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\9g\AppData\LocalLow
06/14/2012 06:24 PM <JUNCTION> PlayReady [C:\ProgramData\Microsoft\PlayReady]
0 File(s) 0 bytes
Directory of C:\Users\9g\Documents
10/11/2011 05:01 PM <JUNCTION> My Music [C:\Users\9g\Music]
10/11/2011 05:01 PM <JUNCTION> My Pictures [C:\Users\9g\Pictures]
10/11/2011 05:01 PM <JUNCTION> My Videos [C:\Users\9g\Videos]
0 File(s) 0 bytes
Directory of C:\Users\All Users
07/13/2009 10:08 PM <JUNCTION> Application Data [C:\ProgramData]
07/13/2009 10:08 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
07/13/2009 10:08 PM <JUNCTION> Documents [C:\Users\Public\Documents]
07/13/2009 10:08 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
07/13/2009 10:08 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/13/2009 10:08 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Da Biz
02/10/2012 10:28 PM <JUNCTION> Application Data [C:\Users\Da Biz\AppData\Roaming]
02/10/2012 10:28 PM <JUNCTION> Cookies [C:\Users\Da Biz\AppData\Roaming\Microsoft\Windows\Cookies]
02/10/2012 10:28 PM <JUNCTION> Local Settings [C:\Users\Da Biz\AppData\Local]
02/10/2012 10:28 PM <JUNCTION> My Documents [C:\Users\Da Biz\Documents]
02/10/2012 10:28 PM <JUNCTION> NetHood [C:\Users\Da Biz\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
02/10/2012 10:28 PM <JUNCTION> PrintHood [C:\Users\Da Biz\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
02/10/2012 10:28 PM <JUNCTION> Recent [C:\Users\Da Biz\AppData\Roaming\Microsoft\Windows\Recent]
02/10/2012 10:28 PM <JUNCTION> SendTo [C:\Users\Da Biz\AppData\Roaming\Microsoft\Windows\SendTo]
02/10/2012 10:28 PM <JUNCTION> Start Menu [C:\Users\Da Biz\AppData\Roaming\Microsoft\Windows\Start Menu]
02/10/2012 10:28 PM <JUNCTION> Templates [C:\Users\Da Biz\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Da Biz\AppData\Local
02/10/2012 10:28 PM <JUNCTION> Application Data [C:\Users\Da Biz\AppData\Local]
02/10/2012 10:28 PM <JUNCTION> History [C:\Users\Da Biz\AppData\Local\Microsoft\Windows\History]
02/10/2012 10:28 PM <JUNCTION> Temporary Internet Files [C:\Users\Da Biz\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Da Biz\Documents
02/10/2012 10:28 PM <JUNCTION> My Music [C:\Users\Da Biz\Music]
02/10/2012 10:28 PM <JUNCTION> My Pictures [C:\Users\Da Biz\Pictures]
02/10/2012 10:28 PM <JUNCTION> My Videos [C:\Users\Da Biz\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Default
07/13/2009 10:08 PM <JUNCTION> Application Data [C:\Users\Default\AppData\Roaming]
07/13/2009 10:08 PM <JUNCTION> Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies]
07/13/2009 10:08 PM <JUNCTION> Local Settings [C:\Users\Default\AppData\Local]
07/13/2009 10:08 PM <JUNCTION> My Documents [C:\Users\Default\Documents]
07/13/2009 10:08 PM <JUNCTION> NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
07/13/2009 10:08 PM <JUNCTION> PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
07/13/2009 10:08 PM <JUNCTION> Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
07/13/2009 10:08 PM <JUNCTION> SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
07/13/2009 10:08 PM <JUNCTION> Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
07/13/2009 10:08 PM <JUNCTION> Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default\AppData\Local
07/13/2009 10:08 PM <JUNCTION> Application Data [C:\Users\Default\AppData\Local]
07/13/2009 10:08 PM <JUNCTION> History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
07/13/2009 10:08 PM <JUNCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Default\Documents
07/13/2009 10:08 PM <JUNCTION> My Music [C:\Users\Default\Music]
07/13/2009 10:08 PM <JUNCTION> My Pictures [C:\Users\Default\Pictures]
07/13/2009 10:08 PM <JUNCTION> My Videos [C:\Users\Default\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Public\Documents
07/13/2009 10:08 PM <JUNCTION> My Music [C:\Users\Public\Music]
07/13/2009 10:08 PM <JUNCTION> My Pictures [C:\Users\Public\Pictures]
07/13/2009 10:08 PM <JUNCTION> My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Test
08/24/2013 11:16 PM <JUNCTION> Application Data [C:\Users\Test\AppData\Roaming]
08/24/2013 11:16 PM <JUNCTION> Cookies [C:\Users\Test\AppData\Roaming\Microsoft\Windows\Cookies]
08/24/2013 11:16 PM <JUNCTION> Local Settings [C:\Users\Test\AppData\Local]
08/24/2013 11:16 PM <JUNCTION> My Documents [C:\Users\Test\Documents]
08/24/2013 11:16 PM <JUNCTION> NetHood [C:\Users\Test\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
08/24/2013 11:16 PM <JUNCTION> PrintHood [C:\Users\Test\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
08/24/2013 11:16 PM <JUNCTION> Recent [C:\Users\Test\AppData\Roaming\Microsoft\Windows\Recent]
08/24/2013 11:16 PM <JUNCTION> SendTo [C:\Users\Test\AppData\Roaming\Microsoft\Windows\SendTo]
08/24/2013 11:16 PM <JUNCTION> Start Menu [C:\Users\Test\AppData\Roaming\Microsoft\Windows\Start Menu]
08/24/2013 11:16 PM <JUNCTION> Templates [C:\Users\Test\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Test\AppData\Local
08/24/2013 11:16 PM <JUNCTION> Application Data [C:\Users\Test\AppData\Local]
08/24/2013 11:16 PM <JUNCTION> History [C:\Users\Test\AppData\Local\Microsoft\Windows\History]
08/24/2013 11:16 PM <JUNCTION> Temporary Internet Files [C:\Users\Test\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Test\Documents
08/24/2013 11:16 PM <JUNCTION> My Music [C:\Users\Test\Music]
08/24/2013 11:16 PM <JUNCTION> My Pictures [C:\Users\Test\Pictures]
08/24/2013 11:16 PM <JUNCTION> My Videos [C:\Users\Test\Videos]
0 File(s) 0 bytes
Total Files Listed:
0 File(s) 0 bytes
83 Dir(s) 39,336,456,192 bytes free
< End of report >
--------------------------------------------------------------------
***********
Extras Log*
***********
OTL Extras logfile created on: 9/4/2013 10:14:35 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Da Biz\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.75 Gb Total Physical Memory | 0.72 Gb Available Physical Memory | 41.27% Memory free
3.49 Gb Paging File | 1.89 Gb Available in Paging File | 54.24% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 164.23 Gb Total Space | 36.64 Gb Free Space | 22.31% Space Free | Partition Type: NTFS
Computer Name: 9G-HP | User Name: 9g | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-696807009-2496342843-4138137113-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0405261C-D4F2-4233-A20F-F78842AEB7BA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{06751C36-C438-41B8-B57C-AB3376F7DF1B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0A1CA67F-3063-4E85-9D7E-4284D8741010}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1BD9FA9F-DA71-4665-BE5C-07F976388FF9}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{3DFF21D2-87C2-433E-AC38-E712C5EF3C37}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{465E45A9-78B2-440B-AB01-64A16017C52A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{522331B4-E907-461B-9FDE-BBEA3D68D9D2}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5399D6EA-00A0-474F-9644-FDCCE0AFF406}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{6AD4450B-1867-4F67-88DB-D2254255CC81}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{6BA22ADB-6C22-4D40-8530-7E18F9C43913}" = lport=2869 | protocol=6 | dir=in | app=system |
"{7BEEFB68-6896-4D0B-8716-671D73CEED6C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{81C3779A-7527-41BB-AF54-0C9EEBF61D2B}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{95F4B79D-771B-4C40-A384-7AD71BF09745}" = rport=10243 | protocol=6 | dir=out | app=system |
"{A594F3B1-ABE6-40D7-932E-BF70A840DD51}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A9B9E1C0-329B-4C9B-A221-33B4503D4E7D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B46EF309-35B9-4984-9B96-1CE77E816151}" = lport=10243 | protocol=6 | dir=in | app=system |
"{C2E21458-1B98-4A11-9990-AA5D6EF9687F}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{E03E794B-7A77-4F42-ABBA-63706219C6E5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E72FB078-FC99-4E2C-B0C4-B7EB2403AA1E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F0E07795-C3A3-465C-94AB-36BA7FE94F7C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01CE880E-8769-4500-9337-4CDCFE8FC652}" = protocol=6 | dir=in | app=c:\program files (x86)\clockworkmod\tether\win32\node.exe |
"{09804204-2350-455E-86DC-2FAA82565AA0}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{0A6C756D-48E7-4459-A5C8-53900ACE2282}" = protocol=6 | dir=in | app=c:\program files (x86)\cinemanow\cinemanow media manager\cinemanowshell.exe |
"{0C058611-59FD-4FBB-8455-3C4895AE71C9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{10E64BF6-71FE-4B92-BFF4-128D348F8903}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{1C925375-9C51-4DF2-9BC4-B313E864C372}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1D95C673-E5C2-4EE2-B85D-1BBA8595186A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1DD3F82B-C60E-447F-939B-917F6C81B1E4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1F54AC34-1777-432D-B2B7-73FB2BC24BFE}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{210F4FEF-A5D8-43E8-BB48-B56587D3ECDB}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe |
"{2568CBF2-DAB1-4239-B0B0-396ED2F4F6AC}" = protocol=6 | dir=out | app=system |
"{27537592-7D29-430D-8254-0841FFDDACD4}" = protocol=6 | dir=in | app=c:\program files (x86)\onlywire\onlywirewindows.exe |
"{2E75726F-9004-42C0-8D65-C53DB4FD710E}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe |
"{300E93DF-FF81-4163-8D29-929E8ACF2D57}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{30853BDC-0F2A-4C54-994E-E3568C721109}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe |
"{3409FE45-4B85-476E-809E-9407E5E2F8AF}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\cinemanow\cinemanow.exe |
"{36566958-5B85-4E0F-A545-EDD7D13D7B36}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr8.exe |
"{3E8F0346-18BB-49C6-91A5-1A7A08636058}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4FD5269D-D76A-493C-BE64-51B36B8B3E22}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{52AD146E-E26C-4D3B-A1F8-80B9F5575104}" = protocol=17 | dir=in | app=c:\program files (x86)\premieropinion\pmropn.exe |
"{5438BED1-69BF-47F7-A680-1466F3EEE0F7}" = protocol=17 | dir=in | app=c:\program files (x86)\onlywire\onlywirewindows.exe |
"{576B49D1-0428-40F7-BB8D-18584CA3DC11}" = protocol=17 | dir=in | app=c:\program files (x86)\adawaretb\dtuser.exe |
"{6D1944DA-3C10-4FBC-BE84-781BD314FAD2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{703222F4-5726-43F1-A912-AF04058ECDBB}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{84935A2E-FFDA-405A-82DD-4BF4A5AE9AD1}" = protocol=6 | dir=in | app=c:\program files (x86)\premieropinion\pmropn.exe |
"{94AA9D5C-4659-4C54-95C5-27CB2FF0B044}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{991E1005-735A-49B6-8A83-8855A3F5270F}" = protocol=17 | dir=in | app=c:\program files (x86)\clockworkmod\tether\win32\node.exe |
"{9D5FDE28-4157-4BE2-B9FC-5B9DAA30FFDF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A454D904-2D92-4866-A90F-FC345430084E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A5AA1904-4FB0-4295-93ED-A0C3985872D1}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe |
"{A604E103-BAE6-4DB3-A35F-B540E0AAF5B2}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe |
"{B75E78ED-E1A0-4E4E-8F2D-C7EB268C716B}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{B7626618-7E63-43C1-8EC9-98553DA6FB80}" = protocol=6 | dir=in | app=c:\program files (x86)\premieropinion\pmropn.exe |
"{BC1E6AED-13C4-492B-880F-B93992FABDA4}" = protocol=6 | dir=in | app=c:\program files (x86)\adawaretb\dtuser.exe |
"{C788F6D5-557E-4A02-88F0-AC1BC34F6A9A}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{CBEC79FC-5A5E-4288-85D2-E07A0C90178E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{D284FA5A-F2B7-4460-964B-AFB42D2A8489}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{DC4161E4-EA0A-46EB-B0CE-25599506DCD9}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{DEB72B53-1533-4A19-A45D-583198F869E0}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd9.exe |
"{E6534443-29CF-4DAE-8DAC-94CF5F16A975}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{E8C6368D-A3CC-47F2-BC2E-17FFD52EBD69}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{E8F38FE7-196C-4803-B5C4-CCCE8546FF8C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E9A7848A-52FF-4780-AF0D-7DB2EF1B0AF7}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\cinemanow\cinemanow.exe |
"{EDFDD2A3-E004-497B-A2E2-F24B110EE4C1}" = protocol=17 | dir=in | app=c:\program files (x86)\premieropinion\pmropn.exe |
"{F6D103E0-B8CA-4CCF-9DEE-2E02EF7A2100}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F8D5D01B-19E0-4407-901F-19FB5F742D0E}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{F944BACC-FBBC-44C0-9A7F-20D6351312D0}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe |
"{FC7D7A1E-0756-42BB-84F4-63D2930BB3D4}" = protocol=17 | dir=in | app=c:\program files (x86)\cinemanow\cinemanow media manager\cinemanowshell.exe |
"{FE267C71-9BA2-4E15-9027-9A40C2B2E7A2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{9F729D8A-7383-4BE0-872F-080245A01FD3}C:\program files (x86)\clockworkmod\tether\win32\node.exe" = protocol=6 | dir=in | app=c:\program files (x86)\clockworkmod\tether\win32\node.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{26A24AE4-039D-4CA4-87B4-2F86416020FF}" = Java 6 Update 20 (64-bit)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{704C0303-D20C-45AF-BD2B-556EAF31BE09}" = iCloud
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{A3FAE73B-4474-4A1D-A343-2FE248F05265}" = EasyTether
"{B5FC1E1B-E70D-45F1-8E40-A3C30698B323}" = HP Wireless Assistant
"{C01AE65A-8874-3A33-BE03-23F8516A0350}" = ccc-utility64
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{ECD0D4B5-FFA9-6E1B-A08D-58E82EA5EEB9}" = ATI Catalyst Install Manager
"{F3D7AC17-1FF4-41A8-BB18-3FC39C65AEB9}" = RtVOsd
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0190D9DE-6D57-7727-861E-D4BEA111D86B}" = Catalyst Control Center Core Implementation
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0A785656-433A-0575-8C5D-A8EAE05329CA}" = CCC Help Thai
"{0AD77FFC-874E-9AAE-6A76-549DFEB17849}" = CCC Help Polish
"{0CD58F4F-B339-4B81-FAD4-2BF9E3590F60}" = CCC Help Czech
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{120262A6-7A4B-4889-AE85-F5E5688D3683}" = Roxio CinemaNow 2.0
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{1A47631D-8875-7993-476D-130C5D41D101}" = CCC Help Spanish
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java 6 Update 33
"{26A24AE4-039D-4CA4-87B4-2F83217021FF}" = Java 7 Update 21
"{28749552-9DBD-1D10-A894-6079282C941F}" = CCC Help German
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{30F4D459-824A-498C-826C-7721B777207F}" = Catalyst Control Center - Branding
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{32BA2A6E-6C61-0347-8958-7B2113982A55}" = CCC Help Portuguese
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7
"{3C66EECF-8143-55D4-774A-309A59230A92}" = Catalyst Control Center Graphics Full Existing
"{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}" = RealDownloader
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B156358-CE9C-4E9F-8CAD-79AE86A68C60}" = HP Power Manager
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{54372041-9715-DE87-F84E-B0995D7567C6}" = CCC Help Chinese Traditional
"{5D6A4F95-49B5-0FC4-81CF-18176000B235}" = Catalyst Control Center Graphics Full New
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{6C122441-1861-4CD7-B1C5-A163A6984E12}" = CinemaNow Media Manager
"{6D3650CA-7104-5DF0-E7EC-290CEC529AF8}" = CCC Help Korean
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.2.0
"{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}" = HP Support Assistant
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72D90DB3-A16A-4545-B555-868471101833}" = HP Setup
"{76B344A5-F756-0107-3559-1D97F9B316DC}" = CCC Help Norwegian
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7C36414C-DC87-4943-A525-BC1717BA17C9}" = HP Documentation
"{7CA09975-C4BE-469D-E45F-E47E9391106B}" = CCC Help Dutch
"{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"{81ADC365-6BA4-E757-81DA-BC9DC12DD291}" = Catalyst Control Center InstallProxy
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8FA97A48-D942-AE67-D901-7C4136CC9DFD}" = CCC Help Danish
"{9008D736-35CA-40DB-A2BE-5F32D954E5AA}" = HP MediaSmart CinemaNow 2.0
"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
"{920E9471-FF68-680F-537C-F21777E53D31}" = CCC Help Turkish
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{987B04C4-B5AC-4AD6-A7E9-8D681085B850}" = AMD USB Filter Driver
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9ECF7817-DB11-4FBA-9DF1-296A578D513A}" = Adobe Shockwave Player 11.5
"{9F479685-180E-4C05-9400-D59292A1B29C}" = Windows Live Movie Maker
"{A0087DDE-69D0-11E2-AD57-43CA6188709B}" = Adobe AIR
"{A436F67F-687E-4736-BD2B-537121A804CF}" = HP Product Detection
"{A4E828B6-FE61-E279-A174-F5323931400B}" = CCC Help Finnish
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.5.5 MUI
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B6BEB695-166D-E268-8AA2-A243F615D0BA}" = CCC Help Japanese
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo
"{C0508079-0000-4F68-A4DF-29C7ED7182C6}" = SlimDrivers
"{C21A705D-D992-204F-8A2A-C31F490F502F}" = CCC Help Greek
"{C2D4CD4A-AE20-40B3-8726-8ED1C03E8C15}" = Google Drive
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{CAA10DB8-E20C-9192-38F9-1F5399EA2DB7}" = CCC Help Italian
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CD184A27-1174-E497-189A-0CA5DB56BC97}" = CCC Help Chinese Standard
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D3A451EE-219D-F373-5152-8C4760278628}" = Catalyst Control Center Graphics Light
"{D5959B62-9515-8DC9-ED0B-1680210AAC3E}" = CCC Help English
"{DA9481F2-D8A1-CC1D-4A8E-22854E60C6EB}" = Catalyst Control Center Localization All
"{DE2B9A3D-976F-BE70-7557-52EE82BAB1C6}" = CCC Help French
"{E05DB9F9-C8E7-45F2-BE9E-76D4C447CE9B}" = HP Software Framework
"{E342D296-DB9D-4FC7-ACB0-39926C0BFA16}" = HP Quick Launch
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{E9F950D9-A469-644E-3977-31F2963AEE23}" = CCC Help Swedish
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{ED6CEC68-1D49-5BCB-57B4-CD128E242356}" = CCC Help Hungarian
"{EDE97402-4A1F-2D15-FDB4-5620C57A9BA5}" = Catalyst Control Center Graphics Previews Common
"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery
"{F08A7C44-17FC-ED74-831E-5BCA9D5B77AD}" = ccc-core-static
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F1224610-A17E-4E65-560A-D56B963D650D}" = CCC Help Russian
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F7C81FF0-8624-8C6E-D28D-CF68DFE7AE8C}" = Catalyst Control Center Graphics Previews Vista
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Google Chrome" = Google Chrome
"HP Photo Creations" = HP Photo Creations
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"Loki ActiveX Control" = Loki ActiveX Control
"MixPad" = MixPad
"Mozilla Firefox 23.0.1 (x86 en-US)" = Mozilla Firefox 23.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"My Screen Recorder 3.0_is1" = My Screen Recorder 3.0
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"RealPlayer 16.0" = RealPlayer
"Switch" = Switch Sound File Converter
"VLC media player" = VLC media player 2.0.5
"WavePad" = WavePad Sound Editor
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite_Wave3" = Windows Live Essentials
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-696807009-2496342843-4138137113-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Amazon Kindle" = Amazon Kindle
"GoToMeeting" = GoToMeeting 5.3.0.977
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-696807009-2496342843-4138137113-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Amazon Kindle" = Amazon Kindle
"ExpressBurn" = Express Burn
"JoinMe" = join.me
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 8/25/2013 2:45:59 AM | Computer Name = 9g-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 8/25/2013 2:45:59 AM | Computer Name = 9g-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 15803
Error - 8/25/2013 2:45:59 AM | Computer Name = 9g-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 15803
Error - 8/25/2013 3:08:21 AM | Computer Name = 9g-HP | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "c:\program files (x86)\windows
live\photo gallery\MovieMaker.Exe".Error in manifest or policy file "c:\program
files (x86)\windows live\photo gallery\WLMFDS.DLL" on line 8. Component identity
found in manifest does not match the identity of the component requested. Reference
is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definition
is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Please use
sxstrace.exe for detailed diagnosis.
Error - 8/25/2013 10:22:31 AM | Computer Name = 9g-HP | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}\recordingmanager.exe".
Dependent
Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 8/25/2013 10:22:31 AM | Computer Name = 9g-HP | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}\recordingmanager.exe".
Dependent
Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 8/26/2013 2:27:31 PM | Computer Name = 9g-HP | Source = Application Hang | ID = 1002
Description = The program gimp-2.6.exe version 0.0.0.0 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1124 Start
Time: 01cea289af824f87 Termination Time: 28 Application Path: C:\Program Files (x86)\GIMP-2.0\bin\gimp-2.6.exe
Report
Id: 28b73249-0e7d-11e3-b9b0-8e9ffa53c282
Error - 8/26/2013 2:28:36 PM | Computer Name = 9g-HP | Source = Application Hang | ID = 1002
Description = The program IEXPLORE.EXE version 10.0.9200.16576 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 13b8 Start
Time: 01cea289fedfa285 Termination Time: 22 Application Path: C:\Program Files (x86)\Internet
Explorer\IEXPLORE.EXE Report Id:
Error - 8/26/2013 6:13:42 PM | Computer Name = 9g-HP | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "E:\IfixPcs\Wallet CD\SoftonicDownloader_for_licensecrawler.exe".Error
in manifest or policy file "" on line . A component version required by the application
conflicts with another component version already active. Conflicting components
are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 8/26/2013 6:15:48 PM | Computer Name = 9g-HP | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}\recordingmanager.exe".
Dependent
Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
[ Hewlett-Packard Events ]
Error - 12/22/2012 11:09:32 PM | Computer Name = 9g-HP | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088hpsa_service.exe at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 1786 Ram Utilization: 80 TargetSite: Void UpdateAndDetect()
Error - 3/10/2013 12:32:40 PM | Computer Name = 9g-HP | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 1786 Ram Utilization: 70 TargetSite: Void UpdateAndDetect()
Error - 3/24/2013 1:01:24 AM | Computer Name = 9g-HP | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 1786 Ram Utilization: 50 TargetSite: Void UpdateAndDetect()
Error - 4/20/2013 6:12:17 PM | Computer Name = 9g-HP | Source = HPSF.exe | ID = 4000
Description =
Error - 4/20/2013 6:12:30 PM | Computer Name = 9g-HP | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 1786 Ram Utilization: 50 TargetSite: Void UpdateAndDetect()
Error - 5/18/2013 2:14:33 PM | Computer Name = 9g-HP | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 1786 Ram Utilization: 70 TargetSite: Void UpdateAndDetect()
Error - 5/25/2013 2:04:36 PM | Computer Name = 9g-HP | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 1786 Ram Utilization: TargetSite: Void UpdateAndDetect()
Error - 5/25/2013 3:31:51 PM | Computer Name = 9g-HP | Source = HPSF.exe | ID = 4000
Description = HP Error ID: -2146233087 Server stack trace: at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage
methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage
message) Exception rethrown at [0] Message: The server did not provide a meaningful
reply; this might be caused by a contract mismatch, a premature session shutdown
or an internal server error. StackTrace: Server stack trace: at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage
methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage
message) Exception rethrown at [0]: at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage
reqMsg, IMessage retMsg) at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData&
msgData, Int32 type) at HP.SupportFramework.Communicator.MessengerComm.IMessengerCommunicator.UpdateTimer()
at HP.SupportAssistant.UI.MessengerCommunication.sendTimerUpdate() Source: mscorlib
Name:
HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\HPSF.exe Format: en-US RAM: 1786 Ram Utilization: 70 TargetSite: Void HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage,
System.Runtime.Remoting.Messaging.IMessage)
Error - 5/25/2013 3:31:51 PM | Computer Name = 9g-HP | Source = HPSF.exe | ID = 4000
Description = HP Error ID: -2146233087 Server stack trace: at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage
methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage
message) Exception rethrown at [0] Message: The server did not provide a meaningful
reply; this might be caused by a contract mismatch, a premature session shutdown
or an internal server error. StackTrace: Server stack trace: at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage
methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage
message) Exception rethrown at [0]: at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage
reqMsg, IMessage retMsg) at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData&
msgData, Int32 type) at HP.SupportFramework.Communicator.MessengerComm.IMessengerCommunicator.UpdateTimer()
at HP.SupportAssistant.UI.MessengerCommunication.sendTimerUpdate() Source: mscorlib
Name:
HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\HPSF.exe Format: en-US RAM: 1786 Ram Utilization: 70 TargetSite: Void HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage,
System.Runtime.Remoting.Messaging.IMessage)
Error - 5/25/2013 3:31:51 PM | Computer Name = 9g-HP | Source = HPSF.exe | ID = 4000
Description = HP Error ID: -2146233087 Server stack trace: at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage
methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage
message) Exception rethrown at [0] Message: The server did not provide a meaningful
reply; this might be caused by a contract mismatch, a premature session shutdown
or an internal server error. StackTrace: Server stack trace: at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage
methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage
message) Exception rethrown at [0]: at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage
reqMsg, IMessage retMsg) at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData&
msgData, Int32 type) at HP.SupportFramework.Communicator.MessengerComm.IMessengerCommunicator.UpdateTimer()
at HP.SupportAssistant.UI.MessengerCommunication.sendTimerUpdate() Source: mscorlib
Name:
HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\HPSF.exe Format: en-US RAM: 1786 Ram Utilization: 70 TargetSite: Void HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage,
System.Runtime.Remoting.Messaging.IMessage)
[ HP Wireless Assistant Events ]
Error - 12/19/2012 6:36:46 PM | Computer Name = 9g-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Call was canceled by the
message filter. (Exception from HRESULT: 0x80010002 (RPC_E_CALL_CANCELED)) at
System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode,
IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObjectSearcher.Initialize()
at System.Management.ManagementObjectSearcher.Get() at HPPA_Service.CurrentConfiguration.FindDevice(String
hostPath, String portName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__9(RadioHardware
radio) at System.Linq.Enumerable.WhereSelectListIterator`2.MoveNext() at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()
at HPPA_Service.CurrentConfiguration.ReloadRadioList()
Error - 12/23/2012 1:02:28 AM | Computer Name = 9g-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
Error - 12/28/2012 10:43:59 PM | Computer Name = 9g-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Call was canceled by the
message filter. (Exception from HRESULT: 0x80010002 (RPC_E_CALL_CANCELED)) at
System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode,
IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObjectSearcher.Initialize()
at System.Management.ManagementObjectSearcher.Get() at HPPA_Service.CurrentConfiguration.FindDevice(String
hostPath, String portName) at HPPA_Service.CurrentConfiguration.ApplyDeviceManagerState(List`1
radios) at HPPA_Service.CurrentConfiguration.ReloadRadioList()
Error - 1/1/2013 11:33:32 PM | Computer Name = 9g-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Call was canceled by the
message filter. (Exception from HRESULT: 0x80010002 (RPC_E_CALL_CANCELED)) at
System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode,
IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
Error - 1/27/2013 3:09:03 PM | Computer Name = 9g-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Call was canceled by the
message filter. (Exception from HRESULT: 0x80010002 (RPC_E_CALL_CANCELED)) at
System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode,
IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
Error - 2/14/2013 9:13:59 AM | Computer Name = 9g-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
Error - 4/29/2013 7:13:53 PM | Computer Name = 9g-HP | Source = HP WA Service | ID = 0
Description = System.Exception GetDeviceInfo() failed : 597 at HP_Common.CaslWrapper.GetDeviceInfo(List`1&
radioList) at HPPA_Service.CurrentConfiguration.ReloadRadioList()
Error - 5/7/2013 8:46:25 PM | Computer Name = 9g-HP | Source = HP WA Application | ID = 0
Description = HardwareAccess.UnableToConnectException Application.ApplicationStartup;
failed to create hardware layer Error in the application. at HardwareAccess.Hardware..ctor(Dispatcher
dispatcher, ServicePort port, Int32 timeout) at HardwareAccess.Hardware.Create(Dispatcher
dispatcher, ServicePort port, Int32 timeout) at HPWA_Main.App.ApplicationStartup(Object
sender, StartupEventArgs args)
Error - 5/7/2013 8:47:11 PM | Computer Name = 9g-HP | Source = HP WA Application | ID = 0
Description = MainWindow.ShowImpl; not initialized, closing application...
Error - 5/14/2013 9:37:53 PM | Computer Name = 9g-HP | Source = HP WA Application | ID = 0
Description = HardwareAccess.UnableToConnectException Application.ApplicationStartup;
failed to create hardware layer Error in the application. at HardwareAccess.Hardware..ctor(Dispatcher
dispatcher, ServicePort port, Int32 timeout) at HardwareAccess.Hardware.Create(Dispatcher
dispatcher, ServicePort port, Int32 timeout) at HPWA_Main.App.ApplicationStartup(Object
sender, StartupEventArgs args)
[ System Events ]
Error - 9/1/2013 11:07:18 AM | Computer Name = 9g-HP | Source = DCOM | ID = 10010
Description =
Error - 9/2/2013 12:25:51 AM | Computer Name = 9g-HP | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the Browser service.
Error - 9/3/2013 4:19:53 AM | Computer Name = 9g-HP | Source = DCOM | ID = 10010
Description =
Error - 9/3/2013 1:50:45 PM | Computer Name = 9g-HP | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR3.
Error - 9/3/2013 1:50:46 PM | Computer Name = 9g-HP | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR3.
Error - 9/3/2013 1:50:48 PM | Computer Name = 9g-HP | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR3.
Error - 9/3/2013 1:50:49 PM | Computer Name = 9g-HP | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR3.
Error - 9/3/2013 1:50:52 PM | Computer Name = 9g-HP | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR3.
Error - 9/3/2013 1:50:52 PM | Computer Name = 9g-HP | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR3.
Error - 9/3/2013 1:50:53 PM | Computer Name = 9g-HP | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR3.
< End of report >
--------------------------------------------------------------------------------
***************
ADware Cleaner*
***************
# AdwCleaner v3.002 - Report created 04/09/2013 at 23:07:45
# Updated 01/09/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : 9g - 9G-HP
# Running from : C:\Users\Da Biz\Downloads\AdwCleaner.exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
File Found : \END
File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\adawaretb.xml
File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Found : C:\Users\9g\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
Folder Found C:\Program Files (x86)\Conduit
Folder Found C:\Users\9g\AppData\Local\Conduit
Folder Found C:\Users\9g\AppData\Local\Coupon Companion Plugin
Folder Found C:\Users\9g\AppData\Local\cre
Folder Found C:\Users\9g\AppData\Local\SwvUpdater
Folder Found C:\Users\9g\AppData\LocalLow\Conduit
Folder Found C:\Users\Da Biz\AppData\LocalLow\adawaretb
Folder Found C:\Users\Da Biz\AppData\LocalLow\Conduit
Folder Found C:\Users\Da Biz\AppData\LocalLow\PriceGong
Folder Found C:\Users\Da Biz\AppData\Roaming\Iminent
Folder Found C:\Users\Da Biz\AppData\Roaming\Mozilla\Firefox\Profiles\wp98hd9l.default\adawaretb
Folder Found C:\Users\Da Biz\AppData\Roaming\Mozilla\Firefox\Profiles\wp98hd9l.default\jetpack
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Cr_Installer
Key Found : HKCU\Software\Iminent
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\Cr_Installer
Key Found : [x64] HKCU\Software\Iminent
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Found : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Found : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Found : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Found : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Found : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3279141
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\Default Tab
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle
Key Found : HKLM\Software\Iminent
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_nonsearch_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_nonsearch_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16576
-\\ Mozilla Firefox v23.0.1 (en-US)
[ File : C:\Users\9g\AppData\Roaming\Mozilla\Firefox\Profiles\ayjkf9fe.default\prefs.js ]
[ File : C:\Users\Da Biz\AppData\Roaming\Mozilla\Firefox\Profiles\wp98hd9l.default\prefs.js ]
Line Found : user_pref("extensions.crossrider.bic", "13d02ddec05b33a10e98447116624275");
-\\ Google Chrome v29.0.1547.66
[ File : C:\Users\9g\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Found : search_url
[ File : C:\Users\Da Biz\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ File : C:\Users\Test\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [9722 octets] - [04/09/2013 22:52:19]
AdwCleaner[R1].txt - [9612 octets] - [04/09/2013 23:07:45]
########## EOF - \AdwCleaner\AdwCleaner[R1].txt - [9672 octets] ##########
-------------------------------------------------------------------------------
***************
Security Check*
***************
Results of screen317's Security Check version 0.99.73
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 10
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Java 6 Update 33
Java 7 Update 21
Java version out of Date!
Adobe Flash Player 11.8.800.94
Adobe Reader 9 Adobe Reader out of Date!
Mozilla Firefox (23.0.1)
Google Chrome 29.0.1547.62
Google Chrome 29.0.1547.66
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 12% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````