Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Win32:Malware-gen trojan infection


  • Please log in to reply

#76
gregahoffman

gregahoffman

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 400 posts
didn't see any drives with a red x, got rid of log me in, just need to fix the counterfeiting pop up & we can live with it for out in the shop. it is pretty old & probably tired, thats why its in the shop i would guess. other than that, the rest of the network is runnung good. with avast, when i run reports at the end of the day and the printing portion tries to start, avast tries to block it and i have to disable avast to do the printing. is there someplace i can add this to avast so it creates an exception?
  • 0

Advertisements


#77
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,025 posts
  • MVP
It depends on which Shield is doing the blocking. Most of them have an option under Settings called Exclusions. Example: Click on Avast Ball, then on Security, Antivirus, Web Shield, Settings, Exclusions. You can tell it what process to allow or what URL you want to trust (then hit Add).
  • 0

#78
gregahoffman

gregahoffman

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 400 posts
ok, i'll do that tonite when i close and add it as an exclusion. thank you
any luck with the counterfeiting balloon that keeps popping up?
  • 0

#79
gregahoffman

gregahoffman

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 400 posts
that solution did not work
  • 0

#80
gregahoffman

gregahoffman

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 400 posts
good morning Ron,

the latest solution did work, everything seems stable & working ok. the closing & printing process worked fine also.

i cannot thank you enough for all your help. thanks and have a wonderful day.
  • 0

#81
gregahoffman

gregahoffman

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 400 posts
still working fine, thanks again ron
  • 0

#82
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,025 posts
  • MVP
You can uninstall or delete any tools we had you download and their logs.

If we ran Combofix:
To uninstall combofix, copy the next line:

"%userprofile%\Desktop\combofix.exe" /Uninstall

Start, Run, cmd, OK then right click, Paste, then hit Enter.



OTL has a cleanup tab so if you run it again and select cleanup it will remove itself and its backup files and a lot of the tools that we use.

To hide hidden files again (If you do not run OTL cleanup):

XP

# Close all programs so that you are at your desktop.
# Double-click on the My Computer icon.
# Select the Tools menu and click Folder Options.
# After the new window appears select the View tab.
# Uncheck the checkbox labeled Display the contents of system folders.
# Under the Hidden files and folders section select the 'Hide protected operating system files (recommended)' option.
# Check the checkbox labeled Hide protected operating system files.
# Press the Apply button and then the OK button and exit My Computer.

Special note on Java. Old Java versions should be removed after first clearing the Java Cache by following the instructions in:
http://www.java.com/...lugin_cache.xml
Then remove the old versions by going to Control Panel, Programs and Features and Uninstall all Java programs which are not Java Version 7 update 25 or better. These may call themselves: Java Runtime, Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, J2RE, J2SE. Get the latest version from Java.com. They will usually attempt to foist some garbage like the Ask toolbar, Yahoo toolbar or McAfee Security Scan on you as part of the download. Just uncheck the garbage before the download (or install) starts. If you use a 64-bit browser and want the 64-bit version of Java you need to use it to visit java.com.
Due to multiple security problems with Java we are now recommending that it not be installed unless you absolutely know you need it. If that is the case then you should go in to Control panels, Java, Security and set the slider to the highest level.

Also make sure you have the latest versions of any adobe.com products you use like Shockwave, Flash or Acrobat.

Whether you use adobe reader, acrobat or fox-it to read pdf files you need to disable Javascript in the program. There is an exploit out there now that can use it to get on your PC. For Adobe Reader: Start, All Programs, Adobe Reader, Edit, Preferences, Click on Javascript in the left column and uncheck Enable Acrobat Javascript. OK Close program. It's the same for Foxit reader except you uncheck Enable Javascript Actions.

To help keep your programs up-to-date you should download and run the UpdateChecker:
http://www.filehippo.../updatechecker/
(You don't need to download Betas and if there is a program you don't use you can just uninstall it rather than update it. You can right click on the updatechecker icon (looks like a downward green arrowhead) and select Settings and tell it no betas. If you don't use MSN Messenger I would not upgdate it. MS installs a bunch of stuff when you do. You can tell the program to not show you that update.)
If you use Firefox or Chome then get the AdBlock Plus Add-on. WOT (Web of Trust) is another you might want to try.
The equivalent to AdBlock Plus for IE is called Simple Adblock and you should install it too: http://simple-adblock.com/

If Firefox is slow loading make sure it only has the current Java add-on. Then download and run Speedy Fox.
http://www.crystalidea.com/speedyfox . Click on Speedup my Firefox. When it finishes click on Exit.

Be warned: If you use Limewire, utorrent or any of the other P2P programs you will almost certain be coming back to the Malware Removal forum. If you must use P2P then submit any files you get to http://virustotal.com before you open them.

If you have a router, log on to it today and change the default password! If using a Wireless router you really should be using encryption on the link. Use the strongest (newest) encryption method that your router and PC wireless adapter support especially if you own a business. See http://www.king5.com...-120637284.html and http://www.seattlepi...ted-1344185.php for why encryption is important. If you don't know how, visit the router maker's website. They all have detailed step by step instructions or a wizard you can download.


XP does not automatically run defrag so it needs to be done manually every couple of months or it will slow down. http://support.microsoft.com/kb/314848


XP has been out a long time so most XP computers are starting to get clogged with dust. This makes them overheat which will also slow them down. To clean a desktop, shut it down but leave it plugged in. Remove the lid or open it up and use a vacuum cleaner hose and a small brush to clean the air vents in the front and back and the fins of the heatsink and of the fans - including the fan of the power supply. You may need to unscrew the four screws that hold the fan to the heatsink and lift the fan off to really clean the heatsink. Start it up while the lid is off and watch the fan (after screwing it back down again if you removed it). It should start up right away and be at full speed in no time (it may stop running shortly after starting - this is normal). A fan that is slow starting or which makes noise is worn out and needs to be replaced. Cleaning a laptop is unfortunately major surgery for most brands. Make sure the vents are clear and that it is run on a hard surface. Never on a bed or your lap as that blocks the air vents. Propping up the back with a book without blocking the air vents will make it run a bit cooler. If you think it might be running hot you can get speedfan

http://www.almico.com/sfdownload.php

Download, save and Install it then run it.

It will tell you your temps. If they seem hot (over 50) then check Automatic Fan Speed.
Leave it running and see if the temps drop. If temps are over 80, the CPU will slow down to protect itself. Disassembling a laptop to clean it isn't that hard. There are usually YouTube videos for most brands that show you how to do it if you search for them. Most times you just need some small screwdrivers and maybe a long nose pliers. The hardest part is reassembling it and getting all of the screws in the right places so takes notes or lots of pictures. If you take it apart then you should also pull the heatsink and clean it and replace the old thermal pads with Arctic Silver Thermal compound. Amazon has a kit of cleaner and compound http://www.amazon.co...n/dp/B001FVI91U which I have used.
  • 0

#83
gregahoffman

gregahoffman

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 400 posts
Ron,

thank you very much for your help with my comp problems and also the advice. i have seen the heat problems but with my ps3 and the arctic silver is an awesome product. everything is stable and running better than when we started so i think we are good to go.
thank you again
  • 0

#84
gregahoffman

gregahoffman

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 400 posts
now i have a problem at home. when the wife finished using the laptop. she plugged it in and closed the lid. every time she does this, i get a black screen with a cursor in the upper left corner and no way to do anything but power the machine off and reboot.
  • 0

#85
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,025 posts
  • MVP
Download : ADWCleaner to your desktop.

NOTE: If using Internet Explorer and you get an alert that stops the program downloading, click on the warning and allow the download to complete.

Close all programs, pause your anti-virus and run AdwCleaner (Vista or Win 7 => right click and Run As Administrator).

Posted Image

Click on Scan and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.

The report will be saved in the C:\AdwCleaner folder.



Junkware-Removal-Tool

Please download Junkware Removal Tool to your desktop.
  • Pause your anti-virus. Close all browsers.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.


Download aswMBR.exe to your desktop.
Run aswMBR.exe (Vista or Win 7 => right click and Run As Administrator)

uncheck trace disk IO calls
Click the "Scan" button to start scan (Accept the Avast Engine)
On completion of the scan if the Fix button is enabled (not the FixMBR button) press it and then run a new scan and click save log, save it to your desktop and post in your next reply
If the Fix button is not enabled then just click save log, save it to your desktop and post in your next reply


Get the free version of Speccy:

http://www.filehippo...download_speccy (Look in the upper right for the Download
Latest Version button) Download, Save and Install it. Run Speccy. When it finishes (the little icon in the bottom left will stop moving), File, Save as Text File, (to your desktop) note the name it gives. OK. Open the file in notepad and delete the line that gives the serial number of your Operating System. (It will be near the top about 10 lines down.) Attach the file to your next post.

(If you do not already have OTL then: Download OTL from
http://www.geekstogo...timers-list-it/
and Save it to your desktop.)

Copy the text in the code box:

DRIVES
nnetsvcs
%SYSTEMDRIVE%\*.exe
%systemroot%\assembly\GAC_32\*.ini
%systemroot%\assembly\GAC_64\*.ini
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.exe
%APPDATA%\*.
/md5start
rsvpsp.dll
pnrpnsp.dll 
nwprovau.dll
nlaapi.dll
napinsp.dll
mswsock.dll
winrnr.dll
wshelper.dll
services.exe
atapi.sys
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
csrss.exe
PrintIsolationHost.exe
consrv.dll
user32.dll
/md5stop
dir C:\ /S /A:L /C
C:\Windows\assembly\tmp\U\*.* /s
%systemroot%\*. /mp /s
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%ProgramFiles%\WINDOWS NT\*.* /s
%systemroot%\system32\drivers\*.sys /lockedfiles
CREATERESTOREPOINT

Run OTL (Vista or Win 7 => right click and Run As Administrator)

Paste (Ctrl + v) the copied text in the box where it says Custom Scan/Fixes

Select the All option in the Extra Registry group then Run Scan.

You should get two logs. Please copy and paste both of them.

Please download Security Check by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document in your next reply.

Ron
  • 0

Advertisements


#86
gregahoffman

gregahoffman

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 400 posts
adwcleaner log

# AdwCleaner v3.006 - Report created 04/10/2013 at 18:53:08
# Updated 01/10/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : greg & jacki - HP
# Running from : C:\Users\greg & jacki\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

File Deleted : C:\Windows\System32\Tasks\DSite

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Key Deleted : HKCU\Software\dsiteproducts
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16506


-\\ Google Chrome v

[ File : C:\Users\greg & jacki\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1261 octets] - [04/10/2013 18:52:28]
AdwCleaner[S0].txt - [1149 octets] - [04/10/2013 18:53:08]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1209 octets] ##########
  • 0

#87
gregahoffman

gregahoffman

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 400 posts
JRT does nothing, tries to run but says the path specified cannot be found.
  • 0

#88
gregahoffman

gregahoffman

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 400 posts
ASW MBR log

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-10-04 20:28:32
-----------------------------
20:28:32.589 OS Version: Windows x64 6.1.7601 Service Pack 1
20:28:32.589 Number of processors: 4 586 0x2A07
20:28:32.589 ComputerName: HP UserName:
20:28:34.118 Initialize success
20:29:57.122 AVAST engine defs: 13100401
20:32:12.359 The log file has been saved successfully to "C:\Users\greg & jacki\Desktop\aswMBR log.txt"
  • 0

#89
gregahoffman

gregahoffman

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 400 posts
Speccy log

Summary
Operating System
Windows 7 Home Premium 64-bit SP1
CPU
Intel Core i5 2410M @ 2.30GHz 43 °C
Sandy Bridge 32nm Technology
RAM
8.00GB Dual-Channel DDR3 @ 665MHz (9-9-9-24)
Motherboard
Hewlett-Packard 1659 (CPU1) 49 °C
Graphics
Generic PnP Monitor ([email protected])
Intel HD Graphics Family (HP)
1024MB ATI Radeon HD 6490M (HP)
Hard Drives
699GB TOSHIBA MK7575GSX (SATA) 33 °C
Optical Drives
hp DVD-RAM UJ8B1
Audio
IDT High Definition Audio CODEC
Operating System
Windows 7 Home Premium 64-bit SP1
Computer type: Notebook
Installation Date: 11/25/2012 6:59:54 PM
Serial Number:
Windows Security Center
User Account Control (UAC) Enabled
Notify level 2 - Default
Firewall Enabled
Windows Update
AutoUpdate Download Automatically and Install at Set Scheduled time
Schedule Frequency Every Day
Schedule Time 3:00 AM
Windows Defender
Windows Defender Enabled
Antivirus
Antivirus Disabled
Display Name Kaspersky Anti-Virus
Virus Signature Database Up to date
.NET Frameworks installed
v4.0 Client
v3.5 SP1
v3.0 SP2
v2.0 SP2
Internet Explorer
Version 9.0.8112.16421
PowerShell
Version 2.0
Environment Variables
USERPROFILE C:\Users\greg & jacki
SystemRoot C:\Windows
User Variables
TEMP C:\Users\greg & jacki\AppData\Local\Temp
TMP C:\Users\greg & jacki\AppData\Local\Temp
Path C:\Program Files\Intel\WiFi\bin\
C:\Program Files\Common Files\Intel\WirelessCommon\
Machine Variables
ComSpec C:\Windows\system32\cmd.exe
FP_NO_HOST_CHECK NO
OS Windows_NT
Path C:\Program Files (x86)\HP SimplePass 2011\x64
C:\Program Files (x86)\HP SimplePass 2011\
C:\Program Files\Common Files\Microsoft Shared\Windows Live
C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live
C:\Windows\system32
C:\Windows
C:\Windows\System32\Wbem
%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\
C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\
C:\Program Files (x86)\Common Files\Roxio Shared\12.0\DLLShared\
C:\Program Files (x86)\Windows Live\Shared
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static
C:\Program Files\Intel\WiFi\bin\
C:\Program Files\Common Files\Intel\WirelessCommon\
C:\Program Files (x86)\Windows Kits\8.0\Windows Performance Toolkit\
PATHEXT .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PROCESSOR_ARCHITECTURE AMD64
TEMP C:\Windows\TEMP
TMP C:\Windows\TEMP
USERNAME SYSTEM
windir C:\Windows
PSModulePath C:\Windows\system32\WindowsPowerShell\v1.0\Modules\
NUMBER_OF_PROCESSORS 4
PROCESSOR_LEVEL 6
PROCESSOR_IDENTIFIER Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
PROCESSOR_REVISION 2a07
windows_tracing_logfile C:\BVTBin\Tests\installpackage\csilogfile.log
windows_tracing_flags 3
OnlineServices Online Services
Platform MCD
PCBRAND Pavilion
Battery
AC Line Online
Battery Charge % 100 %
Battery State High
Remaining Battery Time Unknown
Power Profile
Active power scheme HP Recommended
Hibernation Enabled
Turn Off Monitor after: (On AC Power) 15 min
Turn Off Monitor after: (On Battery Power) 5 min
Turn Off Hard Disk after: (On AC Power) 15 min
Turn Off Hard Disk after: (On Battery Power) 3 min
Suspend after: (On AC Power) 20 min
Suspend after: (On Battery Power) 10 min
Screen saver Disabled
Uptime
Current Session
Current Time 10/4/2013 8:34:58 PM
Current Uptime 2,978 sec (0 d, 00 h, 49 m, 38 s)
Last Boot Time 10/4/2013 7:45:20 PM
TimeZone
TimeZone GMT -6:00 Hours
Language English (United States)
Location United States
Format English (United States)
Currency $
Date Format M/d/yyyy
Time Format h:mm:ss tt
Process List
AESTSr64.exe
Process ID 2432
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\IDT\WDM\AESTSr64.exe
Memory Usage 2.89 MB
Peak Memory Usage 2.92 MB
AppSrv.exe
Process ID 3612
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
Memory Usage 8.75 MB
Peak Memory Usage 9.78 MB
armsvc.exe
Process ID 2368
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
Memory Usage 3.81 MB
Peak Memory Usage 3.87 MB
atieclxx.exe
Process ID 1640
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\atieclxx.exe
Memory Usage 6.74 MB
Peak Memory Usage 6.82 MB
atiesrxx.exe
Process ID 1080
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\atiesrxx.exe
Memory Usage 4.46 MB
Peak Memory Usage 4.49 MB
audiodg.exe
Process ID 17416
User LOCAL SERVICE
Domain NT AUTHORITY
Memory Usage 17 MB
Peak Memory Usage 19 MB
avp.exe
Process ID 2472
User SYSTEM
Domain NT AUTHORITY
Memory Usage 38 MB
Peak Memory Usage 265 MB
avp.exe
Process ID 5340
User greg & jacki
Domain HP
Memory Usage 5.63 MB
Peak Memory Usage 32 MB
BioMonitor.exe
Process ID 6156
User greg & jacki
Domain HP
Path C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
Memory Usage 4.82 MB
Peak Memory Usage 4.96 MB
CCC.exe
Process ID 5740
User greg & jacki
Domain HP
Path C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Memory Usage 11 MB
Peak Memory Usage 82 MB
conhost.exe
Process ID 1932
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\conhost.exe
Memory Usage 2.79 MB
Peak Memory Usage 2.82 MB
csrss.exe
Process ID 584
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\csrss.exe
Memory Usage 5.03 MB
Peak Memory Usage 5.05 MB
csrss.exe
Process ID 700
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\csrss.exe
Memory Usage 27 MB
Peak Memory Usage 35 MB
DMAgent.exe
Process ID 3968
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
Memory Usage 8.29 MB
Peak Memory Usage 8.29 MB
dwm.exe
Process ID 1952
User greg & jacki
Domain HP
Path C:\Windows\system32\Dwm.exe
Memory Usage 74 MB
Peak Memory Usage 94 MB
EvtEng.exe
Process ID 2568
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Intel\WiFi\bin\EvtEng.exe
Memory Usage 16 MB
Peak Memory Usage 16 MB
explorer.exe
Process ID 27032
User greg & jacki
Domain HP
Path C:\Windows\explorer.exe
Memory Usage 61 MB
Peak Memory Usage 64 MB
ezSharedSvcHost.exe
Process ID 2656
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\SysWOW64\ezSharedSvcHost.exe
Memory Usage 5.11 MB
Peak Memory Usage 5.24 MB
hkcmd.exe
Process ID 2684
User greg & jacki
Domain HP
Path C:\Windows\System32\hkcmd.exe
Memory Usage 6.74 MB
Peak Memory Usage 6.78 MB
HPClientServices.exe
Process ID 2888
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
Memory Usage 7.88 MB
Peak Memory Usage 7.90 MB
HPNetworkCommunicator.exe
Process ID 4608
User greg & jacki
Domain HP
Path C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe
Memory Usage 8.37 MB
Peak Memory Usage 9.32 MB
HPSA_Service.exe
Process ID 448
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Memory Usage 22 MB
Peak Memory Usage 22 MB
hpservice.exe
Process ID 1548
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\Hpservice.exe
Memory Usage 4.84 MB
Peak Memory Usage 4.87 MB
HPWMISVC.exe
Process ID 3960
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
Memory Usage 7.00 MB
Peak Memory Usage 7.17 MB
IAStorDataMgrSvc.exe
Process ID 4152
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Intel\Intel Rapid Storage Technology\IAStorDataMgrSvc.exe
Memory Usage 18 MB
Peak Memory Usage 18 MB
ielowutil.exe
Process ID 2264
User greg & jacki
Domain HP
Path C:\Program Files (x86)\Internet Explorer\IELowutil.exe
Memory Usage 528 KB
Peak Memory Usage 5.04 MB
iexplore.exe
Process ID 29060
User greg & jacki
Domain HP
Path C:\Program Files (x86)\Internet Explorer\iexplore.exe
Memory Usage 89 MB
Peak Memory Usage 91 MB
iexplore.exe
Process ID 11480
User greg & jacki
Domain HP
Path C:\Program Files (x86)\Internet Explorer\iexplore.exe
Memory Usage 44 MB
Peak Memory Usage 44 MB
iexplore.exe
Process ID 16332
User greg & jacki
Domain HP
Path C:\Program Files (x86)\Internet Explorer\iexplore.exe
Memory Usage 75 MB
Peak Memory Usage 75 MB
iFrmewrk.exe
Process ID 2492
User greg & jacki
Domain HP
Path C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
Memory Usage 22 MB
Peak Memory Usage 22 MB
igfxpers.exe
Process ID 2908
User greg & jacki
Domain HP
Path C:\Windows\System32\igfxpers.exe
Memory Usage 10 MB
Peak Memory Usage 10 MB
igfxtray.exe
Process ID 2604
User greg & jacki
Domain HP
Path C:\Windows\System32\igfxtray.exe
Memory Usage 7.01 MB
Peak Memory Usage 7.07 MB
LMS.exe
Process ID 4540
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Intel\Intel Management Engine Components\LMS\LMS.exe
Memory Usage 4.78 MB
Peak Memory Usage 4.78 MB
lsass.exe
Process ID 812
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\lsass.exe
Memory Usage 12 MB
Peak Memory Usage 12 MB
lsm.exe
Process ID 820
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\lsm.exe
Memory Usage 4.84 MB
Peak Memory Usage 4.87 MB
MOM.exe
Process ID 5624
User greg & jacki
Domain HP
Path C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
Memory Usage 6.22 MB
Peak Memory Usage 32 MB
MpCmdRun.exe
Process ID 27468
User NETWORK SERVICE
Domain NT AUTHORITY
Path c:\program files\windows defender\MpCmdRun.exe
Memory Usage 6.78 MB
Peak Memory Usage 6.78 MB
nusb3mon.exe
Process ID 5312
User greg & jacki
Domain HP
Path C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
Memory Usage 5.24 MB
Peak Memory Usage 5.26 MB
ONENOTEM.EXE
Process ID 3124
User greg & jacki
Domain HP
Path C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
Memory Usage 1.44 MB
Peak Memory Usage 4.19 MB
PresentationFontCache.exe
Process ID 5736
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
Memory Usage 18 MB
Peak Memory Usage 18 MB
RapportMgmtService.exe
Process ID 600
User SYSTEM
Domain NT AUTHORITY
Memory Usage 30 MB
Peak Memory Usage 95 MB
RapportService.exe
Process ID 944
User greg & jacki
Domain HP
Memory Usage 34 MB
Peak Memory Usage 34 MB
realsched.exe
Process ID 5348
User greg & jacki
Domain HP
Path C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
Memory Usage 676 KB
Peak Memory Usage 6.08 MB
RegSrvc.exe
Process ID 3200
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
Memory Usage 6.36 MB
Peak Memory Usage 6.41 MB
RIconMan.exe
Process ID 4032
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
Memory Usage 5.98 MB
Peak Memory Usage 5.99 MB
rndlresolversvc.exe
Process ID 3140
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
Memory Usage 3.83 MB
Peak Memory Usage 3.86 MB
RNowSvc.exe
Process ID 1880
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
Memory Usage 4.73 MB
Peak Memory Usage 4.88 MB
ScanToPCActivationApp.exe
Process ID 2960
User greg & jacki
Domain HP
Path C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
Memory Usage 12 MB
Peak Memory Usage 12 MB
SearchFilterHost.exe
Process ID 25464
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\SearchFilterHost.exe
Memory Usage 8.05 MB
Peak Memory Usage 8.05 MB
SearchIndexer.exe
Process ID 4276
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\SearchIndexer.exe
Memory Usage 16 MB
Peak Memory Usage 16 MB
SearchProtocolHost.exe
Process ID 25300
User greg & jacki
Domain HP
Path C:\Windows\system32\SearchProtocolHost.exe
Memory Usage 6.79 MB
Peak Memory Usage 6.79 MB
SearchProtocolHost.exe
Process ID 25984
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\SearchProtocolHost.exe
Memory Usage 12 MB
Peak Memory Usage 12 MB
services.exe
Process ID 804
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\services.exe
Memory Usage 9.79 MB
Peak Memory Usage 12 MB
sidebar.exe
Process ID 3040
User greg & jacki
Domain HP
Path C:\Program Files\Windows Sidebar\sidebar.exe
Memory Usage 34 MB
Peak Memory Usage 34 MB
Skype.exe
Process ID 2996
User greg & jacki
Domain HP
Path C:\Program Files (x86)\Skype\Phone\Skype.exe
Memory Usage 75 MB
Peak Memory Usage 75 MB
SlimDrivers.exe
Process ID 3024
User greg & jacki
Domain HP
Path C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
Memory Usage 1.82 MB
Peak Memory Usage 34 MB
smss.exe
Process ID 420
User SYSTEM
Domain NT AUTHORITY
Path \SystemRoot\System32\smss.exe
Memory Usage 1.21 MB
Peak Memory Usage 1.25 MB
Speccy64.exe
Process ID 25988
User greg & jacki
Domain HP
Path C:\Program Files\Speccy\Speccy64.exe
Memory Usage 27 MB
Peak Memory Usage 28 MB
spoolsv.exe
Process ID 2176
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\spoolsv.exe
Memory Usage 15 MB
Peak Memory Usage 15 MB
stacsv64.exe
Process ID 1224
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\IDT\WDM\STacSV64.exe
Memory Usage 8.69 MB
Peak Memory Usage 8.76 MB
sttray64.exe
Process ID 2448
User greg & jacki
Domain HP
Path C:\Program Files\IDT\WDM\sttray64.exe
Memory Usage 19 MB
Peak Memory Usage 19 MB
svchost.exe
Process ID 3548
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 37 MB
Peak Memory Usage 75 MB
svchost.exe
Process ID 1504
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 12 MB
Peak Memory Usage 12 MB
svchost.exe
Process ID 1472
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 5.55 MB
Peak Memory Usage 5.55 MB
svchost.exe
Process ID 1180
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 47 MB
Peak Memory Usage 51 MB
svchost.exe
Process ID 1144
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 202 MB
Peak Memory Usage 210 MB
svchost.exe
Process ID 1112
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 22 MB
Peak Memory Usage 23 MB
svchost.exe
Process ID 928
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 10 MB
Peak Memory Usage 10 MB
svchost.exe
Process ID 120
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 11 MB
Peak Memory Usage 11 MB
svchost.exe
Process ID 2816
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 49 MB
Peak Memory Usage 49 MB
svchost.exe
Process ID 2244
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 14 MB
Peak Memory Usage 94 MB
svchost.exe
Process ID 2208
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 6.82 MB
Peak Memory Usage 6.82 MB
svchost.exe
Process ID 1036
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 10 MB
Peak Memory Usage 10 MB
svchost.exe
Process ID 27144
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 6.77 MB
Peak Memory Usage 6.77 MB
svchost.exe
Process ID 1444
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 18 MB
Peak Memory Usage 18 MB
SynTPEnh.exe
Process ID 2328
User greg & jacki
Domain HP
Path C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Memory Usage 13 MB
Peak Memory Usage 13 MB
SynTPHelper.exe
Process ID 5028
User greg & jacki
Domain HP
Path C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
Memory Usage 3.59 MB
Peak Memory Usage 3.60 MB
System
Process ID 4
Memory Usage 4.86 MB
Peak Memory Usage 16 MB
System Idle Process
Process ID 0
taskeng.exe
Process ID 2880
User greg & jacki
Domain HP
Path C:\Windows\system32\taskeng.exe
Memory Usage 6.12 MB
Peak Memory Usage 6.17 MB
taskeng.exe
Process ID 3016
User greg & jacki
Domain HP
Path C:\Windows\system32\taskeng.exe
Memory Usage 6.40 MB
Peak Memory Usage 6.50 MB
taskhost.exe
Process ID 2112
User greg & jacki
Domain HP
Path C:\Windows\system32\taskhost.exe
Memory Usage 8.97 MB
Peak Memory Usage 9.21 MB
TouchControl.exe
Process ID 4308
User greg & jacki
Domain HP
Path C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
Memory Usage 13 MB
Peak Memory Usage 13 MB
TrueSuiteService.exe
Process ID 988
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
Memory Usage 5.05 MB
Peak Memory Usage 5.17 MB
UNS.exe
Process ID 5164
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Intel\Intel Management Engine Components\UNS\UNS.exe
Memory Usage 7.21 MB
Peak Memory Usage 7.23 MB
unsecapp.exe
Process ID 4408
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\wbem\unsecapp.exe
Memory Usage 4.98 MB
Peak Memory Usage 5.01 MB
unsecapp.exe
Process ID 4436
User greg & jacki
Domain HP
Path C:\Windows\system32\wbem\unsecapp.exe
Memory Usage 6.30 MB
Peak Memory Usage 6.32 MB
WiMAXCU.exe
Process ID 2384
User greg & jacki
Domain HP
Path C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe
Memory Usage 54 MB
Peak Memory Usage 56 MB
wininit.exe
Process ID 708
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\wininit.exe
Memory Usage 4.85 MB
Peak Memory Usage 4.95 MB
winlogon.exe
Process ID 764
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\winlogon.exe
Memory Usage 7.90 MB
Peak Memory Usage 9.55 MB
wlanext.exe
Process ID 1912
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\WLANExt.exe
Memory Usage 20 MB
Peak Memory Usage 20 MB
WLIDSVC.EXE
Process ID 3804
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
Memory Usage 17 MB
Peak Memory Usage 17 MB
WLIDSVCM.EXE
Process ID 588
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
Memory Usage 3.44 MB
Peak Memory Usage 3.49 MB
WmiApSrv.exe
Process ID 27988
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\wbem\WmiApSrv.exe
Memory Usage 5.92 MB
Peak Memory Usage 5.92 MB
WmiPrvSE.exe
Process ID 5056
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\wbem\wmiprvse.exe
Memory Usage 19 MB
Peak Memory Usage 19 MB
WmiPrvSE.exe
Process ID 26452
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\wbem\wmiprvse.exe
Memory Usage 13 MB
Peak Memory Usage 13 MB
wmpnetwk.exe
Process ID 3352
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Program Files\Windows Media Player\wmpnetwk.exe
Memory Usage 6.75 MB
Peak Memory Usage 13 MB
WUDFHost.exe
Process ID 1600
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\WUDFHost.exe
Memory Usage 7.37 MB
Peak Memory Usage 7.43 MB
YCMMirage.exe
Process ID 1948
User greg & jacki
Domain HP
Path C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
Memory Usage 544 KB
Peak Memory Usage 5.74 MB
Scheduler
10/4/2013 8:41 PM; HPCustParticipation HP Deskjet 3050A J611 series
10/4/2013 9:01 PM; HP Photo Creations Messager
10/4/2013 9:13 PM; GoogleUpdateTaskMachineCore
10/4/2013 9:13 PM; GoogleUpdateTaskMachineUA
10/4/2013 9:23 PM; Adobe Flash Player Updater
10/11/2013 6:54 PM; RealPlayerRealUpgradeScheduledTaskS-1-5-21-2271316084-460775634-2034437219-1000
11/7/2013 6:37 PM; HPCeeScheduleForgreg & jacki
CCleanerSkipUAC
RealPlayerRealUpgradeLogonTaskS-1-5-21-2271316084-460775634-2034437219-1000
SlimDrivers Startup
Hotfixes
10/4/2013 Definition Update for Windows Defender - KB915597 (Definition 1.159.1395.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
10/1/2013 Definition Update for Windows Defender - KB915597 (Definition 1.159.1090.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
9/27/2013 Definition Update for Windows Defender - KB915597 (Definition 1.159.834.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
9/24/2013 Definition Update for Windows Defender - KB915597 (Definition 1.159.552.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
9/20/2013 Definition Update for Windows Defender - KB915597 (Definition 1.159.314.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
9/18/2013 Definition Update for Windows Defender - KB915597 (Definition 1.159.53.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
9/13/2013 Definition Update for Windows Defender - KB915597 (Definition 1.157.1846.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
9/13/2013 Security Update for Windows 7 for x64-based Systems (KB2676562)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
9/13/2013 Security Update for Windows 7 for x64-based Systems (KB2872339)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
9/12/2013 Windows Malicious Software Removal Tool x64 - September 2013 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
9/12/2013 Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Microsoft has released an update for Microsoft Visio Viewer 2010
32-Bit Edition. This update provides the latest fixes to Microsoft
Visio Viewer 2010 32-Bit Edition. Additionally, this update contains
stability and performance improvements.
9/12/2013 Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Microsoft has released an update for Microsoft Office 2010 32-Bit
Edition. This update provides the latest fixes to Microsoft Office
2010 32-Bit Edition. Additionally, this update contains stability
and performance improvements.
9/12/2013 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
This update provides the latest junk email and malicious links
filter definitions for Microsoft Office 2010 32-Bit Edition.
9/12/2013 Cumulative Security Update for Internet Explorer 9 for Windows 7 for x64-based Systems (KB2870699)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
9/12/2013 Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Microsoft has released an update for Microsoft Office 2010 32-Bit
Edition. This update provides the latest fixes to Microsoft Office
2010 32-Bit Edition. Additionally, this update contains stability
and performance improvements.
9/12/2013 Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition
Microsoft has released an update for Microsoft OneNote 2010 32-Bit
Edition. This update provides the latest fixes to Microsoft OneNote
2010 32-Bit Edition. Additionally, this update contains stability
and performance improvements.
9/12/2013 Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Microsoft has released an update for Microsoft Filter Pack 2.0
32-Bit Edition. This update provides the latest fixes to Microsoft
Filter Pack 2.0 32-Bit Edition. Additionally, this update contains
stability and performance improvements.
9/12/2013 Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Microsoft has released an update for Microsoft Office 2010 32-Bit
Edition. This update provides the latest fixes to Microsoft Office
2010 32-Bit Edition. Additionally, this update contains stability
and performance improvements.
9/12/2013 Update for Windows 7 for x64-based Systems (KB2853952)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
9/12/2013 Update for Microsoft Office 2010 (KB2589370) 32-Bit Edition
Microsoft has released an update for Microsoft Office 2010 32-Bit
Edition. This update provides the latest fixes to Microsoft Office
2010 32-Bit Edition. Additionally, this update contains stability
and performance improvements.
9/12/2013 Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Microsoft has released an update for Microsoft PowerPoint 2010
32-Bit Edition. This update provides the latest fixes to Microsoft
PowerPoint 2010 32-Bit Edition. Additionally, this update contains
stability and performance improvements.
9/12/2013 Security Update for Microsoft Outlook 2010 (KB2794707) 32-Bit Edition
A security vulnerability exists in Microsoft Outlook 2010 32-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
9/12/2013 Security Update for Windows 7 for x64-based Systems (KB2872339)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
9/12/2013 Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
A security vulnerability exists in Microsoft Office 2010 32-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
9/12/2013 Update for Microsoft Office 2010 (KB2760758) 32-Bit Edition
Microsoft has released an update for Microsoft Office 2010 32-Bit
Edition. This update provides the latest fixes to Microsoft Office
2010 32-Bit Edition. Additionally, this update contains stability
and performance improvements.
9/12/2013 Security Update for Microsoft Word 2010 (KB2760769) 32-Bit Edition
A security vulnerability exists in Microsoft Word 2010 32-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
9/12/2013 Security Update for Windows 7 for x64-based Systems (KB2876315)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
9/12/2013 Security Update for Microsoft Excel 2010 (KB2760597) 32-Bit Edition
A security vulnerability exists in Microsoft Excel 2010 32-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
9/12/2013 Update for Windows 7 for x64-based Systems (KB2868116)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
9/12/2013 Update for Microsoft Office 2010 (KB2589275) 32-Bit Edition
Microsoft has released an update for Microsoft Office 2010 32-Bit
Edition. This update provides the latest fixes to Microsoft Office
2010 32-Bit Edition. Additionally, this update contains stability
and performance improvements.
9/12/2013 Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Microsoft has released an update for Microsoft Office 2010 32-Bit
Edition. This update provides the latest fixes to Microsoft Office
2010 32-Bit Edition. Additionally, this update contains stability
and performance improvements.
9/12/2013 Update for Microsoft Office 2010 (KB2553157) 32-Bit Edition
Microsoft has released an update for Microsoft Office 2010 32-Bit
Edition. This update provides the latest fixes to Microsoft Office
2010 32-Bit Edition. Additionally, this update contains stability
and performance improvements.
9/12/2013 Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Microsoft has released an update for Microsoft Access 2010 32-Bit
Edition. This update provides the latest fixes to Microsoft Access
2010 32-Bit Edition. Additionally, this update contains stability
and performance improvements.
9/12/2013 Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2836943)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
9/10/2013 Definition Update for Windows Defender - KB915597 (Definition 1.157.1576.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
9/6/2013 Definition Update for Windows Defender - KB915597 (Definition 1.157.1306.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
9/3/2013 Definition Update for Windows Defender - KB915597 (Definition 1.157.1012.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
8/30/2013 Definition Update for Windows Defender - KB915597 (Definition 1.157.758.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
8/28/2013 Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition
Microsoft has released an update for Microsoft Office 2010 32-Bit
Edition. This update provides the latest fixes to Microsoft Office
2010 32-Bit Edition. Additionally, this update contains stability
and performance improvements.
8/27/2013 Definition Update for Windows Defender - KB915597 (Definition 1.157.478.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
8/23/2013 Definition Update for Windows Defender - KB915597 (Definition 1.157.217.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
8/20/2013 Definition Update for Windows Defender - KB915597 (Definition 1.155.2595.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
8/16/2013 Definition Update for Windows Defender - KB915597 (Definition 1.155.2386.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
8/16/2013 Security Update for Windows 7 for x64-based Systems (KB2862966)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
8/16/2013 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2844286)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
8/16/2013 Update for Windows 7 for x64-based Systems (KB2863058)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
8/16/2013 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2840628)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
8/16/2013 Security Update for Windows 7 for x64-based Systems (KB2803821)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
8/16/2013 Security Update for Windows 7 for x64-based Systems (KB2849470)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
8/16/2013 Windows Malicious Software Removal Tool x64 - August 2013 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
8/16/2013 Security Update for Windows 7 for x64-based Systems (KB2859537)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
8/16/2013 Security Update for Windows 7 for x64-based Systems (KB2861855)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
8/16/2013 Security Update for Windows 7 for x64-based Systems (KB2868623)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
8/16/2013 Cumulative Security Update for Internet Explorer 9 for Windows 7 for x64-based Systems (KB2862772)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
8/13/2013 Definition Update for Windows Defender - KB915597 (Definition 1.155.2116.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
8/9/2013 Definition Update for Windows Defender - KB915597 (Definition 1.155.1859.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
8/6/2013 Definition Update for Windows Defender - KB915597 (Definition 1.155.1598.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
8/2/2013 Definition Update for Windows Defender - KB915597 (Definition 1.155.1346.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
7/30/2013 Definition Update for Windows Defender - KB915597 (Definition 1.155.1072.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
7/26/2013 Definition Update for Windows Defender - KB915597 (Definition 1.155.831.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
7/23/2013 Definition Update for Windows Defender - KB915597 (Definition 1.155.565.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
7/19/2013 Definition Update for Windows Defender - KB915597 (Definition 1.155.311.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
7/16/2013 Definition Update for Windows Defender - KB915597 (Definition 1.155.29.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
7/13/2013 Definition Update for Windows Defender - KB915597 (Definition 1.153.1833.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
7/10/2013 Security Update for Microsoft Office 2010 (KB2687276) 32-Bit Edition
A security vulnerability exists in Microsoft Office 2010 32-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
7/10/2013 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2840628)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
7/10/2013 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2840631)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
7/10/2013 Windows Malicious Software Removal Tool x64 - July 2013 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
7/10/2013 Security Update for Windows 7 for x64-based Systems (KB2847927)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
7/10/2013 Security Update for Windows 7 for x64-based Systems (KB2845187)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
7/10/2013 Security Update for Windows 7 for x64-based Systems (KB2803821)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
7/10/2013 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2833946)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
7/10/2013 Cumulative Security Update for Internet Explorer 9 for Windows 7 for x64-based Systems (KB2846071)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
7/10/2013 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2835393)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
7/10/2013 Security Update for Windows 7 for x64-based Systems (KB2850851)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
7/10/2013 Security Update for Windows 7 for x64-based Systems (KB2835364)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
7/10/2013 Security Update for Microsoft Silverlight (KB2847559)
This security update to Silverlight includes fixes outlined in
KB 2847559. This update is backward compatible with web applications
built using previous versions of Silverlight.
7/10/2013 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2844286)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
7/10/2013 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB2832414)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
7/10/2013 Security Update for Windows 7 for x64-based Systems (KB2834886)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
7/10/2013 Security Update for Windows 7 for x64-based Systems (KB2835361)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
7/9/2013 Definition Update for Windows Defender - KB915597 (Definition 1.153.1573.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
7/7/2013 Definition Update for Windows Defender - KB915597 (Definition 1.153.1309.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
7/2/2013 Definition Update for Windows Defender - KB915597 (Definition 1.153.1042.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
6/28/2013 Definition Update for Windows Defender - KB915597 (Definition 1.153.790.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
6/25/2013 Definition Update for Windows Defender - KB915597 (Definition 1.153.562.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
6/21/2013 Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2836942)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
6/21/2013 Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2836943)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
6/21/2013 Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2836939)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
6/21/2013 Definition Update for Windows Defender - KB915597 (Definition 1.153.318.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
6/18/2013 Definition Update for Windows Defender - KB915597 (Definition 1.153.22.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
6/14/2013 Definition Update for Windows Defender - KB915597 (Definition 1.151.2213.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
6/14/2013 Definition Update for Windows Defender - KB915597 (Definition 1.151.2213.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
6/13/2013 Security Update for Windows 7 for x64-based Systems (KB2845690)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
6/13/2013 Cumulative Security Update for Internet Explorer 9 for Windows 7 for x64-based Systems (KB2838727)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
6/13/2013 Windows Malicious Software Removal Tool x64 - June 2013 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
6/13/2013 Security Update for Windows 7 for x64-based Systems (KB2839894)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
6/13/2013 Update for Windows 7 for x64-based Systems (KB2808679)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
6/13/2013 Security Update for Windows 7 for x64-based Systems (KB2813430)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
6/13/2013 Update for Windows 7 for x64-based Systems (KB2834140)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
6/12/2013 Definition Update for Windows Defender - KB915597 (Definition 1.151.1977.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
6/7/2013 Definition Update for Windows Defender - KB915597 (Definition 1.151.1787.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
6/4/2013 Definition Update for Windows Defender - KB915597 (Definition 1.151.1542.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
5/31/2013 Definition Update for Windows Defender - KB915597 (Definition 1.151.1320.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
5/28/2013 Definition Update for Windows Defender - KB915597 (Definition 1.151.1061.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
5/24/2013 Definition Update for Windows Defender - KB915597 (Definition 1.151.798.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
5/21/2013 Definition Update for Windows Defender - KB915597 (Definition 1.151.543.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
5/17/2013 Definition Update for Windows Defender - KB915597 (Definition 1.151.280.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
5/17/2013 Security Update for Windows 7 for x64-based Systems (KB2830290)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
5/17/2013 Update for Windows 7 for x64-based Systems (KB2820331)
Install this update to resolve a set of known application compatibility
issues with Windows. For a complete listing of the issues that
are included in this update, see the associated Microsoft Knowledge
Base article for more information. After you install this item,
you may have to restart your computer.
5/17/2013 Update for Windows 7 for x64-based Systems (KB2798162)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
5/17/2013 Update for Windows 7 for x64-based Systems (KB2813956)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
5/17/2013 Security Update for Windows 7 for x64-based Systems (KB2829361)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
5/17/2013 Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit Edition
A security vulnerability exists in Microsoft Visio 2010 32-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
5/17/2013 Windows Malicious Software Removal Tool x64 - May 2013 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
5/17/2013 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2804576)
A security issue has been identified that could allow an attacker
to misrepresent a system action or behavior without the knowledge
of the user. You can help protect your system by installing this
update from Microsoft. After you install this update, you may
have to restart your system.
5/17/2013 Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition
A security vulnerability exists in Microsoft Publisher 2010 32-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
5/17/2013 Security Update for Internet Explorer 9 for Windows 7 for x64-based Systems (KB2847204)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
5/17/2013 Cumulative Security Update for Internet Explorer 9 for Windows 7 for x64-based Systems (KB2829530)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
5/17/2013 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2804579)
A security issue has been identified that could allow an attacker
to misrepresent a system action or behavior without the knowledge
of the user. You can help protect your system by installing this
update from Microsoft. After you install this update, you may
have to restart your system.
5/17/2013 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
This update provides the latest junk email and malicious links
filter definitions for Microsoft Office 2010 32-Bit Edition.
5/17/2013 Cumulative Security Update for ActiveX Killbits for Windows 7 for x64-based Systems (KB2820197)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
5/16/2013 Definition Update for Windows Defender - KB915597 (Definition 1.151.12.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
5/10/2013 Definition Update for Windows Defender - KB915597 (Definition 1.149.1652.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
5/8/2013 Definition Update for Windows Defender - KB915597 (Definition 1.149.1380.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
5/3/2013 Definition Update for Windows Defender - KB915597 (Definition 1.149.1143.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
5/1/2013 Definition Update for Windows Defender - KB915597 (Definition 1.149.884.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
4/26/2013 Definition Update for Windows Defender - KB915597 (Definition 1.149.649.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
4/25/2013 Security Update for Windows 7 for x64-based Systems (KB2840149)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
4/23/2013 Definition Update for Windows Defender - KB915597 (Definition 1.149.350.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
4/21/2013 Definition Update for Windows Defender - KB915597 (Definition 1.149.131.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
4/16/2013 Definition Update for Windows Defender - KB915597 (Definition 1.147.1924.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
4/12/2013 Definition Update for Windows Defender - KB915597 (Definition 1.147.1685.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
4/11/2013 Windows Malicious Software Removal Tool x64 - April 2013 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
4/11/2013 Security Update for Windows 7 for x64-based Systems (KB2813347)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
4/11/2013 Security Update for Windows 7 for x64-based Systems (KB2808735)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
4/11/2013 Security Update for Windows 7 for x64-based Systems (KB2823324)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
4/11/2013 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
This update provides the latest junk email and malicious links
filter definitions for Microsoft Office 2010 32-Bit Edition.
4/11/2013 Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition
A security vulnerability exists in Microsoft InfoPath 2010 32-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
4/11/2013 Cumulative Security Update for Internet Explorer 9 for Windows 7 for x64-based Systems (KB2817183)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
4/11/2013 Security Update for Microsoft InfoPath 2010 (KB2687422) 32-Bit Edition
A security vulnerability exists in Microsoft InfoPath 2010 32-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
4/11/2013 Update for Windows 7 for x64-based Systems (KB2799926)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
4/11/2013 Security Update for Windows 7 for x64-based Systems (KB2813170)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
4/10/2013 Definition Update for Windows Defender - KB915597 (Definition 1.147.1392.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
4/7/2013 Definition Update for Windows Defender - KB915597 (Definition 1.147.1105.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
4/2/2013 Definition Update for Windows Defender - KB915597 (Definition 1.147.868.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
4/2/2013 Definition Update for Windows Defender - KB915597 (Definition 1.147.700.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
3/29/2013 Definition Update for Windows Defender - KB915597 (Definition 1.147.700.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
3/26/2013 Definition Update for Windows Defender - KB915597 (Definition 1.147.471.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
3/23/2013 Definition Update for Windows Defender - KB915597 (Definition 1.147.212.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
3/20/2013 Security Update for Windows 7 for x64-based Systems (KB2807986)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
3/19/2013 Definition Update for Windows Defender - KB915597 (Definition 1.145.2105.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
System Folders
Path for burning CD C:\Users\greg & jacki\AppData\Local\Microsoft\Windows\Burn\Burn
Application Data C:\ProgramData
Public Desktop C:\Users\Public\Desktop
Documents C:\Users\Public\Documents
Global Favorites C:\Users\greg & jacki\Favorites
Music C:\Users\Public\Music
Pictures C:\Users\Public\Pictures
Start Menu Programs C:\ProgramData\Microsoft\Windows\Start Menu\Programs
Start Menu C:\ProgramData\Microsoft\Windows\Start Menu
Startup C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Templates C:\ProgramData\Microsoft\Windows\Templates
Videos C:\Users\Public\Videos
Cookies C:\Users\greg & jacki\AppData\Roaming\Microsoft\Windows\Cookies
Desktop C:\Users\greg & jacki\Desktop
Physical Desktop C:\Users\greg & jacki\Desktop
User Favorites C:\Users\greg & jacki\Favorites
Fonts C:\Windows\Fonts
Internet History C:\Users\greg & jacki\AppData\Local\Microsoft\Windows\History
Temporary Internet Files C:\Users\greg & jacki\AppData\Local\Microsoft\Windows\Temporary Internet Files
Local Application Data C:\Users\greg & jacki\AppData\Local
Windows Directory C:\Windows
Windows/System C:\Windows\system32
Program Files C:\Program Files
Services
Running Adobe Acrobat Update Service
Running AMD External Events Utility
Running Andrea ST Filters Service
Running Application Experience
Running Application Information
Running Audio Service
Running Base Filtering Engine
Running CNG Key Isolation
Running COM+ Event System
Running Credential Manager
Running Cryptographic Services
Running DCOM Server Process Launcher
Running Desktop Window Manager Session Manager
Running DHCP Client
Running Diagnostic Policy Service
Running Diagnostic Service Host
Running Distributed Link Tracking Client
Running DNS Client
Running Easybits Services for Windows
Running Extensible Authentication Protocol
Running Function Discovery Resource Publication
Running Group Policy Client
Running HP Client Services
Running HP Service
Running HP Support Assistant Service
Running HPWMISVC
Running Human Interface Device Access
Running IconMan_R
Running IKE and AuthIP IPsec Keying Modules
Running Intel Management and Security Application Local Management Service
Running Intel Management and Security Application User Notification Service
Running Intel PROSet/Wireless Event Log
Running Intel PROSet/Wireless Registry Service
Running Intel Rapid Storage Technology
Running Intel PROSet/Wireless WiMAX Red Bend Device Management Service
Running Intel PROSet/Wireless WiMAX Service
Running IP Helper
Running Kaspersky Anti-Virus Service
Running Multimedia Class Scheduler
Running Network Connections
Running Network List Service
Running Network Location Awareness
Running Network Store Interface Service
Running Peer Name Resolution Protocol
Running Peer Networking Identity Manager
Running Plug and Play
Running Power
Running Print Spooler
Running Program Compatibility Assistant Service
Running Rapport Management Service
Running RealNetworks Downloader Resolver Service
Running Remote Procedure Call (RPC)
Running RoxioNow Service
Running RPC Endpoint Mapper
Running Security Accounts Manager
Running Security Center
Running Server
Running Shell Hardware Detection
Running SSDP Discovery
Running Superfetch
Running System Event Notification Service
Running Tablet PC Input Service
Running Task Scheduler
Running TCP/IP NetBIOS Helper
Running Themes
Running TrueSuiteService
Running User Profile Service
Running Windows Audio
Running Windows Audio Endpoint Builder
Running Windows Biometric Service
Running Windows Defender
Running Windows Driver Foundation - User-mode Driver Framework
Running Windows Event Log
Running Windows Firewall
Running Windows Font Cache Service
Running Windows Image Acquisition (WIA)
Running Windows Live ID Sign-in Assistant
Running Windows Management Instrumentation
Running Windows Media Player Network Sharing Service
Running Windows Presentation Foundation Font Cache 3.0.0.0
Running Windows Search
Running Windows Update
Running WinHTTP Web Proxy Auto-Discovery Service
Running WLAN AutoConfig
Running WMI Performance Adapter
Running Workstation
Stopped ActiveX Installer (AxInstSV)
Stopped Adaptive Brightness
Stopped Adobe Flash Player Update Service
Stopped Application Identity
Stopped Application Layer Gateway Service
Stopped Background Intelligent Transfer Service
Stopped BitLocker Drive Encryption Service
Stopped Block Level Backup Engine Service
Stopped Bluetooth Support Service
Stopped Certificate Propagation
Stopped COM+ System Application
Stopped Computer Browser
Stopped Diagnostic System Host
Stopped Disk Defragmenter
Stopped Distributed Transaction Coordinator
Stopped Encrypting File System (EFS)
Stopped Fax
Stopped Function Discovery Provider Host
Stopped GamesAppService
Stopped Google Update Service (gupdate)
Stopped Google Update Service (gupdatem)
Stopped Health Key and Certificate Management
Stopped HomeGroup Listener
Stopped HomeGroup Provider
Stopped HP Connection Manager 4.0 Service
Stopped HP Software Framework Service
Stopped Interactive Services Detection
Stopped Internet Connection Sharing (ICS)
Stopped IPsec Policy Agent
Stopped KtmRm for Distributed Transaction Coordinator
Stopped Link-Layer Topology Discovery Mapper
Stopped Media Center Extender Service
Stopped Microsoft .NET Framework NGEN v2.0.50727_X64
Stopped Microsoft .NET Framework NGEN v2.0.50727_X86
Stopped Microsoft .NET Framework NGEN v4.0.30319_X64
Stopped Microsoft .NET Framework NGEN v4.0.30319_X86
Stopped Microsoft iSCSI Initiator Service
Stopped Microsoft SharePoint Workspace Audit Service
Stopped Microsoft Software Shadow Copy Provider
Stopped Net.Tcp Port Sharing Service
Stopped Netlogon
Stopped Network Access Protection Agent
Stopped Office Source Engine
Stopped Office Software Protection Platform
Stopped Parental Controls
Stopped Peer Networking Grouping
Stopped Performance Counter DLL Host
Stopped Performance Logs & Alerts
Stopped PnP-X IP Bus Enumerator
Stopped PNRP Machine Name Publication Service
Stopped Portable Device Enumerator Service
Stopped Problem Reports and Solutions Control Panel Support
Stopped Protected Storage
Stopped Quality Windows Audio Video Experience
Stopped Remote Access Auto Connection Manager
Stopped Remote Access Connection Manager
Stopped Remote Desktop Configuration
Stopped Remote Desktop Services
Stopped Remote Procedure Call (RPC) Locator
Stopped Remote Registry
Stopped Routing and Remote Access
Stopped Secondary Logon
Stopped Secure Socket Tunneling Protocol Service
Stopped Skype Updater
Stopped Smart Card
Stopped Smart Card Removal Policy
Stopped SNMP Trap
Stopped Software Protection
Stopped SPP Notification Service
Stopped Telephony
Stopped Thread Ordering Server
Stopped TPM Base Services
Stopped UPnP Device Host
Stopped Virtual Disk
Stopped Volume Shadow Copy
Stopped WebClient
Stopped Windows Activation Technologies Service
Stopped Windows Backup
Stopped Windows CardSpace
Stopped Windows Color System
Stopped Windows Connect Now - Config Registrar
Stopped Windows Error Reporting Service
Stopped Windows Event Collector
Stopped Windows Installer
Stopped Windows Live Mesh remote connections service
Stopped Windows Media Center Receiver Service
Stopped Windows Media Center Scheduler Service
Stopped Windows Modules Installer
Stopped Windows Remote Management (WS-Management)
Stopped Windows Time
Stopped Wired AutoConfig
Stopped Wireless PAN DHCP Server
Stopped WWAN AutoConfig
Security Options
Accounts: Administrator account status Disabled
Accounts: Guest account status Disabled
Accounts: Limit local account use of blank passwords to console logon only Enabled
Accounts: Rename administrator account Administrator
Accounts: Rename guest account Guest
Audit: Audit the access of global system objects Disabled
Audit: Audit the use of Backup and Restore privilege Disabled
Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings Not Defined
Audit: Shut down system immediately if unable to log security audits Disabled
DCOM: Machine Access Restrictions in Security Descriptor Definition Language (SDDL) syntax Not Defined
DCOM: Machine Launch Restrictions in Security Descriptor Definition Language (SDDL) syntax Not Defined
Devices: Allow undock without having to log on Enabled
Devices: Allowed to format and eject removable media Not Defined
Devices: Prevent users from installing printer drivers Disabled
Devices: Restrict CD-ROM access to locally logged-on user only Not Defined
Devices: Restrict floppy access to locally logged-on user only Not Defined
Domain controller: Allow server operators to schedule tasks Not Defined
Domain controller: LDAP server signing requirements Not Defined
Domain controller: Refuse machine account password changes Not Defined
Domain member: Digitally encrypt or sign secure channel data (always) Enabled
Domain member: Digitally encrypt secure channel data (when possible) Enabled
Domain member: Digitally sign secure channel data (when possible) Enabled
Domain member: Disable machine account password changes Disabled
Domain member: Maximum machine account password age 30 days
Domain member: Require strong (Windows 2000 or later) session key Enabled
Interactive logon: Display user information when the session is locked Not Defined
Interactive logon: Do not display last user name Disabled
Interactive logon: Do not require CTRL+ALT+DEL Not Defined
Interactive logon: Message text for users attempting to log on
Interactive logon: Message title for users attempting to log on
Interactive logon: Number of previous logons to cache (in case domain controller is not available) 10 logons
Interactive logon: Prompt user to change password before expiration 5 days
Interactive logon: Require Domain Controller authentication to unlock workstation Disabled
Interactive logon: Require smart card Disabled
Interactive logon: Smart card removal behavior No Action
Microsoft network client: Digitally sign communications (always) Disabled
Microsoft network client: Digitally sign communications (if server agrees) Enabled
Microsoft network client: Send unencrypted password to third-party SMB servers Disabled
Microsoft network server: Amount of idle time required before suspending session 15 minutes
Microsoft network server: Digitally sign communications (always) Disabled
Microsoft network server: Digitally sign communications (if client agrees) Disabled
Microsoft network server: Disconnect clients when logon hours expire Enabled
Microsoft network server: Server SPN target name validation level Not Defined
Network access: Allow anonymous SID/Name translation Disabled
Network access: Do not allow anonymous enumeration of SAM accounts Enabled
Network access: Do not allow anonymous enumeration of SAM accounts and shares Disabled
Network access: Do not allow storage of passwords and credentials for network authentication Disabled
Network access: Let Everyone permissions apply to anonymous users Disabled
Network access: Named Pipes that can be accessed anonymously
Network access: Remotely accessible registry paths System\CurrentControlSet\Control\ProductOptions,System\CurrentControlSet\Control\Server Applications,Software\Microsoft\Windows NT\CurrentVersion
Network access: Remotely accessible registry paths and sub-paths System\CurrentControlSet\Control\Print\Printers,System\CurrentControlSet\Services\Eventlog,Software\Microsoft\OLAP Server,Software\Microsoft\Windows NT\CurrentVersion\Print,Software\Microsoft\Windows NT\CurrentVersion\Windows,System\CurrentControlSet\Control\ContentIndex,System\CurrentControlSet\Control\Terminal Server,System\CurrentControlSet\Control\Terminal Server\UserConfig,System\CurrentControlSet\Control\Terminal Server\DefaultUserConfiguration,Software\Microsoft\Windows NT\CurrentVersion\Perflib,System\CurrentControlSet\Services\SysmonLog
Network access: Restrict anonymous access to Named Pipes and Shares Enabled
Network access: Shares that can be accessed anonymously Not Defined
Network access: Sharing and security model for local accounts Classic - local users authenticate as themselves
Network security: Allow Local System to use computer identity for NTLM Not Defined
Network security: Allow LocalSystem NULL session fallback Not Defined
Network Security: Allow PKU2U authentication requests to this computer to use online identities Not Defined
Network security: Configure encryption types allowed for Kerberos Not Defined
Network security: Do not store LAN Manager hash value on next password change Enabled
Network security: Force logoff when logon hours expire Disabled
Network security: LAN Manager authentication level Not Defined
Network security: LDAP client signing requirements Negotiate signing
Network security: Minimum session security for NTLM SSP based (including secure RPC) clients Require 128-bit encryption
Network security: Minimum session security for NTLM SSP based (including secure RPC) servers Require 128-bit encryption
Network security: Restrict NTLM: Add remote server exceptions for NTLM authentication Not Defined
Network security: Restrict NTLM: Add server exceptions in this domain Not Defined
Network security: Restrict NTLM: Audit Incoming NTLM Traffic Not Defined
Network security: Restrict NTLM: Audit NTLM authentication in this domain Not Defined
Network security: Restrict NTLM: Incoming NTLM traffic Not Defined
Network security: Restrict NTLM: NTLM authentication in this domain Not Defined
Network security: Restrict NTLM: Outgoing NTLM traffic to remote servers Not Defined
Recovery console: Allow automatic administrative logon Disabled
Recovery console: Allow floppy copy and access to all drives and all folders Disabled
Shutdown: Allow system to be shut down without having to log on Enabled
Shutdown: Clear virtual memory pagefile Disabled
System cryptography: Force strong key protection for user keys stored on the computer Not Defined
System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing Disabled
System objects: Require case insensitivity for non-Windows subsystems Enabled
System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links) Enabled
System settings: Optional subsystems Posix
System settings: Use Certificate Rules on Windows Executables for Software Restriction Policies Disabled
User Account Control: Admin Approval Mode for the Built-in Administrator account Disabled
User Account Control: Allow UIAccess applications to prompt for elevation without using the secure desktop Disabled
User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode Prompt for consent for non-Windows binaries
User Account Control: Behavior of the elevation prompt for standard users Prompt for credentials
User Account Control: Detect application installations and prompt for elevation Enabled
User Account Control: Only elevate executables that are signed and validated Disabled
User Account Control: Only elevate UIAccess applications that are installed in secure locations Enabled
User Account Control: Run all administrators in Admin Approval Mode Enabled
User Account Control: Switch to the secure desktop when prompting for elevation Enabled
User Account Control: Virtualize file and registry write failures to per-user locations Enabled
Device Tree
ACPI x64-based PC
Microsoft ACPI-Compliant System
ACPI Power Button
Microsoft ACPI-Compliant Control Method Battery
Microsoft AC Adapter
HP Mobile Data Protection Sensor
Microsoft Windows Management Interface for ACPI
Intel Core i5-2410M CPU @ 2.30GHz
Intel Core i5-2410M CPU @ 2.30GHz
Intel Core i5-2410M CPU @ 2.30GHz
Intel Core i5-2410M CPU @ 2.30GHz
ACPI Thermal Zone
System board
Motherboard resources
ACPI Fixed Feature Button
PCI bus
2nd generation Intel Core processor family DRAM Controller - 0104
Intel Management Engine Interface
Intel 6 Series/C200 Series Chipset Family SMBus Controller - 1C22
Motherboard resources
2nd generation Intel® Core™ processor family PCI Express Controller - 0101
Radeon HD 6490M
Intel® HD Graphics Family
Generic PnP Monitor
Intel® 6 Series/C200 Series Chipset Family USB Enhanced Host Controller - 1C2D
USB Root Hub
Generic USB Hub
Validity Sensors (WBF) (PID=0018)
USB Composite Device
HP TrueVision HD

High Definition Audio Controller
IDT High Definition Audio CODEC
Intel Display Audio
Intel® 6 Series/C200 Series Chipset Family PCI Express Root Port 1 - 1C10
Realtek PCIe GBE Family Controller
Intel® 6 Series/C200 Series Chipset Family PCI Express Root Port 2 - 1C12
Intel® Centrino® Wireless-N 6150
Microsoft Virtual WiFi Miniport Adapter
Microsoft Virtual WiFi Miniport Adapter #2
Intel® 6 Series/C200 Series Chipset Family PCI Express Root Port 3 - 1C14
Realtek PCIE CardReader
Intel® 6 Series/C200 Series Chipset Family PCI Express Root Port 4 - 1C16
Renesas Electronics USB 3.0 Host Controller
Renesas Electronics USB 3.0 Root Hub
Intel® 6 Series/C200 Series Chipset Family USB Enhanced Host Controller - 1C26
USB Root Hub
Generic USB Hub
Intel Centrino WiMAX 6150 Function Driver
USB Composite Device
USB Input Device
HID-compliant mouse
USB Input Device
HID-compliant consumer control device
HID-compliant device
HID-compliant device
Intel® HM65 Express Chipset Family LPC Interface Controller - 1C49
Microsoft ACPI-Compliant Embedded Controller
ACPI Lid
Direct memory access controller
Intel 82802 Firmware Hub Device
High precision event timer
Programmable interrupt controller
Numeric data processor
Motherboard resources
System CMOS/real time clock
System timer
Motherboard resources
Standard PS/2 Keyboard
Synaptics PS/2 Port TouchPad
Intel® Mobile Express Chipset SATA AHCI Controller
TOSHIBA MK7575GSX
hp DVD-RAM UJ8B1
CPU
Intel Core i5 2410M
Cores 2
Threads 4
Name Intel Core i5 2410M
Code Name Sandy Bridge
Package Socket 988B rPGA
Technology 32nm
Specification Intel Core i5-2410M CPU @ 2.30GHz
Family 6
Extended Family 6
Model A
Extended Model 2A
Stepping 7
Revision D2
Instructions MMX, SSE, SSE2, SSE3, SSSE3, SSE4.1, SSE4.2, Intel 64, NX, VMX, AES, AVX
Virtualization Supported, Disabled
Hyperthreading Supported, Enabled
Bus Speed 99.8 MHz
Stock Core Speed 2300 MHz
Stock Bus Speed 100 MHz
Average Temperature 43 °C
Caches
L1 Data Cache Size 2 x 32 KBytes
L1 Instructions Cache Size 2 x 32 KBytes
L2 Unified Cache Size 2 x 256 KBytes
L3 Unified Cache Size 3072 KBytes
Core 0
Core Speed 798.2 MHz
Multiplier x 8.0
Bus Speed 99.8 MHz
Temperature 43 °C
Thread 1
APIC ID 0
Thread 2
APIC ID 1
Core 1
Core Speed 798.2 MHz
Multiplier x 8.0
Bus Speed 99.8 MHz
Temperature 43 °C
Thread 1
APIC ID 2
Thread 2
APIC ID 3
RAM
Memory slots
Total memory slots 2
Used memory slots 2
Free memory slots 0
Memory
Type DDR3
Size 8192 MBytes
Channels # Dual
DRAM Frequency 665.2 MHz
CAS# Latency (CL) 9 clocks
RAS# to CAS# Delay (tRCD) 9 clocks
RAS# Precharge (tRP) 9 clocks
Cycle Time (tRAS) 24 clocks
Command Rate (CR) 1T
Physical Memory
Memory Usage 29 %
Total Physical 7.95 GB
Available Physical 5.58 GB
Total Virtual 16 GB
Available Virtual 13 GB
SPD
Number Of SPD Modules 2
Slot #1
Type DDR3
Size 4096 MBytes
Manufacturer Micron Technology
Max Bandwidth PC3-10700 (667 MHz)
Part Number 16JSF51264HZ-1G4D1
Serial Number FB61B5CB
Week/year 33 / 11
SPD Ext. EPP
JEDEC #6
Frequency 761.9 MHz
CAS# Latency 10.0
RAS# To CAS# 10
RAS# Precharge 10
tRAS 28
tRC 38
Voltage 1.500 V
JEDEC #5
Frequency 685.7 MHz
CAS# Latency 9.0
RAS# To CAS# 9
RAS# Precharge 9
tRAS 25
tRC 34
Voltage 1.500 V
JEDEC #4
Frequency 609.5 MHz
CAS# Latency 8.0
RAS# To CAS# 8
RAS# Precharge 8
tRAS 22
tRC 30
Voltage 1.500 V
JEDEC #3
Frequency 533.3 MHz
CAS# Latency 7.0
RAS# To CAS# 7
RAS# Precharge 7
tRAS 20
tRC 27
Voltage 1.500 V
JEDEC #2
Frequency 457.1 MHz
CAS# Latency 6.0
RAS# To CAS# 6
RAS# Precharge 6
tRAS 17
tRC 23
Voltage 1.500 V
JEDEC #1
Frequency 381.0 MHz
CAS# Latency 5.0
RAS# To CAS# 5
RAS# Precharge 5
tRAS 14
tRC 19
Voltage 1.500 V
Slot #2
Type DDR3
Size 4096 MBytes
Manufacturer Micron Technology
Max Bandwidth PC3-10700 (667 MHz)
Part Number 16JSF51264HZ-1G4D1
Serial Number FB61B5C1
Week/year 33 / 11
SPD Ext. EPP
JEDEC #6
Frequency 761.9 MHz
CAS# Latency 10.0
RAS# To CAS# 10
RAS# Precharge 10
tRAS 28
tRC 38
Voltage 1.500 V
JEDEC #5
Frequency 685.7 MHz
CAS# Latency 9.0
RAS# To CAS# 9
RAS# Precharge 9
tRAS 25
tRC 34
Voltage 1.500 V
JEDEC #4
Frequency 609.5 MHz
CAS# Latency 8.0
RAS# To CAS# 8
RAS# Precharge 8
tRAS 22
tRC 30
Voltage 1.500 V
JEDEC #3
Frequency 533.3 MHz
CAS# Latency 7.0
RAS# To CAS# 7
RAS# Precharge 7
tRAS 20
tRC 27
Voltage 1.500 V
JEDEC #2
Frequency 457.1 MHz
CAS# Latency 6.0
RAS# To CAS# 6
RAS# Precharge 6
tRAS 17
tRC 23
Voltage 1.500 V
JEDEC #1
Frequency 381.0 MHz
CAS# Latency 5.0
RAS# To CAS# 5
RAS# Precharge 5
tRAS 14
tRC 19
Voltage 1.500 V
Motherboard
Manufacturer Hewlett-Packard
Model 1659 (CPU1)
Version 058A110002244710000622100
Chipset Vendor Intel
Chipset Model Sandy Bridge
Chipset Revision 09
Southbridge Vendor Intel
Southbridge Model HM65
Southbridge Revision 05
System Temperature 49 °C
BIOS
Brand Hewlett-Packard
Version F.1B
Date 10/5/2011
PCI Data
Slot PCI-E x16
Slot Type PCI-E x16
Slot Usage In Use
Data lanes x16
Slot Designation J5C1
Characteristics 3.3V, Shared, PME, Hot Plug
Slot Number 0
Slot PCI-E x4
Slot Type PCI-E x4
Slot Usage In Use
Data lanes x4
Slot Designation J6C1
Characteristics 3.3V, Shared, PME, Hot Plug
Slot Number 1
Slot PCI-E x1
Slot Type PCI-E x1
Slot Usage In Use
Data lanes x1
Slot Designation J6C2
Characteristics 3.3V, Shared, PME, Hot Plug
Slot Number 2
Slot PCI-E x1
Slot Type PCI-E x1
Slot Usage In Use
Data lanes x1
Slot Designation J6D2
Characteristics 3.3V, Shared, PME, Hot Plug
Slot Number 3
Slot PCI-E x1
Slot Type PCI-E x1
Slot Usage In Use
Data lanes x1
Slot Designation J7C1
Characteristics 3.3V, Shared, PME, Hot Plug
Slot Number 4
Slot PCI-E x1
Slot Type PCI-E x1
Slot Usage In Use
Data lanes x1
Slot Designation J7D2
Characteristics 3.3V, Shared, PME, Hot Plug
Slot Number 5
Slot PCI-E x16
Slot Type PCI-E x16
Slot Usage In Use
Data lanes x16
Slot Designation J8C2
Characteristics 3.3V, Shared, PME, Hot Plug
Slot Number 6
Graphics
Monitor
Name Generic PnP Monitor on Intel HD Graphics Family
Current Resolution 1600x900 pixels
Work Resolution 1600x852 pixels
State Enabled, Primary
Monitor Width 1600
Monitor Height 900
Monitor BPP 32 bits per pixel
Monitor Frequency 60 Hz
Device \\.\DISPLAY1\Monitor0
Intel HD Graphics Family
Manufacturer Intel
Model HD Graphics Family
Device ID 8086-0116
Revision A
Subvendor HP (103C)
Current Performance Level Level 0
Driver version 8.882.2.3000
Count of performance levels : 1
Level 1
GPU Clock 100 MHz
ATI Radeon ™ HD 6490M
Manufacturer ATI
Model Radeon HD 6490M
GPU Seymour
Device ID 1002-6760
Subvendor HP (103C)
Current Performance Level Level 0
Die Size 67 mm˛
Release Date 2010
DirectX Support 11.0
DirectX Shader Model 5.0
OpenGL Support 4.2
GPU Clock 100.0 (750.0) MHz
Bios Core Clock 123.36
Bios Mem Clock 123.36
Driver version 8.882.2.3000
ROPs 32
Memory Type GDDR5
Memory 1024 MB
Pixel Fillrate 24.0 GPixels/s
Bandwidth 24.8 GB/s
Count of performance levels : 1
Level 1
Hard Drives
TOSHIBA MK7575GSX
Manufacturer TOSHIBA
Heads 16
Cylinders 16,383
SATA type SATA-II 3.0Gb/s
Device type Fixed
ATA Standard ATA8-ACS
Serial Number 81EKT1IKT
LBA Size 48-bit LBA
Power On Count 2198 times
Power On Time 121.2 days
Speed 5400 RPM
Features S.M.A.R.T., APM, NCQ
Transfer Mode SATA II
Interface SATA
Capacity 699 GB
Real size 750,156,374,016 bytes
RAID Type None
S.M.A.R.T
Status Good
Temperature 33 °C
Temperature Range OK (less than 50 °C)
01 Read Error Rate 100 (100) Data 0000000000
02 Throughput Performance 100 (100) Data 0000000000
03 Spin-Up Time 100 (100) Data 0000000776
04 Start/Stop Count 100 (100) Data 000000089C
05 Reallocated Sectors Count 100 (100) Data 0000000000
07 Seek Error Rate 100 (100) Data 0000000000
08 Seek Time Performance 100 (100) Data 0000000000
09 Power-On Hours (POH) 093 (093) Data 0000000B5D
0A Spin Retry Count 143 (100) Data 0000000000
0C Device Power Cycle Count 100 (100) Data 0000000896
B7 SATA Downshift Error Count 100 (100) Data 0000000000
B8 End-to-End error / IOEDC 100 (100) Data 0000000000
B9 Head Stability 100 (100) Data 000000FFFF
BB Reported Uncorrectable Errors 001 (001) Data 000000048A
BC Command Timeout 100 (099) Data 0000000006
BD High Fly Writes (WDC) 100 (100) Data 0000000000
BE Temperature Difference from 100 067 (049) Data 0021180021
BF G-sense error rate 100 (100) Data 00000000EA
C0 Power-off Retract Count 100 (100) Data 00000B000B
C1 Load/Unload Cycle Count 099 (099) Data 0000003E90
C4 Reallocation Event Count 100 (100) Data 0000000000
C5 Current Pending Sector Count 100 (100) Data 0000000000
C7 UltraDMA CRC Error Count 200 (200) Data 0000000000
Partition 0
Partition ID Disk #0, Partition #0
Size 199 MB
Partition 1
Partition ID Disk #0, Partition #1
Disk Letter C:
File System NTFS
Volume Serial Number 2090E7D5
Size 684 GB
Used Space 226 GB (34%)
Free Space 458 GB (66%)
Partition 2
Partition ID Disk #0, Partition #2
Disk Letter D:
File System NTFS
Volume Serial Number 52EA16AA
Size 14.4 GB
Used Space 14.1 GB (98%)
Free Space 298 MB (2%)
Partition 3
Partition ID Disk #0, Partition #3
Disk Letter F:
File System FAT32
Volume Serial Number 8CB7C1A8
Size 98 MB
Used Space 14 MB (15%)
Free Space 84 MB (85%)
Optical Drives
hp DVD-RAM UJ8B1
Media Type DVD Writer
Name hp DVD-RAM UJ8B1
Availability Running/Full Power
Capabilities Random Access, Supports Writing, Supports Removable Media
Read capabilities CD-R, CD-RW, CD-ROM, DVD-RAM, DVD-ROM, DVD-R, DVD-RW, DVD+R, DVD+RW, DVD-R DL, DVD+R DL
Write capabilities CD-R, CD-RW, DVD-RAM, DVD-R, DVD-RW, DVD+R, DVD+RW, DVD-R DL, DVD+R DL
Config Manager Error Code Device is working properly
Config Manager User Config FALSE
Drive E:
Media Loaded FALSE
SCSI Bus 0
SCSI Logical Unit 0
SCSI Port 0
SCSI Target Id 1
Status OK
Audio
Sound Cards
IDT High Definition Audio CODEC
Intel Display Audio
Playback Devices
Speakers and Headphones (IDT High Definition Audio CODEC) (default)
Communications Headphones (IDT High Definition Audio CODEC)
Recording Devices
Integrated Microphone Array (IDT High Definition Audio CODEC) (default)
Stereo Mix (IDT High Definition Audio CODEC)
External Mic (IDT High Definition Audio CODEC)
Peripherals
Standard PS/2 Keyboard
Device Kind Keyboard
Device Name Standard PS/2 Keyboard
Vendor (Standard keyboards)
Location plugged into keyboard port
Driver
Date 6-21-2006
Version 6.1.7601.17514
File C:\Windows\system32\DRIVERS\i8042prt.sys
File C:\Windows\system32\DRIVERS\kbdclass.sys
Synaptics PS/2 Port TouchPad
Device Kind Mouse
Device Name Synaptics PS/2 Port TouchPad
Vendor Synaptics
Location plugged into PS/2 mouse port
Driver
Date 10-13-2011
Version 15.3.29.0
File C:\Windows\system32\DRIVERS\i8042prt.sys
HID-compliant mouse
Device Kind Mouse
Device Name HID-compliant mouse
Vendor Logitech
Location USB Input Device
Driver
Date 6-21-2006
Version 6.1.7600.16385
File C:\Windows\system32\DRIVERS\mouhid.sys
File C:\Windows\system32\DRIVERS\mouclass.sys
HP Deskjet 3050A J611 series
Device Kind Printer
Device Name HP Deskjet 3050A J611 series
Vendor Hewlett-Packard
Driver
Date 3-16-2011
Version 5.56.3.925
USB Video Device
Device Kind Camera/scanner
Device Name USB Video Device
Vendor Unknown
Comment HP TrueVision HD

Location 0000.001a.0000.001.002.000.000.000.000
Driver
Date 6-21-2006
Version 6.1.7601.17514
File C:\Windows\system32\drivers\usbvideo.sys
HP Deskjet 3050A J611 series (NET)
Device Kind Camera/scanner
Device Name HP Deskjet 3050A J611 series (NET)
Vendor Hewlett-Packard
Driver
Date 8-12-2009
Version 9.0.0.0
File C:\Windows\system32\DRIVERS\serscan.sys
Printers
Fax
Printer Port SHRFAX:
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 200 * 200 dpi Monochrome
Status Unknown
Driver
Driver Name Microsoft Shared Fax Driver (v4.00)
Driver Path C:\Windows\system32\spool\DRIVERS\x64\3\FXSDRV.DLL
HP Deskjet 3050A J611 series (Network) (Default Printer)
Printer Port CN1694C90705PJ
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 600 * 300 dpi Color
Status Unknown
Driver
Driver Name HP Deskjet 3050A J611 series (v6.00)
Driver Path C:\Windows\system32\spool\DRIVERS\x64\3\UNIDRV.DLL
Microsoft XPS Document Writer
Printer Port XPSPort:
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 600 * 600 dpi Color
Status Unknown
Driver
Driver Name Microsoft XPS Document Writer (v6.00)
Driver Path C:\Windows\system32\spool\DRIVERS\x64\3\mxdwdrv.dll
Send To OneNote 2010
Printer Port nul:
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 600 * 600 dpi Color
Status Unknown
Driver
Driver Name Send To Microsoft OneNote 2010 Driver (v6.00)
Driver Path C:\Windows\system32\spool\DRIVERS\x64\3\mxdwdrv.dll
Network
You are connected to the internet
Connected through Intel Centrino Wireless-N 6150
IP Address 10.0.0.4
Subnet mask 255.255.255.0
Gateway server 10.0.0.1
Preferred DNS server 75.75.76.76
Alternate DNS server 75.75.75.75
DHCP Enabled
DHCP server 10.0.0.1
External IP Address 75.72.61.11
Adapter Type IEEE 802.11 wireless
NetBIOS over TCP/IP Enabled via DHCP
NETBIOS Node Type Hybrid node
Link Speed 0 Bps
Computer Name
NetBIOS Name HP
DNS Name HP
Membership Part of workgroup
Workgroup WORKGROUP
Remote Desktop
Disabled
Console
State Active
Domain HP
WinInet Info
LAN Connection
Local system uses a local area network to connect to the Internet
Local system has RAS to connect to the Internet
Wi-Fi Info
Using native Wi-Fi API version 2
Available access points count 1
Wi-Fi (HOME-62A8)
SSID HOME-62A8
Frequency 2442000 kHz
Channel Number 7
Name HOME-62A8
Signal Strength/Quality 99
Security Enabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags Currently Connected to this network
Cipher Algorithm to be used when joining this network AES-CCMP algorithm
Default Auth used to join this network for the first time 802.11i RSNA algorithm that uses PSK
WinHTTPInfo
WinHTTPSessionProxyType No proxy
Session Proxy
Session Proxy Bypass
Connect Retries 5
Connect Timeout (ms) 60,000
HTTP Version HTTP 1.1
Max Connects Per 1.0 Servers INFINITE
Max Connects Per Servers INFINITE
Max HTTP automatic redirects 10
Max HTTP status continue 10
Send Timeout (ms) 30,000
IEProxy Auto Detect No
IEProxy Auto Config
IEProxy
IEProxy Bypass
Default Proxy Config Access Type No proxy
Default Config Proxy
Default Config Proxy Bypass
Sharing and Discovery
Network Discovery Enabled
File and Printer Sharing Disabled
File and printer sharing service Enabled
Simple File Sharing Enabled
Administrative Shares Enabled
Network access: Sharing and security model for local accounts Classic - local users authenticate as themselves
Adapters List
Intel® Centrino® WiMAX 6150
IP Address 0.0.0.0
Subnet mask 0.0.0.0
Gateway server 0.0.0.0
MAC Address 64-D4-DA-5D-81-E9
Microsoft Virtual WiFi Miniport Adapter #2
IP Address 0.0.0.0
Subnet mask 0.0.0.0
Gateway server 0.0.0.0
MAC Address 40-25-C2-53-4D-15
Microsoft Virtual WiFi Miniport Adapter
IP Address 0.0.0.0
Subnet mask 0.0.0.0
Gateway server 0.0.0.0
MAC Address 40-25-C2-53-4D-15
Intel® Centrino® Wireless-N 6150
IP Address 10.0.0.4
Subnet mask 255.255.255.0
Gateway server 10.0.0.1
MAC Address 40-25-C2-53-4D-14
Realtek PCIe GBE Family Controller
IP Address 0.0.0.0
Subnet mask 0.0.0.0
Gateway server 0.0.0.0
MAC Address 10-1F-74-17-57-8A
Network Shares
Users C:\Users
Current TCP Connections
avp.exe (2472)
Local 0.0.0.0:1110 LISTEN
Local 10.0.0.4:49834 ESTABLISHED Remote 10.0.0.2:8080 (Querying... )
Local 10.0.0.4:50215 ESTABLISHED Remote 74.125.142.121:80 (Querying... ) (HTTP)
Local 10.0.0.4:50216 ESTABLISHED Remote 74.125.142.121:80 (Querying... ) (HTTP)
Local 10.0.0.4:50228 ESTABLISHED Remote 23.62.97.192:80 (Querying... ) (HTTP)
Local 127.0.0.1:1110 ESTABLISHED Remote 127.0.0.1:49833 (Querying... )
Local 127.0.0.1:1110 ESTABLISHED Remote 127.0.0.1:50213 (Querying... )
Local 127.0.0.1:1110 ESTABLISHED Remote 127.0.0.1:50214 (Querying... )
Local 127.0.0.1:1110 ESTABLISHED Remote 127.0.0.1:50226 (Querying... )
C:\Program Files (x86)\Internet Explorer\iexplore.exe (29060)
Local 127.0.0.1:50213 ESTABLISHED Remote 127.0.0.1:1110 (Querying... )
Local 127.0.0.1:50214 ESTABLISHED Remote 127.0.0.1:1110 (Querying... )
Local 127.0.0.1:50226 ESTABLISHED Remote 127.0.0.1:1110 (Querying... )
C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe (4608)
Local 127.0.0.1:49833 ESTABLISHED Remote 127.0.0.1:1110 (Querying... )
lsass.exe (812)
Local 0.0.0.0:49155 LISTEN
services.exe (804)
Local 0.0.0.0:49157 LISTEN
svchost.exe (1112)
Local 0.0.0.0:49153 LISTEN
svchost.exe (1180)
Local 0.0.0.0:49154 LISTEN
svchost.exe (120)
Local 0.0.0.0:135 (DCE) LISTEN
System Process
Local 10.0.0.4:50212 TIME-WAIT Remote 4.28.136.36:80 (Querying... ) (HTTP)
Local 10.0.0.4:50233 TIME-WAIT Remote 4.28.136.36:80 (Querying... ) (HTTP)
Local 10.0.0.4:50235 TIME-WAIT Remote 108.171.164.205:80 (Querying... ) (HTTP)
Local 127.0.0.1:1110 TIME-WAIT Remote 127.0.0.1:50221 (Querying... )
Local 127.0.0.1:1110 TIME-WAIT Remote 127.0.0.1:50222 (Querying... )
System Process
Local 0.0.0.0:445 (Windows shares) LISTEN
Local 0.0.0.0:5357 LISTEN
Local 10.0.0.4:139 (NetBIOS session service) LISTEN
wininit.exe (708)
Local 0.0.0.0:49152 LISTEN
Generated with Speccy v1.23.569
  • 0

#90
gregahoffman

gregahoffman

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 400 posts
OTL logs

OTL logfile created on: 10/4/2013 8:37:17 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\greg & jacki\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.95 Gb Total Physical Memory | 5.64 Gb Available Physical Memory | 70.95% Memory free
15.90 Gb Paging File | 13.29 Gb Available in Paging File | 83.60% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 683.98 Gb Total Space | 458.17 Gb Free Space | 66.99% Space Free | Partition Type: NTFS
Drive D: | 14.36 Gb Total Space | 0.29 Gb Free Space | 2.03% Space Free | Partition Type: NTFS
Drive F: | 98.87 Mb Total Space | 84.59 Mb Free Space | 85.56% Space Free | Partition Type: FAT32

Computer Name: HP | User Name: greg & jacki | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/10/04 18:51:25 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\greg & jacki\Desktop\OTL.exe
PRC - [2013/07/25 09:46:14 | 002,476,312 | ---- | M] (Trusteer Ltd.) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
PRC - [2013/07/25 09:46:14 | 001,435,928 | ---- | M] (Trusteer Ltd.) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
PRC - [2013/07/10 08:58:32 | 029,378,880 | ---- | M] (SlimWare Utilities, Inc.) -- C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
PRC - [2013/05/11 05:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/03/21 19:24:11 | 000,295,512 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2013/03/06 02:21:50 | 000,039,056 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2012/12/07 14:40:15 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2012/11/25 22:24:50 | 000,356,376 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe
PRC - [2011/07/11 15:04:44 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2011/05/20 11:10:26 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011/03/08 14:21:10 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2011/02/18 00:48:24 | 000,265,544 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
PRC - [2011/02/18 00:48:12 | 000,642,888 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
PRC - [2011/02/18 00:47:58 | 000,142,664 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
PRC - [2010/12/22 15:25:02 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/12/22 15:24:58 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/11/26 09:09:12 | 000,399,344 | ---- | M] (Roxio) -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
PRC - [2010/04/23 14:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2010/04/23 14:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2010/04/23 14:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2010/04/23 14:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2010/04/23 14:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2010/04/23 14:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2010/04/23 14:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe


========== Modules (No Company Name) ==========

MOD - [2013/08/29 17:46:42 | 000,991,984 | ---- | M] () -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportMS.dll
MOD - [2012/08/17 22:38:56 | 000,479,160 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\dblite.dll
MOD - [2012/06/27 15:09:06 | 000,557,056 | ---- | M] () -- C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
MOD - [2011/03/17 01:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/10/20 16:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/05/27 00:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012/12/07 19:14:05 | 000,301,568 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2012/12/07 19:14:04 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2011/10/01 02:06:14 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011/07/27 22:04:48 | 001,517,328 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2011/07/27 21:48:34 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2011/07/27 21:44:18 | 000,844,560 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2011/05/13 19:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2011/01/30 21:22:58 | 000,499,200 | ---- | M] (Red Bend Ltd.) [Auto | Running] -- C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe -- (DMAgent)
SRV:64bit: - [2011/01/30 21:17:08 | 000,885,248 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe -- (WiMAXAppSrv)
SRV:64bit: - [2010/10/11 04:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:64bit: - [2010/09/22 20:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2013/09/19 20:22:17 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/07/25 09:46:14 | 001,435,928 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2013/05/11 05:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/04/19 15:14:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/03/06 02:21:50 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2012/12/07 19:26:33 | 002,413,056 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2012/11/25 22:24:50 | 000,356,376 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe -- (AVP)
SRV - [2012/09/27 12:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2011/07/11 15:04:44 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2011/05/20 11:10:26 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011/02/18 00:48:24 | 000,265,544 | ---- | M] (HP) [Auto | Running] -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe -- (FPLService)
SRV - [2011/02/15 17:48:52 | 001,071,160 | ---- | M] (Hewlett-Packard Development Company L.P.) [On_Demand | Stopped] -- C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe -- (hpCMSrv)
SRV - [2010/12/22 15:25:02 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/12/22 15:24:58 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/11/26 09:09:12 | 000,399,344 | ---- | M] (Roxio) [Auto | Running] -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe -- (RoxioNow Service)
SRV - [2010/10/12 12:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/10/04 18:54:37 | 000,016,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SWDUMon.sys -- (SWDUMon)
DRV:64bit: - [2013/07/25 09:46:26 | 000,295,696 | ---- | M] (Trusteer Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\RapportKE64.sys -- (RapportKE64)
DRV:64bit: - [2013/06/18 07:04:10 | 000,054,368 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kltdi.sys -- (kltdi)
DRV:64bit: - [2013/04/22 18:51:39 | 000,178,448 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kneps.sys -- (kneps)
DRV:64bit: - [2013/04/22 18:51:38 | 000,620,128 | ---- | M] (Kaspersky Lab ZAO) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2012/12/07 19:26:33 | 000,338,536 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2012/12/07 19:14:05 | 000,528,384 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2012/12/07 14:40:15 | 000,208,896 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2012/12/07 14:40:15 | 000,091,648 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2012/10/25 18:23:06 | 000,029,528 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:64bit: - [2012/10/25 18:23:06 | 000,029,016 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klkbdflt.sys -- (klkbdflt)
DRV:64bit: - [2012/08/23 09:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 09:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/23 09:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/08/02 16:09:34 | 000,028,504 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:64bit: - [2012/06/19 18:28:12 | 000,458,584 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (KL1)
DRV:64bit: - [2012/03/12 14:06:46 | 011,471,872 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Netwsw00.sys -- (NETwNs64)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/10/14 05:37:44 | 000,396,848 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/10/01 04:58:34 | 009,981,952 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/10/01 01:28:46 | 000,310,272 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/08/09 12:32:02 | 012,289,472 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2011/05/20 10:53:44 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/05/13 19:58:16 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2011/05/13 19:57:58 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/16 20:11:08 | 000,428,136 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/02/16 19:46:36 | 000,042,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WDKMD.sys -- (wdkmd)
DRV:64bit: - [2011/01/18 13:16:12 | 000,173,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bpmp.sys -- (bpmp)
DRV:64bit: - [2011/01/18 13:16:06 | 000,081,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bpusb.sys -- (bpusb)
DRV:64bit: - [2011/01/18 13:16:04 | 000,075,264 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bpenum.sys -- (bpenum)
DRV:64bit: - [2010/11/20 22:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/10/19 19:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/10/15 04:28:16 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/07/28 11:13:50 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 19:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/10 16:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 16:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 16:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 15:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 15:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2013/08/29 17:46:42 | 000,589,872 | ---- | M] () [Kernel | System | Running] -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_56758.sys -- (RapportCerberus_56758)
DRV - [2013/07/25 09:46:26 | 000,384,144 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys -- (RapportPG64)
DRV - [2013/07/25 09:46:26 | 000,265,872 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys -- (RapportEI64)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{DD065C6A-C257-4F8A-B51E-6FB5B03F698F}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}
IE - HKLM\..\SearchScopes\{DD065C6A-C257-4F8A-B51E-6FB5B03F698F}: "URL" = http://www.amazon.co...s={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}
IE - HKCU\..\SearchScopes\{DD065C6A-C257-4F8A-B51E-6FB5B03F698F}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.1.18: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.1.18: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\[email protected]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\[email protected] [2013/04/22 18:51:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\[email protected] [2013/04/22 18:51:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\[email protected] [2013/04/22 18:51:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DAC3F861-B30D-40dd-9166-F4E75327FAC7}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/03/21 19:24:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/03/21 19:24:51 | 000,000,000 | ---D | M]

[2013/07/17 16:58:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\greg & jacki\AppData\Roaming\Mozilla\Firefox\extensions
[2013/03/21 19:31:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

========== Chrome ==========


O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2:64bit: - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll (HP)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O2:64bit: - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2 - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll (HP)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelPAN] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4:64bit: - HKLM..\Run: [IntelWirelessWiMAX] C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe (Intel® Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [HP Deskjet 3050A J611 series (NET)] C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:64bit: - Extra Button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra Button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.syste...el_4.5.15.0.cab (SysInfo Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.76.76 75.75.75.75
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{51A4B124-AFFA-46FD-B89F-CD561F6C9224}: NameServer = 0.0.0.0
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9BFE5F03-AFD3-482A-8B09-6BCCE730FC90}: DhcpNameServer = 75.75.76.76 75.75.75.75
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C9FFE1F0-DE37-46F9-BA8B-8666F94DF800}: DhcpNameServer = 150.100.2.6
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


MsConfig:64bit - StartUpFolder: C:^Users^greg & jacki^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Monitor Ink Alerts - HP Deskjet 3050A J611 series (Network).lnk - C:\Windows\SysNative\RunDll32.exe - (Microsoft Corporation)
MsConfig:64bit - StartUpReg: Easybits Recovery - hkey= - key= - C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS)
MsConfig:64bit - StartUpReg: HP Quick Launch - hkey= - key= - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
MsConfig:64bit - StartUpReg: HP Software Update - hkey= - key= - C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Hewlett-Packard)
MsConfig:64bit - StartUpReg: HPConnectionManager - hkey= - key= - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe (Hewlett-Packard Development Company L.P.)
MsConfig:64bit - StartUpReg: HPOSD - hkey= - key= - C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
MsConfig:64bit - StartUpReg: IAStorIcon - hkey= - key= - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
MsConfig:64bit - StartUpReg: TkBellExe - hkey= - key= - C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
MsConfig:64bit - State: "startup" - Reg Error: Key error.

SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2013/10/04 20:34:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
[2013/10/04 20:34:08 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy
[2013/10/04 20:09:20 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/10/04 18:52:11 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/10/04 18:51:24 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\greg & jacki\Desktop\OTL.exe
[2013/10/04 18:50:56 | 005,552,488 | ---- | C] (Piriform Ltd) -- C:\Users\greg & jacki\Desktop\spsetup123.exe
[2013/10/04 18:49:38 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Users\greg & jacki\Desktop\aswmbr.exe
[2013/10/04 18:49:14 | 001,030,305 | ---- | C] (Thisisu) -- C:\Users\greg & jacki\Desktop\JRT.exe
[2013/09/12 06:51:29 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/09/12 06:51:29 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/09/12 06:51:27 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/09/12 06:51:27 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/09/12 06:51:27 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/09/12 06:51:27 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/09/12 06:51:26 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/09/12 06:51:26 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/09/12 06:51:26 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/09/12 06:51:24 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/09/12 06:51:24 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/09/12 06:51:24 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/09/12 06:51:23 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/09/12 06:51:23 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/09/12 06:51:23 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/09/12 06:39:52 | 000,155,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys
[2013/09/12 06:39:38 | 005,554,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013/09/12 06:39:38 | 003,973,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013/09/12 06:39:37 | 003,918,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013/09/12 06:39:37 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2013/09/12 06:39:37 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2013/09/12 06:39:37 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidpolicyconverter.exe
[2013/09/12 06:39:36 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2013/09/12 06:39:36 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013/09/12 06:39:36 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013/09/12 06:39:36 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2013/09/12 06:39:36 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidapi.dll
[2013/09/12 06:39:36 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\appidapi.dll
[2013/09/12 06:39:35 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2013/09/12 06:39:35 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2013/09/12 06:39:35 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2013/09/12 06:39:35 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidcertstorecheck.exe
[2013/09/12 06:39:35 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2013/09/12 06:39:35 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013/09/12 06:39:35 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2013/09/12 06:39:34 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013/09/12 06:39:34 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013/09/12 06:39:34 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013/09/12 06:39:34 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013/09/12 06:39:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/09/12 06:39:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013/09/12 06:39:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013/09/12 06:39:33 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013/09/12 06:39:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/09/12 06:39:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/09/12 06:39:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013/09/12 06:39:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013/09/12 06:39:32 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013/09/12 06:39:32 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013/09/12 06:39:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/09/12 06:39:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013/09/12 06:39:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013/09/12 06:39:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/09/12 06:39:31 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013/09/12 06:39:31 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013/09/12 06:39:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/09/12 06:39:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013/09/12 06:39:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013/09/12 06:39:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013/09/12 06:39:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013/09/12 06:39:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/09/12 06:39:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/09/12 06:39:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013/09/12 06:39:29 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013/09/12 06:39:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/09/12 06:39:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/09/12 06:39:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013/09/12 06:39:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013/09/12 06:39:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013/09/12 06:39:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013/09/12 06:39:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013/09/12 06:39:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013/09/12 06:39:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013/09/12 06:39:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013/09/12 06:39:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013/09/12 06:39:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013/09/12 06:39:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/09/12 06:39:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013/09/12 06:39:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013/09/12 06:39:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013/09/12 06:39:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013/09/12 06:39:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013/09/12 06:39:25 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2013/09/12 06:39:25 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2013/09/12 06:39:25 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013/09/12 06:39:25 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013/09/12 06:39:25 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013/09/12 06:39:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/09/12 06:39:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013/09/12 06:39:24 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013/09/12 06:39:24 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013/09/12 06:39:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013/09/12 06:39:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013/09/12 06:39:23 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013/09/12 06:39:23 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013/09/12 06:39:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013/09/12 06:39:23 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013/09/12 06:39:18 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2013/09/10 19:40:28 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/10/04 20:34:09 | 000,000,796 | ---- | M] () -- C:\Users\Public\Desktop\Speccy.lnk
[2013/10/04 20:23:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/10/04 20:13:00 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/10/04 20:05:52 | 000,000,270 | ---- | M] () -- C:\Windows\tasks\HP Photo Creations Messager.job
[2013/10/04 20:05:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/10/04 19:01:41 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/10/04 19:01:41 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/10/04 18:54:43 | 000,000,424 | ---- | M] () -- C:\Windows\tasks\SlimDrivers Startup.job
[2013/10/04 18:54:37 | 000,016,152 | ---- | M] () -- C:\Windows\SysNative\drivers\SWDUMon.sys
[2013/10/04 18:54:24 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/10/04 18:54:18 | 000,001,954 | ---- | M] () -- C:\Users\greg & jacki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 3050A J611 series (Network).lnk
[2013/10/04 18:53:57 | 2106,478,591 | -HS- | M] () -- C:\hiberfil.sys
[2013/10/04 18:51:25 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\greg & jacki\Desktop\OTL.exe
[2013/10/04 18:50:56 | 005,552,488 | ---- | M] (Piriform Ltd) -- C:\Users\greg & jacki\Desktop\spsetup123.exe
[2013/10/04 18:50:00 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Users\greg & jacki\Desktop\aswmbr.exe
[2013/10/04 18:49:14 | 001,030,305 | ---- | M] (Thisisu) -- C:\Users\greg & jacki\Desktop\JRT.exe
[2013/10/04 18:48:27 | 001,045,226 | ---- | M] () -- C:\Users\greg & jacki\Desktop\AdwCleaner.exe
[2013/10/04 18:41:33 | 000,000,360 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForgreg & jacki.job
[2013/10/04 06:05:43 | 844,117,946 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/09/24 06:11:01 | 000,233,998 | ---- | M] () -- C:\Users\greg & jacki\Desktop\Capture2.PNG
[2013/09/24 06:10:29 | 000,153,732 | ---- | M] () -- C:\Users\greg & jacki\Desktop\Capture1.PNG
[2013/09/19 20:22:15 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/09/19 20:22:15 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/09/16 06:11:45 | 000,000,200 | ---- | M] () -- C:\Users\greg & jacki\Desktop\Welcome to Facebook - Log In, Sign Up or Learn More (2).url
[2013/09/12 17:59:35 | 000,417,072 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/10/04 20:34:09 | 000,000,796 | ---- | C] () -- C:\Users\Public\Desktop\Speccy.lnk
[2013/10/04 18:48:27 | 001,045,226 | ---- | C] () -- C:\Users\greg & jacki\Desktop\AdwCleaner.exe
[2013/09/30 18:49:03 | 844,117,946 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2013/09/24 06:11:01 | 000,233,998 | ---- | C] () -- C:\Users\greg & jacki\Desktop\Capture2.PNG
[2013/09/24 06:10:29 | 000,153,732 | ---- | C] () -- C:\Users\greg & jacki\Desktop\Capture1.PNG
[2013/08/10 16:17:05 | 000,000,095 | ---- | C] () -- C:\ProgramData\SAH_Install.ini
[2013/03/17 05:28:05 | 000,000,017 | ---- | C] () -- C:\Users\greg & jacki\AppData\Local\resmon.resmoncfg
[2012/11/25 22:01:33 | 000,017,408 | ---- | C] () -- C:\Users\greg & jacki\AppData\Local\WebpageIcons.db
[2012/11/25 20:39:47 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini

========== ZeroAccess Check ==========

[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 21:24:09 | 014,176,256 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 20:56:00 | 012,874,752 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Custom Scans ==========

========== Drive Information ==========

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: TOSHIBA MK7575GSX
Partitions: 4
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 199.00MB
Starting Offset: 1048576
Hidden sectors: 0


DeviceID: Disk #0, Partition #1
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 684.00GB
Starting Offset: 209715200
Hidden sectors: 0


DeviceID: Disk #0, Partition #2
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 14.00GB
Starting Offset: 734628151296
Hidden sectors: 0


DeviceID: Disk #0, Partition #3
PartitionType: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 103.00MB
Starting Offset: 750047461376
Hidden sectors: 0


< %SYSTEMDRIVE%\*.exe >

< %systemroot%\assembly\GAC_32\*.ini >

< %systemroot%\assembly\GAC_64\*.ini >

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*.exe >

< %APPDATA%\*. >
[2012/11/28 20:05:38 | 000,000,000 | ---D | M] -- C:\Users\greg & jacki\AppData\Roaming\Adobe
[2012/11/25 20:08:56 | 000,000,000 | ---D | M] -- C:\Users\greg & jacki\AppData\Roaming\ATI
[2013/03/17 17:44:59 | 000,000,000 | ---D | M] -- C:\Users\greg & jacki\AppData\Roaming\Auslogics
[2012/11/25 20:38:19 | 000,000,000 | ---D | M] -- C:\Users\greg & jacki\AppData\Roaming\Blio
[2013/01/11 21:48:03 | 000,000,000 | ---D | M] -- C:\Users\greg & jacki\AppData\Roaming\CANON INC
[2012/12/18 20:14:42 | 000,000,000 | ---D | M] -- C:\Users\greg & jacki\AppData\Roaming\CyberLink
[2013/03/18 19:15:06 | 000,000,000 | ---D | M] -- C:\Users\greg & jacki\AppData\Roaming\GlarySoft
[2012/12/07 19:15:44 | 000,000,000 | ---D | M] -- C:\Users\greg & jacki\AppData\Roaming\Hewlett-Packard
[2012/12/07 19:28:32 | 000,000,000 | ---D | M] -- C:\Users\greg & jacki\AppData\Roaming\hpqLog
[2012/12/02 21:49:08 | 000,000,000 | ---D | M] -- C:\Users\greg & jacki\AppData\Roaming\HpUpdate
[2012/11/25 20:04:55 | 000,000,000 | ---D | M] -- C:\Users\greg & jacki\AppData\Roaming\Identities
[2013/03/12 19:25:20 | 000,000,000 | ---D | M] -- C:\Users\greg & jacki\AppData\Roaming\IDT
[2012/12/07 19:27:11 | 000,000,000 | ---D | M] -- C:\Users\greg & jacki\AppData\Roaming\InstallShield
[2012/11/25 20:00:06 | 000,000,000 | ---D | M] -- C:\Users\greg & jacki\AppData\Roaming\Intel
[2012/11/25 20:05:17 | 000,000,000 | ---D | M] -- C:\Users\greg & jacki\AppData\Roaming\Intel Corporation
[2013/03/30 10:54:56 | 000,000,000 | ---D | M] -- C:\Users\greg & jacki\AppData\Roaming\KoshyJohn.com
[2012/11/25 20:22:02 | 000,000,000 | ---D | M] -- C:\Users\greg & jacki\AppData\Roaming\Macromedia
[2012/11/27 18:45:26 | 000,000,000 | ---D | M] -- C:\Users\greg & jacki\AppData\Roaming\Malwarebytes
[2011/09/15 03:23:24 | 000,000,000 | ---D | M] -- C:\Users\greg & jacki\AppData\Roaming\Media Center Programs
[2013/06/01 22:46:43 | 000,000,000 | --SD | M] -- C:\Users\greg & jacki\AppData\Roaming\Microsoft
[2013/07/17 16:53:19 | 000,000,000 | ---D | M] -- C:\Users\greg & jacki\AppData\Roaming\Mozilla
[2013/03/21 19:25:59 | 000,000,000 | ---D | M] -- C:\Users\greg & jacki\AppData\Roaming\Real
[2013/03/21 19:25:07 | 000,000,000 | ---D | M] -- C:\Users\greg & jacki\AppData\Roaming\RealNetworks
[2013/08/10 16:17:03 | 000,000,000 | ---D | M] -- C:\Users\greg & jacki\AppData\Roaming\ShopAtHome
[2013/10/03 18:34:17 | 000,000,000 | ---D | M] -- C:\Users\greg & jacki\AppData\Roaming\Skype
[2012/11/25 20:05:13 | 000,000,000 | ---D | M] -- C:\Users\greg & jacki\AppData\Roaming\Synaptics
[2013/03/17 17:54:51 | 000,000,000 | ---D | M] -- C:\Users\greg & jacki\AppData\Roaming\vlc
[2013/03/17 19:18:09 | 000,000,000 | ---D | M] -- C:\Users\greg & jacki\AppData\Roaming\WinBatch
[2013/06/16 07:39:56 | 000,000,000 | ---D | M] -- C:\Users\greg & jacki\AppData\Roaming\ZoomBrowser EX

< MD5 for: ATAPI.SYS >
[2009/07/13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009/07/13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009/07/13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009/07/13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys

< MD5 for: CSRSS.EXE >
[2009/07/13 20:39:02 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=60C2862B4BF0FD9F582EF344C2B1EC72 -- C:\Windows\SysNative\csrss.exe
[2009/07/13 20:39:02 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=60C2862B4BF0FD9F582EF344C2B1EC72 -- C:\Windows\winsxs\amd64_microsoft-windows-csrss_31bf3856ad364e35_6.1.7600.16385_none_b4d8d57efdc6b4f3\csrss.exe

< MD5 for: EXPLORER.EXE >
[2011/02/26 00:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/02/25 01:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 01:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 01:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 22:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/20 22:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: MSWSOCK.DLL >
[2010/11/20 22:24:00 | 000,326,144 | ---- | M] (Microsoft Corporation) MD5=1D5185A4C7E6695431AE4B55C3D7D333 -- C:\Windows\SysNative\mswsock.dll
[2010/11/20 22:24:00 | 000,326,144 | ---- | M] (Microsoft Corporation) MD5=1D5185A4C7E6695431AE4B55C3D7D333 -- C:\Windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.17514_none_16795c7543eb48cf\mswsock.dll
[2010/11/20 22:24:09 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=8999B8631C7FD9F7F9EC3CAFD953BA24 -- C:\Windows\SysWOW64\mswsock.dll
[2010/11/20 22:24:09 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=8999B8631C7FD9F7F9EC3CAFD953BA24 -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.17514_none_ba5ac0f18b8dd799\mswsock.dll

< MD5 for: NAPINSP.DLL >
[2009/07/13 20:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=0B7E85364CB878E2AD531DB7B601A9E5 -- C:\Windows\SysWOW64\NapiNSP.dll
[2009/07/13 20:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=0B7E85364CB878E2AD531DB7B601A9E5 -- C:\Windows\winsxs\x86_microsoft-windows-n..ider-infrastructure_31bf3856ad364e35_6.1.7600.16385_none_abf396ebf0847c31\NapiNSP.dll
[2009/07/13 20:41:52 | 000,068,096 | ---- | M] (Microsoft Corporation) MD5=58A0CDABEA255616827B1C22C9994466 -- C:\Windows\SysNative\NapiNSP.dll
[2009/07/13 20:41:52 | 000,068,096 | ---- | M] (Microsoft Corporation) MD5=58A0CDABEA255616827B1C22C9994466 -- C:\Windows\winsxs\amd64_microsoft-windows-n..ider-infrastructure_31bf3856ad364e35_6.1.7600.16385_none_0812326fa8e1ed67\NapiNSP.dll

< MD5 for: NLAAPI.DLL >
[2012/01/13 02:12:03 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=0BA65122FFA7E37564EE86422DBF7AE8 -- C:\Windows\winsxs\wow64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.17964_none_cfca9d84561311f2\nlaapi.dll
[2010/11/20 22:24:01 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=104A1070E90F1C530328E69B49718841 -- C:\Windows\winsxs\wow64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.17514_none_d000a58855ea91a1\nlaapi.dll
[2012/10/03 11:29:27 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=11B8C7970C10650827D060AA81BEE63F -- C:\Windows\winsxs\wow64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.22124_none_d07f52216f10753a\nlaapi.dll
[2010/11/20 22:23:54 | 000,070,656 | ---- | M] (Microsoft Corporation) MD5=2DF36F15B2BC1571A6A542A3C2107920 -- C:\Windows\winsxs\amd64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.17514_none_c5abfb362189cfa6\nlaapi.dll
[2012/10/18 15:31:53 | 000,070,656 | ---- | M] (Microsoft Corporation) MD5=39170EE9D22ED3DAF45501ED19E145D6 -- C:\Windows\SysNative\nlaapi.dll
[2012/10/18 15:31:53 | 000,070,656 | ---- | M] (Microsoft Corporation) MD5=39170EE9D22ED3DAF45501ED19E145D6 -- C:\Windows\winsxs\amd64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.22137_none_c622d8c13ab51b35\nlaapi.dll
[2012/10/03 12:44:21 | 000,070,656 | ---- | M] (Microsoft Corporation) MD5=46BB91A169B9B31FF44EB04C48EC1D41 -- C:\Windows\winsxs\amd64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.17964_none_c575f33221b24ff7\nlaapi.dll
[2012/10/18 14:37:28 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=7860BD03A96C99776135AE16EEC2C690 -- C:\Windows\SysWOW64\nlaapi.dll
[2012/10/18 14:37:28 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=7860BD03A96C99776135AE16EEC2C690 -- C:\Windows\winsxs\wow64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.22137_none_d07783136f15dd30\nlaapi.dll
[2012/10/03 12:32:48 | 000,070,656 | ---- | M] (Microsoft Corporation) MD5=C98BCE54F31113D5E736C1097FD086DC -- C:\Windows\winsxs\amd64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.22124_none_c62aa7cf3aafb33f\nlaapi.dll

< MD5 for: PNRPNSP.DLL >
[2009/07/13 20:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) MD5=5CF640EDDB1E40A5AB1BB743BCDEC610 -- C:\Windows\SysWOW64\pnrpnsp.dll
[2009/07/13 20:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) MD5=5CF640EDDB1E40A5AB1BB743BCDEC610 -- C:\Windows\winsxs\wow64_microsoft-windows-peertopeerpnrp_31bf3856ad364e35_6.1.7600.16385_none_d7c8b1ac70865dab\pnrpnsp.dll
[2009/07/13 20:41:53 | 000,086,016 | ---- | M] (Microsoft Corporation) MD5=613C8CE10A5FDE582BA5FA64C4D56AAA -- C:\Windows\SysNative\pnrpnsp.dll
[2009/07/13 20:41:53 | 000,086,016 | ---- | M] (Microsoft Corporation) MD5=613C8CE10A5FDE582BA5FA64C4D56AAA -- C:\Windows\winsxs\amd64_microsoft-windows-peertopeerpnrp_31bf3856ad364e35_6.1.7600.16385_none_cd74075a3c259bb0\pnrpnsp.dll

< MD5 for: PRINTISOLATIONHOST.EXE >
[2009/07/13 20:39:27 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=22F020C76E339EB2B2187BA73A7E4173 -- C:\Windows\SysNative\PrintIsolationHost.exe
[2009/07/13 20:39:27 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=22F020C76E339EB2B2187BA73A7E4173 -- C:\Windows\winsxs\amd64_microsoft-windows-p..ng-server-isolation_31bf3856ad364e35_6.1.7600.16385_none_f8a40495785334a9\PrintIsolationHost.exe

< MD5 for: SERVICES.EXE >
[2009/07/13 20:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009/07/13 20:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
[2012/10/18 13:02:18 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=DFDE777FAF31DC25E3624E8071073146 -- C:\Windows\SysNative\svchost.exe
[2012/10/18 13:02:18 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=DFDE777FAF31DC25E3624E8071073146 -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7601.22137_none_14583c9b351893b5\svchost.exe
[2012/10/18 12:40:06 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=FFB38D8AFD6F4FCA1D46D64F1EDE0B9F -- C:\Windows\SysWOW64\svchost.exe
[2012/10/18 12:40:06 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=FFB38D8AFD6F4FCA1D46D64F1EDE0B9F -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7601.22137_none_b839a1177cbb227f\svchost.exe

< MD5 for: USER32.DLL >
[2010/11/20 22:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010/11/20 22:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2010/11/20 22:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010/11/20 22:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll

< MD5 for: USERINIT.EXE >
[2010/11/20 22:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 22:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/20 22:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 22:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 22:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 22:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

< MD5 for: WINRNR.DLL >
[2009/07/13 20:41:56 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=2E2072EB48238FCA8FBB7A9F5FABAC45 -- C:\Windows\SysNative\winrnr.dll
[2009/07/13 20:41:56 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=2E2072EB48238FCA8FBB7A9F5FABAC45 -- C:\Windows\winsxs\amd64_microsoft-windows-dns-client-winrnr_31bf3856ad364e35_6.1.7600.16385_none_b543449669c73e11\winrnr.dll
[2009/07/13 20:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=5DF5D8CFD9B9573FA3B2C89D9061A240 -- C:\Windows\SysWOW64\winrnr.dll
[2009/07/13 20:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=5DF5D8CFD9B9573FA3B2C89D9061A240 -- C:\Windows\winsxs\x86_microsoft-windows-dns-client-winrnr_31bf3856ad364e35_6.1.7600.16385_none_5924a912b169ccdb\winrnr.dll

< MD5 for: WSHELPER.DLL >
[2009/07/13 20:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) MD5=5B90BB3171504C9DAF3C5CB44B203CA7 -- C:\Windows\SysWOW64\wshelper.dll
[2009/07/13 20:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) MD5=5B90BB3171504C9DAF3C5CB44B203CA7 -- C:\Windows\winsxs\wow64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6ace9e67456cc40b\wshelper.dll
[2009/07/13 20:41:58 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=D314DA4B0B8DCD023D547FC568E34FB6 -- C:\Windows\SysNative\wshelper.dll
[2009/07/13 20:41:58 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=D314DA4B0B8DCD023D547FC568E34FB6 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\wshelper.dll

< dir C:\ /S /A:L /C >
Volume in drive C has no label.
Volume Serial Number is 2090-E7D5
Directory of C:\
07/14/2009 12:08 AM <JUNCTION> Documents and Settings [D:\Users]
0 File(s) 0 bytes
Directory of C:\ProgramData
07/14/2009 12:08 AM <JUNCTION> Application Data [D:\ProgramData]
07/14/2009 12:08 AM <JUNCTION> Desktop [D:\Users\Public\Desktop]
07/14/2009 12:08 AM <JUNCTION> Documents [D:\Users\Public\Documents]
07/14/2009 12:08 AM <JUNCTION> Favorites [D:\Users\Public\Favorites]
07/14/2009 12:08 AM <JUNCTION> Start Menu [D:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009 12:08 AM <JUNCTION> Templates [D:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users
07/14/2009 12:08 AM <SYMLINKD> All Users [D:\ProgramData]
07/14/2009 12:08 AM <JUNCTION> Default User [D:\Users\Default]
0 File(s) 0 bytes
Directory of C:\Users\Default
07/14/2009 12:08 AM <JUNCTION> Application Data [D:\Users\Default\AppData\Roaming]
07/14/2009 12:08 AM <JUNCTION> Cookies [D:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies]
07/14/2009 12:08 AM <JUNCTION> Local Settings [D:\Users\Default\AppData\Local]
07/14/2009 12:08 AM <JUNCTION> My Documents [D:\Users\Default\Documents]
07/14/2009 12:08 AM <JUNCTION> NetHood [D:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
07/14/2009 12:08 AM <JUNCTION> PrintHood [D:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
07/14/2009 12:08 AM <JUNCTION> Recent [D:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
07/14/2009 12:08 AM <JUNCTION> SendTo [D:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
07/14/2009 12:08 AM <JUNCTION> Start Menu [D:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
07/14/2009 12:08 AM <JUNCTION> Templates [D:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default\AppData\Local
07/14/2009 12:08 AM <JUNCTION> Application Data [D:\Users\Default\AppData\Local]
07/14/2009 12:08 AM <JUNCTION> History [D:\Users\Default\AppData\Local\Microsoft\Windows\History]
07/14/2009 12:08 AM <JUNCTION> Temporary Internet Files [D:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Default\Documents
07/14/2009 12:08 AM <JUNCTION> My Music [D:\Users\Default\Music]
07/14/2009 12:08 AM <JUNCTION> My Pictures [D:\Users\Default\Pictures]
07/14/2009 12:08 AM <JUNCTION> My Videos [D:\Users\Default\Videos]
0 File(s) 0 bytes
Directory of C:\Users\greg & jacki
11/25/2012 08:00 PM <JUNCTION> Application Data [C:\Users\greg & jacki\AppData\Roaming]
11/25/2012 08:00 PM <JUNCTION> Cookies [C:\Users\greg & jacki\AppData\Roaming\Microsoft\Windows\Cookies]
11/25/2012 08:00 PM <JUNCTION> Local Settings [C:\Users\greg & jacki\AppData\Local]
11/25/2012 08:00 PM <JUNCTION> My Documents [C:\Users\greg & jacki\Documents]
11/25/2012 08:00 PM <JUNCTION> NetHood [C:\Users\greg & jacki\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
11/25/2012 08:00 PM <JUNCTION> PrintHood [C:\Users\greg & jacki\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
11/25/2012 08:00 PM <JUNCTION> Recent [C:\Users\greg & jacki\AppData\Roaming\Microsoft\Windows\Recent]
11/25/2012 08:00 PM <JUNCTION> SendTo [C:\Users\greg & jacki\AppData\Roaming\Microsoft\Windows\SendTo]
11/25/2012 08:00 PM <JUNCTION> Start Menu [C:\Users\greg & jacki\AppData\Roaming\Microsoft\Windows\Start Menu]
11/25/2012 08:00 PM <JUNCTION> Templates [C:\Users\greg & jacki\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\greg & jacki\AppData\Local
11/25/2012 08:00 PM <JUNCTION> Application Data [C:\Users\greg & jacki\AppData\Local]
11/25/2012 08:00 PM <JUNCTION> History [C:\Users\greg & jacki\AppData\Local\Microsoft\Windows\History]
11/25/2012 08:00 PM <JUNCTION> Temporary Internet Files [C:\Users\greg & jacki\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\greg & jacki\Documents
11/25/2012 08:00 PM <JUNCTION> My Music [C:\Users\greg & jacki\Music]
11/25/2012 08:00 PM <JUNCTION> My Pictures [C:\Users\greg & jacki\Pictures]
11/25/2012 08:00 PM <JUNCTION> My Videos [C:\Users\greg & jacki\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Public\Documents
07/14/2009 12:08 AM <JUNCTION> My Music [D:\Users\Public\Music]
07/14/2009 12:08 AM <JUNCTION> My Pictures [D:\Users\Public\Pictures]
07/14/2009 12:08 AM <JUNCTION> My Videos [D:\Users\Public\Videos]
0 File(s) 0 bytes
Total Files Listed:
0 File(s) 0 bytes
44 Dir(s) 491,600,916,480 bytes free

< C:\Windows\assembly\tmp\U\*.* /s >

< %systemroot%\*. /mp /s >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2011/09/15 02:41:15 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2011/09/15 02:41:15 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2011/09/15 02:41:15 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2013/07/31 05:39:59 | 000,757,400 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013/07/31 05:39:59 | 000,757,400 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2011/09/15 02:41:15 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2011/09/15 02:41:15 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2011/09/15 02:41:15 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2013/07/31 05:39:59 | 000,757,400 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE [2013/07/31 05:39:59 | 000,757,400 | ---- | M] (Microsoft Corporation)

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %ProgramFiles%\WINDOWS NT\*.* /s >
[2010/11/20 22:24:51 | 004,247,040 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\WINDOWS NT\Accessories\wordpad.exe
[2009/07/13 20:16:20 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\WINDOWS NT\Accessories\WordpadFilter.dll
[2010/11/21 02:06:24 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\WINDOWS NT\Accessories\en-US\wordpad.exe.mui
[2009/07/13 20:16:15 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\WINDOWS NT\TableTextService\TableTextService.dll
[2009/06/10 16:43:18 | 000,016,212 | ---- | M] () -- C:\Program Files (x86)\WINDOWS NT\TableTextService\TableTextServiceAmharic.txt
[2009/06/10 16:43:18 | 001,272,822 | ---- | M] () -- C:\Program Files (x86)\WINDOWS NT\TableTextService\TableTextServiceArray.txt
[2009/06/10 16:43:18 | 000,980,102 | ---- | M] () -- C:\Program Files (x86)\WINDOWS NT\TableTextService\TableTextServiceDaYi.txt
[2009/06/10 16:43:19 | 001,665,878 | ---- | M] () -- C:\Program Files (x86)\WINDOWS NT\TableTextService\TableTextServiceSimplifiedQuanPin.txt
[2009/06/10 16:43:19 | 001,445,430 | ---- | M] () -- C:\Program Files (x86)\WINDOWS NT\TableTextService\TableTextServiceSimplifiedShuangPin.txt
[2009/06/10 16:43:19 | 001,810,352 | ---- | M] () -- C:\Program Files (x86)\WINDOWS NT\TableTextService\TableTextServiceSimplifiedZhengMa.txt
[2009/06/10 16:43:19 | 000,044,968 | ---- | M] () -- C:\Program Files (x86)\WINDOWS NT\TableTextService\TableTextServiceYi.txt
[2010/11/21 02:06:18 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\WINDOWS NT\TableTextService\en-US\TableTextService.dll.mui

< %systemroot%\system32\drivers\*.sys /lockedfiles >

========== Alternate Data Streams ==========

@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:07BF512B

< End of report >

OTL extras

OTL Extras logfile created on: 10/4/2013 8:37:17 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\greg & jacki\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.95 Gb Total Physical Memory | 5.64 Gb Available Physical Memory | 70.95% Memory free
15.90 Gb Paging File | 13.29 Gb Available in Paging File | 83.60% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 683.98 Gb Total Space | 458.17 Gb Free Space | 66.99% Space Free | Partition Type: NTFS
Drive D: | 14.36 Gb Total Space | 0.29 Gb Free Space | 2.03% Space Free | Partition Type: NTFS
Drive F: | 98.87 Mb Total Space | 84.59 Mb Free Space | 85.56% Space Free | Partition Type: FAT32

Computer Name: HP | User Name: greg & jacki | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (All) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm[@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe (Microsoft Corporation)
.hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta[@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html[@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.js[@ = JSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.reg[@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.inf [@ = inffile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\SysWow64\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0379090E-5E7F-44F7-A016-C5938741FB29}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{0A0ED834-CA53-4AD2-AAD5-2E8CDA74B8E0}" = protocol=17 | dir=in | app=c:\program files (x86)\kaspersky lab\kaspersky anti-virus 2013\starter_avp.exe |
"{11AA771F-E792-4EA0-9E66-4A745B3C0AD7}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{DAAABD03-9147-47E6-8685-22F1B4FA5E0B}" = protocol=6 | dir=in | app=c:\program files (x86)\kaspersky lab\kaspersky anti-virus 2013\starter_avp.exe |
"TCP Query User{3156B8DB-02C1-4E25-A5F0-74BC416486B0}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{5AF1B532-3FDD-4520-8F2A-6BB58155A6BE}C:\program files\hp\hp deskjet 3050a j611 series\bin\hpnetworkcommunicator.exe" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 3050a j611 series\bin\hpnetworkcommunicator.exe |
"TCP Query User{7FD852DB-34E3-492A-87A0-57556A5D0A8B}C:\program files\hp\hp deskjet 3050a j611 series\bin\hpnetworkcommunicator.exe" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 3050a j611 series\bin\hpnetworkcommunicator.exe |
"TCP Query User{BE41870E-BFBB-4EA0-A687-E157D438B6E1}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{818BF544-DDEB-4B58-A703-DA24F3650B1F}C:\program files\hp\hp deskjet 3050a j611 series\bin\hpnetworkcommunicator.exe" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 3050a j611 series\bin\hpnetworkcommunicator.exe |
"UDP Query User{F9D1D51F-04C4-444B-9CCB-9A22581023CD}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{FCCF7F5E-CCAD-49F3-9B53-67CB4994A169}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{FE05E68D-A0A9-4C83-BE46-F473BF0A04D9}C:\program files\hp\hp deskjet 3050a j611 series\bin\hpnetworkcommunicator.exe" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 3050a j611 series\bin\hpnetworkcommunicator.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{054EF02F-95D8-48F4-9EEB-2F9CE3072ED8}" = AuthenTec TrueAPI
"{18A6B663-A646-457B-A314-5CF58AECB06A}" = Intel® PROSet/Wireless WiMAX Software
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{25FBDA9A-E868-4B3B-B9FF-D923818511A1}" = Intel® PROSet/Wireless WiFi Software
"{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}" = HP Client Services
"{28EF7372-9087-4AC3-9B9F-D9751FCDF830}" = Intel® Wireless Display
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4F26C164-9373-4974-8F43-E0F2176AF937}" = Intel WiMAX Tutorial
"{5601F151-A69F-4E30-8C60-37928124CD07}" = HP 3D DriveGuard
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{79174AF2-6CB1-42F5-981E-66DCA49391D0}" = Validity WBF DDK
"{7A33B9B4-0C40-53B4-CCA0-D469A83DE142}" = ccc-utility64
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B6A3EAE4-3727-46A4-A659-8576BF7C8C8D}" = HP Deskjet 3050A J611 series Basic Device Software
"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{DA0D8FDA-D538-1145-8BA2-6F22C4EB4F75}" = ATI Catalyst Install Manager
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F638F65B-B435-44E0-9382-7F90BDB003E2}" = HP Deskjet 3050A J611 series Product Improvement Study
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"ProInst" = Intel PROSet Wireless
"Speccy" = Speccy
"SynTPDeinstKey" = Synaptics TouchPad Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00CCB6C5-DD11-F614-5955-FACAFA2C80F7}" = CCC Help Turkish
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{0372849C-A9C1-A7BF-7180-9DB15334D778}" = Catalyst Control Center
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0BB68729-BD8E-76E0-A357-9685790987F1}" = Catalyst Control Center Profiles Mobile
"{0EDEB615-1A60-425E-8306-0E10519C7B55}" = RoxioNow Player
"{115BAB0B-AB04-E481-76F5-82D90C3049A6}" = CCC Help Danish
"{120262A6-7A4B-4889-AE85-F5E5688D3683}" = HP MovieStore
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{19F2D706-4834-2DD2-D12E-C10E75A57C81}" = CCC Help French
"{1AA895E9-B751-408B-BB9C-527C04E52C91}" = Catalyst Control Center - Branding
"{1C34B2AF-0D61-1784-8BC8-219F969BEFD6}" = PX Profile Update
"{1CB8B169-534E-6F89-CDF9-0B812FBACF9A}" = CCC Help Hungarian
"{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}" = Rapport
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{210A03F5-B2ED-4947-B27E-516F50CBB292}" = HP Setup
"{228CDD95-4069-8D94-7584-82BDE9A68B63}" = CCC Help Japanese
"{285F722C-0E45-47DE-B38E-5B3B10FA4A7C}" = HP Quick Launch
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{28CA24E3-D323-3900-9519-4FFE9984EC53}" = CCC Help Polish
"{28FE073B-1230-4BF6-830C-7434FD0C0069}" = HP Software Framework
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{363a2c1e-637f-45ce-933b-5a5463efd945}" = Windows Software Development Kit
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7
"{3CF3DEF4-ED15-4F7B-9320-C3E1081EA4DA}" = SlimDrivers
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{49799BCA-8E53-63CD-D2D4-BAC6AB782DEE}" = Catalyst Control Center Graphics Previews Common
"{49FD3CE5-1839-7EEA-D7D3-17A23826B859}" = CCC Help Greek
"{49FE4B97-0E1E-F9EC-2123-4DFA80064694}" = Catalyst Control Center Localization All
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{53C63F43-B827-42D9-8886-4698D91EA33B}" = System Requirements Lab for Intel
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{55B013D5-14E7-C0B1-CE42-9C567AAEE3C9}" = CCC Help Dutch
"{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Anti-Virus 2013
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5B46CEC7-DAD0-46A2-BCD6-B46A3CFD9B61}" = Intel® Wireless Display
"{5E2C8F1A-AC86-FBCD-B3E4-EBF9E747BC4D}" = CCC Help Korean
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.1.1
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{795AADBF-58C2-42D0-B779-E730702A247E}" = HP Connection Manager
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{81EDA038-2320-B7E2-4D78-E12C2D55CE75}" = CCC Help German
"{83A375B6-6FC2-4F8A-948E-E506DB9DCDF0}" = HP Documentation
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89A6150B-0CE8-AA44-F24B-FD8DCC058ACC}" = CCC Help Norwegian
"{8B619E05-80B3-20A1-5C1C-FDCDEC394344}" = CCC Help Chinese Standard
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EFC331E-07A7-B196-7EA7-549A0CFE07CB}" = CCC Help Swedish
"{9008D736-35CA-40DB-A2BE-5F32D954E5AA}" = HP MovieStore
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUSR_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0116-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9368DDD5-CE7F-4BD7-A83A-F00FABE338EC}" = Blio
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{97DDCAB8-B770-4089-A10F-67568069D78A}" = HP Deskjet 3050A J611 series Help
"{986EABFC-92F6-CECD-9E5A-B13CAC40BB1D}" = WPTx64
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A5D42D71-4036-5F88-5085-657C9DF9F1DD}" = WPT Redistributables
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7F248B5-B784-E149-124F-ABE878BC725F}" = CCC Help Portuguese
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.04)
"{ADBCAA59-C242-4B31-FF51-354159417118}" = CCC Help Thai
"{AE856388-AFAD-4753-81DF-D96B19D0A17C}" = HP Setup Manager
"{AEF3AB2B-0B52-E47E-CA66-55E11D41EA04}" = CCC Help Finnish
"{BCFAA37D-A6DB-43BF-A351-43F183E52D07}" = HP SimplePass 2011
"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo
"{C118B9C6-BCE5-629D-F9CF-F61BCAD285D9}" = CCC Help Spanish
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C51EF224-3786-5566-3B32-251BDEC5C8E7}" = Catalyst Control Center InstallProxy
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4F102C5-EEA1-CAE1-8E67-1A7FCE27F673}" = Windows Software Development Kit EULA
"{D814C606-0199-4A7D-D517-79DC2B3EB7F0}" = CCC Help Russian
"{DA05AADA-6407-9E45-7843-45F7393F7A15}" = CCC Help Italian
"{DBCD5E64-7379-4648-9444-8A6558DCB614}" = Recovery Manager
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DDD5104F-1C44-49EB-9E6B-29EC5D27658B}" = HP Update
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics DiskDefrag
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E14DDED2-919B-FCCB-84AC-5ABB6D182D46}" = Kits Configuration Installer
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E44578C7-4667-4124-8BC2-1161BCA54978}" = HP Power Manager
"{E6041920-6D08-2466-E672-A15B040B5004}" = CCC Help English
"{E8EE10CF-31E4-CA63-BD94-B0157BBB2444}" = CCC Help Chinese Traditional
"{EA1FAE0F-2354-4E32-B423-ABAE8E358F91}" = RealDownloader
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ED1BD69A-07E3-418C-91F1-D856582581BF}" = HP On Screen Display
"{EDD14387-FE5E-48A3-6B2B-E61DD88FC69E}" = CCC Help Czech
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Display Audio Driver
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote v. 4.2.2
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"CameraUserGuide-PSSX130IS" = Canon PowerShot SX130 IS Camera User Guide
"CameraWindowDC8" = Canon Utilities CameraWindow DC 8
"CameraWindowLauncher" = Canon Utilities CameraWindow Launcher
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"Canon MOV Decoder" = Canon MOV Decoder
"Canon MOV Encoder" = Canon MOV Encoder
"Coupon Printer for Windows5.0.0.2" = Coupon Printer for Windows
"EasyBits Magic Desktop" = Magic Desktop
"FileHippo.com" = FileHippo.com Update Checker
"HP Photo Creations" = HP Photo Creations
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Anti-Virus 2013
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"MovieUploaderForYouTube" = Canon Utilities Movie Uploader for YouTube
"MyCamera" = Canon Utilities MyCamera
"MyCamera Download Plugin" = CANON iMAGE GATEWAY MyCamera Download Plugin
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Personal Printing Guide" = Canon Personal Printing Guide
"PhotoStitch" = Canon Utilities PhotoStitch
"ProInst" = Intel PROSet Wireless
"Rapport_msi" = Trusteer Endpoint Protection
"RealPlayer 16.0" = RealPlayer
"Software Guide" = Canon DIGITAL CAMERA Solution Disk Software Guide
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"WT087328" = Blackhawk Striker 2
"WT087330" = Bounce Symphony
"WT087335" = Build-a-lot 2
"WT087343" = Dora's World Adventure
"WT087393" = Mah Jong Medley
"WT087394" = Penguins!
"WT087395" = Poker Superstars III
"WT087396" = Polar Bowler
"WT087397" = Polar Golfer
"WT087415" = Wheel of Fortune 2
"WT087536" = Diner Dash 2 Restaurant Rescue
"WT089307" = Virtual Villagers 4 - The Tree of Life
"WT089308" = Blasterball 3
"WT089328" = Farm Frenzy
"WT089359" = Cake Mania
"WT089362" = Agatha Christie - Peril at End House
"WT089453" = Bejeweled 2 Deluxe
"WT089454" = Chuzzle Deluxe
"WT089455" = Zuma Deluxe
"WT089457" = Slingo Supreme
"WT089458" = Plants vs. Zombies - Game of the Year
"WT089470" = FATE - The Traitor Soul
"WT089484" = Namco All-Stars PAC-MAN
"WT089496" = Mystery P.I. - Stolen in San Francisco
"WT089498" = Bejeweled 3
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 9/5/2013 9:53:31 PM | Computer Name = HP | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe_WbioSrvc, version: 6.1.7601.22137,
time stamp: 0x5080442a Faulting module name: KERNELBASE.dll, version: 6.1.7601.18015,
time stamp: 0x50b8479b Exception code: 0x80004004 Fault offset: 0x0000000000009e5d
Faulting
process id: 0x83c Faulting application start time: 0x01ceaa8da145b9cc Faulting application
path: C:\Windows\system32\svchost.exe Faulting module path: C:\Windows\system32\KERNELBASE.dll
Report
Id: 211e3e5a-1697-11e3-bab8-101f7417578a

Error - 9/5/2013 10:02:51 PM | Computer Name = HP | Source = WinMgmt | ID = 10
Description =

Error - 9/6/2013 3:15:29 AM | Computer Name = HP | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{EA1FAE0F-2354-4E32-B423-ABAE8E358F91}\recordingmanager.exe".
Dependent
Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 9/6/2013 3:18:15 AM | Computer Name = HP | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe_WbioSrvc, version: 6.1.7601.22137,
time stamp: 0x5080442a Faulting module name: KERNELBASE.dll, version: 6.1.7601.18015,
time stamp: 0x50b8479b Exception code: 0x80004004 Fault offset: 0x0000000000009e5d
Faulting
process id: 0x19b4 Faulting application start time: 0x01ceaac8d19e1c17 Faulting application
path: C:\Windows\system32\svchost.exe Faulting module path: C:\Windows\system32\KERNELBASE.dll
Report
Id: 7e81c9f6-16c4-11e3-8618-101f7417578a

Error - 9/6/2013 3:28:30 AM | Computer Name = HP | Source = WinMgmt | ID = 10
Description =

Error - 9/6/2013 3:29:27 AM | Computer Name = HP | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 9.0.8112.16502 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1320 Start
Time: 01ceaad2ba8a80d6 Termination Time: 0 Application Path: C:\Program Files (x86)\Internet
Explorer\iexplore.exe Report Id:

Error - 9/6/2013 4:14:59 AM | Computer Name = HP | Source = WinMgmt | ID = 10
Description =

Error - 9/10/2013 6:59:13 AM | Computer Name = HP | Source = WinMgmt | ID = 10
Description =

Error - 9/10/2013 7:57:30 AM | Computer Name = HP | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{EA1FAE0F-2354-4E32-B423-ABAE8E358F91}\recordingmanager.exe".
Dependent
Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 9/10/2013 8:25:11 PM | Computer Name = HP | Source = WinMgmt | ID = 10
Description =

[ HP Connection Manager Events ]
Error - 3/2/2013 12:18:36 AM | Computer Name = HP | Source = hpCMSrv | ID = 5
Description = 2013/03/01 22:18:36.883|00000D3C|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 3/2/2013 11:03:03 AM | Computer Name = HP | Source = hpCMSrv | ID = 5
Description = 2013/03/02 09:03:03.486|00000CAC|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 3/17/2013 8:05:03 PM | Computer Name = HP | Source = hpMobile | ID = 5
Description = 2013/03/17 19:05:02.995|00001700|Error |[HP.Mobile]Wwan::.ctor{}|Retrieving
the COM class factory for component with CLSID {24DB46C8-C842-4E91-9AC4-8A9525A5551D}
failed due to the following error: 80080005.

Error - 3/17/2013 8:44:22 PM | Computer Name = HP | Source = hpCMSrv | ID = 5
Description = 2013/03/17 19:44:22.027|00001128|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 3/17/2013 9:01:45 PM | Computer Name = HP | Source = hpCMSrv | ID = 5
Description = 2013/03/17 20:01:45.757|00000DDC|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 3/17/2013 9:21:56 PM | Computer Name = HP | Source = hpCMSrv | ID = 5
Description = 2013/03/17 20:21:56.472|00000E3C|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 3/17/2013 9:42:00 PM | Computer Name = HP | Source = hpCMSrv | ID = 5
Description = 2013/03/17 20:42:00.692|00001988|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 3/17/2013 9:56:32 PM | Computer Name = HP | Source = hpCMSrv | ID = 5
Description = 2013/03/17 20:56:32.986|00000878|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 3/17/2013 10:04:43 PM | Computer Name = HP | Source = hpCMSrv | ID = 5
Description = 2013/03/17 21:04:43.526|00001144|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 3/17/2013 10:14:46 PM | Computer Name = HP | Source = hpCMSrv | ID = 5
Description = 2013/03/17 21:14:46.966|00000CDC|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

[ HP Software Framework Events ]
Error - 12/7/2012 8:36:06 PM | Computer Name = HP | Source = CaslWmi | ID = 5
Description = 2012/12/07 18:36:06.612|00000B04|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state

Error - 12/8/2012 9:38:58 AM | Computer Name = HP | Source = CaslWmi | ID = 5
Description = 2012/12/08 07:38:58.162|00000AD0|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state

Error - 12/8/2012 3:58:22 PM | Computer Name = HP | Source = CaslWmi | ID = 5
Description = 2012/12/08 13:58:22.599|00001B94|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state

Error - 12/8/2012 3:58:23 PM | Computer Name = HP | Source = CaslWmi | ID = 5
Description = 2012/12/08 13:58:23.676|000014D8|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state

Error - 12/8/2012 3:58:28 PM | Computer Name = HP | Source = CaslWmi | ID = 5
Description = 2012/12/08 13:58:28.042|00001484|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state

Error - 12/8/2012 4:11:56 PM | Computer Name = HP | Source = CaslWmi | ID = 5
Description = 2012/12/08 14:11:56.031|0000172C|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state

[ System Events ]
Error - 4/2/2013 7:01:42 PM | Computer Name = HP | Source = Service Control Manager | ID = 7034
Description = The TrueSuiteService service terminated unexpectedly. It has done
this 1 time(s).

Error - 4/2/2013 7:02:28 PM | Computer Name = HP | Source = DCOM | ID = 10010
Description =

Error - 4/7/2013 6:30:17 PM | Computer Name = HP | Source = Service Control Manager | ID = 7034
Description = The TrueSuiteService service terminated unexpectedly. It has done
this 1 time(s).

Error - 4/7/2013 6:31:58 PM | Computer Name = HP | Source = Service Control Manager | ID = 7043
Description = The Windows Update service did not shut down properly after receiving
a preshutdown control.

Error - 4/9/2013 7:49:23 PM | Computer Name = HP | Source = Service Control Manager | ID = 7034
Description = The Google Update Service (gupdate) service terminated unexpectedly.
It has done this 1 time(s).

Error - 4/9/2013 7:49:53 PM | Computer Name = HP | Source = DCOM | ID = 10010
Description =

Error - 4/9/2013 9:02:03 PM | Computer Name = HP | Source = Service Control Manager | ID = 7034
Description = The TrueSuiteService service terminated unexpectedly. It has done
this 1 time(s).

Error - 4/10/2013 9:26:05 PM | Computer Name = HP | Source = DCOM | ID = 10010
Description =

Error - 4/10/2013 10:22:45 PM | Computer Name = HP | Source = Service Control Manager | ID = 7034
Description = The TrueSuiteService service terminated unexpectedly. It has done
this 1 time(s).

Error - 4/11/2013 7:31:01 PM | Computer Name = HP | Source = DCOM | ID = 10010
Description =


< End of report >
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP