Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Freezing pages, cannot run OTL, rogue killer shows ntoskml.exe

Started by Vintage Charms , Aug 09 2014 03:38 PM

  • This topic is locked This topic is locked

#16
zep516
Posted 10 August 2014 - 11:30 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,090 posts
Usually that happens if FRST is not running from the desktop.

As you can see --> Running from C:\Users\Hewlett\Desktop...... You're ok there.

So the only thing I could suggest is to delete the fixlist.txt from the desktop so there is no confusion, and retry the whole process again.

I have to sign off getting late,

Fool around with it see if you can get it, once the fix runs we will then need to look for the (Fixlog.txt) on the desktop. (The tool will make a log on the Desktop (Fixlog.txt)

Thanks
Joe :)
  • 0

Advertisements

#17
Vintage Charms
Posted 11 August 2014 - 12:22 AM

Vintage Charms

    Member

  • Topic Starter
  • Member
  • PipPip
  • 75 posts

Here is the fixlog.txt

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 10-08-2014 01
Ran by Hewlett at 2014-08-11 02:24:37 Run:1
Running from C:\Users\Hewlett\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll No File
FF HKLM-x32\...\Firefox\Extensions: [avg@igeared] - C:\Program Files (x86)\AVG\AVG9\Toolbar\Firefox\avg@igeared
ShortcutTarget: BTGuard Updates.lnk -> C:\BTGUARD\settings.exe (No File)
FF Plugin HKCU: CouponNetwork.com/CMDUniversalCouponPrintActivator -> C:\Users\Hewlett\AppData\Roaming\CATALI~2\NPBCSK~1.DLL (Catalina Marketing Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPcol400.dll (Catalina Marketing Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
S4 CouponPrinterService; C:\Program Files (x86)\Coupons\CouponPrinterService.exe [X]
CHR HKLM-x32\...\Chrome\Extension: [jmolcgpienlcieaajfkkdamlngancncm] - C:\Users\Hewlett\AppData\Local\Temp\Rar$EX70.016\Internet Download Manager 6.12 Build 21 Full Crack\IDMGCExt.crx [2014-07-12]
AlternateDataStreams: C:\ProgramData\Temp:02DD996C
AlternateDataStreams: C:\ProgramData\Temp:134FBDE2
AlternateDataStreams: C:\ProgramData\Temp:17C48B08
AlternateDataStreams: C:\ProgramData\Temp:206470A5
AlternateDataStreams: C:\ProgramData\Temp:2CB9631F
AlternateDataStreams: C:\ProgramData\Temp:31106FCB
AlternateDataStreams: C:\ProgramData\Temp:391535F9
AlternateDataStreams: C:\ProgramData\Temp:4673E9EA
AlternateDataStreams: C:\ProgramData\Temp:55F44B88
AlternateDataStreams: C:\ProgramData\Temp:61F0C8FB
AlternateDataStreams: C:\ProgramData\Temp:623E564B
AlternateDataStreams: C:\ProgramData\Temp:737160C1
AlternateDataStreams: C:\ProgramData\Temp:78E0DF72
AlternateDataStreams: C:\ProgramData\Temp:9BAC4211
AlternateDataStreams: C:\ProgramData\Temp:9C3AAD57
AlternateDataStreams: C:\ProgramData\Temp:AE34D87E
AlternateDataStreams: C:\ProgramData\Temp:BC8E9899
AlternateDataStreams: C:\ProgramData\Temp:C039C6AC
AlternateDataStreams: C:\ProgramData\Temp:C07A6A6B
AlternateDataStreams: C:\ProgramData\Temp:D31BE97C
AlternateDataStreams: C:\ProgramData\Temp:E21987F7
AlternateDataStreams: C:\ProgramData\Temp:EBCF5924
AlternateDataStreams: C:\ProgramData\Temp:F52DB269
end
*****************

HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => Value not found.
"HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}" => Key not found.
"HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin" => Key not found.
C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll not found.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\avg@igeared => Value not found.
C:\BTGUARD\settings.exe not found.
"HKCU\Software\MozillaPlugins\CouponNetwork.com/CMDUniversalCouponPrintActivator" => Key not found.
C:\Users\Hewlett\AppData\Roaming\CATALI~2\NPBCSK~1.DLL not found.
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPcol400.dll (Catalina Marketing Corporation) => Error: No automatic fix found for this entry.
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll (Coupons, Inc.) => Error: No automatic fix found for this entry.
CouponPrinterService => Service not found.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jmolcgpienlcieaajfkkdamlngancncm" => Key not found.
"C:\Users\Hewlett\AppData\Local\Temp\Rar$EX70.016\Internet Download Manager 6.12 Build 21 Full Crack\IDMGCExt.crx" => File/Directory not found.
"C:\ProgramData\Temp" => ":02DD996C" ADS not found.
"C:\ProgramData\Temp" => ":134FBDE2" ADS not found.
"C:\ProgramData\Temp" => ":17C48B08" ADS not found.
"C:\ProgramData\Temp" => ":206470A5" ADS not found.
"C:\ProgramData\Temp" => ":2CB9631F" ADS not found.
"C:\ProgramData\Temp" => ":31106FCB" ADS not found.
"C:\ProgramData\Temp" => ":391535F9" ADS not found.
"C:\ProgramData\Temp" => ":4673E9EA" ADS not found.
"C:\ProgramData\Temp" => ":55F44B88" ADS not found.
"C:\ProgramData\Temp" => ":61F0C8FB" ADS not found.
"C:\ProgramData\Temp" => ":623E564B" ADS not found.
"C:\ProgramData\Temp" => ":737160C1" ADS not found.
"C:\ProgramData\Temp" => ":78E0DF72" ADS not found.
"C:\ProgramData\Temp" => ":9BAC4211" ADS not found.
"C:\ProgramData\Temp" => ":9C3AAD57" ADS not found.
"C:\ProgramData\Temp" => ":AE34D87E" ADS not found.
"C:\ProgramData\Temp" => ":BC8E9899" ADS not found.
"C:\ProgramData\Temp" => ":C039C6AC" ADS not found.
"C:\ProgramData\Temp" => ":C07A6A6B" ADS not found.
"C:\ProgramData\Temp" => ":D31BE97C" ADS not found.
"C:\ProgramData\Temp" => ":E21987F7" ADS not found.
"C:\ProgramData\Temp" => ":EBCF5924" ADS not found.
"C:\ProgramData\Temp" => ":F52DB269" ADS not found.

==== End of Fixlog ====


  • 0

#18
zep516
Posted 11 August 2014 - 04:08 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,090 posts
Clean out your temporary internet files and temp files.
Download TFC by OldTimer from Here to your desktop.
Double-click TFC.exe to run it.
Note: If you are running on Vista, right-click on the file and choose Run As Administrator

TFC will close all programs when run, so make sure you have saved all your work before you begin.
  • Click the Start button to begin the cleaning process.
  • Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two.
  • Please let TFC run uninterrupted until it is finished.
Once TFC is finished it should restart your computer. If it does not, please manually restart the computer yourself to ensure a complete cleaning.

Let me know when you finish that, there will no log report...
  • 0

#19
Vintage Charms
Posted 11 August 2014 - 04:51 PM

Vintage Charms

    Member

  • Topic Starter
  • Member
  • PipPip
  • 75 posts

OK,. just finished that. 


  • 0

#20
zep516
Posted 11 August 2014 - 05:00 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,090 posts
Lets See if we can fix malwarebytes,

Run the malwarebytes clean tool and reinstall Malwarebytes and try to run it.

See this for instructions please.


Joe
  • 0

#21
Vintage Charms
Posted 11 August 2014 - 06:58 PM

Vintage Charms

    Member

  • Topic Starter
  • Member
  • PipPip
  • 75 posts

It was running for a while then I realized it wasn't going anywhere.  It has stopped responding, then my computer froze up.


  • 0

#22
Vintage Charms
Posted 11 August 2014 - 11:56 PM

Vintage Charms

    Member

  • Topic Starter
  • Member
  • PipPip
  • 75 posts

OK, I am running Malwarebytes one more time (3rd time) and leave it over night.  I am still getting the same results from Rogue Killer.  I was looking to see if I could download those results but don't see a way. 


  • 0

#23
zep516
Posted 12 August 2014 - 06:45 AM

zep516

    Trusted Helper

  • Malware Removal
  • 8,090 posts
Hello,

If Malwarebytes fails again, run the Malwarebytes clean too again and don't reinstall it.

Rogue killer should have created a log report, The log should be found in RKreport[1].txt on your Desktop. Copy and paste the results if you can find the log..
  • 0

#24
Vintage Charms
Posted 12 August 2014 - 03:01 PM

Vintage Charms

    Member

  • Topic Starter
  • Member
  • PipPip
  • 75 posts

RogueKiller V9.2.6.0 [Jul 11 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.co...es/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Hewlett [Admin rights]
Mode : Scan -- Date : 08/12/2014  17:03:46

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 4 ¤¤¤
[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-4001588775-3003906427-958657270-1004\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0  -> FOUND
[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-4001588775-3003906427-958657270-1004\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0  -> FOUND
[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-4001588775-3003906427-958657270-1004\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0  -> FOUND
[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-4001588775-3003906427-958657270-1004\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0  -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ HOSTS File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: LOADED) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: Hitachi HDT721010SLA360 +++++
--- User ---
[MBR] 3e2d80d7a392155f8ce5fd8d496a9f4d
[BSP] 2a908ef135c65ad01de43a96fc74acf9 : Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 940058 MB
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 1925445632 | Size: 13709 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: Hitachi HDT721010SLA360 +++++
--- User ---
[MBR] a36d8e863d4ff599dd62ca5cbcfd0134
[BSP] b277e148fd045616abdb320e1cdcbe96 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 953867 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive2: WD 10EAVS External USB Device +++++
--- User ---
[MBR] 09a05c96488913bbf3774b58e9f1bf5f
[BSP] 6636791d9bd012b76afda5c96e063fa5 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 63 | Size: 953867 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] The request is not supported. )

+++++ PhysicalDrive3: Generic- SD/MMC USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )

+++++ PhysicalDrive4: Generic- Compact Flash USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )

+++++ PhysicalDrive5: Generic- SM/xD-Picture USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )

+++++ PhysicalDrive6: Generic- MS/MS-Pro USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )


============================================
RKreport_DEL_06162014_143807.log - RKreport_DEL_07122014_202848.log - RKreport_DEL_07312014_124119.log - RKreport_DEL_08042014_180317.log
RKreport_DEL_08042014_180634.log - RKreport_DEL_08042014_180932.log - RKreport_DEL_08092014_170240.log - RKreport_DEL_08092014_171451.log
RKreport_DEL_08092014_190409.log - RKreport_DEL_08112014_011648.log - RKreport_DEL_08112014_020412.log - RKreport_SCN_06152014_203022.log
RKreport_SCN_07122014_193523.log - RKreport_SCN_07312014_122958.log - RKreport_SCN_07312014_124553.log - RKreport_SCN_08042014_180258.log
RKreport_SCN_08042014_180620.log - RKreport_SCN_08042014_180830.log - RKreport_SCN_08092014_162745.log - RKreport_SCN_08092014_170951.log
RKreport_SCN_08092014_173153.log - RKreport_SCN_08092014_192811.log - RKreport_SCN_08102014_184942.log - RKreport_SCN_08112014_011641.log
RKreport_SCN_08112014_020357.log - RKreport_SCN_08112014_223234.log

 

.

The items I considered suspect in the RogueKiller are not listed, per se, in this report.   Alot of them of SystemRoot/System32/drivers/rdyboost.sys.


Edited by Vintage Charms, 12 August 2014 - 03:24 PM.

  • 0

#25
zep516
Posted 12 August 2014 - 04:19 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,090 posts
Hello,

I want to try and reinstall OTL and see if it will run. Please delete the current OTL icon on the desktop and reinstall OTL as outlined.

Remember--> Download to desktop, always right click OTL and run as administrator.


Please download OTL to your Desktop
  • Double click on the OTLicon.jpg to run the program. On Vista/Win7 or 8 right click select Run As Administrator to start the program. If prompted by UAC, please allow it.
  • Make sure all other windows are closed and to let it run uninterrupted.
  • Click the Scan All Users checkbox
    and
  • Check the option for All under the Extra Registry section
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan won't take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files and post them in your topic
  • OTL.txt <-- Will be opened, maximized
  • Extras.txt <-- Will be minimized on task bar.
Please post the contents of both OTL.txt and Extras.txt files in your next reply.
  • 0

Advertisements

#26
Vintage Charms
Posted 12 August 2014 - 05:28 PM

Vintage Charms

    Member

  • Topic Starter
  • Member
  • PipPip
  • 75 posts

OTL logfile created on: 8/12/2014 7:00:03 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\!Personal Oct 2013
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17207)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
11.99 Gb Total Physical Memory | 10.11 Gb Available Physical Memory | 84.29% Memory free
23.98 Gb Paging File | 21.84 Gb Available in Paging File | 91.09% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 918.03 Gb Total Space | 431.15 Gb Free Space | 46.97% Space Free | Partition Type: NTFS
Drive D: | 13.39 Gb Total Space | 2.39 Gb Free Space | 17.85% Space Free | Partition Type: NTFS
Drive E: | 931.51 Gb Total Space | 856.56 Gb Free Space | 91.95% Space Free | Partition Type: NTFS
Drive O: | 931.28 Gb Total Space | 905.65 Gb Free Space | 97.25% Space Free | Partition Type: FAT32
 
Computer Name: HEWLETT-PC | User Name: Hewlett | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/08/12 18:29:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\!Personal Oct 2013\OTL.exe
PRC - [2014/08/03 19:04:37 | 000,109,784 | ---- | M] (Siber Systems) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
PRC - [2014/07/29 13:23:14 | 004,085,896 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2014/07/12 07:15:57 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/06/17 17:56:02 | 000,242,216 | ---- | M] (Foxit Corporation) -- C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
PRC - [2014/04/01 16:11:12 | 000,049,464 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\hp\Common\HPSupportSolutionsFrameworkService.exe
PRC - [2013/12/21 02:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/01/24 13:44:22 | 000,072,704 | ---- | M] (Autodata Limited) -- C:\Program Files (x86)\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe
PRC - [2012/09/20 17:57:02 | 004,139,008 | ---- | M] () -- C:\Program Files (x86)\NETGEAR\USB Control Center\Control Center.exe
PRC - [2012/01/18 06:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
PRC - [2010/08/25 12:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2010/07/07 12:33:00 | 000,024,576 | ---- | M] (Creative Technology Ltd) -- C:\Windows\SysWOW64\Ctxfihlp.exe
PRC - [2010/07/07 12:27:16 | 001,268,224 | ---- | M] (Creative Technology Ltd) -- C:\Windows\SysWOW64\CTxfispi.exe
PRC - [2010/03/18 12:19:26 | 000,207,360 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/03/18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010/03/10 18:15:32 | 000,385,024 | ---- | M] () -- C:\Program Files (x86)\ATI Technologies\HydraVision\HydraGrd.exe
PRC - [2010/03/10 18:15:00 | 000,385,024 | ---- | M] (AMD) -- C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
PRC - [2010/03/05 20:11:30 | 000,636,192 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
PRC - [2010/02/12 10:23:12 | 000,286,720 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
PRC - [2009/12/01 20:49:52 | 000,210,216 | ---- | M] (CyberLink) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2009/10/20 14:50:34 | 000,128,296 | ---- | M] (CyberLink Corp.) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
PRC - [2009/06/04 23:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/06/04 23:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2009/05/05 16:06:06 | 000,222,496 | ---- | M] (Acresso Corporation) -- C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
PRC - [2008/11/20 14:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
PRC - [2002/04/12 01:00:00 | 000,057,344 | ---- | M] (brother Industries Ltd) -- C:\Windows\SysWOW64\BRSVC01A.EXE
PRC - [2001/12/13 01:01:00 | 000,045,056 | ---- | M] (brother Industries Ltd) -- C:\Windows\SysWOW64\BRSS01A.EXE
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/07/12 07:15:58 | 019,329,904 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014/07/12 07:15:58 | 000,301,152 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\aswProperty.dll
MOD - [2012/09/20 17:57:02 | 004,139,008 | ---- | M] () -- C:\Program Files (x86)\NETGEAR\USB Control Center\Control Center.exe
MOD - [2010/07/07 12:33:04 | 000,002,560 | ---- | M] () -- C:\Windows\SysWOW64\CtxfiRes.dll
MOD - [2010/03/10 18:15:32 | 000,385,024 | ---- | M] () -- C:\Program Files (x86)\ATI Technologies\HydraVision\HydraGrd.exe
MOD - [2009/12/01 20:49:50 | 000,931,112 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
MOD - [2009/07/10 13:07:18 | 000,166,912 | ---- | M] () -- C:\Windows\SysWOW64\APOMngr.DLL
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/07/12 07:15:57 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2014/06/18 20:24:12 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/08/09 20:02:12 | 002,252,504 | ---- | M] (Broadcom Corporation.) [Disabled | Stopped] -- C:\Windows\SysNative\BtwRSupportService.exe -- (BcmBtRSupport)
SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010/09/08 02:51:16 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/07/01 22:54:02 | 000,864,032 | ---- | M] (Broadcom Corporation.) [Disabled | Stopped] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2014/07/15 07:45:27 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/06/17 17:56:02 | 000,242,216 | ---- | M] (Foxit Corporation) [Auto | Running] -- C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe -- (FoxitCloudUpdateService)
SRV - [2014/04/01 16:11:12 | 000,049,464 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\hp\Common\HPSupportSolutionsFrameworkService.exe -- (HPSupportSolutionsFrameworkService)
SRV - [2013/12/21 02:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/10/23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/10/10 18:54:28 | 000,144,152 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files (x86)\SASCore64.exe -- (!SASCORE)
SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/08/29 18:31:42 | 000,092,160 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2013/04/07 07:39:20 | 000,232,192 | ---- | M] (NETGEAR) [Disabled | Stopped] -- C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe -- (NETGEARGenieDaemon)
SRV - [2013/01/24 13:44:22 | 000,072,704 | ---- | M] (Autodata Limited) [Auto | Running] -- C:\Program Files (x86)\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe -- (Autodata Limited License Service)
SRV - [2012/06/05 15:56:28 | 000,266,240 | ---- | M] (Brother Industries, Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Browny02\BrYNSvc.exe -- (BrYNSvc)
SRV - [2012/01/18 06:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2010/10/22 13:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\hp\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010/03/18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/03/09 00:40:36 | 000,144,672 | ---- | M] (Nuance Communications, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe -- (PDFProFiltSrvPP)
SRV - [2010/02/12 10:23:12 | 000,286,720 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2009/12/11 04:42:55 | 000,079,360 | ---- | M] (Creative Labs) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2009/12/11 04:42:26 | 000,079,360 | ---- | M] (Creative Labs) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/04 23:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2008/09/30 22:59:26 | 000,192,512 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe -- (HPBtnSrv)
SRV - [2008/01/11 21:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2002/04/12 01:00:00 | 000,057,344 | ---- | M] (brother Industries Ltd) [Auto | Running] -- C:\Windows\SysWOW64\BRSVC01A.EXE -- (Brother XP spl Service)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV:64bit: - [2014/07/12 19:08:21 | 000,030,312 | ---- | M] () [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\TrueSight.sys -- (TrueSight)
DRV:64bit: - [2014/07/12 07:16:08 | 000,427,360 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)
DRV:64bit: - [2014/07/12 07:15:59 | 001,041,168 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsnx.sys -- (aswSnx)
DRV:64bit: - [2014/07/12 07:15:59 | 000,224,896 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014/07/12 07:15:59 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2014/07/12 07:15:59 | 000,092,008 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm)
DRV:64bit: - [2014/07/12 07:15:59 | 000,079,184 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014/07/12 07:15:59 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2014/07/12 07:15:59 | 000,029,208 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2014/03/24 16:12:06 | 000,042,184 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss6.sys -- (taphss6)
DRV:64bit: - [2014/01/22 08:52:10 | 000,206,080 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2014/01/22 08:52:10 | 000,108,800 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2013/10/31 20:56:20 | 000,044,640 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aswTap.sys -- (aswTap)
DRV:64bit: - [2013/10/01 22:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/09 20:02:14 | 000,170,712 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcbtums.sys -- (bcbtums)
DRV:64bit: - [2013/08/09 20:02:14 | 000,166,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2013/04/10 19:32:06 | 001,907,440 | ---- | M] (Hauppauge Computer Works) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HCW85BDA.sys -- (HCW85BDA)
DRV:64bit: - [2013/01/03 04:17:38 | 000,079,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LEqdUsb.sys -- (LEqdUsb)
DRV:64bit: - [2013/01/03 04:17:38 | 000,077,192 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2013/01/03 04:17:38 | 000,061,832 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2013/01/03 04:17:38 | 000,015,752 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidEqd.sys -- (LHidEqd)
DRV:64bit: - [2012/08/23 10:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/13 15:05:58 | 000,183,584 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NetgearUDSTcpBus.sys -- (NetgearUDSTcpBus)
DRV:64bit: - [2012/08/13 15:03:32 | 000,107,296 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NetgearUDSMBus.sys -- (NetgearUDSMBus)
DRV:64bit: - [2012/06/20 09:42:44 | 003,678,720 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2012/05/14 02:12:30 | 000,096,896 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012/03/04 12:29:52 | 000,276,256 | ---- | M] (Digiarty Software, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\DigiartyVirtualCDBus.sys -- (DigiartyVirtualCDBus)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/18 06:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2012/01/18 06:44:28 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2011/05/13 03:21:04 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2011/05/13 03:21:04 | 000,146,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd)
DRV:64bit: - [2011/05/13 03:21:02 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:64bit: - [2011/05/13 03:21:02 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2011/05/13 03:21:02 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV:64bit: - [2010/11/25 03:27:42 | 000,120,408 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/09/08 03:26:04 | 007,767,552 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2010/09/08 03:26:04 | 007,767,552 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/09/08 02:15:06 | 000,279,040 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/07/29 00:25:10 | 000,029,720 | ---- | M] (Initio Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ivusb.sys -- (ivusb)
DRV:64bit: - [2010/07/07 14:21:18 | 001,612,888 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ha20x22k.sys -- (ha20x22k)
DRV:64bit: - [2010/07/07 14:21:06 | 001,567,832 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ha20x2k.sys -- (ha20x2k)
DRV:64bit: - [2010/07/07 14:20:56 | 000,118,360 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\emupia2k.sys -- (emupia)
DRV:64bit: - [2010/07/07 14:20:48 | 000,213,080 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV:64bit: - [2010/07/07 14:20:40 | 000,015,960 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV:64bit: - [2010/07/07 14:16:32 | 000,179,288 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctoss2k.sys -- (ossrv)
DRV:64bit: - [2010/07/07 14:16:24 | 000,697,816 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctaud2k.sys -- (ctaud2k)
DRV:64bit: - [2010/07/07 14:16:14 | 000,580,696 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ctac32k.sys -- (ctac32k)
DRV:64bit: - [2010/07/07 14:16:06 | 001,445,976 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTEXFIFX.sys -- (CTEXFIFX.SYS)
DRV:64bit: - [2010/07/07 14:16:06 | 001,445,976 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTEXFIFX.sys -- (CTEXFIFX)
DRV:64bit: - [2010/07/07 14:15:56 | 000,095,320 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTHWIUT.sys -- (CTHWIUT.SYS)
DRV:64bit: - [2010/07/07 14:15:56 | 000,095,320 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTHWIUT.sys -- (CTHWIUT)
DRV:64bit: - [2010/07/07 14:15:50 | 000,230,488 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CT20XUT.sys -- (CT20XUT.SYS)
DRV:64bit: - [2010/07/07 14:15:50 | 000,230,488 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CT20XUT.sys -- (CT20XUT)
DRV:64bit: - [2010/04/14 01:01:44 | 000,054,824 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt)
DRV:64bit: - [2010/01/28 10:33:38 | 000,116,736 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010/01/21 16:59:09 | 000,871,408 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2009/12/19 14:23:52 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pcouffin.sys -- (pcouffin)
DRV:64bit: - [2009/10/14 19:29:46 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/10/14 19:29:44 | 000,230,480 | ---- | M] (Advanced Micro Devices, Inc) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ahcix64s.sys -- (ahcix64s)
DRV:64bit: - [2009/10/14 19:29:02 | 000,067,128 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/10/14 19:29:02 | 000,028,216 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/14 12:46:06 | 000,032,768 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir3.sys -- (hcw85cir)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/07/01 08:46:52 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009/07/01 08:46:48 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2009/07/01 08:46:40 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009/06/12 14:19:58 | 000,287,960 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1y62x64.sys -- (e1yexpress)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/04/07 11:33:08 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV - [2014/08/12 16:38:48 | 000,029,160 | ---- | M] () [Kernel | On_Demand | Unknown] -- C:\Windows\SysWOW64\drivers\TrueSight.sys -- (TrueSight)
DRV - [2012/06/15 14:04:00 | 000,092,160 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\NetgearUDSMBus.sys -- (NetgearUDSMBus)
DRV - [2012/06/15 14:02:58 | 000,153,600 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\NetgearUDSTcpBus.sys -- (NetgearUDSTcpBus)
DRV - [2011/07/22 12:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files (x86)\sasdifsv64.sys -- (SASDIFSV)
DRV - [2011/07/12 17:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files (x86)\saskutil64.sys -- (SASKUTIL)
DRV - [2009/10/20 14:50:12 | 000,146,928 | ---- | M] (CyberLink Corp.) [2010/03/19 12:24:59] [Kernel | Auto | Running] -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl -- ({55662437-DA8C-40c0-AADA-2C816A897A49})
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2008/04/29 20:27:24 | 000,013,856 | ---- | M] () [Kernel | System | Running] -- C:\Program Files (x86)\i-Menu\hugoio64.sys -- (hugoio64)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{119946E0-416B-4762-A0DE-32881B4DFE81}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{119946E0-416B-4762-A0DE-32881B4DFE81}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}: "URL" = http://www.bing.com/...=AVASDF&PC=AV01
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/...=AVASDF&PC=AV01
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://slickdeals.net/forums/index.php
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 74 14 6E A8 A3 D5 CE 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE11SR
IE - HKCU\..\SearchScopes\{119946E0-416B-4762-A0DE-32881B4DFE81}: "URL" = http://www.bing.com/...E11SR&pc=HPDTDF
IE - HKCU\..\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}: "URL" = http://www.bing.com/...=AVASDF&PC=AV01
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://my.ebay.com/w.../pricetracker/"
FF - prefs.js..extensions.enabledAddons: 2020Player_IKEA%402020Technologies.com:5.0.94.1
FF - prefs.js..extensions.enabledAddons: %7BF003DA68-8256-4b37-A6C4-350FA04494DF%7D:6.5
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:9.0.2021.112
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:31.0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.40.2: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@canon.com/UCPlugin:  File not found
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.67.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/06/29 20:12:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F003DA68-8256-4b37-A6C4-350FA04494DF}: C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013/05/06 00:56:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/07/12 07:16:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22119944-ED35-4ab1-910B-E619EA06A115}: C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox [2014/08/03 19:05:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/08/19 21:53:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/06/13 14:23:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/08/19 21:53:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/06/13 14:23:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/08/19 21:53:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/06/13 14:23:26 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/06/29 20:12:55 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{22119944-ED35-4ab1-910B-E619EA06A115}: C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox [2014/08/03 19:05:22 | 000,000,000 | ---D | M]
 
[2013/05/25 16:05:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hewlett\AppData\Roaming\mozilla\Extensions
[2014/07/18 08:34:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hewlett\AppData\Roaming\mozilla\Firefox\Profiles\smj03a5y.default-1379960535967\Extensions
[2014/05/26 07:16:16 | 000,000,000 | ---D | M] (20-20 3D Viewer - IKEA) -- C:\Users\Hewlett\AppData\Roaming\mozilla\Firefox\Profiles\smj03a5y.default-1379960535967\Extensions\[email protected]
[2014/03/11 06:41:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hewlett\AppData\Roaming\mozilla\Firefox\Profiles\v471oqlq.default\extensions
[2013/12/22 20:17:22 | 000,002,332 | ---- | M] () -- C:\Users\Hewlett\AppData\Roaming\mozilla\firefox\profiles\smj03a5y.default-1379960535967\searchplugins\justsnipe.xml
[2014/06/15 16:55:29 | 000,002,629 | ---- | M] () -- C:\Users\Hewlett\AppData\Roaming\mozilla\firefox\profiles\smj03a5y.default-1379960535967\searchplugins\kickassto.xml
[2013/08/19 21:53:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/07/31 12:23:33 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014/07/12 07:16:00 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2013/05/06 00:56:14 | 000,000,000 | ---D | M] (Logitech SetPoint) -- C:\PROGRAM FILES\LOGITECH\SETPOINTP\LOGISMOOTHFIREFOXEXT
[2012/03/24 15:32:16 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\NPcol400.dll
[2006/09/26 14:03:14 | 000,098,304 | ---- | M] (Zylom) -- C:\Program Files (x86)\mozilla firefox\plugins\npzylomgamesplayer.dll
 
O1 HOSTS File: ([2014/08/04 18:09:02 | 000,000,720 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O2:64bit: - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O2 - BHO: (Secure Online Account Numbers Helper) - {435EAA86-D32B-484F-869C-53745FCB1642} - C:\Program Files (x86)\Discover\SOAN\DiscoverSOANHelper.dll File not found
O2 - BHO: (PlusIEEventHelper Class) - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\bin\PlusIEContextMenu.dll (Zeon Corporation)
O2 - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3:64bit: - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (Secure Online Account Numbers) - {A8C7C2CA-6DFD-4E16-8458-592361564D38} - C:\Program Files (x86)\Discover\SOAN\DiscoverSOANToolbar.dll File not found
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (&RoboForm Toolbar) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&RoboForm Toolbar) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\SysWow64\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [HP Remote Solution] C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe ()
O4 - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4 - HKLM..\Run: [NETGEAR USB Control Center] C:\Program Files (x86)\NETGEAR\USB Control Center\Control Center.exe ()
O4 - HKLM..\Run: [PDF5 Registry Controller] C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDFHook] C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PPort12reminder] C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKCU..\Run: [Grid] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraGrd.exe ()
O4 - HKCU..\Run: [HydraVisionDesktopManager] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD)
O4 - HKCU..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O4 - HKCU..\Run: [RoboForm] C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files (x86)\SUPERAntiSpyware.exe (SUPERAntiSpyware)
O4:64bit: - HKLM..\RunOnce: [NCPluginUpdater] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe (Hewlett-Packard)
O4 - Startup: C:\Users\Hewlett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BTGuard Updates.lnk =  File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Customize Menu - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComCustomizeIEMenu.html File not found
O8:64bit: - Extra context menu item: Fill Forms - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComFillForms.html File not found
O8:64bit: - Extra context menu item: Save Forms - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComSavePass.html File not found
O8:64bit: - Extra context menu item: Show RoboForm Toolbar - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComShowToolbar.html File not found
O8 - Extra context menu item: Customize Menu - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComCustomizeIEMenu.html File not found
O8 - Extra context menu item: Fill Forms - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComFillForms.html File not found
O8 - Extra context menu item: Save Forms - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComSavePass.html File not found
O8 - Extra context menu item: Show RoboForm Toolbar - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComShowToolbar.html File not found
O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra Button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Show RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll File not found
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll File not found
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Show RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} http://www.logitech....Detection32.cab (Device Detection)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {2FF8D282-F78A-4A33-ABC2-49E72A341482} http://riteaid.store...eUpload1_10.CAB (SFImageUpload1_10.ImageUpload)
O16 - DPF: {3107C2A8-9F0B-4404-A58B-21BD85268FBC} http://www.pogo.com/...erInstaller.CAB (PogoWebLauncher Control)
O16 - DPF: {38AB0814-B09B-4378-9940-14A19638C3C2} http://www.auctiva.c...eUploader57.cab (Auctiva Image Uploader Control)
O16 - DPF: {445F47D7-E043-4BD6-82EB-7A1BD0EBA773} http://www.psapoll.com/CopyGuardIE.cab (CopyGuardCtrl Class)
O16 - DPF: {50647AB5-18FD-4142-82B0-5852478DD0D5} http://webeffective....torLauncher.cab (Keynote Connector Launcher 2)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8A0019EB-51FA-4AE5-A40B-C0496BBFC739} http://picture.vzw.c...loadControl.cab (Verizon Wireless Media Upload)
O16 - DPF: {8A5BE387-D09A-4DFA-A56B-DCB89BD11468} http://homedecorator...X_WEB_Win32.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.67.2)
O16 - DPF: {A4110378-789B-455F-AE86-3A1BFC402853} http://zone.msn.com/...vl.cab55579.cab (ZPA_SHVL Object)
O16 - DPF: {A7846ED2-9DE6-4E8A-B116-A8ACEBFA7DB1} http://rms2.invokeso...1452/MILive.cab (Invoke Solutions MILiveParticipantPadHelper Control)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn...k.cab102118.cab (MSN Games - Installer)
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} http://tools.ebayimg...l_v1-0-31-0.cab (EPUImageControl Class)
O16 - DPF: {CAFEEFAC-0017-0000-0045-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_45)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.67.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{05CBDC94-EDE7-44A8-AE0D-41EA25F23289}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E2B8D6F6-CFF4-4E54-9A58-84B2CF81C715}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2014/01/20 01:57:31 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{fbda576a-91ab-11e0-8861-e0cb4e042c07}\Shell - "" = AutoRun
O33 - MountPoints2\{fbda576a-91ab-11e0-8861-e0cb4e042c07}\Shell\AutoRun\command - "" = H:\DTLplus_Launcher.exe
O33 - MountPoints2\M\Shell - "" = AutoRun
O33 - MountPoints2\M\Shell\AutoRun\command - "" = M:\DTLplus_Launcher.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/08/11 19:28:28 | 000,321,848 | ---- | C] (Malwarebytes Corporation) -- C:\Users\Hewlett\Desktop\mbam-clean-2.1.1.1001.exe
[2014/08/11 18:40:14 | 000,448,512 | ---- | C] (OldTimer Tools) -- C:\Users\Hewlett\Desktop\TFC.exe
[2014/08/10 22:55:11 | 000,000,000 | ---D | C] -- C:\Pat nose
[2014/08/10 21:28:26 | 000,000,000 | ---D | C] -- C:\CRASHPLAN
[2014/08/10 19:20:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2014/08/09 20:03:12 | 000,000,000 | ---D | C] -- C:\FRST
[2014/08/09 20:03:01 | 002,099,712 | ---- | C] (Farbar) -- C:\Users\Hewlett\Desktop\FRST64.exe
[2014/08/04 20:52:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014/08/04 20:52:50 | 000,272,808 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014/08/04 20:52:44 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014/08/04 20:52:44 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014/08/04 20:52:44 | 000,098,216 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014/08/04 20:52:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/08/04 17:57:55 | 000,000,000 | ---D | C] -- C:\!Personal Oct 2013
[2014/08/03 20:27:27 | 001,016,261 | ---- | C] (Thisisu) -- C:\Users\Hewlett\Desktop\JRT_NEW.exe
[2014/07/24 14:31:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2014/07/24 14:31:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Plugins
[2014/07/24 14:31:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Language
[2014/07/21 22:42:36 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2014/07/17 18:58:22 | 000,000,000 | ---D | C] -- C:\Users\Hewlett\AppData\Roaming\Oracle
[2014/07/15 09:10:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
[2014/06/19 15:12:20 | 000,199,680 | ---- | C] (Igor Pavlov) -- C:\Program Files (x86)\7zxa.dll
[2014/06/04 18:56:19 | 006,564,120 | ---- | C] (SUPERAntiSpyware) -- C:\Program Files (x86)\SUPERAntiSpyware.exe
[2014/05/14 23:28:13 | 018,370,064 | ---- | C] (CANON INC.) -- C:\Program Files\UCP113Setup.exe
[2014/05/14 23:24:08 | 087,973,448 | ---- | C] (CANON INC.) -- C:\Program Files (x86)\Canon updateW8102bW_Installer.exe
[2014/05/05 15:53:46 | 004,362,512 | ---- | C] (Piriform Ltd) -- C:\Program Files (x86)\dfsetup218.exe
[2014/04/22 09:44:50 | 000,921,512 | ---- | C] (Oracle Corporation) -- C:\Program Files (x86)\jxpiinstall.exe
[2014/04/13 00:16:12 | 004,787,368 | ---- | C] (Piriform Ltd) -- C:\Program Files (x86)\ccsetup412.exe
[2014/04/10 00:09:52 | 001,574,912 | ---- | C] (Brother Industries, Ltd.) -- C:\Program Files (x86)\WirelessSetupHelper1.3.1_enus.exe
[2014/04/09 23:56:28 | 141,161,736 | ---- | C] (A.I.SOFT,INC.) -- C:\Program Files (x86)\MFC-J430W-inst-C1-usa.EXE
[2014/03/12 19:39:41 | 002,374,320 | ---- | C] (PeerBlock, LLC                                              ) -- C:\Program Files (x86)\PeerBlock-Setup_v1.2_r693.exe
[2014/01/13 16:59:08 | 033,440,584 | ---- | C] (Foxit Corporation                                           ) -- C:\Program Files (x86)\FoxitReader612.1224_enu_Setup.exe
[2014/01/13 15:26:27 | 1050,389,616 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\X17-75238.exe
[2014/01/06 18:42:39 | 003,782,822 | ---- | C] (DownloadHelper                                              ) -- C:\Program Files (x86)\ConvertHelperSetup.exe
[2013/12/21 13:12:26 | 018,374,240 | ---- | C] (CANON INC.) -- C:\Program Files (x86)\UCP111Setup.exe
[2013/12/19 23:36:30 | 160,489,864 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Program Files (x86)\13-9-legacy_vista_win7_64_dd_ccc_whql.exe
[2013/12/19 23:32:25 | 002,816,072 | ---- | C] (LionSea SoftWare                                            ) -- C:\Program Files (x86)\setup.exe
[2013/12/18 07:53:22 | 018,101,704 | ---- | C] (Adobe Systems Inc.) -- C:\Program Files (x86)\AdobeAIRInstaller.exe
[2013/12/03 14:22:06 | 000,216,888 | ---- | C] (SUPERAntiSpyware.com) -- C:\Program Files (x86)\SASCTXMN64.DLL
[2013/11/21 00:06:43 | 000,524,376 | ---- | C] (Alexander Roshal) -- C:\Program Files (x86)\Rar.exe
[2013/11/13 12:17:17 | 040,070,640 | ---- | C] (CrashPlan) -- C:\Program Files (x86)\CrashPlan_3.5.3_Win.exe
[2013/11/10 13:29:09 | 010,285,040 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Program Files (x86)\mbam-setup-1.75.0.1300.exe
[2013/11/10 12:58:01 | 087,227,720 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\avast_free_antivirus_setup.exe
[2013/11/07 20:44:25 | 050,573,696 | ---- | C] (Adobe Systems Incorporated) -- C:\Program Files (x86)\AdbeRdr11004_en_US.exe
[2013/11/07 18:50:46 | 000,051,512 | ---- | C] (Support.com) -- C:\Program Files (x86)\sas_enum_cookies.exe
[2013/11/07 16:08:40 | 000,049,944 | ---- | C] (SUPERAdBlocker.com) -- C:\Program Files (x86)\SASTask.exe
[2013/10/31 17:36:32 | 004,699,456 | ---- | C] (Acro Software Inc.                                          ) -- C:\Program Files (x86)\CuteWriter.exe
[2013/10/10 18:54:28 | 000,144,152 | ---- | C] (SUPERAntiSpyware.com) -- C:\Program Files (x86)\SASCore64.exe
[2013/10/10 18:53:48 | 000,458,008 | ---- | C] (SUPERAntiSpyware.com) -- C:\Program Files (x86)\SSUpdate64.exe
[2013/09/25 19:21:47 | 002,014,840 | ---- | C] (DriverBoost) -- C:\Program Files (x86)\DriverBoostPro_Setup.exe
[2013/08/27 21:03:12 | 014,266,592 | ---- | C] (Siber Systems) -- C:\Program Files (x86)\AiRoboForm-cnetc.exe
[2013/07/10 17:50:40 | 010,104,832 | ---- | C] (© Phoenix Technologies Ltd. ) -- C:\Program Files (x86)\N4110A11.exe
[2013/06/27 09:31:14 | 016,974,720 | ---- | C] (NETGEAR Inc.) -- C:\Program Files (x86)\NETGEARGenie-install.exe
[2013/06/16 18:03:35 | 020,896,392 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\Windows-KB890830-x64-V5.1.exe
[2013/05/29 18:26:37 | 013,998,208 | ---- | C] (Abelssoft                                                   ) -- C:\Program Files (x86)\ysd.exe
[2013/05/26 15:11:28 | 032,891,536 | ---- | C] (Amazon.com) -- C:\Program Files (x86)\KindleForPC-installer.exe.tm8cly3.partial
[2013/05/06 00:54:06 | 003,685,760 | ---- | C] (Logitech Inc.) -- C:\Program Files (x86)\setpoint652_smart.exe
[2013/03/27 13:40:24 | 002,148,152 | ---- | C] (Catalina Marketing Corp) -- C:\Users\Hewlett\AppData\Local\BcsKtYcHW.dll
[2013/01/29 15:57:09 | 000,267,352 | ---- | C] (Alexander Roshal) -- C:\Program Files (x86)\RarExt32.dll
[2013/01/29 15:57:09 | 000,238,592 | ---- | C] (Alexander Roshal) -- C:\Program Files (x86)\WinCon64.SFX
[2013/01/29 15:57:08 | 001,480,792 | ---- | C] (Alexander Roshal) -- C:\Program Files (x86)\WinRAR.exe
[2013/01/29 15:57:08 | 000,330,840 | ---- | C] (Alexander Roshal) -- C:\Program Files (x86)\UnRAR.exe
[2013/01/29 15:57:08 | 000,318,040 | ---- | C] (Alexander Roshal) -- C:\Program Files (x86)\RarExt.dll
[2013/01/29 15:57:08 | 000,197,632 | ---- | C] (Alexander Roshal) -- C:\Program Files (x86)\WinCon.SFX
[2012/03/24 15:31:20 | 000,485,576 | ---- | C] (Catalina Marketing Corp. ) -- C:\Program Files\CouponActivator.exe
[2012/03/21 15:55:20 | 165,923,488 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Program Files\12-2_vista_win7_64_dd_ccc.exe
[2011/11/17 05:28:37 | 005,855,312 | ---- | C] (Digiarty                                                    ) -- C:\Program Files (x86)\winx-bd-decrypter.exe
[2011/09/20 09:42:10 | 000,946,352 | ---- | C] (Skype Technologies S.A.) -- C:\Program Files (x86)\SkypeSetup.exe
[2011/07/22 12:26:56 | 000,014,928 | ---- | C] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files (x86)\sasdifsv64.sys
[2011/07/12 17:55:18 | 000,012,368 | ---- | C] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files (x86)\saskutil64.sys
[2011/04/05 11:58:05 | 009,104,256 | ---- | C] (Logitech Inc.) -- C:\Program Files (x86)\Setup - 64 bit.exe
[2011/02/07 11:28:20 | 006,275,960 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\Silverlight.exe
[2010/01/07 22:15:56 | 005,115,840 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Program Files\mbam-setup.exe
[2009/12/23 14:53:39 | 114,591,160 | ---- | C] (CANON INC.) -- C:\Program Files\zb641vistaupd-en.exe
[2009/12/23 14:15:56 | 001,359,360 | ---- | C] (Irfan Skiljan) -- C:\Program Files\iview425_setup.exe
[2009/12/17 17:12:25 | 031,616,544 | ---- | C] (Logitech Inc.) -- C:\Program Files\Setup_64bit.exe
[2009/12/16 20:53:22 | 036,469,413 | ---- | C] (A.I.SOFT,INC.) -- C:\Program Files\7225-INST-WIN7-A.EXE
[2004/05/07 18:31:40 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\msvcr71.dll
[5 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/08/12 18:51:27 | 000,015,984 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/08/12 18:51:27 | 000,015,984 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/08/12 18:48:21 | 000,850,986 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/08/12 18:48:21 | 000,711,268 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/08/12 18:48:21 | 000,139,890 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/08/12 18:43:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/08/12 18:43:00 | 1066,737,662 | -HS- | M] () -- C:\hiberfil.sys
[2014/08/12 18:42:10 | 000,063,300 | ---- | M] () -- C:\Windows\SysNative\BMXStateBkp-{00000008-00000000-00000000-00001102-0000000B-00451102}.rfx
[2014/08/12 18:42:10 | 000,063,300 | ---- | M] () -- C:\Windows\SysNative\BMXState-{00000008-00000000-00000000-00001102-0000000B-00451102}.rfx
[2014/08/12 18:42:10 | 000,000,820 | ---- | M] () -- C:\Windows\SysNative\DVCState-{00000008-00000000-00000000-00001102-0000000B-00451102}.rfx
[2014/08/12 18:29:51 | 000,000,930 | ---- | M] () -- C:\Users\Hewlett\Desktop\OTL.exe - Shortcut.lnk
[2014/08/12 18:29:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/08/12 17:34:50 | 000,000,426 | ---- | M] () -- C:\Windows\BRWMARK.INI
[2014/08/12 17:22:13 | 972,507,702 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014/08/12 16:38:48 | 000,029,160 | ---- | M] () -- C:\Windows\SysWow64\drivers\TrueSight.sys
[2014/08/11 19:37:42 | 000,001,150 | ---- | M] () -- C:\Users\Hewlett\Desktop\mbam-setup-2.0.2.1012.exe - Shortcut.lnk
[2014/08/11 19:35:56 | 000,001,150 | ---- | M] () -- C:\Users\Hewlett\Desktop\mbam-clean-2.1.1.1001.exe - Shortcut.lnk
[2014/08/11 19:28:30 | 000,321,848 | ---- | M] (Malwarebytes Corporation) -- C:\Users\Hewlett\Desktop\mbam-clean-2.1.1.1001.exe
[2014/08/11 18:40:17 | 000,448,512 | ---- | M] (OldTimer Tools) -- C:\Users\Hewlett\Desktop\TFC.exe
[2014/08/11 00:43:13 | 002,099,712 | ---- | M] (Farbar) -- C:\Users\Hewlett\Desktop\FRST64.exe
[2014/08/09 16:58:13 | 000,001,055 | ---- | M] () -- C:\Users\Hewlett\Desktop\tdsskiller.exe - Shortcut.lnk
[2014/08/09 16:12:37 | 001,366,203 | ---- | M] () -- C:\Users\Hewlett\Desktop\AdwCleaner.exe
[2014/08/09 01:09:02 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForHewlett.job
[2014/08/06 14:29:35 | 000,000,218 | ---- | M] () -- C:\Users\Hewlett\AppData\Local\recently-used.xbel
[2014/08/04 20:52:34 | 000,098,216 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014/08/04 20:52:32 | 000,272,808 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014/08/04 20:52:32 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014/08/04 20:52:32 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014/08/04 18:09:02 | 000,000,720 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2014/08/04 17:59:09 | 000,001,060 | ---- | M] () -- C:\Users\Hewlett\Desktop\RogueKiller.exe - Shortcut.lnk
[2014/08/03 16:30:53 | 000,001,028 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2014/08/01 17:03:57 | 000,000,784 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/08/01 07:58:38 | 000,000,456 | ---- | M] () -- C:\Windows\tasks\PCDRScheduledMaintenance.job
[2014/07/24 14:32:11 | 000,016,384 | ---- | M] () -- C:\Program Files (x86)\Uninstall.dat
[2014/07/24 14:31:57 | 000,001,756 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
[2014/07/15 09:10:03 | 000,001,344 | ---- | M] () -- C:\Users\Hewlett\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxit Reader.lnk
[2014/07/15 09:10:03 | 000,001,320 | ---- | M] () -- C:\Users\Public\Desktop\Foxit Reader.lnk
[2014/07/15 07:45:26 | 000,699,056 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/07/15 07:45:26 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[5 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/08/12 18:29:51 | 000,000,930 | ---- | C] () -- C:\Users\Hewlett\Desktop\OTL.exe - Shortcut.lnk
[2014/08/11 19:37:42 | 000,001,150 | ---- | C] () -- C:\Users\Hewlett\Desktop\mbam-setup-2.0.2.1012.exe - Shortcut.lnk
[2014/08/11 19:35:56 | 000,001,150 | ---- | C] () -- C:\Users\Hewlett\Desktop\mbam-clean-2.1.1.1001.exe - Shortcut.lnk
[2014/08/11 01:52:44 | 972,507,702 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2014/08/09 16:58:13 | 000,001,055 | ---- | C] () -- C:\Users\Hewlett\Desktop\tdsskiller.exe - Shortcut.lnk
[2014/08/09 16:12:33 | 001,366,203 | ---- | C] () -- C:\Users\Hewlett\Desktop\AdwCleaner.exe
[2014/08/06 14:29:35 | 000,000,218 | ---- | C] () -- C:\Users\Hewlett\AppData\Local\recently-used.xbel
[2014/08/04 17:59:09 | 000,001,060 | ---- | C] () -- C:\Users\Hewlett\Desktop\RogueKiller.exe - Shortcut.lnk
[2014/07/24 14:32:11 | 000,016,384 | ---- | C] () -- C:\Program Files (x86)\Uninstall.dat
[2014/07/24 14:31:57 | 000,001,756 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
[2014/07/21 22:59:28 | 000,029,160 | ---- | C] () -- C:\Windows\SysWow64\drivers\TrueSight.sys
[2014/07/15 09:10:03 | 000,001,344 | ---- | C] () -- C:\Users\Hewlett\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxit Reader.lnk
[2014/07/15 09:10:03 | 000,001,320 | ---- | C] () -- C:\Users\Public\Desktop\Foxit Reader.lnk
[2014/06/19 15:12:21 | 000,061,528 | ---- | C] () -- C:\Program Files (x86)\Ace32Loader.exe
[2014/06/19 15:12:20 | 000,077,312 | ---- | C] () -- C:\Program Files (x86)\UNACEV2.DLL
[2014/05/07 20:08:46 | 004,583,424 | ---- | C] () -- C:\Program Files (x86)\HPSupportSolutionsFramework.msi
[2014/03/17 15:52:12 | 000,000,600 | ---- | C] () -- C:\Users\Hewlett\AppData\Roaming\PUTTY.RND
[2014/03/16 12:09:06 | 000,000,600 | ---- | C] () -- C:\Users\Hewlett\AppData\Local\PUTTY.RND
[2014/03/16 11:49:36 | 003,679,227 | ---- | C] () -- C:\Program Files (x86)\btguard-2-60.exe
[2014/01/13 17:01:29 | 001,977,432 | ---- | C] () -- C:\Program Files (x86)\winrar-x64-501.exe
[2014/01/06 17:33:55 | 024,097,311 | ---- | C] () -- C:\Program Files (x86)\vlc-2.1.2-win32.exe
[2013/12/18 11:16:25 | 000,000,211 | ---- | C] () -- C:\Users\Hewlett\.swfinfo
[2013/11/21 00:06:44 | 000,258,560 | ---- | C] () -- C:\Program Files (x86)\Default64.SFX
[2013/11/21 00:06:43 | 000,210,432 | ---- | C] () -- C:\Program Files (x86)\Default.SFX
[2013/11/21 00:06:43 | 000,003,266 | ---- | C] () -- C:\Program Files (x86)\Order.htm
[2013/11/21 00:06:43 | 000,000,852 | ---- | C] () -- C:\Program Files (x86)\Descript.ion
[2013/11/17 00:32:26 | 007,284,278 | ---- | C] () -- C:\Program Files (x86)\vlc-2.1.1-win64.exe.part
[2013/10/31 19:57:04 | 004,741,136 | ---- | C] () -- C:\Program Files (x86)\adblockplusie-1.1.exe
[2013/10/31 18:09:05 | 000,061,440 | ---- | C] ( ) -- C:\Program Files (x86)\VEW.exe
[2013/10/29 19:58:57 | 000,513,320 | ---- | C] () -- C:\Program Files (x86)\erunt.zip
[2013/10/16 00:10:49 | 000,009,296 | ---- | C] () -- C:\Users\Hewlett\AppData\Roaming\Microsoft Excel 97-2003.EML
[2013/05/04 11:19:07 | 000,502,592 | ---- | C] () -- C:\Program Files (x86)\AmazonCloudDriveSetup.exe
[2013/04/24 22:18:47 | 000,013,235 | ---- | C] () -- C:\Windows\BRPARAM.INI
[2013/04/24 22:17:23 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\BRTCPCON.DLL
[2013/04/24 22:17:16 | 000,000,114 | ---- | C] () -- C:\Windows\SysWow64\BRLMW03A.INI
[2013/03/27 13:40:22 | 000,915,073 | ---- | C] () -- C:\Users\Hewlett\AppData\Local\a.zip
[2013/01/29 15:57:11 | 000,000,474 | ---- | C] () -- C:\Program Files (x86)\rarreg.key
[2013/01/29 15:57:11 | 000,000,022 | ---- | C] () -- C:\Program Files (x86)\zipnew.dat
[2013/01/29 15:57:11 | 000,000,020 | ---- | C] () -- C:\Program Files (x86)\rarnew.dat
[2013/01/29 15:57:09 | 000,180,224 | ---- | C] () -- C:\Program Files (x86)\Zip64.SFX
[2013/01/29 15:57:09 | 000,156,672 | ---- | C] () -- C:\Program Files (x86)\Zip.SFX
[2013/01/29 15:57:08 | 000,298,032 | ---- | C] () -- C:\Program Files (x86)\WinRAR.chm
[2013/01/29 15:57:08 | 000,001,241 | ---- | C] () -- C:\Program Files (x86)\RarFiles.lst
[2013/01/29 15:57:08 | 000,000,443 | ---- | C] () -- C:\Program Files (x86)\Uninstall.lst
[2013/01/29 12:56:55 | 000,000,408 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2013/01/14 13:29:23 | 000,000,000 | ---- | C] () -- C:\Windows\Tomb.INI
[2012/12/26 04:05:45 | 000,241,040 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2012/11/26 15:35:09 | 000,000,924 | ---- | C] () -- C:\Windows\Brpfx04a.ini
[2012/11/26 15:35:09 | 000,000,064 | ---- | C] () -- C:\Windows\brpcfx.ini
[2012/11/26 15:30:48 | 000,106,496 | ---- | C] () -- C:\Windows\SysWow64\BrMuSNMP.dll
[2012/11/26 15:30:48 | 000,000,066 | ---- | C] () -- C:\Windows\Brfaxrx.ini
[2012/11/26 15:30:47 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat
[2012/11/16 19:16:27 | 000,000,030 | ---- | C] () -- C:\Windows\SysWow64\brss01a.ini
[2012/10/26 13:10:03 | 000,555,008 | ---- | C] () -- C:\Program Files (x86)\SASREPAIRS.STG
[2012/04/19 20:34:02 | 000,051,965 | ---- | C] () -- C:\Program Files (x86)\appdata.sas
[2011/07/02 20:44:47 | 000,009,314 | ---- | C] () -- C:\Users\Hewlett\AppData\Roaming\Tab Separated Values (Windows).EML
[2011/02/04 10:18:49 | 013,358,984 | ---- | C] () -- C:\Program Files (x86)\SAS_919F32C6.COM
[2011/01/30 15:47:18 | 000,173,966 | ---- | C] () -- C:\Program Files (x86)\sfjsetup.exe
[2010/12/30 17:48:23 | 000,004,096 | ---- | C] () -- C:\Program Files (x86)\SAS_Preconfig.db3
[2010/12/13 19:05:47 | 000,007,609 | ---- | C] () -- C:\Users\Hewlett\AppData\Local\resmon.resmoncfg
[2010/12/06 18:27:18 | 000,002,176 | -H-- | C] () -- C:\Program Files\ZbThumbnail.info
[2010/10/15 17:30:34 | 000,001,057 | ---- | C] () -- C:\Users\Hewlett\AppData\Roaming\vso_ts_preview.xml
[2010/06/24 18:11:27 | 002,236,416 | ---- | C] () -- C:\Program Files (x86)\ue293reg64.exe
[2010/01/21 17:37:47 | 000,022,016 | ---- | C] () -- C:\Users\Hewlett\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/16 20:50:55 | 000,591,586 | ---- | C] () -- C:\Program Files\Pack_Main0En250.exe
[2007/11/27 16:12:26 | 001,088,725 | ---- | C] () -- C:\Program Files (x86)\SUPERAntiSpyware.chm
[2006/01/06 05:24:34 | 000,000,015 | -H-- | C] () -- C:\Users\Hewlett\AppData\Roaming\Hewlettlog.dat
[2005/12/08 22:51:51 | 000,000,060 | R--- | C] () -- C:\Program Files (x86)\BRINST.INI
[2004/05/20 16:28:44 | 000,002,048 | ---- | C] () -- C:\Program Files (x86)\detect.wav
 
========== ZeroAccess Check ==========
 
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/24 22:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/24 22:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/08/21 09:11:31 | 000,857,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/08/21 09:37:44 | 000,636,928 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/08/21 09:08:38 | 000,453,120 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Files - Unicode (All) ==========
[2010/02/16 00:00:56 | 000,000,036 | ---- | M] ()(C:\Windows\SysWow64\?r) -- C:\Windows\SysWow64\쓐ř
[2010/02/16 00:00:56 | 000,000,036 | ---- | C] ()(C:\Windows\SysWow64\?r) -- C:\Windows\SysWow64\쓐ř
[2010/01/10 18:46:32 | 000,000,036 | ---- | M] ()(C:\Windows\SysWow64\?Ù) -- C:\Windows\SysWow64\Ù
[2010/01/10 18:46:32 | 000,000,036 | ---- | C] ()(C:\Windows\SysWow64\?Ù) -- C:\Windows\SysWow64\Ù
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 143 bytes -> C:\Users\Hewlett\AppData\Roaming\Tab Separated Values (Windows).EML:OECustomProperty
@Alternate Data Stream - 143 bytes -> C:\Users\Hewlett\AppData\Roaming\Microsoft Excel 97-2003.EML:OECustomProperty

< End of report >
 

 

OTL Extras logfile created on: 8/12/2014 7:00:03 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\!Personal Oct 2013
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17207)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
11.99 Gb Total Physical Memory | 10.11 Gb Available Physical Memory | 84.29% Memory free
23.98 Gb Paging File | 21.84 Gb Available in Paging File | 91.09% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 918.03 Gb Total Space | 431.15 Gb Free Space | 46.97% Space Free | Partition Type: NTFS
Drive D: | 13.39 Gb Total Space | 2.39 Gb Free Space | 17.85% Space Free | Partition Type: NTFS
Drive E: | 931.51 Gb Total Space | 856.56 Gb Free Space | 91.95% Space Free | Partition Type: NTFS
Drive O: | 931.28 Gb Total Space | 905.65 Gb Free Space | 97.25% Space Free | Partition Type: FAT32
 
Computer Name: HEWLETT-PC | User Name: Hewlett | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (All) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm[@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe (Microsoft Corporation)
.hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.js[@ = JSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.reg[@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- "%1" %*
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf [@ = inffile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\SysWow64\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0762EA4E-642C-4F91-8FCB-EC73E8A4F3BE}" = lport=138 | protocol=17 | dir=in | app=system |
"{08CA5921-1C13-4AA4-B985-36545C956646}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{11AC4EF2-080A-4FBF-9048-EB3621CE6CA7}" = lport=33338 | protocol=17 | dir=in | name=goodsync server lan discovery |
"{1712EF9B-BD1D-4B0E-B7EC-36A8B75755CA}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{1C7331FC-B11E-4F15-8AD8-808DAB822EA0}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=c:\windows\system32\svchost.exe |
"{2561C1B6-BF52-4A1B-B0B9-897FCE02E1A3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{29D516A8-5773-4D78-88A5-18332F9D28E1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{332E3FF0-9168-4582-8B4D-72E92FE7565B}" = lport=137 | protocol=17 | dir=in | app=system |
"{3AD05206-7C1F-4A69-96C0-DC253DFC0C7D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3C72E67E-0D7B-4EEC-86DE-01836E8EB619}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=c:\windows\system32\svchost.exe |
"{3C8AC3EC-A1AF-4BFE-BF70-58F021BAF211}" = lport=10243 | protocol=6 | dir=in | app=system |
"{3D458089-E269-40CD-B1DE-857A2FD436A9}" = rport=137 | protocol=17 | dir=out | app=system |
"{442E9EC9-F34A-4DCC-9157-F223986E0F4F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{44AAD6E2-85AD-4846-93DE-3E0D4AC9B34D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4784DFEF-473A-4A4F-A4BC-6D57DA5A5852}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=c:\windows\system32\svchost.exe |
"{585F085B-B866-4F3E-91DF-DA15620548E8}" = rport=138 | protocol=17 | dir=out | app=system |
"{7342EA43-89FB-42EA-A1B6-232594AD9040}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{7A866C25-9C78-4891-A671-95A7FEE872ED}" = lport=7423 | protocol=17 | dir=in | name=netgear usb control center udp port |
"{7B80729D-6A51-4CF6-8791-B436B2360747}" = lport=33333 | protocol=6 | dir=in | name=goodsync server incoming connections |
"{7D22C833-1D34-4E62-AAE3-E66D75A0DD57}" = lport=33333 | protocol=6 | dir=in | name=goodsync server incoming connections |
"{8347698C-8FD7-47C2-854F-E888CB3EFB7B}" = rport=139 | protocol=6 | dir=out | app=system |
"{9B12DB79-28A9-4472-BA86-F20108C8FB95}" = rport=445 | protocol=6 | dir=out | app=system |
"{9E2D5AD1-529E-49BB-BAF5-F251874A90A5}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{A3498555-CD58-4AE3-8799-9383A063D42B}" = lport=54925 | protocol=17 | dir=in | name=brothernetwork scanner |
"{AA621865-7D93-4989-A1BF-2D5FDFA590B7}" = rport=10243 | protocol=6 | dir=out | app=system |
"{AB43D078-448A-4723-B144-DB86396F0812}" = lport=445 | protocol=6 | dir=in | app=system |
"{B1189865-6724-455B-85CF-020DAD23DE90}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{B675BADE-4DBF-41A8-92F7-266BDF2283B8}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C2C772AD-6583-428E-9FAA-E8E9C90E41B8}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C47CBC67-8842-46D4-A385-FA2BFE62FF44}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{C5664E7A-E9EB-4C31-942B-556B44DB518B}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=c:\windows\system32\svchost.exe |
"{C6DECB2B-A9F6-4795-AFD2-1694C44862F9}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=c:\windows\system32\svchost.exe |
"{CC77DDE3-1347-4187-8983-D3D691760201}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=c:\windows\system32\svchost.exe |
"{CE8C4DBA-CA8E-434A-ACD6-A479A66AD20C}" = lport=139 | protocol=6 | dir=in | app=system |
"{E1180927-46DE-435A-90A4-CCCB2805E1A6}" = lport=33338 | protocol=17 | dir=in | name=goodsync server lan discovery |
"{EE79D508-E8DE-4B95-80C0-B27AE3071305}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F15D30A9-5F14-458D-8521-A19FC55D5600}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F17A81D2-782C-4522-B4E1-7236006C5A76}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FE42B075-CA52-4B3F-AABC-91AF85EE523C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00C8601B-446B-4006-94CC-E3901599BE5F}" = protocol=6 | dir=in | app=c:\program files (x86)\crashplan\crashplanservice.exe |
"{0129BE83-94BD-4CC6-B618-AC94AA55FC22}" = protocol=6 | dir=in | app=c:\users\hewlett\appdata\roaming\mjusbsp\magicjack.exe |
"{0134B737-4933-460D-B5B4-F1C6C79BE8AC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{0233B1E9-B487-4B58-8062-480556F7CC42}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{04612CFC-E5BB-4E9A-9F68-068CC904643F}" = protocol=17 | dir=in | app=c:\!personal oct 2013\the_starter_wife_complete_series_downloader.exe |
"{06F5B5B8-256C-4663-A8AC-A7C616D9C3FD}" = protocol=6 | dir=in | app=c:\windows\syswow64\ipcamera.exe |
"{084EC1EF-4307-4A62-8707-E9BD0E3DD1C8}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{0A1A1C7E-D3A3-4FA6-8CEB-45A118CCDA71}" = protocol=17 | dir=in | app=c:\program files (x86)\yourfiledownloader\yourfile.exe |
"{0BF28A00-B42F-4F36-B35B-3CD9961B2B36}" = protocol=58 | dir=out | [email protected],-503 |
"{16810B44-8291-4017-B4C2-E8D609AF79A1}" = protocol=17 | dir=in | app=c:\program files\siber systems\goodsync\goodsync.exe |
"{18607034-D37E-43CF-8A51-0D0BB317EE87}" = protocol=17 | dir=in | app=c:\users\hewlett\appdata\roaming\mjusbsp\magicjack.exe |
"{1A42DA0A-CB95-4475-9CEC-41E0BC39A99C}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartvideo.exe |
"{1AEB54DD-F1E7-4EA3-AB7A-40B51D0ACDF9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1D69F9BC-5284-4D53-9B4E-DF1ED726B006}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1E4F9829-3172-400D-B1E3-92BCEA96E5CF}" = protocol=6 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe |
"{21DB344F-7766-4DE4-8F35-6F4B4BA0A6BE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{24025FE5-F150-4FD9-A99F-B3CAFF970924}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{26ABAF96-8E1A-4567-BED2-00F414D65425}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{283613A2-E5D0-4BA3-802B-FA5E928A5A62}" = protocol=6 | dir=in | app=o:\crashplanservice.exe |
"{284AF889-E099-4933-819E-CA43FCF8BAD1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2A4BDE21-3659-4F11-8531-490AA4A5C9C4}" = protocol=17 | dir=in | app=c:\program files (x86)\netgear\usb control center\control center.exe |
"{3052A860-FE4F-46F6-AE9F-124E56BE1C2F}" = protocol=6 | dir=in | app=c:\program files\siber systems\goodsync\goodsync.exe |
"{30C3F57C-2A45-4DC1-BBE5-5E6170C22AA8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{31F1AAC6-4714-4BF3-A243-DB894E898B64}" = protocol=17 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe |
"{3490BB8F-FA05-44D7-9CA8-C8A0486CC4EA}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{397955EA-C1A4-43D1-93E7-EE3C1B3CD7B2}" = protocol=17 | dir=in | app=c:\program files (x86)\yourfiledownloader\downloader.exe |
"{3E1B03DB-6B50-4E4E-A9F2-BF6EEFEB1045}" = protocol=6 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe |
"{41B86EF8-A5F1-4AA7-9576-64CFA42402F2}" = protocol=6 | dir=in | app=c:\!personal oct 2013\the_starter_wife_complete_series_downloader.exe |
"{4210A319-915F-4B5B-AAE4-324749593928}" = protocol=58 | dir=in | app=system |
"{423DC969-0C74-42AF-8D97-07101D884D6C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{43E71EF8-9E75-4090-B316-619803616325}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{46D65B46-0E78-4327-803A-81A3616352B3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{48731596-D24B-4F3A-9DCB-4AFB26BAFBA8}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartvideo.exe |
"{48777E17-A3AA-4065-B6B7-3F1280CD9885}" = dir=in | app=c:\program files (x86)\hewlett-packard\hp support framework\resources\hpwarrantycheck\hpdevicedetection3.exe |
"{48F3F5B8-44C3-4661-913D-34211CF62FCF}" = protocol=17 | dir=in | app=c:\program files\siber systems\goodsync\gsexplorer.exe |
"{4A16BC3E-09A9-4A54-B3C1-94139E8580F9}" = protocol=6 | dir=in | app=c:\btguard\utorrent.exe |
"{4A51F095-1219-4EC3-AD3F-DBFD735AB012}" = protocol=1 | dir=in | [email protected],-28543 |
"{4DB0D28A-DD95-4F4F-91CF-53F88720B69C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{515A1839-8AD8-4960-8A9B-D71BC806BFFF}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartmusic.exe |
"{56D3D7E4-807D-4A88-9ECE-62B6405EB04C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5BBE8EF8-8E29-4CED-B99F-59C2C614473F}" = protocol=6 | dir=out | app=system |
"{5CFC1DEE-C105-4619-9BC3-D327B876E5B1}" = protocol=6 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
"{5D62FD41-8A1D-4709-96C7-6BBA69A59B1F}" = protocol=6 | dir=in | app=c:\program files (x86)\yourfiledownloader\yourfile.exe |
"{6073C396-E5B9-4F9F-8FC5-7B8728270BC8}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{63B98704-42FA-45C9-A746-1DB8C0AD46DD}" = protocol=17 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe |
"{66586B34-87D1-40A3-B91C-43BA437FA5B7}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartphoto.exe |
"{66DAAC46-862D-48A7-997E-6EF796BC72BD}" = protocol=6 | dir=in | app=c:\program files\siber systems\goodsync\gsexplorer.exe |
"{6847F0EE-6C55-4B99-B93D-F748A5297B32}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6A87AE47-7502-45E7-83CE-02936C9AEF0F}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{6C75A9C1-8324-48BD-990D-5E5688EDC964}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartphoto.exe |
"{6D6151B8-A9B8-426E-B0D1-B45DE0A6475B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{730662A7-2EDE-4076-8BE1-EA72D75DB375}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |
"{738C82B5-B353-4B7C-B549-BFF69060E8BF}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{73E2CC18-E3D2-4F34-90D4-C261C50BBC06}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe |
"{73F2D6FA-5E36-4E4C-871E-2FCBFCE6724A}" = protocol=17 | dir=in | app=c:\program files\siber systems\goodsync\gs-server.exe |
"{764CF959-6B2A-4B82-92E6-024D4F25DE7B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{77FAB7A3-3234-4558-8034-F9234F51E2A9}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{78CA70D7-B470-444F-A618-B581D295D572}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7B7EF9CC-CF60-4457-96AD-15ABAF6E2983}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7E663124-0C41-4079-B050-6BF3702F22E6}" = protocol=6 | dir=in | app=c:\users\hewlett\appdata\roaming\utorrent\utorrent.exe |
"{7E6C1898-B9CA-4C7C-98F3-B0FD768387D0}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\clml\clmlsvc.exe |
"{818683EA-A8A6-4712-B808-A155FD803202}" = protocol=17 | dir=in | app=c:\btguard\utorrent.exe |
"{82E4EFBB-27D6-4C3A-B803-431E23F3595C}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\tsmagent.exe |
"{858542BD-393B-4663-B037-1CF75602AC3D}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
"{85BA8E97-7A36-4313-80B4-4AE57927F880}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{85D09055-B423-4CC7-971A-E20D2A9E12DC}" = dir=in | app=f:\setup\hpznui40.exe |
"{891C26A3-B12E-4CDE-95AC-EA43520C01D6}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartmusic.exe |
"{8A1EB3DF-9AEC-44A9-872B-E0DB7E0A9C69}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8C48E1D7-67E6-4AB7-AF89-9502CF070500}" = protocol=6 | dir=in | app=c:\program files (x86)\netgear\usb control center\control center.exe |
"{92F9622D-C3DD-4C53-A835-F3F6BDF76F30}" = protocol=6 | dir=in | app=c:\program files\siber systems\goodsync\gs-server.exe |
"{9510F845-287B-47A3-849A-418377B795C1}" = protocol=17 | dir=in | app=c:\!personal oct 2013\utorrent.exe |
"{9694FAC6-5E2E-419C-A5A8-3B4019834CE3}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{A09639B7-AB47-4B87-AE62-4F942FF7042F}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\tsmagent.exe |
"{A5683DAE-C220-45D1-B5BE-D43F6D22C74B}" = protocol=6 | dir=in | app=c:\!personal oct 2013\utorrent.exe |
"{A7F67028-01E3-4FED-AE9D-4FBB2DA53B4E}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A8FAD43B-CA61-4091-B781-E52C65C0DDD4}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A9CDD419-8CD8-44E1-92E3-3FCFD40FA7C5}" = protocol=6 | dir=in | app=o:\bitlord 2\bitlord files\bitlord.exe |
"{AB66DC22-4662-44A8-A3C3-BAFDC03AA22F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{AC8DF73E-DF42-4461-8B97-94BC5940D84D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{AF986CF8-DC3B-4901-926D-BCCDA93E97EC}" = protocol=6 | dir=in | app=c:\program files (x86)\yourfiledownloader\downloader.exe |
"{B74EAD0B-08A3-47C0-8E30-0F06B963BCDE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{BA759886-2134-4B23-A0E6-5C394305218F}" = protocol=58 | dir=in | [email protected],-28545 |
"{BDEA5070-1EE5-43E8-9DFA-38AE53B7006E}" = protocol=17 | dir=in | app=o:\bitlord 2\bitlord files\bitlord.exe |
"{C0541149-D5A1-49E9-AA1D-13A289AF6B2D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{C1F83EF5-074C-4D7E-90E8-8DFB1D6EA91F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C66A57F4-75A7-4E28-B260-AB10429E4EDB}" = protocol=17 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
"{C680688E-ED05-44FF-AEF0-998B6365FFC0}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{CB8765DC-00FA-4B6E-BC2B-77C927D839FB}" = protocol=17 | dir=in | app=c:\program files (x86)\crashplan\crashplanservice.exe |
"{D1DC3169-22F7-4379-939D-783CCE6C4990}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D5593035-F060-4DDC-8432-5172AA9A297B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D6F2B552-87A5-439F-931D-F93015AF15AE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{DF9BF0E3-862E-4E13-8AC7-45A8D253B2FF}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{E4323AA7-09DC-4298-9DAB-549C1F0CF7FE}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\clml\clmlsvc.exe |
"{E52C6180-4D8C-4FB5-AB37-9C3B6BD4DAA0}" = protocol=17 | dir=in | app=c:\windows\syswow64\ipcamera.exe |
"{E5F36265-2184-48D1-8067-0CB03328249A}" = protocol=17 | dir=in | app=c:\users\hewlett\appdata\roaming\utorrent\utorrent.exe |
"{E64ADA98-E7C6-46E5-9A05-25048DE0EDED}" = protocol=17 | dir=in | app=o:\crashplanservice.exe |
"{E6DFB46E-1BC7-4ACC-989D-5046E698FD96}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E88B7463-95AD-4DCC-B6B6-4A8568BE7434}" = protocol=1 | dir=out | [email protected],-28544 |
"{E9DDCCC8-AF25-4182-A9E8-F39F4A210E34}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{EA03CEBA-2BA1-4597-9AD6-9C6E8143B859}" = protocol=58 | dir=out | [email protected],-28546 |
"{EB046163-C6D6-4700-9BE8-985EF559342D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EC46ABD5-BC18-4756-8A1F-2E4BAE2C72F9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EFF9E26E-50F6-40F6-A43B-B18AC274DB74}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{F3FAAB6A-C79C-4BE7-BE0D-B50D18E1ECA5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F7A5EF29-AB92-41BA-BCB8-844A71C287F3}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{F9707232-0A71-49F4-A8A5-850F5C110E10}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{FAEF3F49-3EBD-4E39-9E1E-0660E58EEB2D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{FD8942AF-4A84-4FCD-A0A7-57D96AE23DF7}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"TCP Query User{10A85EB0-6970-4F9B-A07D-E70C0E73A333}C:\windows\syswow64\ipcamera.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\ipcamera.exe |
"TCP Query User{4C47B35C-54EE-4697-BCCE-C210F185CE08}O:\bitlord 2\bitlord files\bitlord.exe" = protocol=6 | dir=in | app=o:\bitlord 2\bitlord files\bitlord.exe |
"TCP Query User{4F90A441-40FA-4DD3-97E1-E736F2DEB2DE}C:\program files (x86)\netgear genie\bin\netgeargenie.exe" = protocol=6 | dir=in | app=c:\program files (x86)\netgear genie\bin\netgeargenie.exe |
"TCP Query User{76C8533A-C830-4470-B15A-0AE3911B0AA8}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
"TCP Query User{F05809C6-AE7C-4CA3-A7B1-7A588FA859BD}F:\bin\config\configassistant.exe" = protocol=6 | dir=in | app=f:\bin\config\configassistant.exe |
"UDP Query User{2E02879D-C4F9-47AD-857F-AA384C4F4D26}O:\bitlord 2\bitlord files\bitlord.exe" = protocol=17 | dir=in | app=o:\bitlord 2\bitlord files\bitlord.exe |
"UDP Query User{76A4FCFD-A1F0-4DE9-A369-AE136A4DC6BE}C:\program files (x86)\netgear genie\bin\netgeargenie.exe" = protocol=17 | dir=in | app=c:\program files (x86)\netgear genie\bin\netgeargenie.exe |
"UDP Query User{94778338-5CA7-46B4-BCDA-66B077683075}C:\windows\syswow64\ipcamera.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\ipcamera.exe |
"UDP Query User{A74DB271-6A5E-446E-983C-BBDB27189A65}F:\bin\config\configassistant.exe" = protocol=17 | dir=in | app=f:\bin\config\configassistant.exe |
"UDP Query User{EAE67AC4-4353-43EA-B38D-FD066467FB5D}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.2 (r693)
"{034B6AC8-DCF6-585B-2AFD-3FF0D4A559BB}" = AMD Accelerated Video Transcoding
"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{2012D762-5DCA-455A-B5FE-EDF79BC93E18}" = HP Photosmart C4700 All-In-One Driver Software 13.0 Rel .6
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{23170F69-40C1-2702-0922-000001000000}" = 7-Zip 9.22 (x64 edition)
"{251481E4-723F-492F-F5C1-3424FB2EF44E}" = AMD Drag and Drop Transcoding
"{26280024-DFB7-4967-90DB-7F9C6660D01E}" = HP MediaSmart SmartMenu
"{30921AC4-6875-F7DF-B48B-2BB68C000BB6}" = AMD Media Foundation Decoders
"{37FCE154-7F59-74F0-3A35-BF503CEB230B}" = AMD Catalyst Install Manager
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{57019733-78E6-43DE-8E6D-55349F0FDE6F}" = inSSIDer 2.0
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64
"{6C676266-91E4-DC71-E661-13494AC29A3E}" = ccc-utility64
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}" = PaperPort Image Printer 64-bit
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}" = Microsoft SQL Server Native Client
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = Bluetooth by hp
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B5CF5995-5E0B-967D-3FC5-325089795937}" = ccc-utility64
"{B636C9B9-A3F2-4DCE-ADCC-72E095018385}" = Microsoft SQL Server VSS Writer
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"CCleaner" = CCleaner
"CutePDF Writer Installation" = CutePDF Writer 3.0
"Defraggler" = Defraggler
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"Onscreen_Keyboard" = Logitech Onscreen Keyboard 1.0
"PC-Doctor for Windows" = Hardware Diagnostic Tools
"SP6" = Logitech SetPoint 6.52
"WinRAR archiver" = WinRAR 5.10 (64-bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00F14E5B-E07A-2A1E-6788-580773CE1486}" = CCC Help English
"{014CB645-5DD8-41BB-9211-FE98F6BF90A8}" = ArcSoft MediaImpression 2
"{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}" = Scansoft PDF Professional
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{09F46E3D-EAFB-9390-B6D9-F6DAA73B3ECB}" = CCC Help Finnish
"{0A036215-0A8D-6FBE-7EA3-7AED4F9E162A}" = CCC Help Turkish
"{0A172278-5048-3BDA-D318-974ED0AA0B95}" = CCC Help Greek
"{0B2536F0-8E7A-340F-9031-1AA60BEFBFD8}" = Catalyst Control Center Graphics Full Existing
"{0D526570-6B8F-3CE9-04DB-16FD2E68FCBE}" = CCC Help Danish
"{0E6CE44A-EE07-1C20-72C8-9A24CA2ED2CB}" = Catalyst Control Center HydraVision Full
"{0ED38503-B69A-44B4-98BE-21BFF284A9B6}" = Brother Driver Deployment Wizard
"{113F4E2E-416A-33BD-D2A6-39C58AB6ACAC}" = CCC Help Korean
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{15A05AAA-37E7-D516-5BE9-C960C2170403}" = CCC Help Czech
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{1688104B-0261-42FC-D796-CB97EA5159A4}" = CCC Help Thai
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{18812D65-95DB-5482-4CAC-3B3B5E5446B0}" = CCC Help Italian
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1D5B3A03-17FD-EC8F-755B-6164ABFF450A}" = CCC Help Turkish
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20288888-A7AF-4B24-8AEB-398D20CD563C}" = Sound Blaster X-Fi
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{21E9850E-58C2-FA88-D5AD-B64D253B8F82}" = CCC Help Thai
"{223CCCD3-2217-9AA1-98F0-2879733549D0}" = CCC Help English
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{25A7270E-1B63-DFD1-ACBC-88852A305398}" = CCC Help Chinese Traditional
"{26A24AE4-039D-4CA4-87B4-2F03217067FF}" = Java 7 Update 67
"{26E76762-7F20-4694-AD06-CC3A9B547A71}" = Microsoft Office Live Meeting 2007
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{28164BD8-81EA-639A-85E9-E659E3EE6DA7}" = Catalyst Control Center InstallProxy
"{28656860-4728-433C-8AD4-D1A930437BC8}" = Nuance PDF Viewer Plus
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{2E69E784-F84A-9A18-7D8E-4EB8504EEE1E}" = CCC Help Danish
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = HP MediaSmart Movie Themes
"{362614E4-9ABB-E7A7-CDDC-239AB168060A}" = CCC Help Japanese
"{363188E4-1A27-4DE6-BA48-823D2E205385}" = ArcSoft Scan-n-Stitch Deluxe
"{37331C16-3E97-4A20-80D8-BFB43AB0E2FB}" = Catalina Savings Printer
"{37530151-56A6-4CE4-9F9F-CE1F5A1356C6}" = ArcSoft Panorama Maker 4
"{37D59F62-2FC7-412D-AA55-3D0E6A9BD9C7}" = Microsoft Live Search Toolbar
"{394F1B21-1FA4-DDE1-C00B-0A3EEA1A94D1}" = ccc-core-static
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3AF15EEA-8EDF-4393-BB6C-CF8A9986486A}" = HP Support Assistant
"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker
"{3E7F5E50-6956-4446-87BF-F422A8736B7F}" = Secure Online Account Numbers
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{40965CEA-43EE-B8D7-09AB-705B5E2A2521}" = CCC Help Hungarian
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{40DA94AF-34B7-4BA7-A37F-26F899C031FF}" = ArcSoft PhotoStudio Darkroom 2
"{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1" = Foxit Cloud
"{4281435C-AD1D-4C8A-B9C0-3961C11EF142}_is1" = YouTube Song Downloader
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = PowerRecover
"{4528B812-FF2C-4E3A-A9EA-1ECB483BF03A}" = NETGEAR USB Control Center  
"{4680D4CC-5220-6AAF-54D3-C1E75C90A69A}" = CCC Help German
"{4745F6F8-09DA-CC39-EC19-0E8D764CF2B7}" = CCC Help Chinese Standard
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{4F11AE1B-452A-2A9B-250D-EDB725E39199}" = CCC Help Russian
"{4F9B4C70-F223-B34B-C7D3-55FC1D2BAD2E}" = CCC Help Chinese Standard
"{4FA31DE2-B613-24BB-1738-B655C00B1C9D}" = CCC Help Hungarian
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{58771CF6-F212-CC4D-61B1-45CC70B6375C}" = CCC Help Dutch
"{5906DAFF-9370-2B54-D483-343ABB9BE748}" = Catalyst Control Center Graphics Light
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{659F8F13-E8C5-C4B8-85E7-1D3912C06929}" = Catalyst Control Center Localization All
"{67431FA8-4B89-42DD-A68E-30D77F6C8D99}_is1" = HP Easy Backup
"{675D093B-815D-47FD-AB2C-192EC751E8E2}" = HP Software Framework
"{69FD2930-C361-47F6-822E-71B021526778}" = HP Support Solutions Framework
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6C0A559F-8583-4B5A-8B50-20BEE15D8E64}" = Nuance PaperPort 12
"{6C6B8B89-AC64-4B04-DBE1-992B80C83F1A}" = CCC Help Japanese
"{6D5CE5F1-CBB0-9ED4-1A1E-91DDCD6225FD}" = CCC Help Italian
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.2.3
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{6FDDB201-2CA0-42BD-973F-7B2C4A61EA3F}" = Microsoft_VC100_CRT_x86
"{707210B0-29F1-C550-BA96-6ECDA245CF24}" = CCC Help Spanish
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77D28FF5-242F-488A-8215-937D6A4D69E0}" = Adobe AIR
"{7B9D9DC4-EDB9-3181-4D1B-E47C34609E0C}" = CCC Help Portuguese
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{812B956B-37AB-24B9-4527-78A6D3ECE7F8}" = CCC Help Korean
"{83293709-B863-0EF6-00DA-B026D486E8B5}" = CCC Help Polish
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{8471021C-F529-43DE-84DF-3612E10F58C4}" = Remote Control USB Driver
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{88B2ABCF-9C00-47C1-8FC4-369B98845DD7}" = Catalyst Control Center - Branding
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{8966B8B5-D87A-E689-B370-E79B7691299C}" = Catalyst Control Center Core Implementation
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_PROHYBRIDR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{911904DE-EBB6-BC8E-D5BD-762B7DB42C46}" = CCC Help Greek
"{931E11B0-1ACE-438D-90AF-E5D8C64880EF}" = Catalyst Control Center - Branding
"{94BB375E-E8DC-555A-EC06-4BF1E1641E6F}" = Catalyst Control Center InstallProxy
"{95120000-0122-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9903011B-5F1D-A2A1-8078-EE62B3324CCE}" = CCC Help Portuguese
"{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A7F1628-2126-34A5-852D-2B93328BCF3F}" = CCC Help German
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C23A506-3E8B-B91C-4F9B-040518EC792D}" = CCC Help Norwegian
"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet TV for Windows Media Center
"{9D54290B-CD49-4B36-2EF2-7597FD0D683F}" = CCC Help Swedish
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{9DEF9686-CCB2-47B7-BF83-B49EA21FA016}" = HP MediaSmart Demo
"{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}" = Brother MFL-Pro Suite MFC-J430W
"{A55F4F9F-CCA8-4732-AA1F-0390A4A50947}" = C4700
"{A6F42664-73EC-25B0-F3A9-D8CCE53CFB25}" = Catalyst Control Center Graphics Previews Common
"{A7C0BB1A-1546-44D6-1BE0-FB0F84364787}" = HydraVision
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.07)
"{AE6C422B-DADB-D547-411C-E9E56DF03D16}" = CCC Help Russian
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{B07E4A53-C39E-9BEB-9716-1953F0EE2953}" = CCC Help French
"{B09567CC-E43F-10F1-752D-549AC7FB0C43}" = CCC Help Finnish
"{B170B91D-E8E3-A6A3-D129-D8E36FEA8A0B}" = CCC Help Norwegian
"{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"{B32C4059-6E7A-41EF-AD20-56DF1872B923}" = Business Contact Manager for Outlook 2007 SP2
"{B439A476-119C-13A9-6FB8-B2B2D566CF63}" = CCC Help Spanish
"{B53E61D7-7C80-40DF-82D2-CF5390D6D20A}" = HP Advisor
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}" = HP Support Information
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BD96ABD3-D1D4-5513-6C60-11476D6DCFC5}" = Catalyst Control Center Localization All
"{C2530D63-B66B-48B5-BB50-7C6281FE7AA6}" = Brother MFL-Pro Suite MFC-7220
"{C39C7876-4D21-8A38-0A42-B5C8858EC6C7}" = CCC Help French
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C54BBB47-5D1A-5C82-614E-0D75C1AD92B5}" = Catalyst Control Center Graphics Previews Vista
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C611CF88-969D-43E6-A877-D6D6439DD081}" = HP Remote Solution
"{C725937A-C6B3-0D07-A765-029FB1FD66B6}" = CCC Help Chinese Traditional
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CC8E94A2-55C7-4460-953C-2A790180578C}" = LightScribe System Software
"{D228187B-0D49-44C6-DEA8-64F180D14DB9}" = CCC Help Polish
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D4236B82-213F-679E-09A2-9AEB5EF4CADC}" = Catalyst Control Center Graphics Previews Common
"{D46D081B-F60E-467E-A7C4-117B70D76731}" = HP Update
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{D74B4F5A-28CB-33E4-AFC2-412B8227C582}" = CCC Help Dutch
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E36F3199-C282-47CA-BAC7-2B77D247E760}" = PS_AIO_06_C4700_SW_Min
"{E9E34215-82EF-4909-BE2F-F581F0DC9062}" = DirectX for Managed Code Update (Summer 2004)
"{EBBD4FE6-91DA-C397-6D56-FE85DBF24FCF}" = Catalyst Control Center
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}" = HP Setup
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F5492B8D-B6DB-C3D2-8309-1B6A766CAF85}" = Catalyst Control Center Graphics Full New
"{F5F38D48-5AF3-EEEC-7E0C-25D516D1DC74}" = CCC Help Czech
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FCEFDA6B-63CD-BB17-B845-478A42E24D39}" = CCC Help Swedish
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 14 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"AI RoboForm" = RoboForm 7-9-8-5 (All Users)
"Alt.Binz" = Alt.Binz 0.39.4
"Avast" = avast! Free Antivirus
"BFG-Big City Adventure - London Classic" = Big City Adventure: London Classic
"BFG-Big City Adventure - New York City" = Big City Adventure: New York City
"BFG-Big City Adventure - Paris" = Big City Adventure: Paris
"BFGC" = Big Fish: Game Manager
"BFG-Christmas Wonderland" = Christmas Wonderland
"BFG-Christmas Wonderland 4" = Christmas Wonderland 4
"BFG-Hidden in Time - Looking glass Lane" = Hidden in Time: Looking-glass Lane
"BFG-Mystery Case Files - 13th Skull" = Mystery Case Files &reg;: 13th Skull ™
"BFG-Mystery Case Files - Dire Grove" = Mystery Case Files &reg;: Dire Grove ™
"BFG-Mystery Case Files - Huntsville" = Mystery Case Files: Huntsville ™
"BFG-Mystery Case Files - Madame Fate" = Mystery Case Files: Madame Fate &reg;
"BFG-Mystery Case Files - Prime Suspects" = Mystery Case Files: Prime Suspects ™
"BFG-Mystery Case Files - Ravenhearst" = Mystery Case Files: Ravenhearst &reg;
"BFG-Mystery P.I. - Stolen in San Francisco" = Mystery P.I.: Stolen in San Francisco
"BFG-Mystery P.I. - The Curious Case of Counterfeit Cove" = Mystery P.I.: The Curious Case of Counterfeit Cove
"BFG-Mystery PI - The New York Fortune" = Mystery P.I.: The New York Fortune
"Business Contact Manager" = Business Contact Manager for Outlook 2007 SP2
"Coupon Printer for Windows5.0.0.7" = Coupon Printer for Windows
"Digital Editions" = Adobe Digital Editions
"Dolby Digital Live Pack" = Dolby Digital Live Pack
"ERUNT_is1" = ERUNT 1.1j
"ESET Online Scanner" = ESET Online Scanner v3
"Foxit Creator" = Foxit Creator
"Foxit PDF Editor" = Foxit PDF Editor
"Foxit Reader_is1" = Foxit Reader
"HP Remote Solution" = HP Remote Solution
"i-Menu_is1" = i-Menu 2.2
"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = HP MediaSmart Movie Themes
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"KeynoteConnector" = Keynote Connector
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.0.4 (Basic)
"Logitech Vid" = Logitech Vid HD
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox 31.0 (x86 en-US)" = Mozilla Firefox 31.0 (x86 en-US)
"NETGEAR Genie" = NETGEAR Genie
"PDFZilla_is1" = PDFZilla V1.2.9
"PROHYBRIDR" = 2007 Microsoft Office system
"QuickPar" = QuickPar 0.9
"Screen+_is1" = Screen+ 1.0
"VLC media player" = VLC media player
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"23ab716f18849b6f" = Amazon Cloud Drive
"9204f5692a8faf3b" = Dell System Detect
"Adobe Connect 9 Add-in" = Adobe Connect 9 Add-in
"BTGuard 2.6" = BTGuard 2.6
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 8/9/2014 4:15:40 PM | Computer Name = Hewlett-PC | Source = ESENT | ID = 455
Description = taskhost (3568) WebCacheLocal: Error -1811 occurred while opening
logfile C:\Users\Hewlett\AppData\Local\Microsoft\Windows\WebCache\V0100198.log.
 
Error - 8/9/2014 7:27:59 PM | Computer Name = Hewlett-PC | Source = Application Error | ID = 1000
Description = Faulting application name: mbamservice.exe, version: 3.0.2.0, time
 stamp: 0x5318d363  Faulting module name: mbamservice.exe, version: 3.0.2.0, time
stamp: 0x5318d363  Exception code: 0x40000015  Fault offset: 0x0007da8a  Faulting process
 id: 0x158c  Faulting application start time: 0x01cfb4298bac4cef  Faulting application
 path: C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe  Faulting
module path: C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe  Report
 Id: cc0b8e75-201c-11e4-bf04-00271359c5b8
 
Error - 8/10/2014 7:20:34 PM | Computer Name = Hewlett-PC | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\!Personal Oct 2013\esetsmartinstaller_enu.exe".Error
 in manifest or policy file "" on line .  A component version required by the application
 conflicts with another component version already active.  Conflicting components
are:.  Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 8/10/2014 7:20:38 PM | Computer Name = Hewlett-PC | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\!Personal Oct 2013\esetsmartinstaller_enu.exe".Error
 in manifest or policy file "" on line .  A component version required by the application
 conflicts with another component version already active.  Conflicting components
are:.  Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 8/10/2014 9:25:26 PM | Computer Name = Hewlett-PC | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\Program Files (x86)\ESET\ESET
 Online Scanner\ESETSmartInstaller.exe".Error in manifest or policy file "" on line
 .  A component version required by the application conflicts with another component
 version already active.  Conflicting components are:.  Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 8/10/2014 10:28:37 PM | Computer Name = Hewlett-PC | Source = Application Error | ID = 1000
Description = Faulting application name: FOXIT READER.EXE, version: 6.2.1.618, time
 stamp: 0x539e94ad  Faulting module name: FOXIT READER.EXE, version: 6.2.1.618, time
 stamp: 0x539e94ad  Exception code: 0xc0000005  Fault offset: 0x002dbe50  Faulting process
 id: 0x10a4  Faulting application start time: 0x01cfb50bf028407c  Faulting application
 path: C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\FOXIT READER.EXE  Faulting
 module path: C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\FOXIT READER.EXE
Report
 Id: 32d0acef-20ff-11e4-9b62-00271359c5b8
 
Error - 8/10/2014 10:55:38 PM | Computer Name = Hewlett-PC | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\!Personal Oct 2013\esetsmartinstaller_enu.exe".Error
 in manifest or policy file "" on line .  A component version required by the application
 conflicts with another component version already active.  Conflicting components
are:.  Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 8/11/2014 5:21:31 AM | Computer Name = Hewlett-PC | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "c:\program files (x86)\ESET\eset
 online scanner\ESETSmartInstaller.exe".Error in manifest or policy file "" on line
 .  A component version required by the application conflicts with another component
 version already active.  Conflicting components are:.  Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 8/12/2014 3:26:19 AM | Computer Name = Hewlett-PC | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "c:\program files (x86)\ESET\eset
 online scanner\ESETSmartInstaller.exe".Error in manifest or policy file "" on line
 .  A component version required by the application conflicts with another component
 version already active.  Conflicting components are:.  Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 8/12/2014 6:29:09 PM | Computer Name = Hewlett-PC | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\!Personal Oct 2013\esetsmartinstaller_enu.exe".Error
 in manifest or policy file "" on line .  A component version required by the application
 conflicts with another component version already active.  Conflicting components
are:.  Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
[ Hewlett-Packard Events ]
Error - 1/31/2013 3:15:57 AM | Computer Name = Hewlett-PC | Source = HPSF.exe | ID = 4000
Description =
 
Error - 1/31/2013 3:16:49 AM | Computer Name = Hewlett-PC | Source = HPSF.exe | ID = 4000
Description =
 
Error - 1/31/2013 3:17:33 AM | Computer Name = Hewlett-PC | Source = HPSF.exe | ID = 4000
Description =
 
Error - 1/31/2013 3:20:32 AM | Computer Name = Hewlett-PC | Source = HPSF.exe | ID = 4000
Description =
 
Error - 1/31/2013 3:20:36 AM | Computer Name = Hewlett-PC | Source = HPSF.exe | ID = 4000
Description =
 
Error - 1/31/2013 3:21:03 AM | Computer Name = Hewlett-PC | Source = HPSF.exe | ID = 4000
Description =
 
Error - 1/31/2013 3:21:42 AM | Computer Name = Hewlett-PC | Source = HPSF.exe | ID = 4000
Description =
 
Error - 1/31/2013 3:22:24 AM | Computer Name = Hewlett-PC | Source = HPSF.exe | ID = 4000
Description =
 
Error - 1/31/2013 3:24:13 AM | Computer Name = Hewlett-PC | Source = HPSF.exe | ID = 4000
Description =
 
Error - 1/31/2013 3:27:43 AM | Computer Name = Hewlett-PC | Source = HPSF.exe | ID = 4000
Description =
 
[ OSession Events ]
Error - 10/10/2011 12:34:16 PM | Computer Name = Hewlett-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
 12.0.6565.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 21
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 2/16/2012 6:40:25 PM | Computer Name = Hewlett-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
 12.0.6654.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 73339
 seconds with 240 seconds of active time.  This session ended with a crash.
 
Error - 5/31/2012 9:23:53 PM | Computer Name = Hewlett-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 90202
 seconds with 1560 seconds of active time.  This session ended with a crash.
 
Error - 6/5/2012 8:45:03 PM | Computer Name = Hewlett-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 73254
 seconds with 1200 seconds of active time.  This session ended with a crash.
 
Error - 6/21/2012 10:13:16 AM | Computer Name = Hewlett-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 8681
 seconds with 600 seconds of active time.  This session ended with a crash.
 
Error - 6/23/2012 7:06:48 PM | Computer Name = Hewlett-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 40505
 seconds with 540 seconds of active time.  This session ended with a crash.
 
Error - 9/17/2012 12:14:03 AM | Computer Name = Hewlett-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 21208
 seconds with 1860 seconds of active time.  This session ended with a crash.
 
Error - 7/1/2013 4:03:09 AM | Computer Name = Hewlett-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 1449
 seconds with 120 seconds of active time.  This session ended with a crash.
 
Error - 10/20/2013 12:51:57 AM | Computer Name = Hewlett-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 62036
 seconds with 480 seconds of active time.  This session ended with a crash.
 
Error - 8/4/2014 5:51:34 PM | Computer Name = Hewlett-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 102
 seconds with 60 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 8/12/2014 1:58:33 AM | Computer Name = Hewlett-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
   HssDRV6
 
Error - 8/12/2014 2:50:16 AM | Computer Name = Hewlett-PC | Source = DCOM | ID = 10010
Description =
 
Error - 8/12/2014 5:23:06 PM | Computer Name = Hewlett-PC | Source = BugCheck | ID = 1001
Description =
 
Error - 8/12/2014 5:24:01 PM | Computer Name = Hewlett-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
   HssDRV6
 
Error - 8/12/2014 6:39:02 PM | Computer Name = Hewlett-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
 response from the Appinfo service.
 
Error - 8/12/2014 6:39:32 PM | Computer Name = Hewlett-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
 response from the BITS service.
 
Error - 8/12/2014 6:40:02 PM | Computer Name = Hewlett-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
 response from the EapHost service.
 
Error - 8/12/2014 6:40:32 PM | Computer Name = Hewlett-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
 response from the hkmsvc service.
 
Error - 8/12/2014 6:41:02 PM | Computer Name = Hewlett-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
 response from the MMCSS service.
 
Error - 8/12/2014 6:44:21 PM | Computer Name = Hewlett-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
   HssDRV6
 
 
< End of report >
 


  • 0

#27
zep516
Posted 12 August 2014 - 06:24 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,090 posts
Hello,

Nice work...

Your OTL Log is clean, no adware, no serious looking virus. I want to run Malwarebytes and see what it says... Take your time it's all I can do tonight. After this we will run System file checker to check all your system files are in place. We will also run a check disk scan. I'll give instructions for that stuff

See if this Malwarebytes will run, download it and follow procedure..

Please download Malwarebytes Anti-Malware to your desktop
Install the progamme and select update
Once it has updated select Settings > Detection and Protection
Tick Scan for rootkits

MBAMsettings.JPG

Go back to the Dashboard and select Scan Now

MBAMScan.JPG

If threats are detected, click the Apply Actions button, MBAM will ask for a reboot.

MBAMReboot.JPG

MBAMLog.JPG

On completion of the scan (or after the reboot) select View Detailed Log
Select Export > Select text file and save to the desktop

Post that log

Thanks
Joe :)
  • 0

#28
Vintage Charms
Posted 13 August 2014 - 12:02 AM

Vintage Charms

    Member

  • Topic Starter
  • Member
  • PipPip
  • 75 posts

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 8/12/2014
Scan Time: 11:14:26 PM
Logfile: malware.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.08.13.01
Rootkit Database: v2014.08.04.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Hewlett

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 330037
Time Elapsed: 2 hr, 47 min, 4 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Deep Rootkit Scan: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)


  • 0

#29
zep516
Posted 13 August 2014 - 06:00 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,090 posts
Try using System File Checker,
System File Checker merely makes sure that all system files are where they should be. The sfc /scannow command scans all protected system files and replaces incorrect versions with correct Microsoft versions.
Open an Elevated Command Prompt window. To do so, click Start, then type cmd in the Start Search box. In the results area, right-click cmd.exe, and then click Run as administrator. You will be prompted to type the password for an administrator account. Click Continue if you are the administrator or type the administrator password. Then, click Continue.

At the command prompt, type the following command, sfc /scannow and then press ENTER.

sfcscan.png
The scan may take some time to complete. Windows will repair any corrupted or missing files that it finds.

If all goes ok System file will respond with no issues found...

If system file checker comes back and says unable to fix. Reboot the computer and run it again. If the second run has errors, reboot and run it one more time, Let me know how that goes for you.

Joe
  • 0

#30
Vintage Charms
Posted 13 August 2014 - 06:36 PM

Vintage Charms

    Member

  • Topic Starter
  • Member
  • PipPip
  • 75 posts

Tried twice with a reboot.  States that "Windows Resource Protection could not perform the required operation".  Stopped at 71%.


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP