Hello - i no longer get the white screen after log on. Below are the four logs you requested:
LOG 1
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-02-2013
Ran by SYSTEM at 09-02-2013 20:39:45
Running from H:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet002
==================== Registry (Whitelisted) ===================
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2281256 2012-01-11] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s [6489704 2011-02-11] (Realtek Semiconductor)
HKLM\...\Run: [RtkOSD] "C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe" [995840 2010-02-05] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" [172032 2010-05-14] (Sun Microsystems, Inc.)
HKLM\...\Run: [HPWirelessAssistant] "C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden [363064 2010-04-05] (Hewlett-Packard)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [98304 2010-03-10] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [919008 2012-07-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [38872 2012-07-31] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [WebrootTrayApp] "C:\Program Files (x86)\Webroot\Security\Current\Framework\WRTray.exe" [1382984 2011-12-09] (Webroot Software, Inc. )
HKLM-x32\...\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray [462408 2012-04-04] (Malwarebytes Corporation)
HKLM-x32\...\Run: [HP Software Update] "C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [49208 2011-05-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] [x]
HKLM-x32\...\Run: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup [103768 2009-09-12] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [YMailAdvisor] "C:\Program Files (x86)\Yahoo!\Common\YMailAdvisor.exe" [174424 2009-05-08] (Yahoo! Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [254896 2012-09-17] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [ShopAtHomeWatcher] "C:\Users\Owner\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe" [103864 2012-10-18] ()
HKLM-x32\...\Run: [HP Quick Launch] "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [586296 2010-11-09] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Nikon Message Center 2] "C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe" -s [571392 2011-10-30] (Nikon Corporation)
HKU\Default\...\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe [1712184 2010-02-09] ()
HKU\Default User\...\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe [1712184 2010-02-09] ()
HKU\Owner\...\Run: [HPAdvisorDock] "C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe" [1712184 2010-02-09] ()
HKU\Owner\...\Run: [LightScribe Control Panel] "C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden [2363392 2010-02-22] (Hewlett-Packard Company)
HKU\Owner\...\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background [4280184 2012-03-08] (Microsoft Corporation)
HKU\Owner\...\Run: [Spotify] "C:\Users\Owner\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart [9478320 2012-05-06] (Spotify Ltd)
HKU\Owner\...\Run: [Spotify Web Helper] "C:\Users\Owner\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [932528 2012-05-06] ()
HKU\Owner\...\Winlogon: [Shell] explorer.exe,C:\Users\Owner\AppData\Roaming\skype.dat [98304 2011-11-16] ()
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Startup: C:\Users\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\2.1.121\SSScheduler.exe (McAfee, Inc.)
==================== Services (Whitelisted) ===================
2 IHA_MessageCenter; "C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe" [352248 2012-08-03] (Verizon)
2 MBAMService; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" [654408 2012-04-04] (Malwarebytes Corporation)
3 McComponentHostService; "C:\Program Files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe" [227232 2010-09-02] (McAfee, Inc.)
2 WebrootSpySweeperService; "C:\Program Files (x86)\Webroot\Security\current\plugins\antimalware\AEI.exe" [3997912 2011-10-19] (Webroot Software, Inc. (www.webroot.com))
2 WRConsumerService; "C:\Program Files (x86)\Webroot\Security\Current\Framework\WRConsumerService.exe" [3386840 2011-12-09] (Webroot Software, Inc. )
==================== Drivers (Whitelisted) =====================
3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [24904 2012-04-04] (Malwarebytes Corporation)
3 NWUSBModem; C:\Windows\System32\DRIVERS\nwusbmdm.sys [213376 2009-12-18] (Novatel Wireless Inc.)
3 NWUSBPort; C:\Windows\System32\DRIVERS\nwusbser.sys [213376 2009-12-18] (Novatel Wireless Inc.)
3 NWUSBPort2; C:\Windows\System32\DRIVERS\nwusbser2.sys [213376 2009-12-18] (Novatel Wireless Inc.)
2 ssfmonm; C:\Windows\System32\Drivers\ssfmonm.sys [56408 2011-05-18] (Webroot Software, Inc. (www.webroot.com))
0 ssidrv; C:\Windows\System32\Drivers\ssidrv.sys [136224 2011-05-18] (Webroot Software, Inc. (www.webroot.com))
==================== NetSvcs (Whitelisted) ====================
==================== One Month Created Files and Folders ========
2013-02-09 20:39 - 2013-02-09 20:39 - 00000000 ____D C:\FRST
2013-02-09 17:34 - 2013-02-09 17:34 - 00000000 ____D C:\Users\Owner\AppData\Local\{03AD3004-F4A3-4C77-95A7-BE8657D43385}
2013-02-09 08:04 - 2013-02-09 08:04 - 00000000 ____D C:\Users\All Users\Recovery
2013-02-09 05:21 - 2013-02-09 05:21 - 00000000 __SHD C:\found.000
2013-02-09 05:09 - 2013-02-09 05:09 - 00000000 ____D C:\Users\Owner\AppData\Local\{0C4155BA-1B0E-4BD1-826A-3C033A8CDD3B}
2013-02-08 12:34 - 2013-02-08 12:34 - 00000000 ____D C:\Users\Owner\AppData\Local\{B3912728-A4E9-4EA0-8818-CF9A1ADB8EBD}
2013-02-08 10:37 - 2013-02-08 10:37 - 00000000 ____D C:\Users\Owner\AppData\Local\{140B749B-E884-4CAD-935E-B669341014FC}
2013-02-08 10:31 - 2013-02-08 10:31 - 00000000 ____D C:\Users\Owner\AppData\Local\{3BA87DA0-0EA5-4470-BA01-41469B791064}
2013-02-08 10:24 - 2013-02-08 10:24 - 00000000 ____D C:\Users\Owner\AppData\Local\{815992F1-4BB3-416C-B69B-EE60C8D16C61}
2013-02-08 10:18 - 2013-02-08 10:18 - 00000000 ____D C:\Users\Owner\AppData\Local\{189FC2C7-4E67-49CF-A1EE-97F6727ADC5A}
2013-02-08 09:18 - 2013-02-08 09:18 - 00000000 ____D C:\Users\Owner\AppData\Local\{C5F32ACB-201D-46CA-841B-B90E25ADB1BA}
2013-02-08 09:12 - 2013-02-08 09:12 - 00000000 ____D C:\Users\Owner\AppData\Local\{D0C1FC50-166B-4D2A-8898-6921354F56AC}
2013-02-08 09:02 - 2013-02-08 09:02 - 00000000 ____D C:\Users\Owner\AppData\Local\{0C99496B-BA3E-4685-A4BE-D12E887B03F9}
2013-02-08 08:57 - 2013-02-08 08:57 - 00000000 ____D C:\Users\Owner\AppData\Local\{9EE2C90A-ABC6-4B3E-986F-02C57DDA826C}
2013-02-08 08:44 - 2013-02-08 08:44 - 00000000 ____D C:\Users\Owner\AppData\Local\{DEF5C557-5F83-4A46-AAB8-D39A76912323}
2013-02-08 08:33 - 2013-02-08 08:33 - 00000000 ____D C:\Users\Owner\AppData\Local\{E6DAEEB9-7EC0-43D7-B26B-50EF2DA02169}
2013-02-07 04:52 - 2013-02-07 04:52 - 00000000 ___AH C:\Users\Owner\BITAE5D.tmp
2013-02-06 10:27 - 2013-02-06 10:27 - 00000000 ____D C:\Users\Owner\AppData\Local\{81870F1B-3F0B-44E3-8193-439648D596AE}
2013-01-27 13:49 - 2013-01-27 13:49 - 00000000 ____D C:\Users\Owner\AppData\Local\{576F7D25-A4E2-4CD9-A4A5-E1398AC42943}
2013-01-26 12:22 - 2013-02-09 17:34 - 00000004 ____A C:\Users\Owner\AppData\Roaming\skype.ini
2013-01-26 12:17 - 2013-01-26 12:17 - 00098304 ____A C:\Users\Owner\wgsdgsdgdsgsd.exe
2013-01-26 06:37 - 2013-01-26 06:38 - 00000000 ____D C:\Users\Owner\AppData\Local\{217CCE34-9334-4334-8471-541982DE1DA3}
2013-01-25 04:14 - 2013-01-25 04:14 - 00000000 ____D C:\Users\All Users\Nikon
2013-01-24 10:02 - 2013-01-24 10:02 - 00000000 ____D C:\Users\Owner\AppData\Local\{A2E2EA30-AAB7-45D7-9A4F-69F4731B606A}
2013-01-22 18:46 - 2013-01-22 18:46 - 00000000 ____D C:\Users\Owner\AppData\Local\Nikon
2013-01-22 18:45 - 2013-01-22 18:46 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Nikon
2013-01-22 18:41 - 2013-01-22 18:41 - 00002054 ____A C:\Users\Public\Desktop\Panorama Maker 6.lnk
2013-01-22 18:41 - 2013-01-22 18:41 - 00000000 ____D C:\Program Files (x86)\ArcSoft
2013-01-22 18:39 - 2013-01-22 18:39 - 00000000 ____D C:\Users\Owner\AppData\Roaming\ArcSoft
2013-01-22 18:37 - 2013-01-22 18:37 - 00000000 ____D C:\Windows\Downloaded Installations
2013-01-22 18:36 - 2013-01-22 18:36 - 00000268 ___RH C:\Users\All Users\Action Clauses
2013-01-22 18:36 - 2013-01-22 18:36 - 00000020 ____H C:\Users\All Users\PKP_DLes.DAT
2013-01-22 18:36 - 2013-01-22 18:36 - 00000000 ____D C:\Users\All Users\External Build System
2013-01-22 18:35 - 2013-01-26 06:46 - 00000020 ____H C:\Users\All Users\PKP_DLet.DAT
2013-01-22 18:35 - 2013-01-22 18:45 - 00000020 ____H C:\Users\All Users\PKP_DLev.DAT
2013-01-22 18:35 - 2013-01-22 18:38 - 00000000 ____D C:\Program Files (x86)\Nikon
2013-01-22 18:35 - 2013-01-22 18:37 - 00000000 ____D C:\Program Files\Common Files\Nikon
2013-01-22 18:35 - 2013-01-22 18:35 - 00002049 ____A C:\Users\Public\Desktop\ViewNX 2.lnk
2013-01-22 18:35 - 2013-01-22 18:35 - 00000268 ___RH C:\Users\Owner\AppData\Roaming\Abstract
2013-01-22 18:35 - 2013-01-22 18:35 - 00000268 ___RH C:\Users\All Users\Alerts
2013-01-22 18:35 - 2013-01-22 18:35 - 00000268 ___RH C:\Users\All Users\Action
2013-01-22 18:35 - 2013-01-22 18:35 - 00000000 ____D C:\Users\All Users\Flange Saw
2013-01-22 18:35 - 2013-01-22 18:35 - 00000000 ____D C:\Users\All Users\Electric Piano
2013-01-22 18:35 - 2013-01-22 18:35 - 00000000 ____D C:\Program Files\Nikon
2013-01-22 18:34 - 2013-01-22 18:36 - 00000000 ____D C:\Users\All Users\Ultima_T15
2013-01-22 18:34 - 2013-01-22 18:36 - 00000000 ____D C:\Users\All Users\EnterNHelp
2013-01-22 18:34 - 2013-01-22 18:34 - 00000268 ___RH C:\Users\Owner\AppData\Roaming\Animals
2013-01-22 18:34 - 2013-01-22 18:34 - 00000268 ___RH C:\Users\All Users\Applications
2013-01-22 18:34 - 2013-01-22 18:34 - 00000020 ____H C:\Users\All Users\PKP_DLeo.DAT
2013-01-22 18:34 - 2013-01-22 18:34 - 00000000 ____D C:\Users\All Users\Nature
2013-01-22 18:30 - 2013-01-22 18:30 - 00000000 ____D C:\Users\Owner\Downloads\Nikon
2013-01-22 14:37 - 2013-01-22 14:37 - 00000000 ____D C:\Users\Owner\AppData\Local\{8C3E7922-3041-4E6C-9076-115CA1F005CC}
2013-01-15 16:25 - 2013-01-21 07:02 - 00000000 ____D C:\Users\Owner\AppData\Local\{C75A3AAC-140E-4304-A6B0-A5376682EEF4}
2013-01-14 19:07 - 2013-01-14 19:08 - 00000000 ____D C:\Users\Owner\AppData\Local\{51127773-87B4-41A4-AE81-485CC593DF27}
2013-01-11 10:40 - 2013-01-13 14:51 - 00000000 ____D C:\Users\Owner\AppData\Local\{2E8ABC73-5E3D-42F4-ABC9-59F3C9868182}
==================== One Month Modified Files and Folders =======
2013-02-09 17:34 - 2013-02-09 17:34 - 00000000 ____D C:\Users\Owner\AppData\Local\{03AD3004-F4A3-4C77-95A7-BE8657D43385}
2013-02-09 17:34 - 2013-01-26 12:22 - 00000004 ____A C:\Users\Owner\AppData\Roaming\skype.ini
2013-02-09 17:33 - 2012-10-30 16:11 - 00000892 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-02-09 17:33 - 2011-02-05 05:51 - 00000000 ____D C:\Users\Owner\Tracing
2013-02-09 17:33 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-02-09 17:33 - 2009-07-13 20:51 - 00075241 ____A C:\Windows\setupact.log
2013-02-09 08:04 - 2013-02-09 08:04 - 00000000 ____D C:\Users\All Users\Recovery
2013-02-09 05:21 - 2013-02-09 05:21 - 00000000 __SHD C:\found.000
2013-02-09 05:15 - 2010-10-25 00:40 - 01498335 ____A C:\Windows\WindowsUpdate.log
2013-02-09 05:15 - 2009-07-13 20:45 - 00023248 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-02-09 05:15 - 2009-07-13 20:45 - 00023248 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-02-09 05:09 - 2013-02-09 05:09 - 00000000 ____D C:\Users\Owner\AppData\Local\{0C4155BA-1B0E-4BD1-826A-3C033A8CDD3B}
2013-02-08 12:42 - 2012-05-30 13:49 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-02-08 12:38 - 2009-07-13 21:13 - 00726444 ____A C:\Windows\System32\PerfStringBackup.INI
2013-02-08 12:34 - 2013-02-08 12:34 - 00000000 ____D C:\Users\Owner\AppData\Local\{B3912728-A4E9-4EA0-8818-CF9A1ADB8EBD}
2013-02-08 10:37 - 2013-02-08 10:37 - 00000000 ____D C:\Users\Owner\AppData\Local\{140B749B-E884-4CAD-935E-B669341014FC}
2013-02-08 10:31 - 2013-02-08 10:31 - 00000000 ____D C:\Users\Owner\AppData\Local\{3BA87DA0-0EA5-4470-BA01-41469B791064}
2013-02-08 10:24 - 2013-02-08 10:24 - 00000000 ____D C:\Users\Owner\AppData\Local\{815992F1-4BB3-416C-B69B-EE60C8D16C61}
2013-02-08 10:23 - 2009-07-13 21:08 - 00032548 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-02-08 10:18 - 2013-02-08 10:18 - 00000000 ____D C:\Users\Owner\AppData\Local\{189FC2C7-4E67-49CF-A1EE-97F6727ADC5A}
2013-02-08 10:16 - 2012-10-30 16:11 - 00000896 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-02-08 09:18 - 2013-02-08 09:18 - 00000000 ____D C:\Users\Owner\AppData\Local\{C5F32ACB-201D-46CA-841B-B90E25ADB1BA}
2013-02-08 09:12 - 2013-02-08 09:12 - 00000000 ____D C:\Users\Owner\AppData\Local\{D0C1FC50-166B-4D2A-8898-6921354F56AC}
2013-02-08 09:02 - 2013-02-08 09:02 - 00000000 ____D C:\Users\Owner\AppData\Local\{0C99496B-BA3E-4685-A4BE-D12E887B03F9}
2013-02-08 08:57 - 2013-02-08 08:57 - 00000000 ____D C:\Users\Owner\AppData\Local\{9EE2C90A-ABC6-4B3E-986F-02C57DDA826C}
2013-02-08 08:44 - 2013-02-08 08:44 - 00000000 ____D C:\Users\Owner\AppData\Local\{DEF5C557-5F83-4A46-AAB8-D39A76912323}
2013-02-08 08:33 - 2013-02-08 08:33 - 00000000 ____D C:\Users\Owner\AppData\Local\{E6DAEEB9-7EC0-43D7-B26B-50EF2DA02169}
2013-02-07 04:52 - 2013-02-07 04:52 - 00000000 ___AH C:\Users\Owner\BITAE5D.tmp
2013-02-07 04:52 - 2011-01-21 15:53 - 00000000 ____D C:\users\Owner
2013-02-06 10:31 - 2011-01-21 16:03 - 00000000 ____D C:\Users\Owner\AppData\Roaming\HpUpdate
2013-02-06 10:27 - 2013-02-06 10:27 - 00000000 ____D C:\Users\Owner\AppData\Local\{81870F1B-3F0B-44E3-8193-439648D596AE}
2013-01-27 13:49 - 2013-01-27 13:49 - 00000000 ____D C:\Users\Owner\AppData\Local\{576F7D25-A4E2-4CD9-A4A5-E1398AC42943}
2013-01-26 12:17 - 2013-01-26 12:17 - 00098304 ____A C:\Users\Owner\wgsdgsdgdsgsd.exe
2013-01-26 06:46 - 2013-01-22 18:35 - 00000020 ____H C:\Users\All Users\PKP_DLet.DAT
2013-01-26 06:38 - 2013-01-26 06:37 - 00000000 ____D C:\Users\Owner\AppData\Local\{217CCE34-9334-4334-8471-541982DE1DA3}
2013-01-26 06:35 - 2012-03-24 05:52 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Spotify
2013-01-25 04:14 - 2013-01-25 04:14 - 00000000 ____D C:\Users\All Users\Nikon
2013-01-24 10:02 - 2013-01-24 10:02 - 00000000 ____D C:\Users\Owner\AppData\Local\{A2E2EA30-AAB7-45D7-9A4F-69F4731B606A}
2013-01-24 10:00 - 2012-08-08 14:06 - 00000332 ____A C:\Windows\Tasks\HPCeeScheduleForOwner.job
2013-01-22 18:46 - 2013-01-22 18:46 - 00000000 ____D C:\Users\Owner\AppData\Local\Nikon
2013-01-22 18:46 - 2013-01-22 18:45 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Nikon
2013-01-22 18:45 - 2013-01-22 18:35 - 00000020 ____H C:\Users\All Users\PKP_DLev.DAT
2013-01-22 18:41 - 2013-01-22 18:41 - 00002054 ____A C:\Users\Public\Desktop\Panorama Maker 6.lnk
2013-01-22 18:41 - 2013-01-22 18:41 - 00000000 ____D C:\Program Files (x86)\ArcSoft
2013-01-22 18:40 - 2010-05-14 16:44 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-01-22 18:39 - 2013-01-22 18:39 - 00000000 ____D C:\Users\Owner\AppData\Roaming\ArcSoft
2013-01-22 18:38 - 2013-01-22 18:35 - 00000000 ____D C:\Program Files (x86)\Nikon
2013-01-22 18:38 - 2011-08-27 09:26 - 00000000 ____D C:\Users\Owner\AppData\Local\Downloaded Installations
2013-01-22 18:37 - 2013-01-22 18:37 - 00000000 ____D C:\Windows\Downloaded Installations
2013-01-22 18:37 - 2013-01-22 18:35 - 00000000 ____D C:\Program Files\Common Files\Nikon
2013-01-22 18:36 - 2013-01-22 18:36 - 00000268 ___RH C:\Users\All Users\Action Clauses
2013-01-22 18:36 - 2013-01-22 18:36 - 00000020 ____H C:\Users\All Users\PKP_DLes.DAT
2013-01-22 18:36 - 2013-01-22 18:36 - 00000000 ____D C:\Users\All Users\External Build System
2013-01-22 18:36 - 2013-01-22 18:34 - 00000000 ____D C:\Users\All Users\Ultima_T15
2013-01-22 18:36 - 2013-01-22 18:34 - 00000000 ____D C:\Users\All Users\EnterNHelp
2013-01-22 18:35 - 2013-01-22 18:35 - 00002049 ____A C:\Users\Public\Desktop\ViewNX 2.lnk
2013-01-22 18:35 - 2013-01-22 18:35 - 00000268 ___RH C:\Users\Owner\AppData\Roaming\Abstract
2013-01-22 18:35 - 2013-01-22 18:35 - 00000268 ___RH C:\Users\All Users\Alerts
2013-01-22 18:35 - 2013-01-22 18:35 - 00000268 ___RH C:\Users\All Users\Action
2013-01-22 18:35 - 2013-01-22 18:35 - 00000000 ____D C:\Users\All Users\Flange Saw
2013-01-22 18:35 - 2013-01-22 18:35 - 00000000 ____D C:\Users\All Users\Electric Piano
2013-01-22 18:35 - 2013-01-22 18:35 - 00000000 ____D C:\Program Files\Nikon
2013-01-22 18:35 - 2011-10-26 03:02 - 00000000 ____A C:\Windows\System32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-01-22 18:35 - 2011-01-26 05:56 - 00000052 ____A C:\Windows\SysWOW64\DOErrors.log
2013-01-22 18:35 - 2003-03-18 18:05 - 00106496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ATL71.DLL
2013-01-22 18:34 - 2013-01-22 18:34 - 00000268 ___RH C:\Users\Owner\AppData\Roaming\Animals
2013-01-22 18:34 - 2013-01-22 18:34 - 00000268 ___RH C:\Users\All Users\Applications
2013-01-22 18:34 - 2013-01-22 18:34 - 00000020 ____H C:\Users\All Users\PKP_DLeo.DAT
2013-01-22 18:34 - 2013-01-22 18:34 - 00000000 ____D C:\Users\All Users\Nature
2013-01-22 18:30 - 2013-01-22 18:30 - 00000000 ____D C:\Users\Owner\Downloads\Nikon
2013-01-22 14:37 - 2013-01-22 14:37 - 00000000 ____D C:\Users\Owner\AppData\Local\{8C3E7922-3041-4E6C-9076-115CA1F005CC}
2013-01-21 07:02 - 2013-01-15 16:25 - 00000000 ____D C:\Users\Owner\AppData\Local\{C75A3AAC-140E-4304-A6B0-A5376682EEF4}
2013-01-14 19:08 - 2013-01-14 19:07 - 00000000 ____D C:\Users\Owner\AppData\Local\{51127773-87B4-41A4-AE81-485CC593DF27}
2013-01-13 14:51 - 2013-01-11 10:40 - 00000000 ____D C:\Users\Owner\AppData\Local\{2E8ABC73-5E3D-42F4-ABC9-59F3C9868182}
==================== Known DLLs (Whitelisted) =================
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== EXE ASSOCIATION =====================
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
==================== Restore Points =========================
Restore point made on: 2012-12-21 16:01:38
Restore point made on: 2012-12-22 08:59:23
Restore point made on: 2012-12-26 16:34:18
Restore point made on: 2013-01-01 11:12:16
Restore point made on: 2013-01-05 15:11:01
Restore point made on: 2013-01-08 15:17:25
Restore point made on: 2013-01-08 17:35:41
Restore point made on: 2013-01-15 16:32:07
Restore point made on: 2013-01-19 06:19:37
Restore point made on: 2013-01-22 14:45:32
Restore point made on: 2013-01-22 18:34:29
Restore point made on: 2013-01-22 18:40:48
Restore point made on: 2013-01-25 17:56:49
Restore point made on: 2013-01-26 06:40:49
==================== Memory info ===========================
Percentage of memory in use: 18%
Total physical RAM: 3834.9 MB
Available physical RAM: 3125.86 MB
Total Pagefile: 3833.05 MB
Available Pagefile: 3109.09 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB
==================== Partitions =============================
1 Drive c: () (Fixed) (Total:284.09 GB) (Free:225.27 GB) NTFS ==>[System with boot components (obtained from reading drive)]
2 Drive e: (RECOVERY) (Fixed) (Total:13.7 GB) (Free:1.96 GB) NTFS ==>[System with boot components (obtained from reading drive)]
3 Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32
5 Drive h: () (Removable) (Total:3.62 GB) (Free:3.19 GB) FAT32
7 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
8 Drive y: (SYSTEM) (Fixed) (Total:0.19 GB) (Free:0.16 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 298 GB 0 B
Disk 1 Online 3717 MB 0 B
Disk 2 No Media 0 B 0 B
Partitions of Disk 0:
===============
Disk ID: FD8DFEE3
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 199 MB 1024 KB
Partition 2 Primary 284 GB 200 MB
Partition 3 Primary 13 GB 284 GB
Partition 4 Primary 103 MB 297 GB
==================================================================================
Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 Y SYSTEM NTFS Partition 199 MB Healthy
=========================================================
Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C NTFS Partition 284 GB Healthy
=========================================================
Disk: 0
Partition 3
Type : 07
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 E RECOVERY NTFS Partition 13 GB Healthy
=========================================================
Disk: 0
Partition 4
Type : 0C
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 F HP_TOOLS FAT32 Partition 103 MB Healthy
=========================================================
Partitions of Disk 1:
===============
Disk ID: 04DD5721
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 3710 MB 31 KB
==================================================================================
Disk: 1
Partition 1
Type : 0C
Hidden: No
Active: Yes
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 5 H FAT32 Removable 3710 MB Healthy
=========================================================
Last Boot: 2012-11-29 17:28
==================== End Of Log =============================
LOG 2
OTL logfile created on: 2/11/2013 9:03:06 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Owner\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.75 Gb Total Physical Memory | 2.38 Gb Available Physical Memory | 63.67% Memory free
7.49 Gb Paging File | 5.75 Gb Available in Paging File | 76.78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 284.09 Gb Total Space | 225.27 Gb Free Space | 79.30% Space Free | Partition Type: NTFS
Drive D: | 13.70 Gb Total Space | 1.96 Gb Free Space | 14.34% Space Free | Partition Type: NTFS
Drive E: | 99.34 Mb Total Space | 87.19 Mb Free Space | 87.78% Space Free | Partition Type: FAT32
Drive G: | 3.62 Gb Total Space | 3.18 Gb Free Space | 87.97% Space Free | Partition Type: FAT32
Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2013/02/11 08:56:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
PRC - [2012/05/06 19:34:13 | 000,932,528 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2012/04/04 14:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/04/04 14:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/12/09 19:32:22 | 003,386,840 | ---- | M] (Webroot Software, Inc. ) -- C:\Program Files (x86)\Webroot\Security\Current\Framework\WRConsumerService.exe
PRC - [2011/12/09 19:32:19 | 001,382,984 | ---- | M] (Webroot Software, Inc. ) -- C:\Program Files (x86)\Webroot\Security\Current\Framework\WRTray.exe
PRC - [2011/10/30 15:44:36 | 000,571,392 | ---- | M] (Nikon Corporation) -- C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe
PRC - [2011/10/19 11:22:58 | 003,997,912 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) -- C:\Program Files (x86)\Webroot\Security\Current\plugins\antimalware\AEI.exe
PRC - [2010/11/09 15:20:36 | 000,586,296 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2010/11/09 15:20:34 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2010/09/03 01:45:02 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.1.121\SSScheduler.exe
PRC - [2010/02/26 18:27:16 | 000,127,984 | ---- | M] (CinemaNow, Inc.) -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
PRC - [2009/09/12 22:09:10 | 000,103,768 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
PRC - [2009/09/12 22:09:04 | 000,550,232 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
PRC - [2009/05/08 05:53:34 | 000,174,424 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\Common\YMailAdvisor.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
========== Modules (No Company Name) ========== MOD - [2013/01/09 20:14:03 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\302207b4fa3083899fd8ab4db98cecc5\System.Management.ni.dll
MOD - [2013/01/08 21:01:30 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll
MOD - [2013/01/08 21:01:08 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll
MOD - [2013/01/08 21:01:05 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\dd20416f723ee13ffb4173ec1afc4ec4\System.Data.ni.dll
MOD - [2013/01/08 21:00:53 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ff7c9a4f41f7cccc47e696c11b9f8469\PresentationFramework.ni.dll
MOD - [2013/01/08 21:00:27 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll
MOD - [2013/01/08 21:00:16 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll
MOD - [2013/01/08 21:00:09 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013/01/08 21:00:05 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013/01/08 21:00:05 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
MOD - [2013/01/08 20:59:36 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2012/11/28 20:54:03 | 000,037,280 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll
MOD - [2012/05/06 19:34:13 | 000,932,528 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
MOD - [2011/12/09 19:32:24 | 002,557,952 | ---- | M] () -- C:\Program Files (x86)\Webroot\Security\Current\Framework\frameworkresources.dll
MOD - [2010/11/04 20:58:05 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2010/02/22 13:19:10 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
MOD - [2010/02/22 13:19:08 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
MOD - [2010/02/22 13:19:08 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
MOD - [2010/02/09 20:58:30 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
MOD - [2010/02/09 20:58:28 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
MOD - [2010/02/09 20:58:24 | 000,040,960 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
MOD - [2010/02/09 20:58:24 | 000,007,680 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
MOD - [2010/02/09 20:58:22 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
MOD - [2010/02/09 20:58:22 | 000,005,632 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
MOD - [2010/02/09 20:58:18 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
MOD - [2010/02/09 20:58:14 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
========== Services (SafeList) ========== SRV:
64bit: - [2010/06/24 15:24:12 | 000,315,392 | ---- | M] (Realtek Semiconductor Corp.) [Auto | Running] -- C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe -- (RtVOsdService)
SRV:
64bit: - [2010/04/05 13:12:00 | 000,103,992 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service)
SRV:
64bit: - [2010/03/10 22:29:46 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:
64bit: - [2010/02/05 12:50:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV:
64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/01/09 18:43:32 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/09/27 11:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2012/08/03 15:22:18 | 000,352,248 | ---- | M] (Verizon) [Auto | Running] -- C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe -- (IHA_MessageCenter)
SRV - [2012/04/04 14:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/12/09 19:32:22 | 003,386,840 | ---- | M] (Webroot Software, Inc. ) [Auto | Running] -- C:\Program Files (x86)\Webroot\Security\Current\Framework\WRConsumerService.exe -- (WRConsumerService)
SRV - [2011/10/19 11:22:58 | 003,997,912 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [Auto | Running] -- C:\Program Files (x86)\Webroot\Security\Current\plugins\antimalware\AEI.exe -- (WebrootSpySweeperService)
SRV - [2010/11/09 15:20:34 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2010/09/03 01:45:02 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe -- (McComponentHostService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/26 18:27:16 | 000,127,984 | ---- | M] (CinemaNow, Inc.) [Auto | Running] -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe -- (CinemaNow Service)
SRV - [2010/01/04 13:03:42 | 000,238,328 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
========== Driver Services (SafeList) ========== DRV:
64bit: - [2012/04/04 14:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:
64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:
64bit: - [2012/01/11 19:37:10 | 001,390,640 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:
64bit: - [2011/05/18 16:31:32 | 000,136,224 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ssidrv.sys -- (ssidrv)
DRV:
64bit: - [2011/05/18 16:31:30 | 000,056,408 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\ssfmonm.sys -- (ssfmonm)
DRV:
64bit: - [2011/02/22 11:17:34 | 002,736,640 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:
64bit: - [2011/02/11 12:41:53 | 000,347,680 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:
64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:
64bit: - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:
64bit: - [2010/11/20 04:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:
64bit: - [2010/06/21 21:51:14 | 000,035,840 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BVRPMPR5a64.SYS -- (BVRPMPR5a64)
DRV:
64bit: - [2010/03/10 22:39:52 | 006,403,072 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:
64bit: - [2010/03/10 21:34:06 | 000,188,928 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:
64bit: - [2010/02/22 15:00:12 | 000,239,136 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:
64bit: - [2010/01/28 13:33:38 | 000,116,736 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:
64bit: - [2009/12/22 04:26:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:
64bit: - [2009/12/18 11:13:02 | 000,025,600 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NwUsbCdFil64.sys -- (NWUSBCDFIL64)
DRV:
64bit: - [2009/12/18 11:13:00 | 000,257,536 | ---- | M] (Novatel Wireless Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NWADIenum.sys -- (NWADI)
DRV:
64bit: - [2009/12/18 11:12:58 | 000,213,376 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nwusbser2.sys -- (NWUSBPort2)
DRV:
64bit: - [2009/12/18 11:12:58 | 000,213,376 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nwusbser.sys -- (NWUSBPort)
DRV:
64bit: - [2009/12/18 11:12:58 | 000,213,376 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nwusbmdm.sys -- (NWUSBModem)
DRV:
64bit: - [2009/10/07 22:13:34 | 000,070,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:
64bit: - [2009/10/07 22:13:34 | 000,028,728 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:
64bit: - [2009/09/08 17:13:16 | 000,087,600 | ---- | M] (Citrix Systems, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ctxusbm.sys -- (ctxusbm)
DRV:
64bit: - [2009/08/23 21:55:32 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie)
DRV:
64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:
64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:
64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:
64bit: - [2009/06/10 16:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:
64bit: - [2009/06/10 16:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:
64bit: - [2009/06/10 16:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:
64bit: - [2009/06/10 15:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:
64bit: - [2009/06/10 15:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:
64bit: - [2009/06/10 15:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64)
DRV:
64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:
64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:
64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:
64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:
64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://g.msn.com/HPNOT/1IE:
64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://g.msn.com/HPNOT/1IE:
64bit: - HKLM\..\SearchScopes,DefaultScope = {B29A78F7-A0B6-42AA-8D16-637D87B4FB0A}
IE:
64bit: - HKLM\..\SearchScopes\{B29A78F7-A0B6-42AA-8D16-637D87B4FB0A}: "URL" =
http://www.bing.com/...rc=IE-SearchBoxIE:
64bit: - HKLM\..\SearchScopes\{EF05627D-9D00-469A-9190-F138C89A12BF}: "URL" =
http://www.ask.com/w...}&l=dis&o=ushplIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://g.msn.com/HPNOT/1IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://g.msn.com/HPNOT/1IE - HKLM\..\SearchScopes,DefaultScope = {B29A78F7-A0B6-42AA-8D16-637D87B4FB0A}
IE - HKLM\..\SearchScopes\{B29A78F7-A0B6-42AA-8D16-637D87B4FB0A}: "URL" =
http://www.bing.com/...rc=IE-SearchBoxIE - HKLM\..\SearchScopes\{EF05627D-9D00-469A-9190-F138C89A12BF}: "URL" =
http://www.ask.com/w...}&l=dis&o=ushpl IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {B29A78F7-A0B6-42AA-8D16-637D87B4FB0A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {B29A78F7-A0B6-42AA-8D16-637D87B4FB0A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2434352869-186315765-158770976-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://g.msn.com/HPNOT/1IE - HKU\S-1-5-21-2434352869-186315765-158770976-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.com/IE - HKU\S-1-5-21-2434352869-186315765-158770976-1000\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-2434352869-186315765-158770976-1000\..\SearchScopes,DefaultScope = {AF3589E4-2F2A-4587-8D4C-3B7A6A753BE8}
IE - HKU\S-1-5-21-2434352869-186315765-158770976-1000\..\SearchScopes\{AF3589E4-2F2A-4587-8D4C-3B7A6A753BE8}: "URL" =
http://search.yahoo....chTerms}&fr=chrIE - HKU\S-1-5-21-2434352869-186315765-158770976-1000\..\SearchScopes\{B29A78F7-A0B6-42AA-8D16-637D87B4FB0A}: "URL" =
http://www.bing.com/...rc=IE-SearchBoxIE - HKU\S-1-5-21-2434352869-186315765-158770976-1000\..\SearchScopes\{C79E675B-421D-4EA5-BFEA-79F12A4C7350}: "URL" =
http://websearch.sho...q={searchTerms}IE - HKU\S-1-5-21-2434352869-186315765-158770976-1000\..\SearchScopes\{EF05627D-9D00-469A-9190-F138C89A12BF}: "URL" =
http://www.ask.com/w...}&l=dis&o=ushplIE - HKU\S-1-5-21-2434352869-186315765-158770976-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF:
64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
========== Chrome ========== CHR - homepage:
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java Platform SE 6 U37 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 6.0.370.6 (Enabled) = C:\Windows\SysWOW64\npdeployJava1.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Google Search = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Gmail = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2012/01/03 18:31:44 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O2 - BHO: (ShopAtHome.com Cash Back Helper) - {66516A07-F617-488A-90CF-4E690CFB3C5F} - C:\Users\Owner\AppData\Roaming\ShopAtHome\ShopAtHomeToolbar\tbcore3U.dll File not found
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3 - HKLM\..\Toolbar: (ShopAtHome.com Toolbar) - {311B58DC-A4DC-4B04-B1B5-60299AD3D803} - C:\Users\Owner\AppData\Roaming\ShopAtHome\ShopAtHomeToolbar\tbcore3U.dll File not found
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O4:
64bit: - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe ()
O4:
64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:
64bit: - HKLM..\Run: [RtkOSD] C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe (Nikon Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [WebrootTrayApp] C:\Program Files (x86)\Webroot\Security\Current\Framework\WRTray.exe (Webroot Software, Inc. )
O4 - HKLM..\Run: [YMailAdvisor] C:\Program Files (x86)\Yahoo!\Common\YMailAdvisor.exe (Yahoo! Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2434352869-186315765-158770976-1000..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe ()
O4 - HKU\S-1-5-21-2434352869-186315765-158770976-1000..\Run: [Spotify] C:\Users\Owner\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O4 - HKU\S-1-5-21-2434352869-186315765-158770976-1000..\Run: [Spotify Web Helper] C:\Users\Owner\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-2434352869-186315765-158770976-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O13
64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:
64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16:
64bit: - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16:
64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16:
64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16:
64bit: - DPF: Garmin Communicator Plug-In
https://static.garmi...xControl_64.CAB (Reg Error: Key error.)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089}
http://office.micros...n/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_37)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C24B09ED-45EE-4500-9AF9-7C1A8F531B29}: DhcpNameServer = 192.168.1.1
O18:
64bit: - Protocol\Handler\livecall - No CLSID value found
O18:
64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:
64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:
64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:
64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:
64bit: - Protocol\Handler\msnim - No CLSID value found
O18:
64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:
64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:
64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18:
64bit: - Protocol\Filter\text/xml - No CLSID value found
O20:
64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:
64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{beb73beb-d060-11e0-8d16-643150602381}\Shell - "" = AutoRun
O33 - MountPoints2\{beb73beb-d060-11e0-8d16-643150602381}\Shell\AutoRun\command - "" = G:\VZAccess_Manager.exe /z detect
O33 - MountPoints2\{beb73c06-d060-11e0-8d16-643150602381}\Shell - "" = AutoRun
O33 - MountPoints2\{beb73c06-d060-11e0-8d16-643150602381}\Shell\AutoRun\command - "" = G:\VZAccess_Manager.exe /z detect
O34 - HKLM BootExecute: (autocheck autochk *)
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:
64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ========== [2013/02/11 09:02:30 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Users\Owner\Desktop\aswMBR.exe
[2013/02/11 09:02:25 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2013/02/11 08:57:19 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{887C8869-714A-4543-BE62-FBE56200E31B}
[2013/02/09 23:39:32 | 000,000,000 | ---D | C] -- C:\FRST
[2013/02/09 20:34:16 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{03AD3004-F4A3-4C77-95A7-BE8657D43385}
[2013/02/09 11:04:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Recovery
[2013/02/09 08:21:47 | 000,000,000 | -HSD | C] -- C:\found.000
[2013/02/09 08:09:07 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{0C4155BA-1B0E-4BD1-826A-3C033A8CDD3B}
[2013/02/08 15:42:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Verizon
[2013/02/08 15:34:31 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{B3912728-A4E9-4EA0-8818-CF9A1ADB8EBD}
[2013/02/08 13:37:54 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{140B749B-E884-4CAD-935E-B669341014FC}
[2013/02/08 13:31:22 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{3BA87DA0-0EA5-4470-BA01-41469B791064}
[2013/02/08 13:24:13 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{815992F1-4BB3-416C-B69B-EE60C8D16C61}
[2013/02/08 13:18:18 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{189FC2C7-4E67-49CF-A1EE-97F6727ADC5A}
[2013/02/08 12:18:45 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{C5F32ACB-201D-46CA-841B-B90E25ADB1BA}
[2013/02/08 12:12:15 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{D0C1FC50-166B-4D2A-8898-6921354F56AC}
[2013/02/08 12:02:16 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{0C99496B-BA3E-4685-A4BE-D12E887B03F9}
[2013/02/08 11:57:44 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{9EE2C90A-ABC6-4B3E-986F-02C57DDA826C}
[2013/02/08 11:44:25 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{DEF5C557-5F83-4A46-AAB8-D39A76912323}
[2013/02/08 11:33:26 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{E6DAEEB9-7EC0-43D7-B26B-50EF2DA02169}
[2013/02/06 13:27:07 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{81870F1B-3F0B-44E3-8193-439648D596AE}
[2013/01/27 16:49:05 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{576F7D25-A4E2-4CD9-A4A5-E1398AC42943}
[2013/01/26 09:37:47 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{217CCE34-9334-4334-8471-541982DE1DA3}
[2013/01/25 07:14:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Nikon
[2013/01/24 13:02:02 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{A2E2EA30-AAB7-45D7-9A4F-69F4731B606A}
[2013/01/22 21:46:47 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Nikon
[2013/01/22 21:45:28 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Nikon
[2013/01/22 21:41:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Panorama Maker 6
[2013/01/22 21:41:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ArcSoft
[2013/01/22 21:40:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ArcSoft
[2013/01/22 21:39:28 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\ArcSoft
[2013/01/22 21:38:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nikon Message Center 2
[2013/01/22 21:37:27 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2013/01/22 21:36:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nikon
[2013/01/22 21:36:50 | 000,000,000 | ---D | C] -- C:\ProgramData\External Build System
[2013/01/22 21:35:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ViewNX 2
[2013/01/22 21:35:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nikon
[2013/01/22 21:35:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nikon
[2013/01/22 21:35:41 | 000,000,000 | ---D | C] -- C:\Program Files\Nikon
[2013/01/22 21:35:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Flange Saw
[2013/01/22 21:35:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Electric Piano
[2013/01/22 21:34:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Ultima_T15
[2013/01/22 21:34:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Nature
[2013/01/22 21:34:37 | 000,000,000 | ---D | C] -- C:\ProgramData\EnterNHelp
[2013/01/22 21:30:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Link to Nikon
[2013/01/22 17:37:10 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{8C3E7922-3041-4E6C-9076-115CA1F005CC}
[2013/01/15 19:25:25 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{C75A3AAC-140E-4304-A6B0-A5376682EEF4}
[2013/01/14 22:07:34 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{51127773-87B4-41A4-AE81-485CC593DF27}
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Users\Owner\Desktop\*.tmp files -> C:\Users\Owner\Desktop\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2013/02/11 09:06:33 | 000,726,444 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/02/11 09:06:33 | 000,624,412 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/02/11 09:06:33 | 000,106,756 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/02/11 09:04:49 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/02/11 09:04:49 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/02/11 08:57:38 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Users\Owner\Desktop\aswMBR.exe
[2013/02/11 08:56:38 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/02/11 08:56:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/02/11 08:56:20 | 3015,888,896 | -HS- | M] () -- C:\hiberfil.sys
[2013/02/11 08:56:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2013/02/08 15:42:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/02/08 13:16:45 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/01/26 09:46:56 | 000,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLet.DAT
[2013/01/24 13:00:41 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForOwner.job
[2013/01/22 21:45:32 | 000,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLev.DAT
[2013/01/22 21:41:17 | 000,002,054 | ---- | M] () -- C:\Users\Public\Desktop\Panorama Maker 6.lnk
[2013/01/22 21:36:50 | 000,000,268 | RH-- | M] () -- C:\Users\Owner\AppData\Roaming\vhosts
[2013/01/22 21:36:50 | 000,000,268 | RH-- | M] () -- C:\ProgramData\Action Clauses
[2013/01/22 21:36:50 | 000,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLes.DAT
[2013/01/22 21:35:47 | 000,002,049 | ---- | M] () -- C:\Users\Public\Desktop\ViewNX 2.lnk
[2013/01/22 21:35:28 | 000,000,268 | RH-- | M] () -- C:\ProgramData\Alerts
[2013/01/22 21:35:28 | 000,000,268 | RH-- | M] () -- C:\Users\Owner\AppData\Roaming\Abstract
[2013/01/22 21:35:27 | 000,000,268 | RH-- | M] () -- C:\Users\Owner\AppData\Roaming\programs
[2013/01/22 21:35:27 | 000,000,268 | RH-- | M] () -- C:\ProgramData\Action
[2013/01/22 21:35:00 | 000,106,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ATL71.DLL
[2013/01/22 21:34:40 | 000,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLeo.DAT
[2013/01/22 21:34:37 | 000,000,268 | RH-- | M] () -- C:\ProgramData\Applications
[2013/01/22 21:34:37 | 000,000,268 | RH-- | M] () -- C:\Users\Owner\AppData\Roaming\Animals
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Users\Owner\Desktop\*.tmp files -> C:\Users\Owner\Desktop\*.tmp -> ]
========== Files Created - No Company Name ========== [2013/01/22 21:41:17 | 000,002,054 | ---- | C] () -- C:\Users\Public\Desktop\Panorama Maker 6.lnk
[2013/01/22 21:36:50 | 000,000,268 | RH-- | C] () -- C:\Users\Owner\AppData\Roaming\vhosts
[2013/01/22 21:36:50 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Action Clauses
[2013/01/22 21:36:50 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT
[2013/01/22 21:35:47 | 000,002,049 | ---- | C] () -- C:\Users\Public\Desktop\ViewNX 2.lnk
[2013/01/22 21:35:28 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Alerts
[2013/01/22 21:35:28 | 000,000,268 | RH-- | C] () -- C:\Users\Owner\AppData\Roaming\Abstract
[2013/01/22 21:35:28 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT
[2013/01/22 21:35:27 | 000,000,268 | RH-- | C] () -- C:\Users\Owner\AppData\Roaming\programs
[2013/01/22 21:35:27 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Action
[2013/01/22 21:35:27 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT
[2013/01/22 21:34:37 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Applications
[2013/01/22 21:34:37 | 000,000,268 | RH-- | C] () -- C:\Users\Owner\AppData\Roaming\Animals
[2013/01/22 21:34:37 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLeo.DAT
[2011/04/12 19:28:47 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
========== ZeroAccess Check ========== [2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 00:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 23:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 07:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
< End of report >
LOG 3
OTL Extras logfile created on: 2/11/2013 9:03:06 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Owner\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.75 Gb Total Physical Memory | 2.38 Gb Available Physical Memory | 63.67% Memory free
7.49 Gb Paging File | 5.75 Gb Available in Paging File | 76.78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 284.09 Gb Total Space | 225.27 Gb Free Space | 79.30% Space Free | Partition Type: NTFS
Drive D: | 13.70 Gb Total Space | 1.96 Gb Free Space | 14.34% Space Free | Partition Type: NTFS
Drive E: | 99.34 Mb Total Space | 87.19 Mb Free Space | 87.78% Space Free | Partition Type: FAT32
Drive G: | 3.62 Gb Total Space | 3.18 Gb Free Space | 87.97% Space Free | Partition Type: FAT32
Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_USERS\S-1-5-21-2434352869-186315765-158770976-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1CF4D64D-E374-4A6B-B170-EED9672564BF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{22B81D4D-1244-4F76-BAE6-F72A49F95A8D}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{266B381B-A9B1-4AF8-9F73-393E193D4EEE}" = lport=445 | protocol=6 | dir=in | app=system |
"{28B7B272-94F0-4381-8D62-20EEB4156768}" = rport=139 | protocol=6 | dir=out | app=system |
"{2B98A394-1976-4EE4-A055-3B3E7E736BAA}" = lport=50000 | protocol=17 | dir=in | name=iha_messagecenter |
"{3ADA067C-9226-4344-9100-F9136FA503A9}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3B1E0C20-3715-41A6-9E5B-F071C5E76F63}" = rport=445 | protocol=6 | dir=out | app=system |
"{47D93DAD-B003-4256-B7DC-CF6E062E30DE}" = lport=50000 | protocol=17 | dir=in | name=iha_messagecenter |
"{50A1EADE-35AE-48AF-9D64-C67D7D4BB252}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{54D88428-CFBA-4358-B640-5C4FA56BD3AD}" = rport=137 | protocol=17 | dir=out | app=system |
"{57C9C736-0BF2-4EDE-9985-B2346078F864}" = lport=10243 | protocol=6 | dir=in | app=system |
"{591C5DBA-8858-4787-8A2E-F9E7DC5FCDFA}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{697E14FE-C620-434A-8916-17CA0A4B7EB5}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss |
[email protected],-28539 |
"{7A265DED-3135-4E10-8062-B5728320CCAB}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8184F41D-C8C2-4439-9EDB-AFC1FC970A93}" = lport=137 | protocol=17 | dir=in | app=system |
"{8A6F86AC-F6DC-4EA4-B13A-A933AC838AF3}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{970063DB-F2AD-4E8D-BDC7-B5D340A39F33}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9F297F9A-6778-4833-8FB3-796C64FCE71D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{BB0DE706-6687-49D9-BC99-86068F351900}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{BE64448D-63C5-44E6-9732-3808C149F9BF}" = lport=139 | protocol=6 | dir=in | app=system |
"{C5B46D5F-CE04-4D12-9ABD-DF524C23DEDF}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D0A95EC8-1DC4-4CE7-8246-86155D2DEBA2}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{EAA7DEF4-B660-4BD4-B5FF-0C25FAF85C13}" = rport=138 | protocol=17 | dir=out | app=system |
"{EDA4D6CB-7221-416F-B8E7-A747F8AB26F6}" = lport=2869 | protocol=6 | dir=in | app=system |
"{EDC6DA5D-965A-40F7-B2FB-BADF64C3936A}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F1E04071-453C-4137-B557-961CA9913E6B}" = lport=138 | protocol=17 | dir=in | app=system |
"{F55F0997-2DF7-4C56-9ADF-28F89BAE50C3}" = rport=10243 | protocol=6 | dir=out | app=system |
"{FD2E8AE8-B00D-40AA-B8BD-16D004B2048C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09E1C1ED-BD1D-4740-81B3-0AF5B49B4067}" = protocol=1 | dir=out |
[email protected],-28544 |
"{1134A451-25A0-4D9B-AC8C-610826CA84D7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1318BC8A-FC59-4D0F-B6F5-D16DF10424EC}" = protocol=6 | dir=in | app=c:\program files (x86)\cinemanow\cinemanow media manager\cinemanowshell.exe |
"{1D0021D9-48A8-4AE7-8451-9DAA5C02D80D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{2AD17EB1-A4B8-4E20-9E65-51E1C82CC532}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{340FF172-C25F-4826-BB1C-83E5F73BAE07}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd9.exe |
"{417CD796-A2FA-40E4-96FD-A2CC810DA27B}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{44BBF460-656D-4101-AEEA-6A18E0446F5D}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{514D1B32-9225-4E12-9B9A-671D52DECAE1}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{60E213F5-8E2D-4E55-9CC4-093231E59715}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{770BE4AD-7F91-4C97-9F7E-DA48252ADA84}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{79796AC0-36AF-4D63-B4C7-34591EAB6758}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7B58B284-2361-4125-84D5-3962C8DF0177}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |
"{7C71456A-9975-4B67-A075-53B102DA9B68}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{85D27735-B2AE-4DAF-B7F1-0B0D564E5F27}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{955B0CFA-A073-4E11-A4F8-87C9A6253CDB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{973A77B7-09EF-4C29-A386-E568A24260CA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{9812FC24-D7F9-401D-9E3D-C93C86C32750}" = protocol=1 | dir=in |
[email protected],-28543 |
"{9EF6DA97-2890-4AB3-A7EC-24A19B16C70C}" = protocol=58 | dir=out |
[email protected],-28546 |
"{A47F738B-524E-4ECE-8F8E-95D7D30D8435}" = protocol=58 | dir=in |
[email protected],-28545 |
"{AAD4B5C3-2C35-4557-824A-4C08DA7504F6}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\cinemanow\cinemanow.exe |
"{B75B3921-1B92-4565-A18D-F6AFEC3E1A91}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\cinemanow\cinemanow.exe |
"{BA2F6559-4C0C-4ED5-8EE4-8F4A9BD320B9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BE1E6583-6F8A-4DD9-BBA0-227CA97212F6}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D3A4C10E-442D-4E82-8C88-36A7BEC37954}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D8B80CED-D499-4C32-B232-591D20D25F3E}" = protocol=17 | dir=in | app=c:\program files (x86)\cinemanow\cinemanow media manager\cinemanowshell.exe |
"{E1329109-0245-420B-ACE7-81189A2543B1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E90DA969-2745-48FE-93BC-63339004E244}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{ECF7B7B7-B3F4-452E-94E6-97DC893365FD}" = protocol=6 | dir=out | app=system |
"{F30B9536-37CB-429D-9764-42C59452666D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{1A2E429C-8AEF-459D-BC7B-F90784F21830}C:\users\owner\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\owner\appdata\roaming\spotify\spotify.exe |
"TCP Query User{29023D16-C164-4473-99E6-965BC65759BF}C:\users\owner\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\owner\appdata\roaming\spotify\spotify.exe |
"TCP Query User{421DA5C1-B968-4118-A37F-2C030AD83B1A}G:\techwizard.exe" = protocol=6 | dir=in | app=g:\techwizard.exe |
"UDP Query User{170404E1-1212-4179-940E-B3849EC43C80}C:\users\owner\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\owner\appdata\roaming\spotify\spotify.exe |
"UDP Query User{2232554C-43FC-4C5A-A018-161CCE4F1D03}C:\users\owner\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\owner\appdata\roaming\spotify\spotify.exe |
"UDP Query User{D9BFD5F8-73CD-4B8D-B695-05821DB470D1}G:\techwizard.exe" = protocol=17 | dir=in | app=g:\techwizard.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{091A0130-A82F-4A6D-9C61-3BBBB3289030}" = RtVOsd
"{11953C65-BB4E-4CA4-B0F0-2600A4B20040}" = Picture Control Utility x64
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86416017FF}" = Java 6 Update 17 (64-bit)
"{477EE3A9-4B53-0F22-DB40-277ED46E9E72}" = ccc-utility64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{635BE602-BB9C-4C59-8CC5-93F9366E8A21}" = ViewNX 2
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{C3F0426C-175D-39B7-7A14-D6B21952DE5E}" = ATI Catalyst Install Manager
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{EC720706-3F19-4B7F-BDDD-E31D9B3921D2}" = HP Wireless Assistant
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = MSN Toolbar
"{0AD3D4FC-0B19-B2F2-376A-E6BF36BA342B}" = ccc-core-static
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0BCA9EFD-F2D6-4638-B053-8693BA0404BE}" = Citrix online plug-in (Web)
"{120262A6-7A4B-4889-AE85-F5E5688D3683}" = Roxio CinemaNow 2.0
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1E27900B-E594-DCA9-10DB-C87A8318991C}" = CCC Help French
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216037FF}" = Java 6 Update 37
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{31F4E558-F8A8-170E-BD85-BAD4EE739991}" = CCC Help Hungarian
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7
"{3A8FE746-19BA-4168-8D01-D45897C7310E}" = VZAccess Manager
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5124C3E2-5BE8-3FFA-F958-CF0C99961566}" = CCC Help Swedish
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{53839C74-42E0-72E8-0369-C9713A319A26}" = Catalyst Control Center InstallProxy
"{54F17069-7E87-A85A-9078-6F5B06AF21A3}" = CCC Help German
"{55392E52-1AAD-44C4-BE49-258FFE72434F}" = Citrix online plug-in (USB)
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}" = Nikon Movie Editor
"{6048D442-6C92-D73C-D248-02C1D4038C3E}" = CCC Help Finnish
"{608A6E25-720C-8171-F887-F7664A23CA0C}" = CCC Help Norwegian
"{60FA1132-0486-41F9-B747-6D308C284D1C}" = Catalyst Control Center - Branding
"{60FAD0EE-2F87-FAEB-FE05-0CDCF8179884}" = CCC Help Thai
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6AFDE3BE-BC01-45A4-9D06-BBF5AD207313}" = LightScribe System Software
"{6C122441-1861-4CD7-B1C5-A163A6984E12}" = CinemaNow Media Manager
"{6CAABDBA-F58D-565C-D36E-6D573B1B8E44}" = Catalyst Control Center Graphics Light
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.1.1
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7908E6E5-4BBC-756D-A235-2CFCC142685D}" = CCC Help English
"{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"{812424AC-A8B5-44E6-8D48-07E939D1AD9A}" = Citrix online plug-in (HDX)
"{834265C4-CDF4-44D3-BD24-31531617EFB8}" = IHA_MessageCenter
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{854DDB9E-D488-065B-9FEF-18C159E451AF}" = Catalyst Control Center Graphics Previews Vista
"{85BCA864-BDC8-9299-C6AC-C032301D018C}" = Catalyst Control Center Graphics Full New
"{87553C1A-35F4-142A-AC88-86B663F7F136}" = CCC Help Czech
"{88146D95-5AEC-96BD-3107-A59328CE35BF}" = CCC Help Chinese Traditional
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B287B75-DF8D-40C8-9620-8E4492C38EF1}" = Webroot Software
"{8B8797ED-6E75-FEBA-7210-90A2462B5DA7}" = CCC Help Japanese
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{9008D736-35CA-40DB-A2BE-5F32D954E5AA}" = HP MediaSmart CinemaNow 2.0
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0116-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90C2329F-2EE2-5035-21B8-14F2F240D976}" = CCC Help Turkish
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{97174E88-52F9-445A-A28E-704A45332D19}" = HP Software Framework
"{987B04C4-B5AC-4AD6-A7E9-8D681085B850}" = AMD USB Filter Driver
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4317FB-5775-4FB3-BDC9-995595106F1F}" = HP User Guides 0178
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC2BA148-EE9C-4F1A-AFCE-F38C2C71D29B}" = Mobile Broadband Generic Drivers
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.5.2 MUI
"{B014EE44-9197-4513-9613-71E6EB1B514E}" = Nikon Message Center 2
"{B75E2857-9A0D-EE0D-B332-A05FBECDDB83}" = Catalyst Control Center Graphics Previews Common
"{BA45BD32-4DF8-4BE8-8558-83A0280CEE8E}" = Vz In Home Agent
"{BA8D33B9-40B5-BC33-1F48-C2ADC90ABA95}" = CCC Help Italian
"{BD50BAF8-8DBD-C054-ACAA-EB7300A09B5F}" = CCC Help Korean
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C3CBA627-2962-C9B2-6698-C89658757EB9}" = Catalyst Control Center Localization All
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CE8F47D8-1C4D-48F3-F9F3-3D5DFCC75C24}" = Catalyst Control Center Core Implementation
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF4EFF53-CA7D-9479-3E18-AB6253497A95}" = CCC Help Russian
"{CF53CF7C-D996-43EB-9904-DBED57C25625}" = Citrix online plug-in (DV)
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D19E881A-4A1E-A947-717F-B8DA93AE2EDA}" = CCC Help Chinese Standard
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D89D0D05-670D-D6C5-71DA-7C52F754F75F}" = CCC Help Dutch
"{D8DFA46A-39F7-4368-810D-18AFCFDDAEAF}" = Adobe Shockwave Player
"{DABFD34E-BE68-4BC6-9254-5D7A7FF76B99}" = ArcSoft Panorama Maker 6
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2831862-F131-4327-B9CC-FA30F587EB6C}" = HP Setup
"{E3148F44-518B-3232-58CA-77DB808E255F}" = Catalyst Control Center Graphics Full Existing
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{EB58480C-0721-483C-B354-9D35A147999F}" = HP Quick Launch
"{EC67E77D-7873-A1B1-17E1-263E10748EEF}" = CCC Help Danish
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE202411-2C26-49E8-9784-1BC1DBF7DE96}" = HP Support Assistant
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F220D637-1086-83C2-EA21-25AF1FE47BEC}" = CCC Help Polish
"{F362902D-BC94-4187-8960-3B51F55B2EB0}" = Verizon Wireless USB760 Firmware Updates
"{F4693A78-2E6C-2A26-B833-E13A4A5DACB4}" = CCC Help Greek
"{F6B6A150-08FA-46D5-808A-EB638269551D}" = HP Power Plan Utility
"{FD122F1F-A640-082D-F4CB-F01259A956B6}" = CCC Help Portuguese
"{FDE722A1-1AEF-0641-D5D1-BA4C464BAB4C}" = CCC Help Spanish
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"CitrixOnlinePluginPackWeb" = Citrix online plug-in - web
"Google Chrome" = Google Chrome
"HP Photo Creations" = HP Photo Creations
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"McAfee Security Scan" = McAfee Security Scan Plus
"Mobile Broadband Generic Drivers" = Mobile Broadband Generic Drivers
"My HP Game Console" = HP Game Console
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"ShopAtHome.com Helper" = ShopAtHome.com Helper
"ShopAtHome.com Toolbar" = ShopAtHome.com Toolbar
"Webroot Software" = Webroot Software
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"WT082122" = Blackhawk Striker 2
"WT082124" = Blasterball 3
"WT082133" = Dora's Carnival Adventure
"WT082141" = FATE
"WT082168" = Penguins!
"WT082170" = Plants vs. Zombies
"WT082171" = Poker Superstars III
"WT082172" = Polar Bowler
"WT082173" = Polar Golfer
"WT082188" = Virtual Families
"WT082189" = Wheel of Fortune 2
"WT082192" = Bejeweled 2 Deluxe
"WT082200" = Chuzzle Deluxe
"WT082241" = Virtual Villagers - The Secret City
"WT082396" = Diner Dash 2 Restaurant Rescue
"WT082438" = Build-a-lot 2
"WT082442" = Faerie Solitaire
"WT082443" = Jewel Quest 3
"WT082456" = Mystery P.I. - The New York Fortune
"WT082463" = Zuma's Revenge
"WT082468" = Jewel Quest Solitaire 2
"WT083477" = Cake Mania
"WT083484" = Escape Rosecliff Island
"WT083491" = TextTwist 2
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Mail" = Yahoo! Internet Mail
"Yahoo! Mail Advisor" = Yahoo! Mail Advisor
"Yahoo! Software Update" = Yahoo! Software Update
"YInstHelper" = Yahoo! Install Manager
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-2434352869-186315765-158770976-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Spotify" = Spotify
========== Last 20 Event Log Errors ========== [ Application Events ]
Error - 12/6/2012 6:49:24 PM | Computer Name = Owner-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 9.0.8112.16455 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: ce4 Start
Time: 01cdd403b8734636 Termination Time: 16 Application Path: C:\Program Files\Internet
Explorer\iexplore.exe Report Id:
Error - 12/6/2012 6:50:16 PM | Computer Name = Owner-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 9.0.8112.16455 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 12c0 Start
Time: 01cdd403dca3b1d9 Termination Time: 63 Application Path: C:\Program Files\Internet
Explorer\iexplore.exe Report Id:
Error - 12/9/2012 5:19:48 PM | Computer Name = Owner-PC | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16455,
time stamp: 0x5072b744 Faulting module name: ntdll.dll, version: 6.1.7601.17725,
time stamp: 0x4ec4aa8e Exception code: 0xc00000fd Fault offset: 0x000000000005327f
Faulting
process id: 0x1620 Faulting application start time: 0x01cdd628872fc79d Faulting application
path: C:\Program Files\Internet Explorer\iexplore.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report
Id: 28bec3fc-4246-11e2-9682-643150602381
Error - 12/9/2012 8:35:44 PM | Computer Name = Owner-PC | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16455,
time stamp: 0x507284ba Faulting module name: jscript9.dll, version: 9.0.8112.16455,
time stamp: 0x50728711 Exception code: 0xc0000005 Fault offset: 0x000b90f1 Faulting
process id: 0xefc Faulting application start time: 0x01cdd65ddb63089c Faulting application
path: C:\Program Files (x86)\Internet Explorer\iexplore.exe Faulting module path:
C:\Windows\SysWOW64\jscript9.dll Report Id: 87ace215-4261-11e2-9682-643150602381
Error - 12/12/2012 10:48:35 AM | Computer Name = Owner-PC | Source = Microsoft-Windows-RestartManager | ID = 10007
Description = Application or service 'HPWMISVC' could not be restarted.
Error - 12/12/2012 2:23:43 PM | Computer Name = Owner-PC | Source = Application Hang | ID = 1002
Description = The program wfcrun32.exe version 11.2.0.31560 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 9d8 Start
Time: 01cdd87a461f22c7 Termination Time: 16 Application Path: C:\Program Files (x86)\Citrix\ICA
Client\wfcrun32.exe Report Id: 05dc1bdb-4489-11e2-9682-643150602381
Error - 12/17/2012 8:17:22 PM | Computer Name = Owner-PC | Source = Application Error | ID = 1000
Description = Faulting application name: McUICnt.exe, version: 2.15.101.0, time
stamp: 0x4a53eca6 Faulting module name: ieframe.dll, version: 9.0.8112.16457, time
stamp: 0x50a2fe39 Exception code: 0xc0000005 Fault offset: 0x000fccc8 Faulting process
id: 0x514 Faulting application start time: 0x01cddcb3fedda65f Faulting application
path: C:\Program Files (x86)\McAfee Security Scan\2.1.121\McUICnt.exe Faulting module
path: C:\Windows\SysWOW64\ieframe.dll Report Id: 4a72ce03-48a8-11e2-9643-643150602381
Error - 12/18/2012 6:35:24 PM | Computer Name = Owner-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 9.0.8112.16457 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1640 Start
Time: 01cddcb510d1b9b9 Termination Time: 109 Application Path: C:\Program Files\Internet
Explorer\iexplore.exe Report Id: 2f3006a5-4963-11e2-9643-643150602381
Error - 1/1/2013 9:53:55 PM | Computer Name = Owner-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 9.0.8112.16457 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: e70 Start
Time: 01cde88bcd42ff06 Termination Time: 16 Application Path: C:\Program Files\Internet
Explorer\iexplore.exe Report Id:
Error - 1/1/2013 11:16:14 PM | Computer Name = Owner-PC | Source = Application Error | ID = 1000
Description = Faulting application name: McUICnt.exe, version: 2.15.101.0, time
stamp: 0x4a53eca6 Faulting module name: ieframe.dll, version: 9.0.8112.16457, time
stamp: 0x50a2fe39 Exception code: 0xc0000005 Fault offset: 0x000fccc8 Faulting process
id: 0x10a0 Faulting application start time: 0x01cde88cfb1de94d Faulting application
path: C:\Program Files (x86)\McAfee Security Scan\2.1.121\McUICnt.exe Faulting module
path: C:\Windows\SysWOW64\ieframe.dll Report Id: c3732b8d-548a-11e2-9ad9-643150602381
[ Hewlett-Packard Events ]
Error - 10/9/2012 9:14:07 PM | Computer Name = Owner-PC | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 3834 Ram Utilization: 40 TargetSite: Void UpdateAndDetect()
Error - 10/17/2012 8:38:22 PM | Computer Name = Owner-PC | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 3834 Ram Utilization: 50 TargetSite: Void UpdateAndDetect()
Error - 10/23/2012 9:30:30 PM | Computer Name = Owner-PC | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 3834 Ram Utilization: 50 TargetSite: Void UpdateAndDetect()
Error - 10/30/2012 9:10:38 PM | Computer Name = Owner-PC | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 3834 Ram Utilization: 60 TargetSite: Void UpdateAndDetect()
Error - 11/8/2012 9:29:26 PM | Computer Name = Owner-PC | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 3834 Ram Utilization: 50 TargetSite: Void UpdateAndDetect()
Error - 11/13/2012 10:33:11 PM | Computer Name = Owner-PC | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 3834 Ram Utilization: 40 TargetSite: Void UpdateAndDetect()
Error - 11/21/2012 10:33:19 AM | Computer Name = Owner-PC | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 3834 Ram Utilization: TargetSite: Void UpdateAndDetect()
Error - 11/27/2012 10:23:59 PM | Computer Name = Owner-PC | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 3834 Ram Utilization: 50 TargetSite: Void UpdateAndDetect()
Error - 11/28/2012 10:03:59 PM | Computer Name = Owner-PC | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Message:
Object reference not set to an instance of an object. StackTrace: at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Source:
HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US RAM: 3834
Ram
Utilization: 40 TargetSite: HP.SupportFramework.HPSFReporting._Property[] AddNavigationProperties()
Error - 11/29/2012 9:37:42 PM | Computer Name = Owner-PC | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Message:
Object reference not set to an instance of an object. StackTrace: at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Source:
HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US RAM: 3834
Ram
Utilization: 40 TargetSite: HP.SupportFramework.HPSFReporting._Property[] AddNavigationProperties()
[ HP Wireless Assistant Events ]
Error - 2/6/2013 2:29:20 PM | Computer Name = Owner-PC | Source = HP WA Service | ID = 0
Description = System.Exception GetPMCCalibrationData() failed : e_BIOS_INVALID_COMMAND_TYPE
at HP_Common.CaslWrapper.GetPMCCalibrationData(PMCCalibrationData& calibration)
at HPPA_Service.HPPA_Service.ServiceWorkerMethod()
Error - 2/8/2013 12:29:37 PM | Computer Name = Owner-PC | Source = HP WA Service | ID = 0
Description = System.Exception GetPMCCalibrationData() failed : e_BIOS_INVALID_COMMAND_TYPE
at HP_Common.CaslWrapper.GetPMCCalibrationData(PMCCalibrationData& calibration)
at HPPA_Service.HPPA_Service.ServiceWorkerMethod()
Error - 2/8/2013 12:34:35 PM | Computer Name = Owner-PC | Source = HP WA Service | ID = 0
Description = System.Exception GetPMCCalibrationData() failed : e_BIOS_INVALID_COMMAND_TYPE
at HP_Common.CaslWrapper.GetPMCCalibrationData(PMCCalibrationData& calibration)
at HPPA_Service.HPPA_Service.ServiceWorkerMethod()
Error - 2/8/2013 1:04:18 PM | Computer Name = Owner-PC | Source = HP WA Service | ID = 0
Description = System.Exception GetPMCCalibrationData() failed : e_BIOS_INVALID_COMMAND_TYPE
at HP_Common.CaslWrapper.GetPMCCalibrationData(PMCCalibrationData& calibration)
at HPPA_Service.HPPA_Service.ServiceWorkerMethod()
Error - 2/8/2013 1:20:30 PM | Computer Name = Owner-PC | Source = HP WA Service | ID = 0
Description = System.Exception GetPMCCalibrationData() failed : e_BIOS_INVALID_COMMAND_TYPE
at HP_Common.CaslWrapper.GetPMCCalibrationData(PMCCalibrationData& calibration)
at HPPA_Service.HPPA_Service.ServiceWorkerMethod()
Error - 2/8/2013 2:20:27 PM | Computer Name = Owner-PC | Source = HP WA Service | ID = 0
Description = System.Exception GetPMCCalibrationData() failed : e_BIOS_INVALID_COMMAND_TYPE
at HP_Common.CaslWrapper.GetPMCCalibrationData(PMCCalibrationData& calibration)
at HPPA_Service.HPPA_Service.ServiceWorkerMethod()
Error - 2/8/2013 2:26:05 PM | Computer Name = Owner-PC | Source = HP WA Service | ID = 0
Description = System.Exception GetPMCCalibrationData() failed : e_BIOS_INVALID_COMMAND_TYPE
at HP_Common.CaslWrapper.GetPMCCalibrationData(PMCCalibrationData& calibration)
at HPPA_Service.HPPA_Service.ServiceWorkerMethod()
Error - 2/8/2013 2:33:17 PM | Computer Name = Owner-PC | Source = HP WA Service | ID = 0
Description = System.Exception GetPMCCalibrationData() failed : e_BIOS_INVALID_COMMAND_TYPE
at HP_Common.CaslWrapper.GetPMCCalibrationData(PMCCalibrationData& calibration)
at HPPA_Service.HPPA_Service.ServiceWorkerMethod()
Error - 2/8/2013 4:36:23 PM | Computer Name = Owner-PC | Source = HP WA Service | ID = 0
Description = System.Exception GetPMCCalibrationData() failed : e_BIOS_INVALID_COMMAND_TYPE
at HP_Common.CaslWrapper.GetPMCCalibrationData(PMCCalibrationData& calibration)
at HPPA_Service.HPPA_Service.ServiceWorkerMethod()
Error - 2/9/2013 9:10:23 AM | Computer Name = Owner-PC | Source = HP WA Service | ID = 0
Description = System.Exception GetPMCCalibrationData() failed : e_BIOS_INVALID_COMMAND_TYPE
at HP_Common.CaslWrapper.GetPMCCalibrationData(PMCCalibrationData& calibration)
at HPPA_Service.HPPA_Service.ServiceWorkerMethod()
[ System Events ]
Error - 2/9/2013 9:07:10 AM | Computer Name = Owner-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume C:.
Error - 2/9/2013 9:08:40 AM | Computer Name = Owner-PC | Source = DCOM | ID = 10005
Description =
Error - 2/9/2013 9:08:39 AM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Windows
Search service to connect.
Error - 2/9/2013 9:08:39 AM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7000
Description = The Windows Search service failed to start due to the following error:
%%1053
Error - 2/9/2013 9:15:43 AM | Computer Name = Owner-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume C:.
Error - 2/9/2013 9:15:49 AM | Computer Name = Owner-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume C:.
Error - 2/9/2013 9:15:51 AM | Computer Name = Owner-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume C:.
Error - 2/11/2013 9:51:52 AM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7038
Description = The WinHttpAutoProxySvc service was unable to log on as NT AUTHORITY\LocalService
with the currently configured password due to the following error: %%1352 To ensure
that the service is configured properly, use the Services snap-in in Microsoft
Management Console (MMC).
Error - 2/11/2013 9:51:52 AM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7000
Description = The WinHTTP Web Proxy Auto-Discovery Service service failed to start
due to the following error: %%1069
Error - 2/11/2013 9:51:52 AM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7023
Description = The Security Center service terminated with the following error: %%1747
< End of report >
LOG 4
aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-02-11 09:32:44
-----------------------------
09:32:44.113 OS Version: Windows x64 6.1.7601 Service Pack 1
09:32:44.113 Number of processors: 2 586 0x603
09:32:44.113 ComputerName: OWNER-PC UserName: Owner
09:32:45.985 Initialize success
09:33:07.439 AVAST engine download error: 0
09:33:11.293 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000059
09:33:11.293 Disk 0 Vendor: Hitachi_ PB3O Size: 305245MB BusType: 11
09:33:11.324 Disk 0 MBR read successfully
09:33:11.324 Disk 0 MBR scan
09:33:11.324 Disk 0 unknown MBR code
09:33:11.339 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
09:33:11.355 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 290909 MB offset 409600
09:33:11.386 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 14032 MB offset 596191232
09:33:11.402 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 624928768
09:33:11.433 Disk 0 scanning C:\Windows\system32\drivers
09:33:18.952 Service scanning
09:33:40.246 Modules scanning
09:33:40.262 Disk 0 trace - called modules:
09:33:40.293 ntoskrnl.exe CLASSPNP.SYS disk.sys amdxata.sys storport.sys hal.dll amdsata.sys
09:33:40.309 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80042dc060]
09:33:40.324 3 CLASSPNP.SYS[fffff880019b043f] -> nt!IofCallDriver -> [0xfffffa8004265b80]
09:33:40.324 5 amdxata.sys[fffff880011587a8] -> nt!IofCallDriver -> \Device\00000059[0xfffffa8004256060]
09:33:40.340 Scan finished successfully
09:33:53.163 Disk 0 MBR has been saved successfully to "G:\MBR.dat"
09:33:53.179 The log file has been saved successfully to "G:\aswMBR.txt"