When I log into my account I see a black screen with the pointer moveable for about 20-40 second. When I go to the internet random ads will open new tabs. These tabs are mostly blocked by IE itself or my malwarebytes protection. I have ran multiple scans all found nothing except for rogue kill. I reset my computer back to factory settings and everything seemed reset, except this problem.
I would also like to note when I logged onto YouTube my preferences of videos was still there, which if it was a true reformat it shouldn't be aware of my video suggestions. Lastly I have been turning on and off my bluetooth for safety reasons so that part is me. Anyways here is my OTL logs.
OTL logfile created on: 29/04/2014 3:53:57 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\use\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17041)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
3.48 Gb Total Physical Memory | 2.04 Gb Available Physical Memory | 58.61% Memory free
6.95 Gb Paging File | 5.08 Gb Available in Paging File | 73.05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 677.07 Gb Total Space | 645.47 Gb Free Space | 95.33% Space Free | Partition Type: NTFS
Drive D: | 21.27 Gb Total Space | 2.24 Gb Free Space | 10.51% Space Free | Partition Type: NTFS
Drive F: | 98.00 Mb Total Space | 86.45 Mb Free Space | 88.21% Space Free | Partition Type: FAT32
Computer Name: USE-HP | User Name: use | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/04/29 03:45:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\use\Desktop\OTL.exe
PRC - [2014/04/15 23:00:04 | 000,182,352 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
PRC - [2014/04/15 23:00:02 | 000,125,008 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
PRC - [2014/04/03 13:49:12 | 001,809,720 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2014/04/03 13:49:12 | 000,857,912 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
PRC - [2014/04/03 13:49:06 | 006,963,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
PRC - [2014/02/25 15:41:37 | 000,440,400 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2014/02/25 15:41:25 | 000,440,400 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2014/02/25 15:41:24 | 000,689,744 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012/01/19 17:40:32 | 000,158,880 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2011/11/28 19:08:00 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2011/08/19 18:48:44 | 000,379,960 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
PRC - [2010/11/21 00:24:27 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
========== Modules (No Company Name) ==========
MOD - [2014/04/26 06:46:40 | 000,260,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsForm0b574481#\1ab52f8951c2ab97592ec25830dd5165\WindowsFormsIntegration.ni.dll
MOD - [2014/04/26 06:46:04 | 000,806,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\34b53ecafa1d7ccc7ca961d722b5d983\System.ServiceModel.Internals.ni.dll
MOD - [2014/04/26 06:46:00 | 019,693,056 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\24bf0c88c0465485f4b842df043b3f45\System.ServiceModel.ni.dll
MOD - [2014/04/26 06:45:46 | 002,825,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll
MOD - [2014/04/26 06:45:42 | 000,147,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\4c8a153aa66fcd62db6fff269a2ef2b4\System.Numerics.ni.dll
MOD - [2014/04/26 06:45:37 | 002,997,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\1e5e19d119e04b93da3d45153abd60fd\System.IdentityModel.ni.dll
MOD - [2014/04/26 06:45:20 | 002,542,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data.Linq\7e73e63cf4b8efdf41900b9576489e61\System.Data.Linq.ni.dll
MOD - [2014/04/26 06:44:53 | 000,122,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\78652b7fa68ee058bff6a118c657f565\SMDiagnostics.ni.dll
MOD - [2014/04/26 06:44:46 | 000,018,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio49d6fefe#\47e7fc401facd4a5d3f2237f16948f36\PresentationFramework-SystemXml.ni.dll
MOD - [2014/04/26 06:44:46 | 000,016,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio84a7b877#\af02d03484578dbc357d1df8d1b6fd01\PresentationFramework-SystemData.ni.dll
MOD - [2014/04/26 06:42:57 | 007,662,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\bada32953bb6b16a53d653eae23d78dc\System.Xml.ni.dll
MOD - [2014/04/26 06:42:52 | 012,894,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f4f6ee0df2aa4189bf36e6335cb92761\System.Windows.Forms.ni.dll
MOD - [2014/04/26 06:42:52 | 001,889,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\3fe705796c6a41d4889d9001d1c56af8\System.Xaml.ni.dll
MOD - [2014/04/26 06:42:49 | 018,813,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\a4b45c44490c75bc2fb22780e7ef087d\PresentationFramework.ni.dll
MOD - [2014/04/26 06:42:40 | 000,223,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\f4354d6580fbb745c0c8acba382a7b84\System.ServiceProcess.ni.dll
MOD - [2014/04/26 06:42:38 | 001,644,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\5cd2aee5e7c07227c694d89219688ab3\System.Drawing.ni.dll
MOD - [2014/04/26 06:42:35 | 007,409,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\6bbed231aec6fd82547e09474da0b2f9\System.Data.ni.dll
MOD - [2014/04/26 06:42:32 | 011,025,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\a74542efbeb46445949a39026c501132\PresentationCore.ni.dll
MOD - [2014/04/26 06:42:29 | 000,976,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\bbc48ec4245e502ae19b0601d3799c9e\System.Configuration.ni.dll
MOD - [2014/04/26 06:42:28 | 000,470,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\75f8bc4cf08030c4a53b6d5e0ae20046\PresentationFramework.Aero.ni.dll
MOD - [2014/04/26 06:42:25 | 006,990,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\dce99d8de14d8a015313db98c72552ee\System.Core.ni.dll
MOD - [2014/04/26 06:42:22 | 003,950,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\acf97bfe2a931d4a47253b26b7218991\WindowsBase.ni.dll
MOD - [2014/04/26 06:42:18 | 010,060,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\ff26cc03e6d57d8abd13b990332e67c6\System.ni.dll
MOD - [2014/04/26 06:42:12 | 016,953,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll
MOD - [2014/04/15 23:00:02 | 000,138,320 | ---- | M] () -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
MOD - [2014/04/15 22:59:58 | 000,049,744 | ---- | M] () -- C:\Users\use\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
========== Services (SafeList) ==========
SRV:64bit: - [2014/04/26 09:54:44 | 000,127,752 | ---- | M] (SurfRight B.V.) [Auto | Running] -- C:\Program Files\HitmanPro\hmpsched.exe -- (HitmanProScheduler)
SRV:64bit: - [2014/04/26 05:29:05 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/05/27 02:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012/02/10 18:54:58 | 000,235,520 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012/02/10 05:00:36 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2012/01/04 05:37:16 | 000,311,808 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2011/05/13 17:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Stopped] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV - [2014/04/28 20:51:29 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/04/15 23:00:02 | 000,125,008 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe -- (Avira.OE.ServiceHost)
SRV - [2014/04/03 13:49:12 | 001,809,720 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2014/04/03 13:49:12 | 000,857,912 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014/02/25 15:41:37 | 000,440,400 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2014/02/25 15:41:34 | 001,017,424 | ---- | M] (Avira Operations GmbH & Co. KG) [Disabled | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe -- (AntiVirWebService)
SRV - [2014/02/25 15:41:25 | 000,440,400 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013/09/12 01:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012/03/05 13:38:38 | 000,035,200 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Stopped] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2012/01/19 17:40:32 | 000,158,880 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (ZAtheros Bt&Wlan Coex Agent)
SRV - [2012/01/19 17:22:08 | 000,106,144 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2011/09/09 21:10:28 | 000,086,072 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2009/06/10 18:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2014/04/29 03:41:19 | 000,119,512 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2014/04/03 13:51:16 | 000,063,192 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:64bit: - [2014/04/03 13:50:58 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2014/02/25 15:41:28 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2014/02/25 15:41:26 | 000,131,576 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2014/02/25 15:41:25 | 000,108,440 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2013/10/01 23:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/09/24 13:40:56 | 000,043,840 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2012/09/24 13:40:56 | 000,031,040 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2012/08/23 11:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 11:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/06/20 13:42:44 | 003,678,720 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2012/03/03 00:50:56 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/03/03 00:50:56 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/03/01 03:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/10 21:26:24 | 010,825,216 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/02/10 17:54:38 | 000,328,704 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/02/02 05:54:56 | 000,031,872 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdkmpfd.sys -- (amdkmpfd)
DRV:64bit: - [2012/01/19 17:31:32 | 000,550,560 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2012/01/19 17:30:50 | 000,280,992 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2012/01/19 17:30:32 | 000,068,256 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2012/01/19 17:30:02 | 000,167,584 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2012/01/19 17:29:44 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2012/01/19 17:29:32 | 000,030,368 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2012/01/19 17:29:14 | 000,110,752 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2012/01/19 17:29:02 | 000,339,616 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2012/01/14 09:05:54 | 000,056,448 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2012/01/04 05:37:16 | 000,535,552 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2011/12/13 09:52:44 | 000,082,048 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2011/12/13 09:52:44 | 000,042,624 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2011/12/06 08:47:30 | 000,095,248 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011/10/26 16:16:46 | 000,219,776 | ---- | M] (Advanced Micro Devices, INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdxhc.sys -- (amdxhc)
DRV:64bit: - [2011/10/26 16:16:46 | 000,102,528 | ---- | M] (Advanced Micro Devices, INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdhub30.sys -- (amdhub30)
DRV:64bit: - [2011/10/14 08:37:44 | 000,396,848 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/09/21 20:33:50 | 000,258,664 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsP2Stor.sys -- (RSP2STOR)
DRV:64bit: - [2011/08/24 02:57:24 | 000,565,352 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/11/21 00:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/21 00:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/07/28 13:13:50 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010/02/18 13:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009/07/13 22:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 22:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 22:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 18:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 18:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 18:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 17:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 17:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/06/10 17:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 17:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 17:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 17:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 22:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-CA
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 90 E8 09 E8 2C 61 CF 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE11SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
O1 HOSTS File: ([2009/06/10 18:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2 - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [SetDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe (Hewlett-Packard Development Company, L.P.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4:64bit: - HKLM..\RunOnce: [NCPluginUpdater] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe (Hewlett-Packard)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0F9E40B8-4E7C-485C-9E14-8F9F160788EA}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{99494EBB-2085-451B-B8F5-931405E52852}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18:64bit: - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014/04/29 03:47:51 | 000,000,000 | ---D | C] -- C:\Windows\LastGood
[2014/04/29 03:46:13 | 000,000,000 | ---D | C] -- C:\Users\use\AppData\Roaming\Hewlett-Packard
[2014/04/29 03:45:43 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\use\Desktop\OTL.exe
[2014/04/28 21:20:10 | 000,000,000 | ---D | C] -- C:\Users\use\Desktop\New folder
[2014/04/28 21:06:59 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/04/28 21:02:11 | 000,000,000 | ---D | C] -- C:\Users\use\Desktop\RK_Quarantine
[2014/04/28 20:48:04 | 000,000,000 | ---D | C] -- C:\Users\use\AppData\Local\CrashDumps
[2014/04/27 01:01:55 | 000,000,000 | ---D | C] -- C:\Users\use\AppData\Roaming\hpqlog
[2014/04/26 18:53:38 | 000,084,720 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2014/04/26 11:12:33 | 000,000,000 | ---D | C] -- C:\Users\use\AppData\Local\Adobe
[2014/04/26 09:54:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
[2014/04/26 09:54:44 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro
[2014/04/26 09:54:15 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2014/04/26 08:55:22 | 000,000,000 | ---D | C] -- C:\Users\use\AppData\Roaming\Avira
[2014/04/26 08:49:36 | 000,131,576 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2014/04/26 08:49:36 | 000,108,440 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2014/04/26 08:49:36 | 000,028,600 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2014/04/26 08:45:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2014/04/26 08:45:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2014/04/26 08:45:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2014/04/26 08:44:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2014/04/26 07:43:47 | 000,119,512 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/04/26 07:43:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/04/26 07:43:32 | 000,088,280 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/04/26 07:43:32 | 000,063,192 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/04/26 07:43:32 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/04/26 07:43:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/04/26 07:43:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/04/26 07:43:17 | 000,000,000 | ---D | C] -- C:\Users\use\AppData\Local\Programs
[2014/04/26 07:42:41 | 000,000,000 | ---D | C] -- C:\Users\use\AppData\Roaming\Macromedia
[2014/04/26 07:34:20 | 000,000,000 | -HSD | C] -- C:\Users\use\AppData\Local\EmieUserList
[2014/04/26 07:34:20 | 000,000,000 | -HSD | C] -- C:\Users\use\AppData\Local\EmieSiteList
[2014/04/26 07:19:37 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\CompatTel
[2014/04/26 07:04:17 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2014/04/26 07:04:17 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2014/04/26 06:29:57 | 000,000,000 | ---D | C] -- C:\Users\use\AppData\Roaming\Adobe
[2014/04/26 05:55:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2014/04/26 05:55:39 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2014/04/26 04:50:23 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2014/04/26 04:29:04 | 000,000,000 | ---D | C] -- C:\Windows\ehome
[2014/04/26 04:27:19 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2014/04/26 04:20:26 | 000,000,000 | ---D | C] -- C:\Users\use\AppData\Local\AMD
[2014/04/26 04:20:16 | 000,000,000 | ---D | C] -- C:\Users\use\AppData\Local\BMExplorer
[2014/04/26 04:20:16 | 000,000,000 | ---D | C] -- C:\Users\use\Documents\Bluetooth Folder
[2014/04/26 04:20:14 | 000,000,000 | ---D | C] -- C:\Users\use\AppData\Roaming\ATI
[2014/04/26 04:20:14 | 000,000,000 | ---D | C] -- C:\Users\use\AppData\Local\ATI
[2014/04/26 04:20:03 | 000,000,000 | ---D | C] -- C:\Users\use\AppData\Roaming\Synaptics
[2014/04/26 04:20:03 | 000,000,000 | ---D | C] -- C:\Users\use\AppData\Local\Hewlett-Packard
[2014/04/26 04:20:01 | 000,000,000 | ---D | C] -- C:\Users\use\AppData\Roaming\Atheros
[2014/04/26 04:19:51 | 000,000,000 | R--D | C] -- C:\Users\use\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014/04/26 04:19:51 | 000,000,000 | R--D | C] -- C:\Users\use\Searches
[2014/04/26 04:19:51 | 000,000,000 | R--D | C] -- C:\Users\use\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014/04/26 04:19:51 | 000,000,000 | -H-D | C] -- C:\Users\use\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2014/04/26 04:19:43 | 000,000,000 | ---D | C] -- C:\Users\use\AppData\Roaming\Identities
[2014/04/26 04:19:40 | 000,000,000 | R--D | C] -- C:\Users\use\Contacts
[2014/04/26 04:19:31 | 000,000,000 | ---D | C] -- C:\Users\use\AppData\Local\VirtualStore
[2014/04/26 04:18:57 | 000,000,000 | --SD | C] -- C:\Users\use\AppData\Roaming\Microsoft
[2014/04/26 04:18:57 | 000,000,000 | R--D | C] -- C:\Users\use\Videos
[2014/04/26 04:18:57 | 000,000,000 | R--D | C] -- C:\Users\use\Saved Games
[2014/04/26 04:18:57 | 000,000,000 | R--D | C] -- C:\Users\use\Pictures
[2014/04/26 04:18:57 | 000,000,000 | R--D | C] -- C:\Users\use\Music
[2014/04/26 04:18:57 | 000,000,000 | R--D | C] -- C:\Users\use\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/04/26 04:18:57 | 000,000,000 | R--D | C] -- C:\Users\use\Links
[2014/04/26 04:18:57 | 000,000,000 | R--D | C] -- C:\Users\use\Favorites
[2014/04/26 04:18:57 | 000,000,000 | R--D | C] -- C:\Users\use\Downloads
[2014/04/26 04:18:57 | 000,000,000 | R--D | C] -- C:\Users\use\Documents
[2014/04/26 04:18:57 | 000,000,000 | R--D | C] -- C:\Users\use\Desktop
[2014/04/26 04:18:57 | 000,000,000 | R--D | C] -- C:\Users\use\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/04/26 04:18:57 | 000,000,000 | -HSD | C] -- C:\Users\use\AppData\Local\Temporary Internet Files
[2014/04/26 04:18:57 | 000,000,000 | -HSD | C] -- C:\Users\use\Templates
[2014/04/26 04:18:57 | 000,000,000 | -HSD | C] -- C:\Users\use\Start Menu
[2014/04/26 04:18:57 | 000,000,000 | -HSD | C] -- C:\Users\use\SendTo
[2014/04/26 04:18:57 | 000,000,000 | -HSD | C] -- C:\Users\use\Recent
[2014/04/26 04:18:57 | 000,000,000 | -HSD | C] -- C:\Users\use\PrintHood
[2014/04/26 04:18:57 | 000,000,000 | -HSD | C] -- C:\Users\use\NetHood
[2014/04/26 04:18:57 | 000,000,000 | -HSD | C] -- C:\Users\use\Documents\My Videos
[2014/04/26 04:18:57 | 000,000,000 | -HSD | C] -- C:\Users\use\Documents\My Pictures
[2014/04/26 04:18:57 | 000,000,000 | -HSD | C] -- C:\Users\use\Documents\My Music
[2014/04/26 04:18:57 | 000,000,000 | -HSD | C] -- C:\Users\use\My Documents
[2014/04/26 04:18:57 | 000,000,000 | -HSD | C] -- C:\Users\use\Local Settings
[2014/04/26 04:18:57 | 000,000,000 | -HSD | C] -- C:\Users\use\AppData\Local\History
[2014/04/26 04:18:57 | 000,000,000 | -HSD | C] -- C:\Users\use\Cookies
[2014/04/26 04:18:57 | 000,000,000 | -HSD | C] -- C:\Users\use\Application Data
[2014/04/26 04:18:57 | 000,000,000 | -HSD | C] -- C:\Users\use\AppData\Local\Application Data
[2014/04/26 04:18:57 | 000,000,000 | -H-D | C] -- C:\Users\use\AppData
[2014/04/26 04:18:57 | 000,000,000 | ---D | C] -- C:\Users\use\AppData\Local\Temp
[2014/04/26 04:18:57 | 000,000,000 | ---D | C] -- C:\Users\use\AppData\Local\Microsoft
[2014/04/26 04:18:57 | 000,000,000 | ---D | C] -- C:\Users\use\AppData\Roaming\Media Center Programs
[2014/04/26 04:14:23 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2014/04/26 04:14:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Synaptics
[2014/04/26 04:05:45 | 000,000,000 | ---D | C] -- C:\ProgramData\{A8DA1505-E615-42BB-BB77-74D5CC91FE7E}
[2014/04/26 04:05:27 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2014/04/26 04:05:24 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2014/04/26 04:05:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
[2014/04/26 04:04:26 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
[2014/04/26 04:04:20 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\YouCam
[2014/04/26 04:03:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CyberLink
[2014/04/26 04:01:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2014/04/26 04:01:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
[2014/04/26 03:53:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Atheros
[2014/04/26 03:53:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bluetooth Suite
[2014/04/26 03:53:26 | 000,000,000 | ---D | C] -- C:\Windows\Hewlett-Packard
[2014/04/26 03:53:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Hewlett-Packard
[2014/04/26 03:52:42 | 000,442,528 | ---- | C] (Atheros) -- C:\Windows\SysNative\athihvs.dll
[2014/04/26 03:52:42 | 000,063,648 | ---- | C] (Atheros) -- C:\Windows\SysNative\athihvui.dll
[2014/04/26 03:52:42 | 000,000,000 | ---D | C] -- C:\Windows\Options
[2014/04/26 03:52:42 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\nn-NO
[2014/04/26 03:52:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco
[2014/04/26 03:52:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Atheros
[2014/04/26 03:51:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Atheros
[2014/04/26 03:51:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hewlett-Packard
[2014/04/26 03:50:59 | 000,565,352 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2014/04/26 03:50:39 | 004,444,672 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stlang64.dll
[2014/04/26 03:50:39 | 003,308,376 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\EEP64A.dll
[2014/04/26 03:50:39 | 001,819,136 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\IDTNC64.cpl
[2014/04/26 03:50:39 | 001,425,408 | ---- | C] (IDT, Inc.) -- C:\Windows\sttray64.exe
[2014/04/26 03:50:39 | 000,426,328 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\EED64A.dll
[2014/04/26 03:50:39 | 000,136,024 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\EEL64A.dll
[2014/04/26 03:50:39 | 000,118,104 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\EEA64A.dll
[2014/04/26 03:50:36 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SRSLabs
[2014/04/26 03:49:36 | 000,251,904 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\staco64.dll
[2014/04/26 03:49:35 | 001,987,072 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stapo64.dll
[2014/04/26 03:49:35 | 000,654,336 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stapi64.dll
[2014/04/26 03:49:35 | 000,535,552 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\drivers\stwrt64.sys
[2014/04/26 03:49:35 | 000,448,512 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stcplx64.dll
[2014/04/26 03:49:28 | 000,000,000 | ---D | C] -- C:\Program Files\IDT
[2014/04/26 03:49:22 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sda
[2014/04/26 03:49:18 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2014/04/26 03:49:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2014/04/26 03:49:02 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2014/04/26 03:48:34 | 000,000,000 | ---D | C] -- C:\Windows\kdb
[2014/04/26 03:48:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2014/04/26 03:48:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2014/04/26 03:48:31 | 000,000,000 | ---D | C] -- C:\Program Files\AMD
[2014/04/26 03:48:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD
[2014/04/26 03:48:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2014/04/26 03:47:30 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2014/04/26 03:47:29 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2014/04/26 03:47:20 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2014/04/26 03:46:47 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2014/04/26 03:46:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2014/04/26 03:46:36 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2014/04/26 03:40:52 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2014/04/26 03:38:36 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[3 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
[1 C:\Users\use\*.tmp files -> C:\Users\use\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014/04/29 03:56:39 | 001,667,292 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/04/29 03:56:39 | 000,749,556 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2014/04/29 03:56:39 | 000,666,176 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/04/29 03:56:39 | 000,153,256 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2014/04/29 03:56:39 | 000,125,820 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/04/29 03:53:00 | 000,000,324 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForuse.job
[2014/04/29 03:50:05 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/04/29 03:48:12 | 000,031,856 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/04/29 03:48:12 | 000,031,856 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/04/29 03:45:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\use\Desktop\OTL.exe
[2014/04/29 03:41:19 | 000,119,512 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/04/29 03:39:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/04/29 03:39:22 | 2799,984,640 | -HS- | M] () -- C:\hiberfil.sys
[2014/04/28 21:45:25 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2014/04/28 21:29:22 | 001,310,621 | ---- | M] () -- C:\Users\use\Desktop\adwcleaner.exe
[2014/04/28 21:27:29 | 004,527,616 | ---- | M] () -- C:\Users\use\Desktop\RogueKillerX64.exe
[2014/04/26 19:27:25 | 000,012,228 | ---- | M] () -- C:\Users\use\Desktop\protect log.xml
[2014/04/26 18:53:20 | 000,084,720 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2014/04/26 09:54:44 | 000,001,897 | ---- | M] () -- C:\Users\Public\Desktop\HitmanPro.lnk
[2014/04/26 08:45:09 | 000,001,133 | ---- | M] () -- C:\Users\Public\Desktop\Avira.lnk
[2014/04/26 07:43:35 | 000,001,106 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/04/26 07:15:36 | 001,631,880 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/04/26 06:23:42 | 000,275,712 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/04/26 05:52:45 | 000,001,441 | ---- | M] () -- C:\Users\use\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/04/26 05:29:06 | 000,016,284 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2014/04/26 05:29:06 | 000,016,284 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2014/04/26 04:18:34 | 000,108,227 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2014/04/26 04:18:34 | 000,108,227 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2014/04/26 04:06:27 | 000,002,179 | ---- | M] () -- C:\Users\Public\Desktop\HP Support Assistant.lnk
[2014/04/26 04:01:05 | 000,000,593 | ---- | M] () -- C:\Windows\SysNative\ndCPrepLog
[2014/04/26 04:00:10 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2014/04/26 03:56:06 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_btath_hcrp_01009.Wdf
[2014/04/26 03:54:27 | 000,246,804 | ---- | M] () -- C:\Windows\SysNative\drivers\AtherosBt.bin
[2014/04/26 03:54:27 | 000,001,796 | ---- | M] () -- C:\Windows\SysNative\drivers\ramps_0x11020000_40.dfu
[2014/04/26 03:54:27 | 000,001,242 | ---- | M] () -- C:\Windows\SysNative\drivers\ramps_0x01020200_40_0x01.dfu
[2014/04/26 03:54:27 | 000,001,228 | ---- | M] () -- C:\Windows\SysNative\drivers\ramps_0x01020200_40_0x04.dfu
[2014/04/26 03:54:27 | 000,001,214 | ---- | M] () -- C:\Windows\SysNative\drivers\ramps_0x01020200_40_0x03.dfu
[2014/04/26 03:54:27 | 000,001,204 | ---- | M] () -- C:\Windows\SysNative\drivers\ramps_0x01020200_40_0x02.dfu
[2014/04/26 03:54:27 | 000,001,204 | ---- | M] () -- C:\Windows\SysNative\drivers\ramps_0x01020200_40.dfu
[2014/04/26 03:54:27 | 000,001,198 | ---- | M] () -- C:\Windows\SysNative\drivers\ramps_0x01020200_26.dfu
[2014/04/26 03:54:27 | 000,001,192 | ---- | M] () -- C:\Windows\SysNative\drivers\ramps_0x01020200_26_0x01.dfu
[2014/04/26 03:49:11 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2014/04/26 03:46:00 | 000,000,000 | RHS- | M] () -- C:\Windows\SysWow64\drivers\103C_HP_cNB_Pavilion g6 Notebook PC_Y5335KV_0U_Q5CD21816YF_E679412-DB1_4A_I1849_SHP_V57.35_BF.26_T130221_W73-1_L409_M3561_J750_7AMD_8F01_92.70_#140425_N_(B5R69UA#ABL)_XMOBILE_CN10_Z_20791100000205610000620100.MRK
[2014/04/26 03:46:00 | 000,000,000 | RHS- | M] () -- C:\Windows\SysNative\drivers\103C_HP_cNB_Pavilion g6 Notebook PC_Y5335KV_0U_Q5CD21816YF_E679412-DB1_4A_I1849_SHP_V57.35_BF.26_T130221_W73-1_L409_M3561_J750_7AMD_8F01_92.70_#140425_N_(B5R69UA#ABL)_XMOBILE_CN10_Z_20791100000205610000620100.MRK
[2014/04/03 13:51:16 | 000,063,192 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/04/03 13:51:04 | 000,088,280 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/04/03 13:50:58 | 000,025,816 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[3 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
[1 C:\Users\use\*.tmp files -> C:\Users\use\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014/04/29 03:53:00 | 000,000,324 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForuse.job
[2014/04/28 21:45:25 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2014/04/28 21:29:13 | 001,310,621 | ---- | C] () -- C:\Users\use\Desktop\adwcleaner.exe
[2014/04/28 21:27:29 | 004,527,616 | ---- | C] () -- C:\Users\use\Desktop\RogueKillerX64.exe
[2014/04/26 19:50:23 | 000,012,228 | ---- | C] () -- C:\Users\use\Desktop\protect log.xml
[2014/04/26 09:54:44 | 000,001,897 | ---- | C] () -- C:\Users\Public\Desktop\HitmanPro.lnk
[2014/04/26 08:45:09 | 000,001,133 | ---- | C] () -- C:\Users\Public\Desktop\Avira.lnk
[2014/04/26 07:43:35 | 000,001,106 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/04/26 05:57:24 | 001,631,880 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/04/26 05:52:45 | 000,001,441 | ---- | C] () -- C:\Users\use\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/04/26 05:29:06 | 000,016,284 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2014/04/26 05:29:06 | 000,016,284 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2014/04/26 04:55:20 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2014/04/26 04:39:48 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2014/04/26 04:29:55 | 000,048,265 | ---- | C] () -- C:\Windows\HomePremium.xml
[2014/04/26 04:19:52 | 000,001,417 | ---- | C] () -- C:\Users\use\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/04/26 04:18:57 | 000,000,290 | ---- | C] () -- C:\Users\use\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2014/04/26 04:18:57 | 000,000,272 | ---- | C] () -- C:\Users\use\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2014/04/26 04:14:09 | 2799,984,640 | -HS- | C] () -- C:\hiberfil.sys
[2014/04/26 04:06:27 | 000,002,179 | ---- | C] () -- C:\Users\Public\Desktop\HP Support Assistant.lnk
[2014/04/26 04:05:27 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/04/26 04:00:57 | 000,000,593 | ---- | C] () -- C:\Windows\SysNative\ndCPrepLog
[2014/04/26 04:00:10 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2014/04/26 03:56:06 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_btath_hcrp_01009.Wdf
[2014/04/26 03:50:59 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll
[2014/04/26 03:49:11 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2014/04/26 03:46:00 | 000,000,000 | RHS- | C] () -- C:\Windows\SysWow64\drivers\103C_HP_cNB_Pavilion g6 Notebook PC_Y5335KV_0U_Q5CD21816YF_E679412-DB1_4A_I1849_SHP_V57.35_BF.26_T130221_W73-1_L409_M3561_J750_7AMD_8F01_92.70_#140425_N_(B5R69UA#ABL)_XMOBILE_CN10_Z_20791100000205610000620100.MRK
[2014/04/26 03:46:00 | 000,000,000 | RHS- | C] () -- C:\Windows\SysNative\drivers\103C_HP_cNB_Pavilion g6 Notebook PC_Y5335KV_0U_Q5CD21816YF_E679412-DB1_4A_I1849_SHP_V57.35_BF.26_T130221_W73-1_L409_M3561_J750_7AMD_8F01_92.70_#140425_N_(B5R69UA#ABL)_XMOBILE_CN10_Z_20791100000205610000620100.MRK
[2014/04/26 03:42:32 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2014/04/26 03:42:15 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
========== ZeroAccess Check ==========
[2009/07/14 01:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 23:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 22:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 22:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 00:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 22:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2014/04/26 04:20:03 | 000,000,000 | ---D | M] -- C:\Users\use\AppData\Roaming\Synaptics
========== Purity Check ==========
< End of report >
Extras Report:
OTL Extras logfile created on: 29/04/2014 3:53:57 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\use\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17041)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
3.48 Gb Total Physical Memory | 2.04 Gb Available Physical Memory | 58.61% Memory free
6.95 Gb Paging File | 5.08 Gb Available in Paging File | 73.05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 677.07 Gb Total Space | 645.47 Gb Free Space | 95.33% Space Free | Partition Type: NTFS
Drive D: | 21.27 Gb Total Space | 2.24 Gb Free Space | 10.51% Space Free | Partition Type: NTFS
Drive F: | 98.00 Mb Total Space | 86.45 Mb Free Space | 88.21% Space Free | Partition Type: FAT32
Computer Name: USE-HP | User Name: use | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{087BDA91-7C95-414A-94A5-637D53720582}" = lport=139 | protocol=6 | dir=in | app=system |
"{21CD52B0-2333-442F-8F90-3A10A6D4C130}" = rport=138 | protocol=17 | dir=out | app=system |
"{29600021-C4DF-4AD9-BD87-E17EEA1C4E13}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{357A7FFF-BE2B-45C4-AA57-89A5E8B75FC3}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{38111D69-6A9F-4C42-BC3B-998E04127193}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{38E8F758-7BA6-4121-B5C1-6BEFF082B9A3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{422CC196-4C17-411A-88E4-3531F1307583}" = rport=139 | protocol=6 | dir=out | app=system |
"{4B78F1A1-C03D-4034-9D25-BCEFA5C3E36C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{51AF851D-D9EF-431F-81B5-F481D1A64322}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5DC353A5-855B-48E9-8299-41177852B10C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6559303B-CC32-403E-8B75-01FA00EBAB99}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6F83ECF2-75F9-43D9-8F2A-AEFA5731CA60}" = lport=137 | protocol=17 | dir=in | app=system |
"{8CA1AD8C-900A-4557-B812-4F7DF3B9AC64}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{92ACCD5C-15AE-4F82-8DA9-A2FEAD12FD18}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9F050D4D-0876-4870-9196-1A8BD4066EF6}" = rport=10243 | protocol=6 | dir=out | app=system |
"{B4A35097-228A-4A6C-8535-5E7B380B818B}" = lport=10243 | protocol=6 | dir=in | app=system |
"{BD841AF0-B4AA-49B7-9CB6-CAE64DCA6767}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DD9B50F0-BF27-4194-9127-E1F4CF2DC537}" = lport=138 | protocol=17 | dir=in | app=system |
"{EA4958EE-11DB-40AC-98BF-DEE8365642FF}" = rport=445 | protocol=6 | dir=out | app=system |
"{F6E7E790-5655-4774-B20C-6B72B0845169}" = lport=445 | protocol=6 | dir=in | app=system |
"{FD016CD8-DE7F-4D2C-AB02-E31E58B02EA3}" = rport=137 | protocol=17 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02C09635-DD57-45D0-975E-7E5CC9C96F5E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{02F3F4D9-7776-4154-99F9-520553B328FB}" = protocol=1 | dir=out | [email protected],-28544 |
"{1A1C66EA-BD5C-4ED4-8C67-C97C99860551}" = protocol=6 | dir=out | app=system |
"{3702ABC6-3503-4A0A-A0D4-56ABA5CCB553}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{4CFACDB0-A8D1-4257-A879-FAC48A1163A8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{58604239-A1B2-405C-BAD6-A6AE493F58F2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{58A234D7-7933-4D20-A9C8-D61C6D057DC5}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6571895C-CE7F-40A3-A1E3-0C81DF6ABBC5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7CC7634B-6321-4C96-A227-D799D55BA037}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{85629EFA-BC97-4A3E-B0A2-C04FFACD3981}" = protocol=58 | dir=out | [email protected],-28546 |
"{9040601A-D4CA-4594-96BB-092670D07E5E}" = protocol=1 | dir=in | [email protected],-28543 |
"{96007185-8741-45C5-9DA0-5AC9C6E22F95}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A0B1637B-8A97-4CA4-B140-8B8D8ECB2466}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A3C680A6-5448-4A29-AD81-1200FED1B23C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A71F105D-071E-4396-8C9E-1570D7C9962A}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E7AD6F76-1CCA-4BED-A96D-3107139E48CC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E8BB6719-DFB0-4914-BA98-36A28A6B7C6C}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E9C4CB9C-7B6C-46BE-BC93-15E64E2D6658}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{EC56C58C-46C5-4520-B14D-DAEBFF4F7043}" = protocol=58 | dir=in | [email protected],-28545 |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Atheros Bluetooth Suite (64)
"{289D263F-1526-945B-1E0D-7E51196337E4}" = ccc-utility64
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{54CE68A8-4F2D-4328-B1F7-D6C720405F7F}" = HP 3D DriveGuard
"{5A847522-375C-4D05-BD3D-88C450CC047F}" = HP Launch Box
"{5E015E15-F7AD-3379-523F-AD63C0CB9E71}" = AMD Steady Video Plug-In
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036" = Microsoft .NET Framework 4.5.1 (Français)
"{9D1400EC-5703-3983-53B7-AEFB8BFD1CFA}" = AMD Catalyst Install Manager
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{C22759DB-BA8B-30E7-99EE-8B47DB43AE56}" = Microsoft .NET Framework 4.5.1 (FRA)
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{F8E65951-694F-5F50-21C2-391B46B26653}" = AMD Accelerated Video Transcoding
"{F9DF0B5D-554B-45D2-8698-7C467FAF4BCA}" = HP Security Assistant
"{FEDED942-6D32-06D6-CBE4-02A95758B9E5}" = AMD Fuel
"HitmanPro37" = HitmanPro 3.7
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{026573E8-3808-A622-54E7-41B0D01CC689}" = CCC Help Swedish
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0C592E07-485F-B1C0-43C7-214B3782689E}" = CCC Help Czech
"{0CF102B7-1BD1-868D-7ED6-FF6618615113}" = Catalyst Control Center InstallProxy
"{0F0E0099-2C25-482C-A17A-A01988DF52DF}" = Avira
"{11AF9A96-6D83-4C3B-8DCB-16EA2A358E3F}" = HP CoolSense
"{12F9E5E4-4C6A-8C07-03E9-1C4D8606C7CF}" = CCC Help Italian
"{2691AB48-CB65-1326-6B16-C65F2D193498}" = CCC Help Russian
"{31BF9CD1-A904-43B5-A236-53E5E908AD0E}" = Catalyst Control Center - Branding
"{3686BD56-4111-A355-F79B-8351DF00FFD0}" = Catalyst Control Center Graphics Previews Common
"{36F19B06-7C5F-F7F0-4B03-C041F9AD0B81}" = CCC Help Hungarian
"{36F55AE9-7C13-2DFD-2A16-13E9B1B591AD}" = CCC Help Turkish
"{393BD31B-4806-2F8C-BFE3-CD3D832B1A07}" = CCC Help German
"{3E2D6F53-FE1E-9685-3147-FE7D6CD241B3}" = CCC Help Greek
"{43287DB3-9A3D-9113-F9EC-E3E2EA83FAD8}" = CCC Help Chinese Standard
"{43837ADC-5558-9855-2258-C57DFE06473D}" = CCC Help Thai
"{46A14B00-8CA7-66CA-773B-78255D9C09E4}" = CCC Help Finnish
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{53B17A98-5BF0-40BC-AAFF-850A357975AC}" = HP Quick Launch
"{550A8BE3-02DA-9A06-F7F7-782E0B7E16BC}" = CCC Help Danish
"{59343305-C394-8581-67E9-192E52936174}" = CCC Help Korean
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{675D093B-815D-47FD-AB2C-192EC751E8E2}" = HP Software Framework
"{6CFB80D8-0084-2AA0-5B10-CB528127B3D0}" = CCC Help Norwegian
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.2.0
"{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}" = HP Support Assistant
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{768A6276-5822-489C-8A2B-67190F745655}" = ESU for Microsoft Windows 7 SP1
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{97C9CD02-4F58-59DC-53E5-AB9B171CB537}" = CCC Help English
"{98A80C9A-4362-2AEE-B547-6C2E47E8887E}" = CCC Help Polish
"{A287F545-5139-0235-DCE8-D7598B2D312C}" = Catalyst Control Center Localization All
"{B1475566-FA49-179A-86B3-C0C9E7122EA2}" = CCC Help French
"{B409B895-940B-A184-478B-5FB129501060}" = AMD VISION Engine Control Center
"{B99494A5-4B47-3923-9350-316B6A12EAAD}" = CCC Help Japanese
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{D7C45E0E-8963-DFD3-D35F-A4135BDC628E}" = CCC Help Chinese Traditional
"{DA028428-3A16-D9CE-61AB-6422DFC40918}" = CCC Help Spanish
"{DBCD5E64-7379-4648-9444-8A6558DCB614}" = HP Recovery Manager
"{DE6BB53E-E91A-6F17-E518-BC4425AA9039}" = CCC Help Dutch
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E9ED3FC6-8813-61B6-97FB-F09F296A224F}" = CCC Help Portuguese
"{ED1BD69A-07E3-418C-91F1-D856582581BF}" = HP On Screen Display
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{f470942e-6237-4c78-ba45-7e9b17a95709}" = Avira
"Adobe Flash Player ActiveX" = Adobe Flash Player 13 ActiveX
"Avira AntiVir Desktop" = Avira Free Antivirus
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.1.1004
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 27/04/2014 6:10:54 PM | Computer Name = use-HP | Source = WinMgmt | ID = 10
Description =
Error - 27/04/2014 6:16:09 PM | Computer Name = use-HP | Source = Application Hang | ID = 1002
Description = The program IEXPLORE.EXE version 11.0.9600.17041 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: ac Start
Time: 01cf62660824c627 Termination Time: 94 Application Path: C:\Program Files (x86)\Internet
Explorer\IEXPLORE.EXE Report Id:
Error - 27/04/2014 11:04:30 PM | Computer Name = use-HP | Source = WinMgmt | ID = 10
Description =
Error - 28/04/2014 7:45:49 PM | Computer Name = use-HP | Source = WinMgmt | ID = 10
Description =
Error - 28/04/2014 7:47:35 PM | Computer Name = use-HP | Source = .NET Runtime | ID = 1026
Description =
Error - 28/04/2014 7:47:59 PM | Computer Name = use-HP | Source = Application Error | ID = 1000
Description = Faulting application name: Avira.OE.Systray.exe, version: 1.1.11.32377,
time stamp: 0x534d6562 Faulting module name: KERNELBASE.dll, version: 6.1.7601.18229,
time stamp: 0x51fb1116 Exception code: 0xe0434352 Fault offset: 0x0000c41f Faulting
process id: 0x900 Faulting application start time: 0x01cf633bf4629bb4 Faulting application
path: C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe Faulting module
path: C:\Windows\syswow64\KERNELBASE.dll Report Id: 86eca2ac-cf2f-11e3-a528-a0b3cc6fa880
Error - 28/04/2014 8:33:52 PM | Computer Name = use-HP | Source = WinMgmt | ID = 10
Description =
Error - 28/04/2014 8:43:16 PM | Computer Name = use-HP | Source = WinMgmt | ID = 10
Description =
Error - 29/04/2014 2:41:09 AM | Computer Name = use-HP | Source = WinMgmt | ID = 10
Description =
Error - 29/04/2014 2:48:34 AM | Computer Name = use-HP | Source = Microsoft-Windows-RestartManager | ID = 10007
Description = Application or service 'HPWMISVC' could not be restarted.
[ Hewlett-Packard Events ]
Error - 26/04/2014 3:07:53 AM | Computer Name = WIN-HQQR8L8NARF | Source = HPSFMsgr.exe | ID = 4000
Description = HP Error ID: -2147221164 at System.RuntimeTypeHandle.CreateInstance(RuntimeType
type, Boolean publicOnly, Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle&
ctor, Boolean& bNeedSecurityCheck) at System.RuntimeType.CreateInstanceSlow(Boolean
publicOnly, Boolean fillCache) at System.RuntimeType.CreateInstanceImpl(Boolean
publicOnly, Boolean skipVisibilityChecks, Boolean fillCache) at System.Activator.CreateInstance(Type
type, Boolean nonPublic) at HPSA_Messenger.MessengerCom.TrayDeskBand.ShowTaskBar()
StackTrace:
at System.RuntimeTypeHandle.CreateInstance(RuntimeType type, Boolean publicOnly,
Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle& ctor, Boolean& bNeedSecurityCheck)
at System.RuntimeType.CreateInstanceSlow(Boolean publicOnly, Boolean fillCache)
at System.RuntimeType.CreateInstanceImpl(Boolean publicOnly, Boolean skipVisibilityChecks,
Boolean fillCache) at System.Activator.CreateInstance(Type type, Boolean nonPublic)
at HPSA_Messenger.MessengerCom.TrayDeskBand.ShowTaskBar() Source: mscorlib Name:
HPSFMsgr.exe Version: 01.00.00.00 Path: C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe Format: en-US RAM: 3560 Ram
Utilization: TargetSite: System.Object CreateInstance(System.RuntimeType, Boolean,
Boolean, Boolean ByRef, System.RuntimeMethodHandle ByRef, Boolean ByRef)
Error - 26/04/2014 3:07:59 AM | Computer Name = WIN-HQQR8L8NARF | Source = HPSFMsgr.exe | ID = 4000
Description = HP Error ID: -2147221164 at System.RuntimeTypeHandle.CreateInstance(RuntimeType
type, Boolean publicOnly, Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle&
ctor, Boolean& bNeedSecurityCheck) at System.RuntimeType.CreateInstanceSlow(Boolean
publicOnly, Boolean fillCache) at System.RuntimeType.CreateInstanceImpl(Boolean
publicOnly, Boolean skipVisibilityChecks, Boolean fillCache) at System.Activator.CreateInstance(Type
type, Boolean nonPublic) at HPSA_Messenger.MessengerCom.TrayDeskBand.ShowTaskBar()
StackTrace:
at System.RuntimeTypeHandle.CreateInstance(RuntimeType type, Boolean publicOnly,
Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle& ctor, Boolean& bNeedSecurityCheck)
at System.RuntimeType.CreateInstanceSlow(Boolean publicOnly, Boolean fillCache)
at System.RuntimeType.CreateInstanceImpl(Boolean publicOnly, Boolean skipVisibilityChecks,
Boolean fillCache) at System.Activator.CreateInstance(Type type, Boolean nonPublic)
at HPSA_Messenger.MessengerCom.TrayDeskBand.ShowTaskBar() Source: mscorlib Name:
HPSFMsgr.exe Version: 01.00.00.00 Path: C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe Format: en-US RAM: 3560 Ram
Utilization: TargetSite: System.Object CreateInstance(System.RuntimeType, Boolean,
Boolean, Boolean ByRef, System.RuntimeMethodHandle ByRef, Boolean ByRef)
[ System Events ]
Error - 26/04/2014 3:20:10 AM | Computer Name = use-HP | Source = Service Control Manager | ID = 7034
Description = The HPWMISVC service terminated unexpectedly. It has done this 1
time(s).
Error - 26/04/2014 4:54:00 AM | Computer Name = use-HP | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x800f0902: Update for Windows 7 for x64-based Systems (KB971033).
Error - 26/04/2014 5:16:51 AM | Computer Name = use-HP | Source = Service Control Manager | ID = 7043
Description = The Windows Modules Installer service did not shut down properly after
receiving a preshutdown control.
Error - 26/04/2014 5:24:24 AM | Computer Name = use-HP | Source = BTHUSB | ID = 327697
Description = The local Bluetooth adapter has failed in an undetermined manner and
will not be used. The driver has been unloaded.
Error - 26/04/2014 5:24:40 AM | Computer Name = use-HP | Source = BTHUSB | ID = 327697
Description = The local Bluetooth adapter has failed in an undetermined manner and
will not be used. The driver has been unloaded.
Error - 26/04/2014 5:27:01 AM | Computer Name = use-HP | Source = Service Control Manager | ID = 7023
Description = The Windows Modules Installer service terminated with the following
error: %%16405
Error - 26/04/2014 5:29:28 AM | Computer Name = use-HP | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x800f0902: Windows Update Aux.
Error - 26/04/2014 5:30:52 AM | Computer Name = use-HP | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80242016: Cumulative Security Update for Internet Explorer 9 for Windows
7 for x64-based Systems (KB2936068).
< End of report >