Jump to content

erbinator79

Members
  • Posts

    6
  • Joined

  • Last visited

Reputation

0 Neutral
  1. 18:44:09.0229 6012 TDSS rootkit removing tool 2.7.31.0 Apr 20 2012 19:49:47 18:44:09.0558 6012 ============================================================ 18:44:09.0558 6012 Current date / time: 2012/04/21 18:44:09.0558 18:44:09.0558 6012 SystemInfo: 18:44:09.0558 6012 18:44:09.0558 6012 OS Version: 6.1.7600 ServicePack: 0.0 18:44:09.0558 6012 Product type: Workstation 18:44:09.0558 6012 ComputerName: USER-HP 18:44:09.0558 6012 UserName: user 18:44:09.0558 6012 Windows directory: C:\Windows 18:44:09.0558 6012 System windows directory: C:\Windows 18:44:09.0558 6012 Running under WOW64 18:44:09.0558 6012 Processor architecture: Intel x64 18:44:09.0558 6012 Number of processors: 2 18:44:09.0558 6012 Page size: 0x1000 18:44:09.0558 6012 Boot type: Normal boot 18:44:09.0558 6012 ============================================================ 18:44:10.0932 6012 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 18:44:10.0932 6012 \Device\Harddisk0\DR0: 18:44:10.0932 6012 MBR partitions: 18:44:10.0932 6012 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800 18:44:10.0932 6012 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x232EA800 18:44:10.0932 6012 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2334E800, BlocksNum 0x20AC000 18:44:10.0932 6012 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x253FA800, BlocksNum 0x33AB0 18:44:10.0963 6012 C: <-> \Device\Harddisk0\DR0\Partition1 18:44:11.0010 6012 D: <-> \Device\Harddisk0\DR0\Partition2 18:44:11.0010 6012 Initialize success 18:44:11.0010 6012 ============================================================ 18:44:26.0693 6912 ============================================================ 18:44:26.0693 6912 Scan started 18:44:26.0693 6912 Mode: Manual; SigCheck; TDLFS; 18:44:26.0693 6912 ============================================================ 18:44:28.0050 6912 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE 18:44:28.0518 6912 !SASCORE - ok 18:44:28.0674 6912 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys 18:44:28.0737 6912 1394ohci - ok 18:44:28.0830 6912 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys 18:44:28.0846 6912 ACPI - ok 18:44:28.0877 6912 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys 18:44:28.0955 6912 AcpiPmi - ok 18:44:29.0127 6912 AdobeActiveFileMonitor8.0 (4451cc2275b04043ec2bcc757af97291) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe 18:44:29.0142 6912 AdobeActiveFileMonitor8.0 - ok 18:44:29.0189 6912 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 18:44:29.0220 6912 adp94xx - ok 18:44:29.0252 6912 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 18:44:29.0298 6912 adpahci - ok 18:44:29.0330 6912 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 18:44:29.0345 6912 adpu320 - ok 18:44:29.0392 6912 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 18:44:29.0439 6912 AeLookupSvc - ok 18:44:29.0720 6912 AERTFilters (d1e343bc00136ce03c4d403194d06a80) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe 18:44:29.0751 6912 AERTFilters - ok 18:44:29.0829 6912 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys 18:44:29.0876 6912 AFD - ok 18:44:30.0063 6912 AffinegyService (23e7cb4641b93ce8591d1057670a4f04) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe 18:44:30.0094 6912 AffinegyService - ok 18:44:30.0141 6912 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys 18:44:30.0156 6912 agp440 - ok 18:44:30.0172 6912 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 18:44:30.0219 6912 ALG - ok 18:44:30.0234 6912 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys 18:44:30.0266 6912 aliide - ok 18:44:30.0344 6912 AMD External Events Utility (4609419a19891c706455c1a747431af9) C:\Windows\system32\atiesrxx.exe 18:44:30.0422 6912 AMD External Events Utility - ok 18:44:30.0468 6912 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys 18:44:30.0500 6912 amdide - ok 18:44:30.0531 6912 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 18:44:30.0578 6912 AmdK8 - ok 18:44:30.0749 6912 amdkmdag (4bffead896affbc80c86f62cd18f17c9) C:\Windows\system32\DRIVERS\atipmdag.sys 18:44:31.0046 6912 amdkmdag - ok 18:44:31.0077 6912 amdkmdap (a7155a832f24cf5b048f6048380636ec) C:\Windows\system32\DRIVERS\atikmpag.sys 18:44:31.0108 6912 amdkmdap - ok 18:44:31.0155 6912 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 18:44:31.0186 6912 AmdPPM - ok 18:44:31.0202 6912 amdsata (53d8d46d51d390abdb54eca623165cb7) C:\Windows\system32\DRIVERS\amdsata.sys 18:44:31.0326 6912 amdsata - ok 18:44:31.0358 6912 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 18:44:31.0404 6912 amdsbs - ok 18:44:31.0436 6912 amdxata (75c51148154e34eb3d7bb84749a758d5) C:\Windows\system32\DRIVERS\amdxata.sys 18:44:31.0451 6912 amdxata - ok 18:44:31.0560 6912 AntiVirSchedulerService (b4837fe56d76b2e9ea90e5365cf6a2be) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe 18:44:31.0592 6912 AntiVirSchedulerService - ok 18:44:31.0623 6912 AntiVirService (df5a3016052755c910a206058b4a1729) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe 18:44:31.0654 6912 AntiVirService - ok 18:44:31.0685 6912 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys 18:44:31.0763 6912 AppID - ok 18:44:31.0794 6912 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 18:44:31.0888 6912 AppIDSvc - ok 18:44:31.0919 6912 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll 18:44:31.0982 6912 Appinfo - ok 18:44:32.0060 6912 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 18:44:32.0091 6912 Apple Mobile Device - ok 18:44:32.0138 6912 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 18:44:32.0169 6912 arc - ok 18:44:32.0200 6912 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 18:44:32.0231 6912 arcsas - ok 18:44:32.0262 6912 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 18:44:32.0356 6912 AsyncMac - ok 18:44:32.0372 6912 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys 18:44:32.0403 6912 atapi - ok 18:44:32.0481 6912 athr (f8633cdd09647a64ee8db550630427ff) C:\Windows\system32\DRIVERS\athrx.sys 18:44:32.0590 6912 athr - ok 18:44:32.0652 6912 AtiHdmiService (2d648572ba9a610952fcafba1e119c2d) C:\Windows\system32\drivers\AtiHdmi.sys 18:44:32.0699 6912 AtiHdmiService - ok 18:44:32.0699 6912 AtiPcie (c07a040d6b5a42dd41ee386cf90974c8) C:\Windows\system32\DRIVERS\AtiPcie.sys 18:44:32.0730 6912 AtiPcie - ok 18:44:32.0777 6912 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll 18:44:32.0964 6912 AudioEndpointBuilder - ok 18:44:32.0980 6912 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll 18:44:33.0089 6912 AudioSrv - ok 18:44:33.0152 6912 avgntflt (b1224e6b086cd6548315b04ab575a23e) C:\Windows\system32\DRIVERS\avgntflt.sys 18:44:33.0183 6912 avgntflt - ok 18:44:33.0214 6912 avipbb (ed45f12cfa62b83765c9c1496758cc87) C:\Windows\system32\DRIVERS\avipbb.sys 18:44:33.0245 6912 avipbb - ok 18:44:33.0308 6912 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll 18:44:33.0401 6912 AxInstSV - ok 18:44:33.0479 6912 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 18:44:33.0510 6912 b06bdrv - ok 18:44:33.0588 6912 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 18:44:33.0635 6912 b57nd60a - ok 18:44:33.0682 6912 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 18:44:33.0729 6912 BDESVC - ok 18:44:33.0807 6912 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 18:44:33.0900 6912 Beep - ok 18:44:33.0963 6912 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll 18:44:34.0088 6912 BFE - ok 18:44:34.0166 6912 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\system32\qmgr.dll 18:44:34.0306 6912 BITS - ok 18:44:34.0337 6912 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 18:44:34.0368 6912 blbdrive - ok 18:44:34.0446 6912 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe 18:44:34.0493 6912 Bonjour Service - ok 18:44:34.0540 6912 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys 18:44:34.0587 6912 bowser - ok 18:44:34.0618 6912 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 18:44:34.0665 6912 BrFiltLo - ok 18:44:34.0696 6912 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 18:44:34.0743 6912 BrFiltUp - ok 18:44:34.0836 6912 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys 18:44:34.0946 6912 BridgeMP - ok 18:44:35.0039 6912 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll 18:44:35.0148 6912 Browser - ok 18:44:35.0180 6912 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 18:44:35.0226 6912 Brserid - ok 18:44:35.0258 6912 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 18:44:35.0304 6912 BrSerWdm - ok 18:44:35.0320 6912 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 18:44:35.0398 6912 BrUsbMdm - ok 18:44:35.0429 6912 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 18:44:35.0476 6912 BrUsbSer - ok 18:44:35.0507 6912 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 18:44:35.0554 6912 BTHMODEM - ok 18:44:35.0601 6912 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll 18:44:35.0710 6912 bthserv - ok 18:44:35.0741 6912 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 18:44:35.0866 6912 cdfs - ok 18:44:35.0897 6912 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys 18:44:35.0928 6912 cdrom - ok 18:44:35.0960 6912 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll 18:44:36.0069 6912 CertPropSvc - ok 18:44:36.0147 6912 CinemaNow Service (533328a3d9a9c286682525842547540c) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe 18:44:36.0178 6912 CinemaNow Service - ok 18:44:36.0209 6912 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 18:44:36.0240 6912 circlass - ok 18:44:36.0272 6912 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 18:44:36.0318 6912 CLFS - ok 18:44:36.0381 6912 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 18:44:36.0412 6912 clr_optimization_v2.0.50727_32 - ok 18:44:36.0459 6912 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 18:44:36.0490 6912 clr_optimization_v2.0.50727_64 - ok 18:44:36.0568 6912 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 18:44:36.0630 6912 clr_optimization_v4.0.30319_32 - ok 18:44:36.0646 6912 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 18:44:36.0677 6912 clr_optimization_v4.0.30319_64 - ok 18:44:36.0693 6912 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 18:44:36.0740 6912 CmBatt - ok 18:44:36.0771 6912 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys 18:44:36.0786 6912 cmdide - ok 18:44:36.0849 6912 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys 18:44:36.0927 6912 CNG - ok 18:44:36.0974 6912 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 18:44:37.0020 6912 Compbatt - ok 18:44:37.0067 6912 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys 18:44:37.0114 6912 CompositeBus - ok 18:44:37.0130 6912 COMSysApp - ok 18:44:37.0192 6912 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 18:44:37.0223 6912 crcdisk - ok 18:44:37.0270 6912 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll 18:44:37.0395 6912 CryptSvc - ok 18:44:37.0535 6912 cvhsvc (61a86809b62769643892bc0812b204aa) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE 18:44:37.0613 6912 cvhsvc - ok 18:44:37.0722 6912 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll 18:44:37.0847 6912 DcomLaunch - ok 18:44:37.0878 6912 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 18:44:38.0003 6912 defragsvc - ok 18:44:38.0050 6912 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys 18:44:38.0128 6912 DfsC - ok 18:44:38.0175 6912 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll 18:44:38.0300 6912 Dhcp - ok 18:44:38.0331 6912 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 18:44:38.0471 6912 discache - ok 18:44:38.0502 6912 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 18:44:38.0549 6912 Disk - ok 18:44:38.0580 6912 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll 18:44:38.0612 6912 Dnscache - ok 18:44:38.0643 6912 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll 18:44:38.0752 6912 dot3svc - ok 18:44:38.0768 6912 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll 18:44:38.0877 6912 DPS - ok 18:44:38.0892 6912 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 18:44:38.0924 6912 drmkaud - ok 18:44:38.0986 6912 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys 18:44:39.0048 6912 DXGKrnl - ok 18:44:39.0080 6912 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 18:44:39.0126 6912 EapHost - ok 18:44:39.0220 6912 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 18:44:39.0376 6912 ebdrv - ok 18:44:39.0423 6912 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe 18:44:39.0470 6912 EFS - ok 18:44:39.0548 6912 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe 18:44:39.0641 6912 ehRecvr - ok 18:44:39.0688 6912 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 18:44:39.0735 6912 ehSched - ok 18:44:39.0813 6912 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 18:44:39.0860 6912 elxstor - ok 18:44:39.0906 6912 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys 18:44:39.0938 6912 ErrDev - ok 18:44:40.0000 6912 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 18:44:40.0140 6912 EventSystem - ok 18:44:40.0172 6912 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 18:44:40.0296 6912 exfat - ok 18:44:40.0328 6912 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 18:44:40.0452 6912 fastfat - ok 18:44:40.0499 6912 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe 18:44:40.0562 6912 Fax - ok 18:44:40.0577 6912 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 18:44:40.0624 6912 fdc - ok 18:44:40.0655 6912 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 18:44:40.0749 6912 fdPHost - ok 18:44:40.0780 6912 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 18:44:40.0874 6912 FDResPub - ok 18:44:40.0905 6912 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 18:44:40.0936 6912 FileInfo - ok 18:44:40.0952 6912 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 18:44:41.0061 6912 Filetrace - ok 18:44:41.0154 6912 FLEXnet Licensing Service (abedfd48ac042c6aaad32452e77217a1) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 18:44:41.0232 6912 FLEXnet Licensing Service - ok 18:44:41.0248 6912 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 18:44:41.0279 6912 flpydisk - ok 18:44:41.0326 6912 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys 18:44:41.0357 6912 FltMgr - ok 18:44:41.0435 6912 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll 18:44:41.0529 6912 FontCache - ok 18:44:41.0607 6912 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 18:44:41.0622 6912 FontCache3.0.0.0 - ok 18:44:41.0638 6912 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 18:44:41.0669 6912 FsDepends - ok 18:44:41.0716 6912 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys 18:44:41.0747 6912 Fs_Rec - ok 18:44:41.0794 6912 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys 18:44:41.0841 6912 fvevol - ok 18:44:41.0872 6912 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 18:44:41.0903 6912 gagp30kx - ok 18:44:42.0012 6912 GameConsoleService (ce16683cfd11fe70bde435dda5ea1fca) C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe 18:44:42.0044 6912 GameConsoleService - ok 18:44:42.0090 6912 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 18:44:42.0106 6912 GEARAspiWDM - ok 18:44:42.0200 6912 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll 18:44:42.0293 6912 gpsvc - ok 18:44:42.0309 6912 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 18:44:42.0356 6912 hcw85cir - ok 18:44:42.0402 6912 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys 18:44:42.0465 6912 HdAudAddService - ok 18:44:42.0496 6912 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys 18:44:42.0558 6912 HDAudBus - ok 18:44:42.0590 6912 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 18:44:42.0636 6912 HidBatt - ok 18:44:42.0652 6912 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 18:44:42.0683 6912 HidBth - ok 18:44:42.0714 6912 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 18:44:42.0761 6912 HidIr - ok 18:44:42.0792 6912 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll 18:44:42.0886 6912 hidserv - ok 18:44:42.0933 6912 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys 18:44:42.0964 6912 HidUsb - ok 18:44:42.0995 6912 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll 18:44:43.0104 6912 hkmsvc - ok 18:44:43.0136 6912 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll 18:44:43.0167 6912 HomeGroupListener - ok 18:44:43.0198 6912 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll 18:44:43.0229 6912 HomeGroupProvider - ok 18:44:43.0354 6912 HP Support Assistant Service (13bb1114451c63bfb41ba7daa4d70a29) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe 18:44:43.0385 6912 HP Support Assistant Service - ok 18:44:43.0494 6912 HP Wireless Assistant Service (3a09322a8aa8b0c79036686a0ebe7b4c) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe 18:44:43.0526 6912 HP Wireless Assistant Service - ok 18:44:43.0588 6912 HPDrvMntSvc.exe (bcc4a8b2e2e902f52e7f2e7d8e125765) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe 18:44:43.0619 6912 HPDrvMntSvc.exe - ok 18:44:43.0744 6912 hpqcxs08 (0a3c6aa4a9fc38c20ba4eac2c3351c05) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll 18:44:43.0775 6912 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning 18:44:43.0775 6912 hpqcxs08 - detected UnsignedFile.Multi.Generic (1) 18:44:43.0791 6912 hpqddsvc (f3f72a2a86c22610bca5439fa789dd52) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll 18:44:43.0822 6912 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning 18:44:43.0822 6912 hpqddsvc - detected UnsignedFile.Multi.Generic (1) 18:44:43.0853 6912 hpqwmiex (ec9739a46f1f83c6e52a7a4697f44a65) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe 18:44:43.0931 6912 hpqwmiex - ok 18:44:44.0009 6912 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys 18:44:44.0056 6912 HpSAMD - ok 18:44:44.0103 6912 HPSLPSVC (7f57926169c1b8aba9274ea7d4b70f18) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL 18:44:44.0181 6912 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning 18:44:44.0181 6912 HPSLPSVC - detected UnsignedFile.Multi.Generic (1) 18:44:44.0243 6912 HPWMISVC (5aa89e152634954e15e9db265c6a8557) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe 18:44:44.0274 6912 HPWMISVC - ok 18:44:44.0306 6912 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys 18:44:44.0446 6912 HTTP - ok 18:44:44.0477 6912 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys 18:44:44.0508 6912 hwpolicy - ok 18:44:44.0540 6912 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys 18:44:44.0571 6912 i8042prt - ok 18:44:44.0618 6912 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys 18:44:44.0680 6912 iaStorV - ok 18:44:44.0789 6912 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 18:44:44.0852 6912 idsvc - ok 18:44:45.0039 6912 igfx (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys 18:44:45.0304 6912 igfx - ok 18:44:45.0335 6912 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 18:44:45.0351 6912 iirsp - ok 18:44:45.0398 6912 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll 18:44:45.0476 6912 IKEEXT - ok 18:44:45.0554 6912 IntcAzAudAddService (b88e24bd77a0ce2cffee2facf1151be0) C:\Windows\system32\drivers\RTKVHD64.sys 18:44:45.0632 6912 IntcAzAudAddService - ok 18:44:45.0663 6912 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys 18:44:45.0678 6912 intelide - ok 18:44:45.0741 6912 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 18:44:45.0772 6912 intelppm - ok 18:44:45.0803 6912 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 18:44:45.0897 6912 IPBusEnum - ok 18:44:45.0912 6912 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys 18:44:46.0022 6912 IpFilterDriver - ok 18:44:46.0053 6912 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll 18:44:46.0178 6912 iphlpsvc - ok 18:44:46.0224 6912 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys 18:44:46.0256 6912 IPMIDRV - ok 18:44:46.0302 6912 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 18:44:46.0396 6912 IPNAT - ok 18:44:46.0505 6912 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe 18:44:46.0583 6912 iPod Service - ok 18:44:46.0614 6912 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 18:44:46.0661 6912 IRENUM - ok 18:44:46.0677 6912 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys 18:44:46.0724 6912 isapnp - ok 18:44:46.0770 6912 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys 18:44:46.0802 6912 iScsiPrt - ok 18:44:46.0833 6912 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 18:44:46.0864 6912 kbdclass - ok 18:44:46.0895 6912 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys 18:44:46.0942 6912 kbdhid - ok 18:44:46.0989 6912 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe 18:44:47.0036 6912 KeyIso - ok 18:44:47.0051 6912 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys 18:44:47.0082 6912 KSecDD - ok 18:44:47.0114 6912 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys 18:44:47.0145 6912 KSecPkg - ok 18:44:47.0160 6912 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 18:44:47.0270 6912 ksthunk - ok 18:44:47.0316 6912 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 18:44:47.0457 6912 KtmRm - ok 18:44:47.0504 6912 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\System32\srvsvc.dll 18:44:47.0566 6912 LanmanServer - ok 18:44:47.0597 6912 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll 18:44:47.0722 6912 LanmanWorkstation - ok 18:44:47.0831 6912 LightScribeService (7550d101bf49fdb1f92666a233ee36c4) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe 18:44:47.0847 6912 LightScribeService ( UnsignedFile.Multi.Generic ) - warning 18:44:47.0847 6912 LightScribeService - detected UnsignedFile.Multi.Generic (1) 18:44:47.0894 6912 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 18:44:48.0003 6912 lltdio - ok 18:44:48.0050 6912 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 18:44:48.0159 6912 lltdsvc - ok 18:44:48.0190 6912 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 18:44:48.0284 6912 lmhosts - ok 18:44:48.0330 6912 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 18:44:48.0362 6912 LSI_FC - ok 18:44:48.0393 6912 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 18:44:48.0424 6912 LSI_SAS - ok 18:44:48.0440 6912 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 18:44:48.0471 6912 LSI_SAS2 - ok 18:44:48.0502 6912 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 18:44:48.0533 6912 LSI_SCSI - ok 18:44:48.0564 6912 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 18:44:48.0658 6912 luafv - ok 18:44:48.0736 6912 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys 18:44:48.0767 6912 MBAMProtector - ok 18:44:48.0892 6912 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 18:44:48.0954 6912 MBAMService - ok 18:44:49.0001 6912 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll 18:44:49.0032 6912 Mcx2Svc - ok 18:44:49.0064 6912 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 18:44:49.0095 6912 megasas - ok 18:44:49.0126 6912 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 18:44:49.0173 6912 MegaSR - ok 18:44:49.0266 6912 Microsoft Office Groove Audit Service (fafe367d032ed82e9332b4c741a20216) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe 18:44:49.0298 6912 Microsoft Office Groove Audit Service - ok 18:44:49.0344 6912 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 18:44:49.0454 6912 MMCSS - ok 18:44:49.0485 6912 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 18:44:49.0594 6912 Modem - ok 18:44:49.0610 6912 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 18:44:49.0656 6912 monitor - ok 18:44:49.0688 6912 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 18:44:49.0719 6912 mouclass - ok 18:44:49.0750 6912 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 18:44:49.0781 6912 mouhid - ok 18:44:49.0828 6912 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys 18:44:49.0859 6912 mountmgr - ok 18:44:49.0890 6912 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys 18:44:49.0922 6912 mpio - ok 18:44:49.0937 6912 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 18:44:50.0046 6912 mpsdrv - ok 18:44:50.0078 6912 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll 18:44:50.0218 6912 MpsSvc - ok 18:44:50.0249 6912 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys 18:44:50.0296 6912 MRxDAV - ok 18:44:50.0343 6912 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys 18:44:50.0390 6912 mrxsmb - ok 18:44:50.0436 6912 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys 18:44:50.0468 6912 mrxsmb10 - ok 18:44:50.0500 6912 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys 18:44:50.0547 6912 mrxsmb20 - ok 18:44:50.0593 6912 msahci (5e939cf91ea4a841dbafe4627e0292bb) C:\Windows\system32\DRIVERS\msahci.sys 18:44:50.0625 6912 msahci - ok 18:44:50.0656 6912 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys 18:44:50.0687 6912 msdsm - ok 18:44:50.0718 6912 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 18:44:50.0749 6912 MSDTC - ok 18:44:50.0781 6912 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 18:44:50.0874 6912 Msfs - ok 18:44:50.0905 6912 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 18:44:51.0015 6912 mshidkmdf - ok 18:44:51.0030 6912 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys 18:44:51.0061 6912 msisadrv - ok 18:44:51.0108 6912 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 18:44:51.0217 6912 MSiSCSI - ok 18:44:51.0233 6912 msiserver - ok 18:44:51.0264 6912 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 18:44:51.0358 6912 MSKSSRV - ok 18:44:51.0373 6912 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 18:44:51.0483 6912 MSPCLOCK - ok 18:44:51.0515 6912 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 18:44:51.0608 6912 MSPQM - ok 18:44:51.0640 6912 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys 18:44:51.0686 6912 MsRPC - ok 18:44:51.0718 6912 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys 18:44:51.0749 6912 mssmbios - ok 18:44:51.0764 6912 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 18:44:51.0874 6912 MSTEE - ok 18:44:51.0920 6912 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 18:44:51.0952 6912 MTConfig - ok 18:44:51.0967 6912 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 18:44:51.0998 6912 Mup - ok 18:44:52.0061 6912 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll 18:44:52.0186 6912 napagent - ok 18:44:52.0248 6912 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 18:44:52.0310 6912 NativeWifiP - ok 18:44:52.0357 6912 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys 18:44:52.0435 6912 NDIS - ok 18:44:52.0466 6912 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 18:44:52.0561 6912 NdisCap - ok 18:44:52.0592 6912 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 18:44:52.0655 6912 NdisTapi - ok 18:44:52.0701 6912 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys 18:44:52.0748 6912 Ndisuio - ok 18:44:52.0795 6912 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys 18:44:52.0842 6912 NdisWan - ok 18:44:52.0873 6912 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys 18:44:52.0935 6912 NDProxy - ok 18:44:52.0967 6912 Net Driver HPZ12 (d5ac41ae382738483faffbd7e373d49a) C:\Windows\system32\HPZinw12.dll 18:44:52.0982 6912 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 18:44:52.0982 6912 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 18:44:53.0029 6912 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 18:44:53.0091 6912 NetBIOS - ok 18:44:53.0123 6912 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys 18:44:53.0201 6912 NetBT - ok 18:44:53.0247 6912 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe 18:44:53.0279 6912 Netlogon - ok 18:44:53.0325 6912 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 18:44:53.0435 6912 Netman - ok 18:44:53.0497 6912 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 18:44:53.0654 6912 netprofm - ok 18:44:53.0794 6912 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 18:44:53.0857 6912 NetTcpPortSharing - ok 18:44:54.0028 6912 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys 18:44:54.0278 6912 netw5v64 - ok 18:44:54.0325 6912 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 18:44:54.0356 6912 nfrd960 - ok 18:44:54.0403 6912 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll 18:44:54.0528 6912 NlaSvc - ok 18:44:54.0730 6912 NOBU (5839a8027d6d324a7cd494051a96628c) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe 18:44:54.0918 6912 NOBU - ok 18:44:54.0949 6912 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 18:44:55.0058 6912 Npfs - ok 18:44:55.0089 6912 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 18:44:55.0183 6912 nsi - ok 18:44:55.0230 6912 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 18:44:55.0354 6912 nsiproxy - ok 18:44:55.0448 6912 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys 18:44:55.0557 6912 Ntfs - ok 18:44:55.0588 6912 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 18:44:55.0713 6912 Null - ok 18:44:55.0760 6912 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys 18:44:55.0791 6912 nvraid - ok 18:44:55.0838 6912 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys 18:44:55.0885 6912 nvstor - ok 18:44:55.0932 6912 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys 18:44:55.0963 6912 nv_agp - ok 18:44:56.0119 6912 odserv (84de1dd996b48b05ace31ad015fa108a) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 18:44:56.0181 6912 odserv - ok 18:44:56.0228 6912 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys 18:44:56.0290 6912 ohci1394 - ok 18:44:56.0353 6912 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 18:44:56.0384 6912 ose - ok 18:44:56.0587 6912 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 18:44:56.0868 6912 osppsvc - ok 18:44:56.0946 6912 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 18:44:56.0992 6912 p2pimsvc - ok 18:44:57.0039 6912 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 18:44:57.0086 6912 p2psvc - ok 18:44:57.0117 6912 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 18:44:57.0164 6912 Parport - ok 18:44:57.0195 6912 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys 18:44:57.0226 6912 partmgr - ok 18:44:57.0258 6912 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 18:44:57.0320 6912 PcaSvc - ok 18:44:57.0351 6912 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys 18:44:57.0382 6912 pci - ok 18:44:57.0414 6912 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys 18:44:57.0445 6912 pciide - ok 18:44:57.0507 6912 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 18:44:57.0538 6912 pcmcia - ok 18:44:57.0570 6912 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 18:44:57.0601 6912 pcw - ok 18:44:57.0632 6912 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 18:44:57.0772 6912 PEAUTH - ok 18:44:57.0835 6912 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 18:44:57.0882 6912 PerfHost - ok 18:44:57.0975 6912 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll 18:44:58.0131 6912 pla - ok 18:44:58.0209 6912 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll 18:44:58.0256 6912 PlugPlay - ok 18:44:58.0303 6912 Pml Driver HPZ12 (37f6046cdc630442d7dc087501ff6fc6) C:\Windows\system32\HPZipm12.dll 18:44:58.0334 6912 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 18:44:58.0334 6912 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 18:44:58.0365 6912 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 18:44:58.0396 6912 PNRPAutoReg - ok 18:44:58.0428 6912 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 18:44:58.0459 6912 PNRPsvc - ok 18:44:58.0506 6912 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll 18:44:58.0616 6912 PolicyAgent - ok 18:44:58.0647 6912 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll 18:44:58.0772 6912 Power - ok 18:44:58.0819 6912 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys 18:44:58.0912 6912 PptpMiniport - ok 18:44:58.0943 6912 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 18:44:58.0990 6912 Processor - ok 18:44:59.0021 6912 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll 18:44:59.0131 6912 ProfSvc - ok 18:44:59.0177 6912 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe 18:44:59.0209 6912 ProtectedStorage - ok 18:44:59.0240 6912 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys 18:44:59.0349 6912 Psched - ok 18:44:59.0396 6912 PxHlpa64 (fbf4db6d53585437e41a113300002a2b) C:\Windows\system32\Drivers\PxHlpa64.sys 18:44:59.0427 6912 PxHlpa64 - ok 18:44:59.0505 6912 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 18:44:59.0614 6912 ql2300 - ok 18:44:59.0645 6912 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 18:44:59.0692 6912 ql40xx - ok 18:44:59.0723 6912 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 18:44:59.0801 6912 QWAVE - ok 18:44:59.0817 6912 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 18:44:59.0864 6912 QWAVEdrv - ok 18:44:59.0895 6912 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 18:45:00.0004 6912 RasAcd - ok 18:45:00.0020 6912 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 18:45:00.0113 6912 RasAgileVpn - ok 18:45:00.0145 6912 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 18:45:00.0254 6912 RasAuto - ok 18:45:00.0285 6912 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys 18:45:00.0394 6912 Rasl2tp - ok 18:45:00.0410 6912 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll 18:45:00.0519 6912 RasMan - ok 18:45:00.0550 6912 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 18:45:00.0644 6912 RasPppoe - ok 18:45:00.0659 6912 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 18:45:00.0769 6912 RasSstp - ok 18:45:00.0815 6912 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys 18:45:00.0909 6912 rdbss - ok 18:45:00.0956 6912 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 18:45:00.0987 6912 rdpbus - ok 18:45:01.0003 6912 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 18:45:01.0112 6912 RDPCDD - ok 18:45:01.0159 6912 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 18:45:01.0252 6912 RDPENCDD - ok 18:45:01.0283 6912 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 18:45:01.0377 6912 RDPREFMP - ok 18:45:01.0424 6912 RDPWD (074ac702d8b8b660b0e1371555995386) C:\Windows\system32\drivers\RDPWD.sys 18:45:01.0455 6912 RDPWD - ok 18:45:01.0471 6912 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys 18:45:01.0517 6912 rdyboost - ok 18:45:01.0549 6912 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 18:45:01.0658 6912 RemoteAccess - ok 18:45:01.0689 6912 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 18:45:01.0798 6912 RemoteRegistry - ok 18:45:01.0829 6912 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 18:45:01.0939 6912 RpcEptMapper - ok 18:45:01.0985 6912 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 18:45:02.0017 6912 RpcLocator - ok 18:45:02.0063 6912 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll 18:45:02.0157 6912 RpcSs - ok 18:45:02.0204 6912 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 18:45:02.0313 6912 rspndr - ok 18:45:02.0391 6912 RSUSBSTOR (22d6b47d004a6568c500680be2972854) C:\Windows\system32\Drivers\RtsUStor.sys 18:45:02.0438 6912 RSUSBSTOR - ok 18:45:02.0500 6912 RTL8167 (4fbda07ef0a3097ce14c5cabf723b278) C:\Windows\system32\DRIVERS\Rt64win7.sys 18:45:02.0547 6912 RTL8167 - ok 18:45:02.0625 6912 RtVOsdService (5fff3e71b4724bb10918fd6dd7413d99) C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe 18:45:02.0641 6912 RtVOsdService ( UnsignedFile.Multi.Generic ) - warning 18:45:02.0641 6912 RtVOsdService - detected UnsignedFile.Multi.Generic (1) 18:45:02.0688 6912 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe 18:45:02.0719 6912 SamSs - ok 18:45:02.0781 6912 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS 18:45:02.0812 6912 SASDIFSV - ok 18:45:02.0859 6912 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS 18:45:02.0890 6912 SASKUTIL - ok 18:45:02.0922 6912 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys 18:45:02.0953 6912 sbp2port - ok 18:45:03.0000 6912 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 18:45:03.0093 6912 SCardSvr - ok 18:45:03.0109 6912 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys 18:45:03.0218 6912 scfilter - ok 18:45:03.0265 6912 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll 18:45:03.0343 6912 Schedule - ok 18:45:03.0390 6912 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll 18:45:03.0483 6912 SCPolicySvc - ok 18:45:03.0514 6912 sdbus (54e47ad086782d3ae9417c155cdceb9b) C:\Windows\system32\DRIVERS\sdbus.sys 18:45:03.0561 6912 sdbus - ok 18:45:03.0577 6912 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll 18:45:03.0624 6912 SDRSVC - ok 18:45:03.0748 6912 SeaPort (3e0cff5f0a9d23e327703d72cea5253f) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 18:45:03.0780 6912 SeaPort - ok 18:45:03.0826 6912 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 18:45:03.0920 6912 secdrv - ok 18:45:03.0967 6912 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll 18:45:04.0107 6912 seclogon - ok 18:45:04.0123 6912 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll 18:45:04.0201 6912 SENS - ok 18:45:04.0232 6912 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 18:45:04.0248 6912 SensrSvc - ok 18:45:04.0279 6912 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 18:45:04.0310 6912 Serenum - ok 18:45:04.0341 6912 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 18:45:04.0357 6912 Serial - ok 18:45:04.0388 6912 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 18:45:04.0435 6912 sermouse - ok 18:45:04.0482 6912 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll 18:45:04.0591 6912 SessionEnv - ok 18:45:04.0622 6912 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys 18:45:04.0653 6912 sffdisk - ok 18:45:04.0684 6912 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys 18:45:04.0731 6912 sffp_mmc - ok 18:45:04.0762 6912 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys 18:45:04.0809 6912 sffp_sd - ok 18:45:04.0856 6912 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 18:45:04.0887 6912 sfloppy - ok 18:45:04.0950 6912 Sftfs (d5183ed285d2795491dc15bddcbee5ad) C:\Windows\system32\DRIVERS\Sftfslh.sys 18:45:05.0012 6912 Sftfs - ok 18:45:05.0106 6912 sftlist (bfdb58616ff5ea540a5f58301d50641e) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe 18:45:05.0152 6912 sftlist - ok 18:45:05.0184 6912 Sftplay (00f118b68c50d2206dd51634f9142b83) C:\Windows\system32\DRIVERS\Sftplaylh.sys 18:45:05.0215 6912 Sftplay - ok 18:45:05.0246 6912 Sftredir (76a827df5640bfe16a0cdbb4108adeca) C:\Windows\system32\DRIVERS\Sftredirlh.sys 18:45:05.0262 6912 Sftredir - ok 18:45:05.0293 6912 Sftvol (1b4c9701645086bab8cafffce30ed284) C:\Windows\system32\DRIVERS\Sftvollh.sys 18:45:05.0308 6912 Sftvol - ok 18:45:05.0340 6912 sftvsa (b94c3c4dca2093243c76ca218ede2a97) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe 18:45:05.0371 6912 sftvsa - ok 18:45:05.0402 6912 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll 18:45:05.0511 6912 SharedAccess - ok 18:45:05.0574 6912 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll 18:45:05.0636 6912 ShellHWDetection - ok 18:45:05.0683 6912 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 18:45:05.0714 6912 SiSRaid2 - ok 18:45:05.0745 6912 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 18:45:05.0776 6912 SiSRaid4 - ok 18:45:05.0823 6912 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 18:45:05.0932 6912 Smb - ok 18:45:05.0979 6912 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 18:45:06.0026 6912 SNMPTRAP - ok 18:45:06.0057 6912 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 18:45:06.0088 6912 spldr - ok 18:45:06.0135 6912 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe 18:45:06.0198 6912 Spooler - ok 18:45:06.0291 6912 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe 18:45:06.0478 6912 sppsvc - ok 18:45:06.0510 6912 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 18:45:06.0603 6912 sppuinotify - ok 18:45:06.0650 6912 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys 18:45:06.0712 6912 srv - ok 18:45:06.0744 6912 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys 18:45:06.0775 6912 srv2 - ok 18:45:06.0822 6912 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS 18:45:06.0853 6912 SrvHsfHDA - ok 18:45:06.0915 6912 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS 18:45:07.0009 6912 SrvHsfV92 - ok 18:45:07.0024 6912 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS 18:45:07.0056 6912 SrvHsfWinac - ok 18:45:07.0087 6912 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys 18:45:07.0118 6912 srvnet - ok 18:45:07.0165 6912 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 18:45:07.0227 6912 SSDPSRV - ok 18:45:07.0258 6912 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 18:45:07.0305 6912 SstpSvc - ok 18:45:07.0336 6912 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 18:45:07.0368 6912 stexstor - ok 18:45:07.0414 6912 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys 18:45:07.0461 6912 StillCam - ok 18:45:07.0508 6912 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll 18:45:07.0570 6912 stisvc - ok 18:45:07.0602 6912 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys 18:45:07.0633 6912 swenum - ok 18:45:07.0664 6912 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 18:45:07.0789 6912 swprv - ok 18:45:07.0851 6912 SynTP (868dfb220a18312a12cef01ba9ac069b) C:\Windows\system32\DRIVERS\SynTP.sys 18:45:07.0898 6912 SynTP - ok 18:45:07.0960 6912 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll 18:45:08.0085 6912 SysMain - ok 18:45:08.0116 6912 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll 18:45:08.0163 6912 TabletInputService - ok 18:45:08.0194 6912 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll 18:45:08.0304 6912 TapiSrv - ok 18:45:08.0335 6912 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 18:45:08.0444 6912 TBS - ok 18:45:08.0538 6912 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys 18:45:08.0662 6912 Tcpip - ok 18:45:08.0740 6912 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys 18:45:08.0850 6912 TCPIP6 - ok 18:45:08.0896 6912 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys 18:45:08.0990 6912 tcpipreg - ok 18:45:09.0021 6912 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 18:45:09.0068 6912 TDPIPE - ok 18:45:09.0099 6912 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys 18:45:09.0130 6912 TDTCP - ok 18:45:09.0162 6912 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys 18:45:09.0271 6912 tdx - ok 18:45:09.0520 6912 TeamViewer6 (c314391535b8bba4238c13d663b07f83) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe 18:45:09.0661 6912 TeamViewer6 - ok 18:45:09.0692 6912 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys 18:45:09.0723 6912 TermDD - ok 18:45:09.0770 6912 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll 18:45:09.0942 6912 TermService - ok 18:45:09.0957 6912 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 18:45:10.0020 6912 Themes - ok 18:45:10.0051 6912 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 18:45:10.0144 6912 THREADORDER - ok 18:45:10.0176 6912 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 18:45:10.0269 6912 TrkWks - ok 18:45:10.0316 6912 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe 18:45:10.0363 6912 TrustedInstaller - ok 18:45:10.0410 6912 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys 18:45:10.0503 6912 tssecsrv - ok 18:45:10.0550 6912 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys 18:45:10.0659 6912 tunnel - ok 18:45:10.0706 6912 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 18:45:10.0737 6912 uagp35 - ok 18:45:10.0769 6912 udfs (c06e6f4679ceb8f430b90a51d76d8d3c) C:\Windows\system32\DRIVERS\udfs.sys 18:45:10.0816 6912 udfs - ok 18:45:10.0847 6912 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 18:45:10.0894 6912 UI0Detect - ok 18:45:10.0941 6912 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys 18:45:10.0972 6912 uliagpkx - ok 18:45:11.0003 6912 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys 18:45:11.0035 6912 umbus - ok 18:45:11.0066 6912 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 18:45:11.0097 6912 UmPass - ok 18:45:11.0128 6912 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 18:45:11.0237 6912 upnphost - ok 18:45:11.0284 6912 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys 18:45:11.0300 6912 USBAAPL64 - ok 18:45:11.0347 6912 usbccgp (537a4e03d7103c12d42dfd8ffdb5bdc9) C:\Windows\system32\DRIVERS\usbccgp.sys 18:45:11.0378 6912 usbccgp - ok 18:45:11.0409 6912 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys 18:45:11.0456 6912 usbcir - ok 18:45:11.0487 6912 usbehci (fbb21ebe49f6d560db37ac25fbc68e66) C:\Windows\system32\DRIVERS\usbehci.sys 18:45:11.0518 6912 usbehci - ok 18:45:11.0565 6912 usbfilter (2c780746dc44a28fe67004dc58173f05) C:\Windows\system32\DRIVERS\usbfilter.sys 18:45:11.0596 6912 usbfilter - ok 18:45:11.0627 6912 usbhub (6b7a8a99c4a459e73c286a6763ea24cc) C:\Windows\system32\DRIVERS\usbhub.sys 18:45:11.0659 6912 usbhub - ok 18:45:11.0674 6912 usbohci (8c88aa7617b4cbc2e4bed61d26b33a27) C:\Windows\system32\DRIVERS\usbohci.sys 18:45:11.0721 6912 usbohci - ok 18:45:11.0752 6912 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 18:45:11.0783 6912 usbprint - ok 18:45:11.0830 6912 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS 18:45:11.0877 6912 USBSTOR - ok 18:45:11.0908 6912 usbuhci (0b5b3b2df3fd1709618acfa50b8392b0) C:\Windows\system32\drivers\usbuhci.sys 18:45:11.0924 6912 usbuhci - ok 18:45:11.0971 6912 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys 18:45:12.0017 6912 usbvideo - ok 18:45:12.0049 6912 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll 18:45:12.0158 6912 UxSms - ok 18:45:12.0189 6912 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe 18:45:12.0236 6912 VaultSvc - ok 18:45:12.0267 6912 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys 18:45:12.0298 6912 vdrvroot - ok 18:45:12.0329 6912 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe 18:45:12.0376 6912 vds - ok 18:45:12.0407 6912 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 18:45:12.0454 6912 vga - ok 18:45:12.0470 6912 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 18:45:12.0579 6912 VgaSave - ok 18:45:12.0626 6912 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys 18:45:12.0657 6912 vhdmp - ok 18:45:12.0688 6912 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys 18:45:12.0704 6912 viaide - ok 18:45:12.0735 6912 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys 18:45:12.0766 6912 volmgr - ok 18:45:12.0797 6912 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys 18:45:12.0844 6912 volmgrx - ok 18:45:12.0875 6912 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys 18:45:12.0907 6912 volsnap - ok 18:45:12.0953 6912 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 18:45:12.0985 6912 vsmraid - ok 18:45:13.0047 6912 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe 18:45:13.0141 6912 VSS - ok 18:45:13.0156 6912 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 18:45:13.0203 6912 vwifibus - ok 18:45:13.0250 6912 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 18:45:13.0312 6912 vwififlt - ok 18:45:13.0359 6912 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll 18:45:13.0484 6912 W32Time - ok 18:45:13.0531 6912 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 18:45:13.0577 6912 WacomPen - ok 18:45:13.0609 6912 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 18:45:13.0702 6912 WANARP - ok 18:45:13.0718 6912 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 18:45:13.0811 6912 Wanarpv6 - ok 18:45:13.0905 6912 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe 18:45:13.0999 6912 WatAdminSvc - ok 18:45:14.0061 6912 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe 18:45:14.0155 6912 wbengine - ok 18:45:14.0170 6912 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll 18:45:14.0217 6912 WbioSrvc - ok 18:45:14.0279 6912 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll 18:45:14.0311 6912 wcncsvc - ok 18:45:14.0342 6912 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll 18:45:14.0373 6912 WcsPlugInService - ok 18:45:14.0420 6912 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 18:45:14.0435 6912 Wd - ok 18:45:14.0482 6912 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 18:45:14.0545 6912 Wdf01000 - ok 18:45:14.0560 6912 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 18:45:14.0623 6912 WdiServiceHost - ok 18:45:14.0623 6912 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 18:45:14.0685 6912 WdiSystemHost - ok 18:45:14.0716 6912 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll 18:45:14.0763 6912 WebClient - ok 18:45:14.0794 6912 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll 18:45:14.0903 6912 Wecsvc - ok 18:45:14.0919 6912 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll 18:45:15.0028 6912 wercplsupport - ok 18:45:15.0059 6912 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll 18:45:15.0153 6912 WerSvc - ok 18:45:15.0200 6912 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 18:45:15.0309 6912 WfpLwf - ok 18:45:15.0340 6912 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 18:45:15.0371 6912 WIMMount - ok 18:45:15.0434 6912 WinDefend - ok 18:45:15.0449 6912 WinHttpAutoProxySvc - ok 18:45:15.0527 6912 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll 18:45:15.0605 6912 Winmgmt - ok 18:45:15.0668 6912 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll 18:45:15.0777 6912 WinRM - ok 18:45:15.0839 6912 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys 18:45:15.0871 6912 WinUsb - ok 18:45:15.0917 6912 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll 18:45:15.0995 6912 Wlansvc - ok 18:45:16.0136 6912 wlidsvc (98f138897ef4246381d197cb81846d62) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 18:45:16.0276 6912 wlidsvc - ok 18:45:16.0307 6912 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys 18:45:16.0339 6912 WmiAcpi - ok 18:45:16.0417 6912 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe 18:45:16.0448 6912 wmiApSrv - ok 18:45:16.0510 6912 WMPNetworkSvc - ok 18:45:16.0541 6912 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll 18:45:16.0588 6912 WPCSvc - ok 18:45:16.0604 6912 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll 18:45:16.0666 6912 WPDBusEnum - ok 18:45:16.0697 6912 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 18:45:16.0807 6912 ws2ifsl - ok 18:45:16.0838 6912 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\system32\wscsvc.dll 18:45:16.0885 6912 wscsvc - ok 18:45:16.0900 6912 WSearch - ok 18:45:17.0009 6912 wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\Windows\system32\wuaueng.dll 18:45:17.0228 6912 wuauserv - ok 18:45:17.0259 6912 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys 18:45:17.0368 6912 WudfPf - ok 18:45:17.0399 6912 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys 18:45:17.0493 6912 WUDFRd - ok 18:45:17.0540 6912 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll 18:45:17.0633 6912 wudfsvc - ok 18:45:17.0649 6912 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll 18:45:17.0680 6912 WwanSvc - ok 18:45:17.0727 6912 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys 18:45:17.0774 6912 yukonw7 - ok 18:45:17.0805 6912 MBR (0x1B8) (ced913df7efc52cae7e848328999b01c) \Device\Harddisk0\DR0 18:45:17.0961 6912 \Device\Harddisk0\DR0 - ok 18:45:18.0008 6912 Boot (0x1200) (1edee061d7ee80abd31a8eccb7743583) \Device\Harddisk0\DR0\Partition0 18:45:18.0008 6912 \Device\Harddisk0\DR0\Partition0 - ok 18:45:18.0023 6912 Boot (0x1200) (eb9e34273bb6a55407c85dcc73eee477) \Device\Harddisk0\DR0\Partition1 18:45:18.0023 6912 \Device\Harddisk0\DR0\Partition1 - ok 18:45:18.0070 6912 Boot (0x1200) (59b5094c0c60ba293101b201023d6972) \Device\Harddisk0\DR0\Partition2 18:45:18.0070 6912 \Device\Harddisk0\DR0\Partition2 - ok 18:45:18.0101 6912 Boot (0x1200) (ee23be9c7e0c8f3d8f1d43d81453506f) \Device\Harddisk0\DR0\Partition3 18:45:18.0101 6912 \Device\Harddisk0\DR0\Partition3 - ok 18:45:18.0117 6912 ============================================================ 18:45:18.0117 6912 Scan finished 18:45:18.0117 6912 ============================================================ 18:45:18.0148 2836 Detected object count: 7 18:45:18.0148 2836 Actual detected object count: 7 18:45:55.0888 2836 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user 18:45:55.0888 2836 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:45:55.0903 2836 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user 18:45:55.0903 2836 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:45:55.0903 2836 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user 18:45:55.0903 2836 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:45:55.0903 2836 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user 18:45:55.0903 2836 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:45:55.0919 2836 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 18:45:55.0919 2836 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:45:55.0919 2836 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 18:45:55.0919 2836 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:45:55.0919 2836 RtVOsdService ( UnsignedFile.Multi.Generic ) - skipped by user 18:45:55.0919 2836 RtVOsdService ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:46:11.0191 6664 Deinitialize success Had 7 threats all being simple unsigned files
  2. RogueKiller V7.3.2 [03/20/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows 7 (6.1.7600 ) 64 bits version Started in : Normal mode User: user [Admin rights] Mode: Scan -- Date: 04/21/2012 18:22:28 ¤¤¤ Bad processes: 0 ¤¤¤ ¤¤¤ Registry Entries: 2 ¤¤¤ [HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver: [NOT LOADED] ¤¤¤ ¤¤¤ Infection : Root.MBR ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: WDC WD32 00BEKT-60PVMT0 SATA Disk Device +++++ --- User --- [MBR] 0e7492e72a364372c37bb2eb61934de6 [bSP] 3afe59d307710d456db841af26ce566e : Windows Vista/7 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 288213 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 590669824 | Size: 16728 Mo 3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 624928768 | Size: 103 Mo User = LL1 ... OK! User != LL2 ... KO! --- LL2 --- [MBR] f7e788a0389d14181e06d13cdac5e34c [bSP] 577b52cf174beaa0200374fc9a415006 : Windows Vista MBR Code Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 69632 Mo 1 - [ACTIVE] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 143015936 | Size: 400 Mo Finished : << RKreport[1].txt >> RKreport[1].txt This is the report I retrieved from RougeKiller
  3. OTL Extras logfile created on: 4/21/2012 5:57:45 PM - Run 1 OTL by OldTimer - Version 3.2.40.0 Folder = C:\Users\user\Desktop 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.75 Gb Total Physical Memory | 1.36 Gb Available Physical Memory | 49.40% Memory free 5.49 Gb Paging File | 3.22 Gb Available in Paging File | 58.75% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 281.46 Gb Total Space | 212.17 Gb Free Space | 75.38% Space Free | Partition Type: NTFS Drive D: | 16.34 Gb Total Space | 2.36 Gb Free Space | 14.43% Space Free | Partition Type: NTFS Computer Name: USER-HP | User Name: user | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 ========== Firewall Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files (x86)\iBryte\playbryte\ibrytedesktop.exe" = C:\Program Files (x86)\iBryte\playbryte\ibrytedesktop.exe:*:Enabled:iBryteDesktop -- (iBryte) "C:\Program Files (x86)\iBryte\playbryte\ibrytedesktop.exe" = C:\Program Files (x86)\iBryte\playbryte\ibrytedesktop.exe:*:Enabled:iBryteDesktop -- (iBryte) ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64 "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{181AC4C7-B83C-4B5F-B566-E19BF2472429}" = HP Photosmart Premium C309g-m All-In-One Driver Software 13.0 Rel .6 "{26A24AE4-039D-4CA4-87B4-2F86416020FF}" = Java 6 Update 20 (64-bit) "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007 "{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 "{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant "{B5FC1E1B-E70D-45F1-8E40-A3C30698B323}" = HP Wireless Assistant "{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support "{C01AE65A-8874-3A33-BE03-23F8516A0350}" = ccc-utility64 "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware "{CF8FFD12-602B-422D-AF1D-511B411E7632}" = iTunes "{ECD0D4B5-FFA9-6E1B-A08D-58E82EA5EEB9}" = ATI Catalyst Install Manager "{F3D7AC17-1FF4-41A8-BB18-3FC39C65AEB9}" = RtVOsd "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit "CCleaner" = CCleaner "HP Imaging Device Functions" = HP Imaging Device Functions 13.0 "HP Print Projects" = HP Print Projects 1.0 "HP Smart Web Printing" = HP Smart Web Printing 4.5 "HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0 "HPExtendedCapabilities" = HP Customer Participation Program 13.0 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Shop for HP Supplies" = Shop for HP Supplies "SynTPDeinstKey" = Synaptics Pointing Device Driver [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0190D9DE-6D57-7727-861E-D4BEA111D86B}" = Catalyst Control Center Core Implementation "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements "{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller "{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar "{0A785656-433A-0575-8C5D-A8EAE05329CA}" = CCC Help Thai "{0AD77FFC-874E-9AAE-6A76-549DFEB17849}" = CCC Help Polish "{0CD58F4F-B339-4B81-FAD4-2BF9E3590F60}" = CCC Help Czech "{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan "{120262A6-7A4B-4889-AE85-F5E5688D3683}" = Roxio CinemaNow 2.0 "{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch "{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer "{17DFE37C-064E-4834-AD8F-A4B2B4DF68F8}" = Adobe Photoshop Elements 8.0 "{1A47631D-8875-7993-476D-130C5D41D101}" = CCC Help Spanish "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool "{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery "{222A544B-E6B7-496F-B4D7-6FE74FF0E616}" = Bing Bar Platform "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java 6 Update 20 "{28749552-9DBD-1D10-A894-6079282C941F}" = CCC Help German "{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com "{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm "{30F4D459-824A-498C-826C-7721B777207F}" = Catalyst Control Center - Branding "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform "{32BA2A6E-6C61-0347-8958-7B2113982A55}" = CCC Help Portuguese "{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7 "{395A57A6-E0E1-C599-3A28-19A96682B4C6}" = Adobe Photoshop.com Inspiration Browser "{3C66EECF-8143-55D4-774A-309A59230A92}" = Catalyst Control Center Graphics Full Existing "{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor "{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg "{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager "{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}" = LightScribe System Software "{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter "{4B156358-CE9C-4E9F-8CAD-79AE86A68C60}" = HP Power Manager "{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module "{54372041-9715-DE87-F84E-B0995D7567C6}" = CCC Help Chinese Traditional "{5D6A4F95-49B5-0FC4-81CF-18176000B235}" = Catalyst Control Center Graphics Full New "{5E25081D-9CB4-4B17-AD2B-8DF2DC335E85}" = HP Documentation "{5E4B86E5-CD0E-4D3D-BE21-45A30326850A}" = Microsoft Search Enhancement Pack "{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2 "{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail "{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module "{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting "{6A905A05-964C-4F03-9A96-D34167807EC0}" = PS_AIO_06_C309g-m_SW_Min "{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply "{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox "{6C122441-1861-4CD7-B1C5-A163A6984E12}" = CinemaNow Media Manager "{6D3650CA-7104-5DF0-E7EC-290CEC529AF8}" = CCC Help Korean "{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.2.0 "{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}" = HP Support Assistant "{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{72D90DB3-A16A-4545-B555-868471101833}" = HP Setup "{76B344A5-F756-0107-3559-1D97F9B316DC}" = CCC Help Norwegian "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{7A27AAF5-1FD6-48B4-95C4-7354A1C35455}" = C309g-m "{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime "{7CA09975-C4BE-469D-E45F-E47E9391106B}" = CCC Help Dutch "{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow "{81ADC365-6BA4-E757-81DA-BC9DC12DD291}" = Catalyst Control Center InstallProxy "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update "{8FA97A48-D942-AE67-D901-7C4136CC9DFD}" = CCC Help Danish "{9008D736-35CA-40DB-A2BE-5F32D954E5AA}" = HP MediaSmart CinemaNow 2.0 "{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007 "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007 "{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007 "{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007 "{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007 "{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English "{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{920E9471-FF68-680F-537C-F21777E53D31}" = CCC Help Turkish "{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010 "{95140000-00AF-0409-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer "{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader "{987B04C4-B5AC-4AD6-A7E9-8D681085B850}" = AMD USB Filter Driver "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9ECF7817-DB11-4FBA-9DF1-296A578D513A}" = Adobe Shockwave Player 11.5 "{9F479685-180E-4C05-9400-D59292A1B29C}" = Windows Live Movie Maker "{A29549FD-65F3-440C-A552-6B8114CF319D}" = Skype Toolbars "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A4E828B6-FE61-E279-A174-F5323931400B}" = CCC Help Finnish "{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9 "{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.3 MUI "{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status "{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync "{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger "{B6BEB695-166D-E268-8AA2-A243F615D0BA}" = CCC Help Japanese "{B95B1BA9-F887-4B3C-8D3A-CCD4C4675120}" = Microsoft Default Manager "{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo "{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations "{C21A705D-D992-204F-8A2A-C31F490F502F}" = CCC Help Greek "{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program "{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects "{CAA10DB8-E20C-9192-38F9-1F5399EA2DB7}" = CCC Help Italian "{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "{CD184A27-1174-E497-189A-0CA5DB56BC97}" = CCC Help Chinese Standard "{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow! "{D3A451EE-219D-F373-5152-8C4760278628}" = Catalyst Control Center Graphics Light "{D5959B62-9515-8DC9-ED0B-1680210AAC3E}" = CCC Help English "{DA9481F2-D8A1-CC1D-4A8E-22854E60C6EB}" = Catalyst Control Center Localization All "{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp "{DE2B9A3D-976F-BE70-7557-52EE82BAB1C6}" = CCC Help French "{E05DB9F9-C8E7-45F2-BE9E-76D4C447CE9B}" = HP Software Framework "{E342D296-DB9D-4FC7-ACB0-39926C0BFA16}" = HP Quick Launch "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime "{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call "{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1 "{E9F950D9-A469-644E-3977-31F2963AEE23}" = CCC Help Swedish "{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support "{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module "{ED6CEC68-1D49-5BCB-57B4-CD128E242356}" = CCC Help Hungarian "{EDE97402-4A1F-2D15-FDB4-5620C57A9BA5}" = Catalyst Control Center Graphics Previews Common "{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery "{F08A7C44-17FC-ED74-831E-5BCA9D5B77AD}" = ccc-core-static "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F1224610-A17E-4E65-560A-D56B963D650D}" = CCC Help Russian "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F7C81FF0-8624-8C6E-D28D-CF68DFE7AE8C}" = Catalyst Control Center Graphics Previews Vista "Adobe AIR" = Adobe AIR "Adobe Photoshop Elements 8.0" = Adobe Photoshop Elements 8.0 "alotToolbar" = ALOT Toolbar "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "Belkin Setup and Router Monitor_is1" = Belkin Setup and Router Monitor "ENTERPRISER" = Microsoft Office Enterprise 2007 "HP Photo Creations" = HP Photo Creations "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow "InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9 "InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow! "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400 "My HP Game Console" = HP Game Console "Office14.Click2Run" = Microsoft Office Click-to-Run 2010 "PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1" = Adobe Photoshop.com Inspiration Browser "TeamViewer 6" = TeamViewer 6 "VLC media player" = VLC media player 2.0.0 "WildTangent hp Master Uninstall" = HP Games "WinLiveSuite_Wave3" = Windows Live Essentials "WT087328" = Blackhawk Striker 2 "WT087335" = Build-a-lot 2 "WT087342" = Dora's Carnival Adventure "WT087360" = Escape Rosecliff Island "WT087361" = FATE "WT087362" = Final Drive Nitro "WT087372" = Heroes of Hellas 2 - Olympia "WT087373" = Jewel Quest 3 "WT087379" = Jewel Quest Solitaire 2 "WT087394" = Penguins! "WT087395" = Poker Superstars III "WT087396" = Polar Bowler "WT087397" = Polar Golfer "WT087414" = Virtual Families "WT087415" = Wheel of Fortune 2 "WT087428" = Bejeweled 2 Deluxe "WT087453" = Chuzzle Deluxe "WT087501" = Plants vs. Zombies "WT087513" = Virtual Villagers - The Secret City "WT087533" = Zuma Deluxe "WT087536" = Diner Dash 2 Restaurant Rescue ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-2129704685-2787280841-99808866-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Game Organizer" = EasyBits GO "Google Chrome" = Google Chrome ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 4/8/2012 5:05:11 AM | Computer Name = user-HP | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 2231 Error - 4/8/2012 5:05:15 AM | Computer Name = user-HP | Source = Bonjour Service | ID = 100 Description = mDNSCoreReceiveResponse: Received from 192.168.1.106:5353 274 user’s\032Library._home-sharing._tcp.local. TXT txtvers=1â¦hQ=1094â¦dmv=131080â¦iTSh Version=196616â¦MID=0xC57441F88C30178Aâ¦PrVs=65538â¦Database ID=20 Error - 4/8/2012 5:05:15 AM | Computer Name = user-HP | Source = Bonjour Service | ID = 100 Description = mDNSCoreReceiveResponse: Resetting to Probing: 21 user’s\032Library._home-sharing._tcp.local. SRV 0 0 3689 user-HP.local. Error - 4/8/2012 5:05:16 AM | Computer Name = user-HP | Source = Bonjour Service | ID = 100 Description = mDNSCoreReceiveResponse: Received from 192.168.1.106:5353 274 user’s\032Library._home-sharing._tcp.local. TXT txtvers=1â¦hQ=1094â¦dmv=131080â¦iTSh Version=196616â¦MID=0xC57441F88C30178Aâ¦PrVs=65538â¦Database ID=20 Error - 4/8/2012 5:05:16 AM | Computer Name = user-HP | Source = Bonjour Service | ID = 100 Description = mDNSCoreReceiveResponse: Resetting to Probing: 21 user’s\032Library._home-sharing._tcp.local. SRV 0 0 3689 user-HP.local. Error - 4/8/2012 5:05:18 AM | Computer Name = user-HP | Source = Bonjour Service | ID = 100 Description = mDNSCoreReceiveResponse: Received from 192.168.1.106:5353 274 user’s\032Library._home-sharing._tcp.local. TXT txtvers=1â¦hQ=1094â¦dmv=131080â¦iTSh Version=196616â¦MID=0xC57441F88C30178Aâ¦PrVs=65538â¦Database ID=20 Error - 4/8/2012 5:05:18 AM | Computer Name = user-HP | Source = Bonjour Service | ID = 100 Description = mDNSCoreReceiveResponse: Resetting to Probing: 21 user’s\032Library._home-sharing._tcp.local. SRV 0 0 3689 user-HP.local. Error - 4/8/2012 5:05:22 AM | Computer Name = user-HP | Source = Bonjour Service | ID = 100 Description = mDNSCoreReceiveResponse: Received from 192.168.1.106:5353 274 user’s\032Library._home-sharing._tcp.local. TXT txtvers=1â¦hQ=1094â¦dmv=131080â¦iTSh Version=196616â¦MID=0xC57441F88C30178Aâ¦PrVs=65538â¦Database ID=20 Error - 4/8/2012 5:05:22 AM | Computer Name = user-HP | Source = Bonjour Service | ID = 100 Description = mDNSCoreReceiveResponse: Resetting to Probing: 21 user’s\032Library._home-sharing._tcp.local. SRV 0 0 3689 user-HP.local. Error - 4/9/2012 1:40:58 PM | Computer Name = user-HP | Source = Bonjour Service | ID = 100 Description = mDNSCoreReceiveResponse: Received from 192.168.1.106:5353 274 user’s\032Library._home-sharing._tcp.local. TXT txtvers=1â¦hQ=1094â¦dmv=131080â¦iTSh Version=196616â¦MID=0xC57441F88C30178Aâ¦PrVs=65538â¦Database ID=20 [ Hewlett-Packard Events ] Error - 2/24/2012 4:43:38 PM | Computer Name = user-HP | Source = Hewlett-Packard | ID = 0 Description = en-US Could not find a part of the path 'C:\ProgramData\Hewlett-Packard\HP Support Framework\Logs\Temp\HPSA\HPSASession_201202241543.xml'. mscorlib at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) at System.IO.StreamWriter.CreateFile(String path, Boolean append) at System.IO.StreamWriter..ctor(String path, Boolean append, Encoding encoding, Int32 bufferSize) at System.IO.StreamWriter..ctor(String path, Boolean append, Encoding encoding) at System.IO.File.WriteAllText(String path, String contents, Encoding encoding) at HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession() Error - 3/9/2012 7:40:44 PM | Computer Name = user-HP | Source = Hewlett-Packard | ID = 0 Description = en-US Could not find a part of the path 'C:\ProgramData\Hewlett-Packard\HP Support Framework\Logs\Temp\HPSA\HPSASession_201203091840.xml'. mscorlib at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) at System.IO.StreamWriter.CreateFile(String path, Boolean append) at System.IO.StreamWriter..ctor(String path, Boolean append, Encoding encoding, Int32 bufferSize) at System.IO.StreamWriter..ctor(String path, Boolean append, Encoding encoding) at System.IO.File.WriteAllText(String path, String contents, Encoding encoding) at HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession() Error - 3/16/2012 4:02:25 PM | Computer Name = user-HP | Source = Hewlett-Packard | ID = 0 Description = en-US Could not find a part of the path 'C:\ProgramData\Hewlett-Packard\HP Support Framework\Logs\Temp\HPSA\HPSASession_201203161602.xml'. mscorlib at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) at System.IO.StreamWriter.CreateFile(String path, Boolean append) at System.IO.StreamWriter..ctor(String path, Boolean append, Encoding encoding, Int32 bufferSize) at System.IO.StreamWriter..ctor(String path, Boolean append, Encoding encoding) at System.IO.File.WriteAllText(String path, String contents, Encoding encoding) at HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession() Error - 4/7/2012 11:01:18 PM | Computer Name = user-HP | Source = HPSF.exe | ID = 2000 Description = HP Error ID: -2147467261 at HP.SupportAssistant.Common.CustomerExperience.HPSASession.addTempSession() Message: Object reference not set to an instance of an object. StackTrace: at HP.SupportAssistant.Common.CustomerExperience.HPSASession.addTempSession() Source: HP.SupportAssistant.Common Name: HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US RAM: 2810 Ram Utilization: 60 TargetSite: Void addTempSession() Error - 4/7/2012 11:01:24 PM | Computer Name = user-HP | Source = HPSF.exe | ID = 2000 Description = HP Error ID: -2147467261HPSF.exe at HP.SupportAssistant.Common.CustomerExperience.HPSASession.addTempSession() Message: Object reference not set to an instance of an object. StackTrace: at HP.SupportAssistant.Common.CustomerExperience.HPSASession.addTempSession() Source: HP.SupportAssistant.Common Name: HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US RAM: 2810 Ram Utilization: 60 TargetSite: Void addTempSession() Error - 4/14/2012 8:51:49 AM | Computer Name = user-HP | Source = HPSF.exe | ID = 2000 Description = HP Error ID: -2147467261 at HP.SupportAssistant.Common.CustomerExperience.HPSASession.addTempSession() Message: Object reference not set to an instance of an object. StackTrace: at HP.SupportAssistant.Common.CustomerExperience.HPSASession.addTempSession() Source: HP.SupportAssistant.Common Name: HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US RAM: 2810 Ram Utilization: 50 TargetSite: Void addTempSession() Error - 4/14/2012 8:51:52 AM | Computer Name = user-HP | Source = HPSF.exe | ID = 2000 Description = HP Error ID: -2147467261HPSF.exe at HP.SupportAssistant.Common.CustomerExperience.HPSASession.addTempSession() Message: Object reference not set to an instance of an object. StackTrace: at HP.SupportAssistant.Common.CustomerExperience.HPSASession.addTempSession() Source: HP.SupportAssistant.Common Name: HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US RAM: 2810 Ram Utilization: 50 TargetSite: Void addTempSession() Error - 4/20/2012 11:00:06 PM | Computer Name = user-HP | Source = HPSF.exe | ID = 4000 Description = Error - 4/20/2012 11:00:06 PM | Computer Name = user-HP | Source = HPSF.exe | ID = 4000 Description = Error - 4/20/2012 11:00:24 PM | Computer Name = user-HP | Source = HPSF.exe | ID = 2000 Description = HP Error ID: -2147467261HPSF.exe at HP.SupportAssistant.Common.CustomerExperience.HPSASession.addTempSession() Message: Object reference not set to an instance of an object. StackTrace: at HP.SupportAssistant.Common.CustomerExperience.HPSASession.addTempSession() Source: HP.SupportAssistant.Common Name: HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US RAM: 2810 Ram Utilization: 40 TargetSite: Void addTempSession() [ HP Wireless Assistant Events ] Error - 2/15/2011 10:41:01 PM | Computer Name = user-HP | Source = HP WA Service | ID = 0 Description = System.Runtime.InteropServices.COMException The RPC server is unavailable. (Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c() Error - 2/15/2011 10:42:08 PM | Computer Name = user-HP | Source = HP WA Service | ID = 0 Description = System.Runtime.InteropServices.COMException The RPC server is unavailable. (Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c() Error - 2/15/2011 10:43:16 PM | Computer Name = user-HP | Source = HP WA Service | ID = 0 Description = System.Runtime.InteropServices.COMException The RPC server is unavailable. (Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c() Error - 2/15/2011 10:44:24 PM | Computer Name = user-HP | Source = HP WA Service | ID = 0 Description = System.Runtime.InteropServices.COMException The RPC server is unavailable. (Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c() Error - 2/15/2011 10:45:31 PM | Computer Name = user-HP | Source = HP WA Service | ID = 0 Description = System.Runtime.InteropServices.COMException The RPC server is unavailable. (Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c() Error - 2/15/2011 10:46:39 PM | Computer Name = user-HP | Source = HP WA Service | ID = 0 Description = System.Runtime.InteropServices.COMException The RPC server is unavailable. (Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c() Error - 2/15/2011 10:47:44 PM | Computer Name = user-HP | Source = HP WA Service | ID = 0 Description = System.Runtime.InteropServices.COMException The RPC server is unavailable. (Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c() Error - 9/27/2011 4:43:38 PM | Computer Name = user-HP | Source = HP WA Service | ID = 0 Description = System.Exception GetDeviceInfo() failed : 597 at HP_Common.CaslWrapper.GetDeviceInfo(List`1& radioList) at HPPA_Service.CurrentConfiguration.ReloadRadioList() Error - 11/4/2011 11:37:50 PM | Computer Name = user-HP | Source = HP WA Service | ID = 0 Description = System.Runtime.InteropServices.COMException Call was canceled by the message filter. (Exception from HRESULT: 0x80010002 (RPC_E_CALL_CANCELED)) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObjectSearcher.Initialize() at System.Management.ManagementObjectSearcher.Get() at HPPA_Service.CurrentConfiguration.FindDevice(String hostPath, String portName) at HPPA_Service.CurrentConfiguration.ApplyDeviceManagerState(List`1 radios) at HPPA_Service.CurrentConfiguration.ReloadRadioList() Error - 12/4/2011 10:12:15 PM | Computer Name = user-HP | Source = HP WA Service | ID = 0 Description = System.Runtime.InteropServices.COMException Call was canceled by the message filter. (Exception from HRESULT: 0x80010002 (RPC_E_CALL_CANCELED)) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObjectSearcher.Initialize() at System.Management.ManagementObjectSearcher.Get() at HPPA_Service.CurrentConfiguration.FindDevice(String hostPath, String portName) at HPPA_Service.CurrentConfiguration.<ApplyFriendlyNames>b__23(RadioHardware radio) at System.Linq.Enumerable.WhereSelectListIterator`2.MoveNext() at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext() at HPPA_Service.CurrentConfiguration.ApplyFriendlyNames() at HPPA_Service.CurrentConfiguration.ReloadRadioList() [ System Events ] Error - 12/7/2011 8:39:16 AM | Computer Name = user-HP | Source = Service Control Manager | ID = 7000 Description = The Diagnostic System Host service failed to start due to the following error: %%1115 Error - 12/7/2011 8:39:16 AM | Computer Name = user-HP | Source = Service Control Manager | ID = 7001 Description = The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error: %%1062 Error - 12/7/2011 4:33:47 PM | Computer Name = user-HP | Source = Service Control Manager | ID = 7009 Description = A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect. Error - 12/7/2011 4:33:47 PM | Computer Name = user-HP | Source = Service Control Manager | ID = 7000 Description = The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: %%1053 Error - 12/7/2011 10:43:43 PM | Computer Name = user-HP | Source = Service Control Manager | ID = 7011 Description = A timeout (30000 milliseconds) was reached while waiting for a transaction response from the RtVOsdService service. Error - 12/7/2011 11:19:05 PM | Computer Name = user-HP | Source = DCOM | ID = 10016 Description = Error - 12/7/2011 11:19:05 PM | Computer Name = user-HP | Source = DCOM | ID = 10016 Description = Error - 12/8/2011 7:51:51 AM | Computer Name = user-HP | Source = Service Control Manager | ID = 7034 Description = The HP Software Framework Service service terminated unexpectedly. It has done this 1 time(s). Error - 12/8/2011 5:03:11 PM | Computer Name = user-HP | Source = bowser | ID = 8003 Description = Error - 12/9/2011 7:51:52 AM | Computer Name = user-HP | Source = Service Control Manager | ID = 7034 Description = The HP Software Framework Service service terminated unexpectedly. It has done this 2 time(s). < End of report >
  4. Okay after much work I finally got the OTL to run and retrieved the 2 logs which are posted below....Ive already attempted rolling back to IE8 and have been successful in getting the redirect to searchnu.com/406 to stop, but am still having an issue with 2 iexplore.exe processes when only 1 should be running OTL logfile created on: 4/21/2012 5:57:45 PM - Run 1 OTL by OldTimer - Version 3.2.40.0 Folder = C:\Users\user\Desktop 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.75 Gb Total Physical Memory | 1.36 Gb Available Physical Memory | 49.40% Memory free 5.49 Gb Paging File | 3.22 Gb Available in Paging File | 58.75% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 281.46 Gb Total Space | 212.17 Gb Free Space | 75.38% Space Free | Partition Type: NTFS Drive D: | 16.34 Gb Total Space | 2.36 Gb Free Space | 14.43% Space Free | Partition Type: NTFS Computer Name: USER-HP | User Name: user | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - File not found -- PRC - [2012/04/21 15:52:43 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\user\Desktop\OTL.exe PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012/04/04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2011/11/14 15:13:36 | 000,563,104 | ---- | M] (Affinegy, Inc.) -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe PRC - [2011/11/14 15:13:32 | 001,884,064 | ---- | M] (Affinegy, Inc.) -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe PRC - [2011/11/14 15:13:30 | 007,029,664 | ---- | M] (Affinegy, Inc.) -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe PRC - [2011/06/30 16:14:05 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2011/04/27 15:02:31 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2011/03/28 17:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe PRC - [2011/03/01 10:47:56 | 007,832,440 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe PRC - [2011/03/01 10:47:56 | 002,296,696 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe PRC - [2011/03/01 10:24:45 | 000,108,408 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\tv_w32.exe PRC - [2010/12/13 11:39:54 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2010/06/29 22:00:08 | 000,027,192 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe PRC - [2010/06/29 21:58:04 | 000,602,168 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe PRC - [2010/05/21 05:28:36 | 000,140,272 | ---- | M] (CinemaNow, Inc.) -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe PRC - [2010/04/14 00:13:52 | 000,243,544 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\mswinext.exe PRC - [2009/12/03 02:23:38 | 000,209,768 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe PRC - [2009/12/03 02:23:32 | 000,483,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe PRC - [2009/09/06 10:06:20 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe ========== Modules (No Company Name) ========== MOD - [2012/04/12 17:22:33 | 014,322,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d932bdb0712c33e0000c75035dbe74d1\PresentationFramework.ni.dll MOD - [2012/04/12 17:21:57 | 012,431,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\5c37600b4ae4ffeaeff645bb16a58137\System.Windows.Forms.ni.dll MOD - [2012/04/12 17:21:38 | 001,590,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\b7bec10dca3f27113cc91c24b79c8f75\System.Drawing.ni.dll MOD - [2012/04/12 17:21:29 | 012,216,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\66fdd11e758f6c833fbc173338c1ff5b\PresentationCore.ni.dll MOD - [2012/03/23 19:15:57 | 000,036,920 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll MOD - [2012/02/18 00:01:18 | 000,997,888 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\0794d7af09099432ebfb51af1d7f15ae\System.Management.ni.dll MOD - [2012/02/17 16:38:17 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\6954c7f14ea634672cdacf2cd793497e\PresentationFramework.Aero.ni.dll MOD - [2012/02/17 08:28:52 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\0a894f77b9aa64acbd3ce791916357d8\System.Runtime.Remoting.ni.dll MOD - [2012/02/17 08:28:50 | 006,618,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\c06a0517281bb4a9c7fcaeb58d38cd63\System.Data.ni.dll MOD - [2012/02/17 08:27:54 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\585ac5899ab444221c8b41df13b194bc\WindowsBase.ni.dll MOD - [2012/02/17 08:27:47 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49f4cb0755ccc34cd35ff96dc2ef9e3\System.Xml.ni.dll MOD - [2012/02/17 08:27:42 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\15742b3597258ce67cbe219005c197e5\System.Configuration.ni.dll MOD - [2012/02/17 08:27:39 | 007,952,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\1f14b3e1ee0847f8662f513e67f92547\System.ni.dll MOD - [2011/11/14 15:13:38 | 000,022,944 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinServicePS.dll MOD - [2011/11/14 14:28:24 | 000,663,552 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\gateways\GenericBelkinGatewayLOC.dll MOD - [2011/11/02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011/11/02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2011/10/15 16:31:50 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\1b31ced9bb880d94fff1c6d47c16a81e\mscorlib.ni.dll MOD - [2010/08/22 20:01:36 | 007,187,456 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtGui4.dll MOD - [2010/08/22 20:01:08 | 000,325,632 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtXml4.dll MOD - [2010/08/22 20:01:06 | 001,954,304 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtCore4.dll MOD - [2010/08/22 20:01:06 | 000,847,360 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtNetwork4.dll MOD - [2010/08/22 19:32:34 | 000,119,808 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\imageformats\qjpeg4.dll MOD - [2010/05/19 14:05:58 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll MOD - [2010/05/19 14:05:58 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll MOD - [2010/05/19 14:05:58 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll MOD - [2010/02/09 21:58:30 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll MOD - [2010/02/09 21:58:28 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll MOD - [2010/02/09 21:58:24 | 000,040,960 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll MOD - [2010/02/09 21:58:24 | 000,007,680 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll MOD - [2010/02/09 21:58:22 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll MOD - [2010/02/09 21:58:22 | 000,005,632 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll MOD - [2010/02/09 21:58:18 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll MOD - [2010/02/09 21:58:14 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll MOD - [2009/06/10 17:23:17 | 002,933,248 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2012/03/08 18:58:12 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE) SRV:64bit: - [2010/06/18 19:26:18 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service) SRV:64bit: - [2010/06/17 12:59:38 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2010/04/19 22:55:18 | 000,315,392 | ---- | M] (Realtek Semiconductor Corp.) [Auto | Running] -- C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe -- (RtVOsdService) SRV:64bit: - [2009/11/17 22:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters) SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2011/11/14 15:13:36 | 000,563,104 | ---- | M] (Affinegy, Inc.) [Auto | Running] -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe -- (AffinegyService) SRV - [2011/09/09 17:10:28 | 000,086,072 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service) SRV - [2011/06/30 16:14:05 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011/04/27 15:02:31 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2011/03/28 17:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe) SRV - [2011/03/01 10:47:56 | 002,296,696 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6) SRV - [2011/02/26 22:34:36 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2010/06/29 22:00:08 | 000,027,192 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC) SRV - [2010/06/01 18:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU) SRV - [2010/05/21 05:28:36 | 000,140,272 | ---- | M] (CinemaNow, Inc.) [Auto | Running] -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe -- (CinemaNow Service) SRV - [2010/04/03 19:01:24 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService) SRV - [2010/03/18 17:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009/12/03 02:23:38 | 000,209,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa) SRV - [2009/12/03 02:23:32 | 000,483,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist) SRV - [2009/09/20 15:55:20 | 001,037,824 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC) SRV - [2009/09/06 10:06:20 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor8.0) SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012/04/04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2012/03/01 02:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012/02/15 12:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2011/07/22 12:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV) DRV:64bit: - [2011/07/12 17:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL) DRV:64bit: - [2011/06/30 16:14:06 | 000,123,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2011/06/30 16:14:05 | 000,088,288 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2010/06/17 13:07:42 | 006,403,072 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag) DRV:64bit: - [2010/06/17 12:10:34 | 000,188,928 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2010/05/07 15:19:58 | 000,245,792 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV:64bit: - [2010/05/06 09:21:46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV:64bit: - [2010/04/22 21:17:40 | 000,318,000 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2010/03/22 21:57:20 | 000,347,680 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2010/03/02 20:45:24 | 001,594,368 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2009/12/22 06:26:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter) DRV:64bit: - [2009/12/03 02:23:38 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol) DRV:64bit: - [2009/12/03 02:23:34 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir) DRV:64bit: - [2009/12/03 02:23:32 | 000,269,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay) DRV:64bit: - [2009/12/03 02:23:26 | 000,721,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs) DRV:64bit: - [2009/10/07 22:13:34 | 000,070,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2009/10/07 22:13:34 | 000,028,728 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2009/08/23 21:55:32 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO) DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/13 21:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/07/13 20:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam) DRV:64bit: - [2009/07/13 19:31:10 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2009/06/10 17:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92) DRV:64bit: - [2009/06/10 17:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac) DRV:64bit: - [2009/06/10 17:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA) DRV:64bit: - [2009/06/10 16:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2009/06/10 16:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7) DRV:64bit: - [2009/06/10 16:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel® DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009/05/18 17:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2008/06/16 07:00:00 | 000,055,024 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1 IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} IE:64bit: - HKLM\..\SearchScopes\{3AF0EADA-3E5F-40D6-93FF-A0643A3C29B1}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF IE:64bit: - HKLM\..\SearchScopes\{4058A6EE-17D7-4FED-91F1-DD9E1BBF4281}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl IE:64bit: - HKLM\..\SearchScopes\{4EC3A6F3-B277-4D22-84DF-D1A4AC85DBA6}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=101&systemid=406&sr=0&q={searchTerms} IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2426}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=141111&systemid=426&sr=0&q={searchTerms} IE:64bit: - HKLM\..\SearchScopes\{CA839A0F-B682-49A6-B552-2C320451925D}: "URL" = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1 IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} IE - HKLM\..\SearchScopes\{3AF0EADA-3E5F-40D6-93FF-A0643A3C29B1}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF IE - HKLM\..\SearchScopes\{4058A6EE-17D7-4FED-91F1-DD9E1BBF4281}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl IE - HKLM\..\SearchScopes\{4EC3A6F3-B277-4D22-84DF-D1A4AC85DBA6}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=101&systemid=406&sr=0&q={searchTerms} IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2426}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=141111&systemid=426&sr=0&q={searchTerms} IE - HKLM\..\SearchScopes\{CA839A0F-B682-49A6-B552-2C320451925D}: "URL" = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2129704685-2787280841-99808866-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1 IE - HKU\S-1-5-21-2129704685-2787280841-99808866-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve IE - HKU\S-1-5-21-2129704685-2787280841-99808866-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1 IE - HKU\S-1-5-21-2129704685-2787280841-99808866-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-2129704685-2787280841-99808866-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-2129704685-2787280841-99808866-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2129704685-2787280841-99808866-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\user\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\user\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\Firefox [2011/02/15 19:58:43 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2011/02/15 19:58:46 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/02/23 21:12:55 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/02/23 21:12:55 | 000,000,000 | ---D | M] ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\Application\18.0.1025.162\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\Application\18.0.1025.162\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\Application\18.0.1025.162\gcswf32.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.200.2 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java Platform SE 6 U20 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL CHR - plugin: Bing Bar (Enabled) = C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Google Update (Enabled) = C:\Users\user\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll CHR - Extension: YouTube = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google Search = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Gmail = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2012/02/26 15:01:21 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll (Microsoft Corporation) O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - No CLSID value found. O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O4:64bit: - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe () O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [bing Bar] C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\mswinext.exe (Microsoft Corp.) O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Company) O4 - HKLM..\Run: [instaLAN] C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe (Affinegy, Inc.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation) O4 - HKLM..\Run: [startCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKU\S-1-5-21-2129704685-2787280841-99808866-1000..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe () O4 - HKU\S-1-5-21-2129704685-2787280841-99808866-1000..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-2129704685-2787280841-99808866-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-2129704685-2787280841-99808866-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16:64bit: - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5C51C20B-622F-4DD7-8070-83EBE0A90BD8}: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2012/04/21 15:53:39 | 000,000,000 | ---D | C] -- C:\_OTL [2012/04/21 15:52:36 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\user\Desktop\OTL.exe [2012/04/21 15:50:58 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Malwarebytes [2012/04/21 15:50:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012/04/21 15:50:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012/04/21 15:50:34 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012/04/21 15:50:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012/04/18 21:40:49 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Ilivid Player [2012/04/18 21:39:36 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess [2012/04/18 20:56:01 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome [2012/04/18 20:55:05 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Google [2012/04/12 18:53:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belkin [2012/04/12 18:52:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Belkin [2012/04/12 18:52:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Affinegy [2012/03/31 12:16:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2012/03/31 12:15:23 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2012/03/31 12:15:22 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2012/03/31 12:15:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes [2012/03/23 19:16:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support [2012/03/23 19:13:19 | 000,000,000 | ---D | C] -- C:\ProgramData\{A8DA1505-E615-42BB-BB77-74D5CC91FE7E} ========== Files - Modified Within 30 Days ========== [2012/04/21 18:00:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2129704685-2787280841-99808866-1000UA.job [2012/04/21 17:52:45 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/04/21 17:52:45 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/04/21 17:47:44 | 003,276,982 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012/04/21 17:47:44 | 001,031,188 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012/04/21 17:47:44 | 000,005,372 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012/04/21 17:43:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/04/21 17:42:30 | 2210,582,528 | -HS- | M] () -- C:\hiberfil.sys [2012/04/21 17:08:29 | 000,028,658 | ---- | M] () -- C:\Users\user\Documents\cc_20120421_170823.reg [2012/04/21 15:55:27 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForuser.job [2012/04/21 15:52:43 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\user\Desktop\OTL.exe [2012/04/21 15:50:41 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012/04/20 22:59:53 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2129704685-2787280841-99808866-1000Core.job [2012/04/18 20:56:05 | 000,002,306 | ---- | M] () -- C:\Users\user\Desktop\Google Chrome.lnk [2012/04/12 18:53:08 | 000,000,051 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\lmhosts [2012/04/04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012/03/31 12:16:17 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2012/03/30 16:08:31 | 000,001,437 | ---- | M] () -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2012/03/23 19:16:15 | 000,002,179 | ---- | M] () -- C:\Users\Public\Desktop\HP Support Assistant.lnk ========== Files Created - No Company Name ========== [2012/04/21 17:08:26 | 000,028,658 | ---- | C] () -- C:\Users\user\Documents\cc_20120421_170823.reg [2012/04/21 15:50:41 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012/04/18 20:56:05 | 000,002,306 | ---- | C] () -- C:\Users\user\Desktop\Google Chrome.lnk [2012/04/18 20:55:10 | 000,000,904 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2129704685-2787280841-99808866-1000UA.job [2012/04/18 20:55:06 | 000,000,852 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2129704685-2787280841-99808866-1000Core.job [2012/03/31 12:16:17 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2012/03/23 21:00:46 | 000,000,328 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForuser.job [2012/03/23 19:16:15 | 000,002,179 | ---- | C] () -- C:\Users\Public\Desktop\HP Support Assistant.lnk [2012/02/26 14:48:14 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2012/02/26 14:48:14 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2012/02/26 14:48:14 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2012/02/26 14:48:14 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2012/02/26 14:48:14 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2012/01/14 01:44:14 | 000,001,016 | ---- | C] () -- C:\ProgramData\repository.xml [2011/03/15 01:41:04 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2011/02/23 20:57:59 | 000,743,534 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011/02/23 20:55:17 | 000,202,698 | ---- | C] () -- C:\Windows\hpoins41.dat [2011/02/15 19:41:30 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2011/02/15 19:35:02 | 000,001,105 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2011/02/15 19:34:45 | 000,000,268 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog2.ini [2011/02/15 19:34:45 | 000,000,209 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog.ini [2010/07/11 02:09:02 | 000,000,188 | ---- | C] () -- C:\Windows\SysWow64\HPWA.ini [2010/07/11 01:08:27 | 000,000,186 | ---- | C] () -- C:\Windows\SysWow64\HP Documentation.ini ========== LOP Check ========== [2012/04/21 16:07:15 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\go [2012/02/25 16:06:20 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\PerformerSoft [2012/04/21 15:53:56 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\SoftGrid Client [2011/07/27 20:32:05 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\TeamViewer [2011/02/23 20:58:57 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\TP [2011/02/28 21:09:09 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\WildTangent [2012/03/11 00:20:26 | 000,032,622 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report >
  5. if it amounts to anything I discovered that when opening IE9 it now gives me 2 iexplore.exe processes running in task manager which can be increased every time I open a new tab that also redirects. Also she recently installed Google Chrome which does not seem to be affected by the redirect as of now....I honestly am lost trying to wrap my head around this
  6. Well logged into my girlfriend's laptop today and behold the virus magnet that she is had managed to contract this redirect as her homepage, I've been searching now to rid the issue but to no avail. I attempted to run the OTL.exe file to extract the needed logs that I noticed are needed but have hit a hangup when it tries to scan the modules which leads the program to be unresponsive. I am at a standstill at this point and have not gotten anywhere with any anti-virus i have ran. Would really appreciate any help that I can get at this point... Thanks in advance, --Dalton
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.