codec-c and possibe spyeye

[stewright5]

Ive had codec-c class add on in my IE9 for awhile and it will not let me remove it. Found out it maybe a virus, also had adverts incerted to my facebook timeline and wikipedia etc the last few days. Also had AVG teeing me i had spyeye virus every 5 minutes last night. restarted and it seems to of stopped.(sooi832.bin)

Seem someone else have this problem so have copyed what what advused. Any help would be great, thanks in advance.

Lots of love

[stewright5]

OTL logfile created on: 3/28/2012 9:05:54 PM - Run 1

OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\hp\Downloads

64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

5.80 Gb Total Physical Memory | 4.02 Gb Available Physical Memory | 69.27% Memory free

11.60 Gb Paging File | 9.03 Gb Available in Paging File | 77.86% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 348.67 Gb Total Space | 228.12 Gb Free Space | 65.43% Space Free | Partition Type: NTFS

Drive D: | 19.14 Gb Total Space | 2.77 Gb Free Space | 14.47% Space Free | Partition Type: NTFS

Drive F: | 2.46 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Drive H: | 97.66 Gb Total Space | 97.54 Gb Free Space | 99.88% Space Free | Partition Type: NTFS

Computer Name: HP-HP | User Name: hp | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/03/28 21:05:42 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\hp\Downloads\OTL.exe

PRC - [2012/03/24 15:54:48 | 000,250,528 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11g_ActiveX.exe

PRC - [2012/03/24 15:54:20 | 000,489,256 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe

PRC - [2012/03/13 15:13:32 | 000,918,880 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe

PRC - [2012/03/13 15:13:17 | 000,982,880 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe

PRC - [2012/02/24 13:25:50 | 000,740,216 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe

PRC - [2012/01/30 13:22:36 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe

PRC - [2012/01/24 18:24:26 | 002,416,480 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe

PRC - [2011/10/12 07:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe

PRC - [2011/08/02 07:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe

PRC - [2011/07/29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

PRC - [2011/03/15 18:42:18 | 000,499,608 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe

PRC - [2010/11/29 16:54:58 | 002,402,696 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Security Scan\KSS.exe

PRC - [2010/06/30 03:00:08 | 000,027,192 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

PRC - [2010/06/30 02:58:04 | 000,602,168 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

PRC - [2010/06/25 21:55:34 | 000,092,216 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

PRC - [2010/06/25 07:32:50 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe

PRC - [2010/05/01 02:21:14 | 002,533,400 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

PRC - [2010/05/01 02:21:14 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

PRC - [2010/04/24 03:42:36 | 000,625,416 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe

PRC - [2010/04/23 20:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe

PRC - [2010/04/14 05:13:52 | 000,243,544 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\mswinext.exe

PRC - [2010/04/10 01:54:38 | 001,441,544 | ---- | M] (Motorola, Inc.) -- C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe

PRC - [2009/02/23 20:43:12 | 000,576,000 | ---- | M] (MagicISO, Inc.) -- C:\Program Files (x86)\MagicDisc\MagicDisc.exe

========== Modules (No Company Name) ==========

MOD - [2012/03/24 15:54:18 | 020,297,512 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll

MOD - [2012/03/24 15:54:14 | 001,099,576 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll

MOD - [2012/03/24 15:54:14 | 000,907,048 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll

MOD - [2012/03/24 15:54:14 | 000,190,776 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll

MOD - [2012/03/24 15:54:14 | 000,123,192 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll

MOD - [2012/03/13 15:13:17 | 000,982,880 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe

MOD - [2012/02/21 22:01:58 | 000,997,888 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\0794d7af09099432ebfb51af1d7f15ae\System.Management.ni.dll

MOD - [2012/02/21 21:55:03 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\6954c7f14ea634672cdacf2cd793497e\PresentationFramework.Aero.ni.dll

MOD - [2012/02/21 21:54:46 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\0a894f77b9aa64acbd3ce791916357d8\System.Runtime.Remoting.ni.dll

MOD - [2012/02/21 21:54:44 | 006,618,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\c06a0517281bb4a9c7fcaeb58d38cd63\System.Data.ni.dll

MOD - [2012/02/21 21:54:34 | 014,322,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8435718626a24beaeefc98d45ae77127\PresentationFramework.ni.dll

MOD - [2012/02/21 21:54:20 | 012,431,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ff30db6905f8ec024fc808ed8779c0f3\System.Windows.Forms.ni.dll

MOD - [2012/02/21 21:54:13 | 001,586,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\a09ee392fa90849f2e9313a1ebbe0279\System.Drawing.ni.dll

MOD - [2012/02/21 21:54:11 | 012,216,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\c0508b05f5c28e37711f447a66368e75\PresentationCore.ni.dll

MOD - [2012/02/21 21:54:01 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\585ac5899ab444221c8b41df13b194bc\WindowsBase.ni.dll

MOD - [2012/02/21 21:53:57 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49f4cb0755ccc34cd35ff96dc2ef9e3\System.Xml.ni.dll

MOD - [2012/02/21 21:53:53 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\15742b3597258ce67cbe219005c197e5\System.Configuration.ni.dll

MOD - [2012/02/21 21:53:49 | 007,952,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\1f14b3e1ee0847f8662f513e67f92547\System.ni.dll

MOD - [2012/01/29 10:53:05 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\1b31ced9bb880d94fff1c6d47c16a81e\mscorlib.ni.dll

MOD - [2011/07/29 00:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll

MOD - [2011/07/29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

MOD - [2010/11/29 16:54:58 | 002,402,696 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Security Scan\KSS.exe

MOD - [2010/11/29 16:54:54 | 000,092,160 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Security Scan\KSS_WMI.dll

MOD - [2010/07/15 13:36:22 | 000,122,424 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll

MOD - [2010/06/16 21:48:34 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll

MOD - [2010/06/16 21:48:32 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll

MOD - [2010/06/16 21:48:32 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll

MOD - [2010/02/10 02:58:30 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll

MOD - [2010/02/10 02:58:28 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll

MOD - [2010/02/10 02:58:24 | 000,040,960 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll

MOD - [2010/02/10 02:58:24 | 000,007,680 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll

MOD - [2010/02/10 02:58:22 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll

MOD - [2010/02/10 02:58:22 | 000,005,632 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll

MOD - [2010/02/10 02:58:18 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll

MOD - [2010/02/10 02:58:14 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll

MOD - [2009/06/10 22:23:17 | 002,933,248 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012/01/26 18:32:28 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Running] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)

SRV:64bit: - [2011/08/12 00:38:04 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)

SRV:64bit: - [2010/06/29 20:52:12 | 004,181,256 | ---- | M] (Motorola, Inc.) [On_Demand | Running] -- C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe -- (Bluetooth Device Manager)

SRV:64bit: - [2010/06/22 06:57:44 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)

SRV:64bit: - [2010/06/19 00:26:18 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service)

SRV:64bit: - [2010/06/18 06:10:14 | 000,258,048 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)

SRV:64bit: - [2010/05/20 22:28:14 | 000,677,128 | ---- | M] (Motorola, Inc.) [Auto | Running] -- C:\Program Files\Motorola\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)

SRV:64bit: - [2010/05/20 22:28:12 | 001,096,968 | ---- | M] (Motorola, Inc.) [On_Demand | Running] -- C:\Program Files\Motorola\Bluetooth\audiosrv.exe -- (Bluetooth Media Service)

SRV:64bit: - [2010/04/24 03:42:40 | 000,445,192 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe -- (DpHost)

SRV:64bit: - [2010/02/23 16:38:54 | 002,192,176 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysNative\vcsFPService.exe -- (vcsFPService)

SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV:64bit: - [2009/07/08 21:49:02 | 000,030,520 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)

SRV:64bit: - [2009/03/03 11:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)

SRV - [2012/03/24 15:54:20 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)

SRV - [2012/03/13 15:13:32 | 000,918,880 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe -- (vToolbarUpdater10.2.0)

SRV - [2012/01/26 18:32:20 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)

SRV - [2011/10/12 07:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)

SRV - [2011/08/02 07:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)

SRV - [2010/06/30 05:51:12 | 000,245,232 | ---- | M] (CyberLink) [Auto | Stopped] -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe -- (CLKMSVC10_C6F09094)

SRV - [2010/06/30 03:00:08 | 000,027,192 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)

SRV - [2010/06/25 21:55:34 | 000,092,216 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)

SRV - [2010/05/01 02:21:14 | 002,533,400 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®

SRV - [2010/05/01 02:21:14 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®

SRV - [2010/04/04 00:01:24 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)

SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2010/02/23 16:19:02 | 001,799,472 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vcsFPService.exe -- (vcsFPService)

SRV - [2010/02/19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)

SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/12/19 14:45:22 | 000,146,736 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)

DRV:64bit: - [2011/10/07 07:23:46 | 000,283,728 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)

DRV:64bit: - [2011/09/13 07:30:08 | 000,037,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)

DRV:64bit: - [2011/08/08 07:08:58 | 000,046,672 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)

DRV:64bit: - [2011/08/02 18:38:56 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)

DRV:64bit: - [2011/07/22 17:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)

DRV:64bit: - [2011/07/12 22:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)

DRV:64bit: - [2011/07/11 02:14:36 | 000,375,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)

DRV:64bit: - [2011/07/11 02:14:08 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)

DRV:64bit: - [2011/07/11 02:14:06 | 000,120,400 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)

DRV:64bit: - [2011/07/11 02:14:06 | 000,026,704 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AVGIDSEH.sys -- (AVGIDSEH)

DRV:64bit: - [2011/03/11 07:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011/03/11 07:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2010/06/29 19:12:26 | 003,232,768 | ---- | M] (Motorola, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmusb.sys -- (BTMUSB)

DRV:64bit: - [2010/06/25 07:32:52 | 000,032,880 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)

DRV:64bit: - [2010/06/24 06:37:24 | 000,931,168 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)

DRV:64bit: - [2010/06/22 08:17:52 | 006,856,704 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)

DRV:64bit: - [2010/06/22 06:28:32 | 010,342,240 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)

DRV:64bit: - [2010/06/22 06:28:32 | 010,342,240 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)

DRV:64bit: - [2010/06/22 06:24:12 | 000,264,192 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)

DRV:64bit: - [2010/06/18 06:10:14 | 000,515,584 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)

DRV:64bit: - [2010/05/28 00:32:56 | 000,320,560 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)

DRV:64bit: - [2010/05/06 14:21:46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)

DRV:64bit: - [2010/05/01 02:21:00 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel®

DRV:64bit: - [2010/04/13 18:44:22 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)

DRV:64bit: - [2010/04/10 01:53:04 | 000,052,736 | ---- | M] (Motorola, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btmcom.sys -- (BTMCOM)

DRV:64bit: - [2010/03/05 06:43:00 | 000,346,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)

DRV:64bit: - [2010/01/11 23:31:04 | 000,232,992 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)

DRV:64bit: - [2009/10/26 21:39:44 | 000,151,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)

DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009/07/14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2009/07/14 02:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009/07/14 00:31:10 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)

DRV:64bit: - [2009/07/08 21:49:08 | 000,030,008 | ---- | M] (Hewlett-Packard) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)

DRV:64bit: - [2009/07/08 21:48:50 | 000,041,272 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)

DRV:64bit: - [2009/06/10 22:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)

DRV:64bit: - [2009/06/10 22:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)

DRV:64bit: - [2009/06/10 22:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)

DRV:64bit: - [2009/06/10 21:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)

DRV:64bit: - [2009/06/10 21:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel®

DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)

DRV:64bit: - [2009/02/24 19:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcdbus.sys -- (mcdbus)

DRV:64bit: - [2008/06/27 08:51:10 | 000,088,632 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs)

DRV:64bit: - [2007/05/14 16:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)

DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

DRV - [2009/02/24 19:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\mcdbus.sys -- (mcdbus)

DRV - [2008/08/14 08:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWow64\drivers\adfs.sys -- (adfs)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPNOT/2

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {22E414F6-9D98-4E57-A2C3-FA80C3015568}

IE:64bit: - HKLM\..\SearchScopes\{22E414F6-9D98-4E57-A2C3-FA80C3015568}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox

IE:64bit: - HKLM\..\SearchScopes\{94ED22A3-938E-4ED2-9314-B5E2CDEA02F5}: "URL" = http://uk.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF

IE:64bit: - HKLM\..\SearchScopes\{E82F8F71-7D41-40AD-ABBA-CEB813399FBF}: "URL" = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPNOT/2

IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)

IE - HKLM\..\SearchScopes,DefaultScope = {22E414F6-9D98-4E57-A2C3-FA80C3015568}

IE - HKLM\..\SearchScopes\{22E414F6-9D98-4E57-A2C3-FA80C3015568}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox

IE - HKLM\..\SearchScopes\{94ED22A3-938E-4ED2-9314-B5E2CDEA02F5}: "URL" = http://uk.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF

IE - HKLM\..\SearchScopes\{E82F8F71-7D41-40AD-ABBA-CEB813399FBF}: "URL" = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1383393120-3484479454-2718812190-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://uk.msn.com/?ocid=ie9fr

IE - HKU\S-1-5-21-1383393120-3484479454-2718812190-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1

IE - HKU\S-1-5-21-1383393120-3484479454-2718812190-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.co.uk/

IE - HKU\S-1-5-21-1383393120-3484479454-2718812190-1000\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)

IE - HKU\S-1-5-21-1383393120-3484479454-2718812190-1000\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}

IE - HKU\S-1-5-21-1383393120-3484479454-2718812190-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&AF=108753&babsrc=SP_ss&mntrId=6078376f00000000000070f3956fb1a2

IE - HKU\S-1-5-21-1383393120-3484479454-2718812190-1000\..\SearchScopes\{22E414F6-9D98-4E57-A2C3-FA80C3015568}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox

IE - HKU\S-1-5-21-1383393120-3484479454-2718812190-1000\..\SearchScopes\{94ED22A3-938E-4ED2-9314-B5E2CDEA02F5}: "URL" = http://uk.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF

IE - HKU\S-1-5-21-1383393120-3484479454-2718812190-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={C21A83BC-E417-4707-A104-CF91F3C42DED}&mid=fce6af74420547d1a7be7285fd00cf57-6731d86a4ea615bf5827179d59738ff7af76b269〈=en&ds=AVG&pr=pr&d=2012-01-31 11:28:19&v=10.0.0.7&sap=dsp&q={searchTerms}

IE - HKU\S-1-5-21-1383393120-3484479454-2718812190-1000\..\SearchScopes\{A531D99C-5A22-449b-83DA-872725C6D0ED}: "URL" = http://search.alot.com/web?q={searchTerms}

IE - HKU\S-1-5-21-1383393120-3484479454-2718812190-1000\..\SearchScopes\{E82F8F71-7D41-40AD-ABBA-CEB813399FBF}: "URL" = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}

IE - HKU\S-1-5-21-1383393120-3484479454-2718812190-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1383393120-3484479454-2718812190-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@onlive.com/OnLiveGameClientDetector,version=1.0.0: C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll (OnLive)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\hp\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\hp\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\ [2012/01/25 01:03:48 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\Firefox [2012/01/25 01:04:32 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/01/27 18:50:09 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012/02/01 16:22:12 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\10.2.0.3\ [2012/03/13 15:14:10 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2012/02/05 22:07:56 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}: C:\Program Files (x86)\PriceGong\2.5.0\FF [2012/02/01 18:07:46 | 000,000,000 | ---D | M]

[2012/01/26 18:57:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\hp\AppData\Roaming\mozilla\Firefox\extensions

[2012/01/26 18:57:30 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Users\hp\AppData\Roaming\mozilla\Firefox\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}

========== Chrome ==========

CHR - default_search_provider: AVG Secure Search (Enabled)

CHR - default_search_provider: search_url = http://isearch.avg.com/search?cid={C21A83BC-E417-4707-A104-CF91F3C42DED}&mid=fce6af74420547d1a7be7285fd00cf57-6731d86a4ea615bf5827179d59738ff7af76b269〈=en&ds=AVG&pr=pr&d=2012-01-31 11:28:19&v=10.0.0.7&sap=dsp&q={searchTerms}

CHR - default_search_provider: suggest_url = http://clients5.google.com/complete/search?hl={language}&q={searchTerms}&client=ie8&inputencoding={inputEncoding}&outputencoding={outputEncoding}

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Users\hp\AppData\Local\Google\Chrome\Application\17.0.963.66\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\hp\AppData\Local\Google\Chrome\Application\17.0.963.66\pdf.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Users\hp\AppData\Local\Google\Chrome\Application\17.0.963.66\gcswf32.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll

CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

CHR - plugin: Java Platform SE 6 U30 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL

CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL

CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll

CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll

CHR - plugin: Bing Bar (Enabled) = C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll

CHR - plugin: OnLive Game Client Detector (Enabled) = C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll

CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

CHR - plugin: Google Update (Enabled) = C:\Users\hp\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll

CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll

CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll

CHR - plugin: Default Plug-in (Enabled) = default_plugin

CHR - Extension: uTorrentBar = C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\bejbohlohkkgompgecdcbbglkpjfjgdj\2.3.3.3_0\

CHR - Extension: YouTube = C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\

CHR - Extension: Google Search = C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\

CHR - Extension: AVG Safe Search = C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\

CHR - Extension: Premiumplay Codec-C = C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.13.21_0\

CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\

CHR - Extension: Gmail = C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\

O1 HOSTS File: ([2011/01/27 16:00:58 | 000,001,211 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: 127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com

O1 - Hosts: 127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com

O1 - Hosts: 127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com

O1 - Hosts: 127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com

O1 - Hosts: 127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com

O1 - Hosts: 127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net

O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)

O2 - BHO: (Premiumplay Codec-C) - {11111111-1111-1111-1111-110011041135} - C:\Program Files (x86)\Premiumplay Codec-C\Premiumplay Codec-C.dll (WebPicks)

O2 - BHO: (Shopping Assistant Plugin) - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.5.0\PriceGongIE.dll (PriceGong)

O2 - BHO: (Codec-C Class) - {19480E4E-F264-4DFB-B991-C35664EDBE49} - C:\ProgramData\Codec-C\bhoclass.dll (Injector)

O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (ALOT Appbar Helper) - {85F5CF95-EC8F-49fc-BB3F-38C79455CBA2} - C:\Program Files (x86)\alotappbar\bin\BHO\ALOTHelperBHO.dll (Vertro)

O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll ()

O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)

O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll (Microsoft Corporation)

O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll (Microsoft Corporation)

O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll ()

O3 - HKLM\..\Toolbar: (ALOT Appbar) - {A531D99C-5A22-449b-83DA-872725C6D0ED} - C:\Program Files (x86)\alotappbar\bin\alothelper.dll (Vertro)

O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)

O3 - HKU\S-1-5-21-1383393120-3484479454-2718812190-1000\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.

O3 - HKU\S-1-5-21-1383393120-3484479454-2718812190-1000\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)

O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)

O4:64bit: - HKLM..\Run: [bTMTrayAgent] C:\Program Files\Motorola\Bluetooth\btmshell.dll (Motorola, Inc.)

O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe ()

O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [smartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()

O4:64bit: - HKLM..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)

O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found

O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)

O4 - HKLM..\Run: [bing Bar] C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\mswinext.exe (Microsoft Corp.)

O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()

O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS)

O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Company)

O4 - HKLM..\Run: [ROC_roc_dec12] C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe ()

O4 - HKLM..\Run: [startCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKLM..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()

O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-1383393120-3484479454-2718812190-1000..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe ()

O4 - HKU\S-1-5-21-1383393120-3484479454-2718812190-1000..\Run: [spotify] C:\Users\hp\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)

O4 - HKU\S-1-5-21-1383393120-3484479454-2718812190-1000..\Run: [steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)

O4 - HKU\S-1-5-21-1383393120-3484479454-2718812190-1000..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)

O4 - HKU\S-1-5-21-1383393120-3484479454-2718812190-1000..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O4 - Startup: C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O9:64bit: - Extra Button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm ()

O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm ()

O9 - Extra Button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm ()

O9 - Extra 'Tools' menuitem : @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm ()

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)

O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)

O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com/activex/ractrl.cab?lmi=724 (Performance Viewer Activex Control)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{36F60660-3CA6-4D0C-A8DB-B41BE7C1EAA4}: DhcpNameServer = 192.168.1.254

O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)

O18:64bit: - Protocol\Handler\livecall - No CLSID value found

O18:64bit: - Protocol\Handler\ms-help - No CLSID value found

O18:64bit: - Protocol\Handler\msnim - No CLSID value found

O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found

O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found

O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)

O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.2.0\ViProtocol.dll ()

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe) - C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe (DigitalPersona, Inc.)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2010/03/22 05:24:08 | 000,000,175 | R--- | M] () - F:\autorun.inf -- [ UDF ]

O33 - MountPoints2\{8389b047-4839-11e1-997e-c8d60f5acebc}\Shell - "" = AutoRun

O33 - MountPoints2\{8389b047-4839-11e1-997e-c8d60f5acebc}\Shell\AutoRun\command - "" = F:\setup.exe -- [2010/03/12 11:06:18 | 000,464,248 | R--- | M] (Microsoft Corporation)

O33 - MountPoints2\{8389b047-4839-11e1-997e-c8d60f5acebc}\Shell\configure\command - "" = F:\setup.exe -- [2010/03/12 11:06:18 | 000,464,248 | R--- | M] (Microsoft Corporation)

O33 - MountPoints2\{8389b047-4839-11e1-997e-c8d60f5acebc}\Shell\install\command - "" = F:\setup.exe -- [2010/03/12 11:06:18 | 000,464,248 | R--- | M] (Microsoft Corporation)

O34 - HKLM BootExecute: (autocheck autochk *)

O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/03/28 19:42:42 | 000,000,000 | -H-D | C] -- C:\$AVG

[2012/03/27 20:29:33 | 000,000,000 | ---D | C] -- C:\Users\hp\AppData\Roaming\SUPERAntiSpyware.com

[2012/03/27 20:29:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware

[2012/03/27 20:29:16 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com

[2012/03/27 20:29:16 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware

[2012/03/27 20:14:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavasoft

[2012/03/27 20:14:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft

[2012/03/24 11:06:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Codec-C

[2012/03/24 11:06:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Codec-C

[2012/03/07 15:38:12 | 000,000,000 | ---D | C] -- C:\Users\hp\Desktop\Krak head Times

[2012/03/01 12:47:25 | 000,000,000 | ---D | C] -- C:\Users\hp\Desktop\Flash Drive

[2012/03/01 11:24:39 | 000,000,000 | ---D | C] -- C:\Users\hp\VirtualBox VMs

[2012/03/01 11:06:02 | 000,000,000 | ---D | C] -- C:\Users\hp\.VirtualBox

[2012/03/01 10:54:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox

[2012/03/01 10:52:12 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle

[2012/02/02 12:04:10 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\hp\AppData\Roaming\pcouffin.sys

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/03/28 20:55:18 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2012/03/28 20:55:18 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2012/03/28 20:54:56 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2012/03/28 20:54:56 | 000,628,460 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2012/03/28 20:54:56 | 000,110,612 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2012/03/28 20:47:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2012/03/28 20:47:21 | 377,901,055 | -HS- | M] () -- C:\hiberfil.sys

[2012/03/28 20:23:01 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1383393120-3484479454-2718812190-1000UA.job

[2012/03/28 18:14:17 | 092,861,381 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm

[2012/03/28 09:23:00 | 000,000,844 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1383393120-3484479454-2718812190-1000Core.job

[2012/03/28 08:59:39 | 000,251,828 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm

[2012/03/18 09:39:19 | 004,986,432 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2012/03/01 10:54:45 | 000,001,100 | ---- | M] () -- C:\Users\hp\Application Data\Microsoft\Internet Explorer\Quick Launch\Oracle VM VirtualBox.lnk

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/03/01 10:54:45 | 000,001,100 | ---- | C] () -- C:\Users\hp\Application Data\Microsoft\Internet Explorer\Quick Launch\Oracle VM VirtualBox.lnk

[2012/02/02 12:04:10 | 000,099,384 | ---- | C] () -- C:\Users\hp\AppData\Roaming\inst.exe

[2012/02/02 12:04:10 | 000,007,859 | ---- | C] () -- C:\Users\hp\AppData\Roaming\pcouffin.cat

[2012/02/02 12:04:10 | 000,001,167 | ---- | C] () -- C:\Users\hp\AppData\Roaming\pcouffin.inf

[2012/02/01 17:55:37 | 000,000,067 | ---- | C] () -- C:\Windows\Easy Avi Divx Xvid to DVD Burner.INI

[2012/02/01 17:44:24 | 000,001,057 | ---- | C] () -- C:\Users\hp\AppData\Roaming\vso_ts_preview.xml

[2012/01/27 18:41:00 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll

[2012/01/25 00:46:52 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

[2012/01/25 00:44:38 | 000,014,051 | ---- | C] () -- C:\Windows\SysWow64\RaCoInst.dat

[2012/01/25 00:40:50 | 000,002,189 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat

[2012/01/25 00:39:36 | 000,870,560 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin

[2012/01/25 00:39:36 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll

[2012/01/25 00:39:36 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll

[2012/01/25 00:39:36 | 000,104,636 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin

[2012/01/25 00:39:35 | 000,127,868 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin

[2012/01/25 00:39:35 | 000,002,189 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat

[2012/01/25 00:39:24 | 000,000,299 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog2.ini

[2012/01/25 00:39:24 | 000,000,240 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog.ini

[2012/01/25 00:36:37 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat

[2011/05/16 13:31:44 | 000,008,592 | ---- | C] () -- C:\Windows\SysWow64\ractrlkeyhook.dll

[2010/07/15 13:48:51 | 000,000,188 | ---- | C] () -- C:\Windows\SysWow64\HPWA.ini

[2010/07/15 12:58:37 | 000,009,988 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat

[2010/07/15 12:48:17 | 000,000,186 | ---- | C] () -- C:\Windows\SysWow64\HP Documentation.ini

========== LOP Check ==========

[2012/02/05 12:11:49 | 000,000,000 | ---D | M] -- C:\Users\Jenna\AppData\Roaming\AVG2012

[2012/01/26 17:20:37 | 000,000,000 | ---D | M] -- C:\Users\Jenna\AppData\Roaming\DigitalPersona

[2009/07/14 06:08:49 | 000,021,216 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

< End of report >

[stewright5]

OTL Extras logfile created on: 3/28/2012 9:05:54 PM - Run 1

OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\hp\Downloads

64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

5.80 Gb Total Physical Memory | 4.02 Gb Available Physical Memory | 69.27% Memory free

11.60 Gb Paging File | 9.03 Gb Available in Paging File | 77.86% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 348.67 Gb Total Space | 228.12 Gb Free Space | 65.43% Space Free | Partition Type: NTFS

Drive D: | 19.14 Gb Total Space | 2.77 Gb Free Space | 14.47% Space Free | Partition Type: NTFS

Drive F: | 2.46 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Drive H: | 97.66 Gb Total Space | 97.54 Gb Free Space | 99.88% Space Free | Partition Type: NTFS

Computer Name: HP-HP | User Name: hp | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

========== Authorized Applications List ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{1D5CE83C-BFDD-4668-8BCB-E8614334A657}" = Adobe Photoshop Lightroom 3.4 64-bit

"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64

"{1F6B7CB0-66D8-4B31-BF1F-D2318E58080E}" = HP SimplePass Identity Protection

"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)

"{23401053-03B3-845A-A946-32BEB58AB5AC}" = ccc-utility64

"{26A24AE4-039D-4CA4-87B4-2F86416020FF}" = Java 6 Update 20 (64-bit)

"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64

"{299625B9-6C69-462C-9CEA-8E06D878B1C5}" = HP 3D DriveGuard

"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64

"{34DA4817-68E1-CC8B-A9A5-392095FA28C9}" = ATI Catalyst Install Manager

"{426FAE9F-7373-496E-A215-9DB7EF4398CF}" = Validity Sensors DDK

"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64

"{4B4E2FA2-3B1E-4147-99DB-5033981D8C2F}" = HP MediaSmart Movies and TV

"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

"{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64

"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour

"{731A1D36-BF17-4C76-B7E7-CC055AF8C54E}" = HP MediaSmart SmartMenu

"{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support

"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64

"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64

"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4

"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64

"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010

"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010

"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010

"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4

"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9B2C4509-2B9F-4303-BA74-E2F9BB773F03}" = Oracle VM VirtualBox 4.1.8

"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant

"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64

"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64

"{B5FC1E1B-E70D-45F1-8E40-A3C30698B323}" = HP Wireless Assistant

"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64

"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware

"{D050583D-5CEC-47B1-88AA-8B328CAA8621}" = AVG 2012

"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)

"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4

"{E3EC7FC4-B4BF-4911-9A43-F7C753CE03F5}" = AVG 2012

"{EC2C1B61-3AA4-4477-8067-27B6276536DB}" = SmartFTP Client

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit

"AVG" = AVG 2012

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Ralink Motorola BC4 Bluetooth 3.0+HS Adapter_is1" = Ralink Motorola BC4 Bluetooth 3.0+HS Adapter

"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4

"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam

"{0215A652-E081-4B09-9333-DC85AAB67FFA}" = Adobe Dreamweaver CS5.5

"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86

"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam

"{0497EAED-70DA-4BBE-BEB3-AF77FD8788EA}" = Adobe Premiere Pro CS5.5

"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4

"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4

"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack

"{07E49BC1-24FF-4D7A-AC74-727BE95801AF}" = LightScribe System Software

"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements

"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar

"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86

"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler

"{0A653E82-9056-A08A-8262-62F59FF285C7}" = CCC Help Korean

"{0D542538-335E-08BA-21C5-62E9A7B2BE60}" = Catalyst Control Center InstallProxy

"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4

"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup

"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86

"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4

"{11A63D4E-6512-6D57-8690-3D656A483AB0}" = CCC Help French

"{132234A4-9362-4829-957F-FF11715F7815}" = HP Documentation

"{147D8BB7-FEE8-5D53-390D-7FB94FC26BC8}" = CCC Help Italian

"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4

"{16734097-34B9-C5E3-7863-7A9CAAEB391F}" = ccc-core-static

"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4

"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB

"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool

"{222A544B-E6B7-496F-B4D7-6FE74FF0E616}" = Bing Bar Platform

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library

"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java 6 Update 30

"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com

"{2EF17083-57D4-4D64-AE4F-55F32A2C4571}" = Codec-C

"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video

"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform

"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support

"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help

"{35772A32-7A3D-A8FC-840C-B84B536E62FD}" = CCC Help Swedish

"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4

"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7

"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player

"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4

"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4

"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin

"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology

"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go

"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor

"{42C095E5-4CE2-A376-9893-93431C6A236E}" = CCC Help Dutch

"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager

"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR

"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials

"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4B156358-CE9C-4E9F-8CAD-79AE86A68C60}" = HP Power Manager

"{543F949F-2B95-448F-9F2E-56F0C5FF8E2C}" = Catalyst Control Center - Branding

"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4

"{5BA6D86E-AA0D-05FF-09B5-ED3CD5277A42}" = CCC Help German

"{5D4875F6-89D1-4E9C-B7B9-9164C9D20C9C}" = Kaspersky Security Scan

"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86

"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4

"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support

"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail

"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components

"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library

"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4

"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK

"{6B65BA9C-2E00-3BCB-8EA5-94A7841B39C1}" = CCC Help Thai

"{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo

"{70743ADB-DD63-DA15-1E6C-32D88C54E04D}" = CCC Help English

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{72D90DB3-A16A-4545-B555-868471101833}" = HP Setup

"{778E3C06-48EB-79CA-775E-BEA3086896AD}" = CCC Help Japanese

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{7A083F0E-189D-9100-8883-3B7E75B53E3F}" = CCC Help Chinese Traditional

"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4

"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4

"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4

"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7

"{8AE4C1DF-D685-56CB-4B4E-181A12FFAF55}" = CCC Help Turkish

"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update

"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}" = Ralink RT3090 802.11b/g/n WiFi Adapter

"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010

"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010

"{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010

"{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010

"{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010

"{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010

"{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010

"{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010

"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010

"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010

"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-002A-0409-1000-0000000FF1CE}_Office14.PROPLUS_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010

"{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUS_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010

"{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010

"{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010

"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010

"{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010

"{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0116-0409-1000-0000000FF1CE}_Office14.PROPLUS_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010

"{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music

"{925BC35B-CA11-577E-95C7-67C5BD4776BA}" = Catalyst Control Center Graphics Previews Common

"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86

"{93138715-2252-4107-C3C6-D7F8ACAD4956}" = CCC Help Finnish

"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4

"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195

"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4

"{95A73EEC-18CA-0C70-2E88-C6F901C69583}" = CCC Help Russian

"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9C7243A7-5C0E-3190-A042-01D88F7BB791}" = CCC Help Portuguese

"{9ECF7817-DB11-4FBA-9DF1-296A578D513A}" = Adobe Shockwave Player 11.5

"{AA6F75E4-1807-4AAF-8CCC-4B9A48476BA5}" = Catalyst Control Center Localization All

"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.5.0 MUI

"{ACF5C43A-3E69-ED63-FCF9-831B3B9D1516}" = CCC Help Polish

"{AF144D2F-E890-B537-DC7C-DE01A8AC5405}" = CCC Help Norwegian

"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync

"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect

"{B4201487-FA15-8BCC-6833-E355A43CCCDB}" = Catalyst Control Center Graphics Previews Vista

"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger

"{B5DE2511-C5D3-0AAC-0470-606067398EBB}" = CCC Help Chinese Standard

"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4

"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86

"{B95B1BA9-F887-4B3C-8D3A-CCD4C4675120}" = Microsoft Default Manager

"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module

"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo

"{BDE646E8-86E0-50E1-37BC-0AEBB2185D76}" = Adobe Widget Browser

"{C28DD992-5B7B-D195-6841-4EC57DF512BD}" = Adobe Story

"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4

"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint

"{C77A8D2F-DE6E-E548-FA06-C56251441D95}" = CCC Help Spanish

"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector

"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw

"{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video

"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86

"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!

"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel® Turbo Boost Technology Driver

"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86

"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD

"{E05DB9F9-C8E7-45F2-BE9E-76D4C447CE9B}" = HP Software Framework

"{E342D296-DB9D-4FC7-ACB0-39926C0BFA16}" = HP Quick Launch

"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio

"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4

"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call

"{E93EAD24-E483-52AA-2E6F-C792E51E3F92}" = CCC Help Czech

"{ECB2E743-BFBD-7C77-6C62-F54ACD0ECE6D}" = CCC Help Hungarian

"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery

"{F0A06BEC-E4BA-DB4F-C3DF-37A3C77780EF}" = CCC Help Danish

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard

"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help

"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4

"{F90DE865-1A3D-D6D6-0638-F1D2EFCB5C29}" = PX Profile Update

"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4

"{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video

"{FC17E0A7-EAA9-4902-92F8-C83B9FD02246}" = HP Support Assistant

"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables

"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All

"{FD7DDB2A-445B-78D3-EAFB-6F7BE425285E}" = CCC Help Greek

"AC3Filter" = AC3Filter (remove only)

"AC3Filter_is1" = AC3Filter 1.62b

"Adobe AIR" = Adobe AIR

"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4

"alotAppbar" = ALOT Appbar

"Any Video Converter_is1" = Any Video Converter 3.3.3

"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help

"com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Story

"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player

"com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1" = Adobe Widget Browser

"CoreFTP" = Core FTP LE

"DivX Setup" = DivX Setup

"EasyBits Magic Desktop" = Magic Desktop

"Free DVD Creator (by minidvdsoft)_is1" = Free DVD Creator version 2.0

"HP DVB-T TV Tuner" = HP DVB-T TV Tuner 8.0.64.43

"HP Photo Creations" = HP Photo Creations

"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam

"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite

"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video

"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go

"InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo

"InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music

"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint

"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector

"InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video

"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!

"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD

"InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video

"MagicDisc 2.7.106" = MagicDisc 2.7.106

"My HP Game Console" = HP Game Console

"Office14.PROPLUS" = Microsoft Office Professional Plus 2010

"OnLive" = OnLive

"Premiumplay Codec-C" = Premiumplay Codec-C

"PriceGong" = PriceGong 2.5.0

"SmartFTP Client 4.0 (x64) Setup Files" = SmartFTP Client Setup Files 4.0 (x64) (remove only)

"Steam App 71270" = Football Manager 2012

"Steam App 71400" = Football Manager 2012 Editor

"uTorrent" = µTorrent

"uTorrentBar Toolbar" = uTorrentBar Toolbar

"VLC media player" = VideoLAN VLC media player 0.8.6f

"WildTangent hp Master Uninstall" = HP Games

"WinLiveSuite_Wave3" = Windows Live Essentials

"WinRAR archiver" = WinRAR 4.10 (32-bit)

"WT087328" = Blackhawk Striker 2

"WT087342" = Dora's Carnival Adventure

"WT087360" = Escape Rosecliff Island

"WT087361" = FATE

"WT087362" = Final Drive Nitro

"WT087374" = Jewel Quest - Heritage

"WT087394" = Penguins!

"WT087395" = Poker Superstars III

"WT087396" = Polar Bowler

"WT087397" = Polar Golfer

"WT087420" = Agatha Christie - Death on the Nile

"WT087428" = Bejeweled 2 Deluxe

"WT087453" = Chuzzle Deluxe

"WT087501" = Plants vs. Zombies

"WT087513" = Virtual Villagers - The Secret City

"WT087533" = Zuma Deluxe

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1383393120-3484479454-2718812190-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Google Chrome" = Google Chrome

"Spotify" = Spotify

========== Last 10 Event Log Errors ==========

[ Application Events ]

Error - 2/27/2012 3:41:06 AM | Computer Name = hp-HP | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledEvent 58102369

Error - 2/27/2012 3:41:06 AM | Computer Name = hp-HP | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledSPRetry 58102369

Error - 2/27/2012 3:41:07 AM | Computer Name = hp-HP | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: Continuously busy for more than a second

Error - 2/27/2012 3:41:07 AM | Computer Name = hp-HP | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledEvent 58103461

Error - 2/27/2012 3:41:07 AM | Computer Name = hp-HP | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledSPRetry 58103461

Error - 2/27/2012 3:41:08 AM | Computer Name = hp-HP | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: Continuously busy for more than a second

Error - 2/27/2012 3:41:08 AM | Computer Name = hp-HP | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledEvent 58104538

Error - 2/27/2012 3:41:08 AM | Computer Name = hp-HP | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledSPRetry 58104538

Error - 2/27/2012 3:41:12 AM | Computer Name = hp-HP | Source = Windows Backup | ID = 4103

Description =

Error - 2/29/2012 7:56:21 PM | Computer Name = hp-HP | Source = EventSystem | ID = 4621

Description =

[ Hewlett-Packard Events ]

Error - 2/8/2012 10:48:07 AM | Computer Name = hp-HP | Source = Hewlett-Packard | ID = 0

Description = en-GB Could not find a part of the path 'C:\ProgramData\Hewlett-Packard\HP

Support Framework\Logs\Temp\HPSA\HPSASession_201202081448.xml'. mscorlib at System.IO.__Error.WinIOError(Int32

errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode

mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32

bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,

Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,

FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) at

System.IO.StreamWriter.CreateFile(String path, Boolean append) at System.IO.StreamWriter..ctor(String

path, Boolean append, Encoding encoding, Int32 bufferSize) at System.IO.StreamWriter..ctor(String

path, Boolean append, Encoding encoding) at System.IO.File.WriteAllText(String

path, String contents, Encoding encoding) at HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()

Error - 2/17/2012 4:46:44 AM | Computer Name = hp-HP | Source = Hewlett-Packard | ID = 0

Description = en-GB Could not find a part of the path 'C:\ProgramData\Hewlett-Packard\HP

Support Framework\Logs\Temp\HPSA\HPSASession_201202170846.xml'. mscorlib at System.IO.__Error.WinIOError(Int32

errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode

mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32

bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,

Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,

FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) at

System.IO.StreamWriter.CreateFile(String path, Boolean append) at System.IO.StreamWriter..ctor(String

path, Boolean append, Encoding encoding, Int32 bufferSize) at System.IO.StreamWriter..ctor(String

path, Boolean append, Encoding encoding) at System.IO.File.WriteAllText(String

path, String contents, Encoding encoding) at HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()

Error - 2/17/2012 4:55:05 AM | Computer Name = hp-HP | Source = Hewlett-Packard | ID = 0

Description = en-GB Could not find a part of the path 'C:\ProgramData\Hewlett-Packard\HP

Support Framework\Logs\Temp\HPSA\HPSASession_201202170855.xml'. mscorlib at System.IO.__Error.WinIOError(Int32

errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode

mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32

bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,

Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,

FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) at

System.IO.StreamWriter.CreateFile(String path, Boolean append) at System.IO.StreamWriter..ctor(String

path, Boolean append, Encoding encoding, Int32 bufferSize) at System.IO.StreamWriter..ctor(String

path, Boolean append, Encoding encoding) at System.IO.File.WriteAllText(String

path, String contents, Encoding encoding) at HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()

Error - 2/22/2012 4:18:23 PM | Computer Name = hp-HP | Source = Hewlett-Packard | ID = 0

Description = en-GB Could not find a part of the path 'C:\ProgramData\Hewlett-Packard\HP

Support Framework\Logs\Temp\HPSA\HPSASession_201202222018.xml'. mscorlib at System.IO.__Error.WinIOError(Int32

errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode

mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32

bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,

Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,

FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) at

System.IO.StreamWriter.CreateFile(String path, Boolean append) at System.IO.StreamWriter..ctor(String

path, Boolean append, Encoding encoding, Int32 bufferSize) at System.IO.StreamWriter..ctor(String

path, Boolean append, Encoding encoding) at System.IO.File.WriteAllText(String

path, String contents, Encoding encoding) at HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()

Error - 2/29/2012 1:22:48 PM | Computer Name = hp-HP | Source = Hewlett-Packard | ID = 0

Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\021229052235.xml

File not created by asset agent

Error - 2/29/2012 1:23:22 PM | Computer Name = hp-HP | Source = Hewlett-Packard | ID = 0

Description = en-GB Could not find a part of the path 'C:\ProgramData\Hewlett-Packard\HP

Support Framework\Logs\Temp\HPSA\HPSASession_201202291723.xml'. mscorlib at System.IO.__Error.WinIOError(Int32

errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode

mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32

bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,

Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,

FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) at

System.IO.StreamWriter.CreateFile(String path, Boolean append) at System.IO.StreamWriter..ctor(String

path, Boolean append, Encoding encoding, Int32 bufferSize) at System.IO.StreamWriter..ctor(String

path, Boolean append, Encoding encoding) at System.IO.File.WriteAllText(String

path, String contents, Encoding encoding) at HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()

Error - 3/7/2012 10:45:13 AM | Computer Name = hp-HP | Source = Hewlett-Packard | ID = 0

Description = en-GB Could not find a part of the path 'C:\ProgramData\Hewlett-Packard\HP

Support Framework\Logs\Temp\HPSA\HPSASession_201203071445.xml'. mscorlib at System.IO.__Error.WinIOError(Int32

errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode

mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32

bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,

Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,

FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) at

System.IO.StreamWriter.CreateFile(String path, Boolean append) at System.IO.StreamWriter..ctor(String

path, Boolean append, Encoding encoding, Int32 bufferSize) at System.IO.StreamWriter..ctor(String

path, Boolean append, Encoding encoding) at System.IO.File.WriteAllText(String

path, String contents, Encoding encoding) at HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()

Error - 3/14/2012 1:37:56 PM | Computer Name = hp-HP | Source = Hewlett-Packard | ID = 0

Description = en-GB Could not find a part of the path 'C:\ProgramData\Hewlett-Packard\HP

Support Framework\Logs\Temp\HPSA\HPSASession_201203141737.xml'. mscorlib at System.IO.__Error.WinIOError(Int32

errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode

mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32

bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,

Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,

FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) at

System.IO.StreamWriter.CreateFile(String path, Boolean append) at System.IO.StreamWriter..ctor(String

path, Boolean append, Encoding encoding, Int32 bufferSize) at System.IO.StreamWriter..ctor(String

path, Boolean append, Encoding encoding) at System.IO.File.WriteAllText(String

path, String contents, Encoding encoding) at HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()

Error - 3/21/2012 11:20:55 AM | Computer Name = hp-HP | Source = Hewlett-Packard | ID = 0

Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\031221032053.xml

File not created by asset agent

Error - 3/21/2012 11:21:47 AM | Computer Name = hp-HP | Source = Hewlett-Packard | ID = 0

Description = en-GB Could not find a part of the path 'C:\ProgramData\Hewlett-Packard\HP

Support Framework\Logs\Temp\HPSA\HPSASession_201203211521.xml'. mscorlib at System.IO.__Error.WinIOError(Int32

errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode

mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32

bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,

Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,

FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) at

System.IO.StreamWriter.CreateFile(String path, Boolean append) at System.IO.StreamWriter..ctor(String

path, Boolean append, Encoding encoding, Int32 bufferSize) at System.IO.StreamWriter..ctor(String

path, Boolean append, Encoding encoding) at System.IO.File.WriteAllText(String

path, String contents, Encoding encoding) at HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()

[ HP Wireless Assistant Events ]

Error - 1/24/2012 1:08:12 PM | Computer Name = hp-HP | Source = HP WA Service | ID = 0

Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.

(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32

errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object

o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean

getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String

propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 1/24/2012 1:08:12 PM | Computer Name = hp-HP | Source = HP WA Service | ID = 0

Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.

(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32

errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object

o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean

getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String

propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 1/24/2012 1:09:12 PM | Computer Name = hp-HP | Source = HP WA Service | ID = 0

Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.

(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32

errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object

o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean

getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String

propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 1/24/2012 1:09:12 PM | Computer Name = hp-HP | Source = HP WA Service | ID = 0

Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.

(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32

errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object

o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean

getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String

propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 1/24/2012 1:10:12 PM | Computer Name = hp-HP | Source = HP WA Service | ID = 0

Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.

(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32

errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object

o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean

getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String

propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 1/24/2012 1:10:12 PM | Computer Name = hp-HP | Source = HP WA Service | ID = 0

Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.

(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32

errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object

o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean

getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String

propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 1/24/2012 1:11:12 PM | Computer Name = hp-HP | Source = HP WA Service | ID = 0

Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.

(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32

errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object

o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean

getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String

propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 1/24/2012 1:11:12 PM | Computer Name = hp-HP | Source = HP WA Service | ID = 0

Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.

(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32

errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object

o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean

getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String

propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 1/24/2012 1:12:12 PM | Computer Name = hp-HP | Source = HP WA Service | ID = 0

Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.

(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32

errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object

o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean

getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String

propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 1/24/2012 1:12:12 PM | Computer Name = hp-HP | Source = HP WA Service | ID = 0

Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.

(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32

errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object

o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean

getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String

propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

[ System Events ]

Error - 3/23/2012 10:17:29 AM | Computer Name = hp-HP | Source = Ntfs | ID = 262199

Description = The file system structure on the disk is corrupt and unusable. Please

run the chkdsk utility on the volume \Device\HarddiskVolumeShadowCopy1.

Error - 3/23/2012 10:17:29 AM | Computer Name = hp-HP | Source = Ntfs | ID = 262199

Description = The file system structure on the disk is corrupt and unusable. Please

run the chkdsk utility on the volume \Device\HarddiskVolumeShadowCopy1.

Error - 3/23/2012 10:17:29 AM | Computer Name = hp-HP | Source = Ntfs | ID = 262199

Description = The file system structure on the disk is corrupt and unusable. Please

run the chkdsk utility on the volume \Device\HarddiskVolumeShadowCopy1.

Error - 3/23/2012 10:17:29 AM | Computer Name = hp-HP | Source = Ntfs | ID = 262199

Description = The file system structure on the disk is corrupt and unusable. Please

run the chkdsk utility on the volume \Device\HarddiskVolumeShadowCopy1.

Error - 3/23/2012 10:17:29 AM | Computer Name = hp-HP | Source = Ntfs | ID = 262199

Description = The file system structure on the disk is corrupt and unusable. Please

run the chkdsk utility on the volume \Device\HarddiskVolumeShadowCopy1.

Error - 3/23/2012 10:17:29 AM | Computer Name = hp-HP | Source = Ntfs | ID = 262199

Description = The file system structure on the disk is corrupt and unusable. Please

run the chkdsk utility on the volume \Device\HarddiskVolumeShadowCopy1.

Error - 3/23/2012 10:17:29 AM | Computer Name = hp-HP | Source = Ntfs | ID = 262199

Description = The file system structure on the disk is corrupt and unusable. Please

run the chkdsk utility on the volume \Device\HarddiskVolumeShadowCopy1.

Error - 3/23/2012 10:17:29 AM | Computer Name = hp-HP | Source = Ntfs | ID = 262199

Description = The file system structure on the disk is corrupt and unusable. Please

run the chkdsk utility on the volume \Device\HarddiskVolumeShadowCopy1.

Error - 3/24/2012 10:54:30 AM | Computer Name = hp-HP | Source = Service Control Manager | ID = 7009

Description = A timeout was reached (30000 milliseconds) while waiting for the Steam

Client Service service to connect.

Error - 3/24/2012 10:54:30 AM | Computer Name = hp-HP | Source = Service Control Manager | ID = 7000

Description = The Steam Client Service service failed to start due to the following

error: %%1053

< End of report >

[stewright5]

Thank you again!

[stewright5]

Have also removed utorrent after reading another post :S did not know utorret was illegal. Sorry

[stewright5]

OTL logfile created on: 28/03/2012 23:28:08 - Run 1

OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\hp\Downloads

64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

5.80 Gb Total Physical Memory | 3.94 Gb Available Physical Memory | 67.85% Memory free

11.60 Gb Paging File | 9.01 Gb Available in Paging File | 77.62% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 348.67 Gb Total Space | 228.14 Gb Free Space | 65.43% Space Free | Partition Type: NTFS

Drive D: | 19.14 Gb Total Space | 2.77 Gb Free Space | 14.47% Space Free | Partition Type: NTFS

Drive F: | 2.46 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Drive H: | 97.66 Gb Total Space | 97.54 Gb Free Space | 99.88% Space Free | Partition Type: NTFS

Computer Name: HP-HP | User Name: hp | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/03/28 21:05:42 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\hp\Downloads\OTL.exe

PRC - [2012/03/24 15:54:48 | 000,250,528 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11g_ActiveX.exe

PRC - [2012/03/24 15:54:20 | 000,489,256 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe

PRC - [2012/03/13 15:13:32 | 000,918,880 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe

PRC - [2012/03/13 15:13:17 | 000,982,880 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe

PRC - [2012/01/30 13:22:36 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe

PRC - [2012/01/24 18:24:26 | 002,416,480 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe

PRC - [2011/10/12 07:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe

PRC - [2011/08/02 07:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe

PRC - [2011/07/29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

PRC - [2011/03/15 18:42:18 | 000,499,608 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe

PRC - [2010/11/29 16:54:58 | 002,402,696 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Security Scan\KSS.exe

PRC - [2010/06/30 03:00:08 | 000,027,192 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

PRC - [2010/06/30 02:58:04 | 000,602,168 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

PRC - [2010/06/25 21:55:34 | 000,092,216 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

PRC - [2010/06/25 07:32:50 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe

PRC - [2010/05/01 02:21:14 | 002,533,400 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

PRC - [2010/05/01 02:21:14 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

PRC - [2010/04/24 03:42:36 | 000,625,416 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe

PRC - [2010/04/23 20:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe

PRC - [2010/04/14 05:13:52 | 000,243,544 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\mswinext.exe

PRC - [2010/04/10 01:54:38 | 001,441,544 | ---- | M] (Motorola, Inc.) -- C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe

PRC - [2009/02/23 20:43:12 | 000,576,000 | ---- | M] (MagicISO, Inc.) -- C:\Program Files (x86)\MagicDisc\MagicDisc.exe

========== Modules (No Company Name) ==========

MOD - [2012/03/24 15:54:18 | 020,297,512 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll

MOD - [2012/03/24 15:54:14 | 001,099,576 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll

MOD - [2012/03/24 15:54:14 | 000,907,048 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll

MOD - [2012/03/24 15:54:14 | 000,190,776 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll

MOD - [2012/03/24 15:54:14 | 000,123,192 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll

MOD - [2012/03/13 15:13:17 | 000,982,880 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe

MOD - [2012/02/21 22:01:58 | 000,997,888 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\0794d7af09099432ebfb51af1d7f15ae\System.Management.ni.dll

MOD - [2012/02/21 21:55:03 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\6954c7f14ea634672cdacf2cd793497e\PresentationFramework.Aero.ni.dll

MOD - [2012/02/21 21:54:46 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\0a894f77b9aa64acbd3ce791916357d8\System.Runtime.Remoting.ni.dll

MOD - [2012/02/21 21:54:44 | 006,618,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\c06a0517281bb4a9c7fcaeb58d38cd63\System.Data.ni.dll

MOD - [2012/02/21 21:54:34 | 014,322,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8435718626a24beaeefc98d45ae77127\PresentationFramework.ni.dll

MOD - [2012/02/21 21:54:20 | 012,431,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ff30db6905f8ec024fc808ed8779c0f3\System.Windows.Forms.ni.dll

MOD - [2012/02/21 21:54:13 | 001,586,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\a09ee392fa90849f2e9313a1ebbe0279\System.Drawing.ni.dll

MOD - [2012/02/21 21:54:11 | 012,216,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\c0508b05f5c28e37711f447a66368e75\PresentationCore.ni.dll

MOD - [2012/02/21 21:54:01 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\585ac5899ab444221c8b41df13b194bc\WindowsBase.ni.dll

MOD - [2012/02/21 21:53:57 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49f4cb0755ccc34cd35ff96dc2ef9e3\System.Xml.ni.dll

MOD - [2012/02/21 21:53:53 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\15742b3597258ce67cbe219005c197e5\System.Configuration.ni.dll

MOD - [2012/02/21 21:53:49 | 007,952,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\1f14b3e1ee0847f8662f513e67f92547\System.ni.dll

MOD - [2012/01/29 10:53:05 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\1b31ced9bb880d94fff1c6d47c16a81e\mscorlib.ni.dll

MOD - [2011/07/29 00:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll

MOD - [2011/07/29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

MOD - [2010/11/29 16:54:58 | 002,402,696 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Security Scan\KSS.exe

MOD - [2010/11/29 16:54:54 | 000,092,160 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Security Scan\KSS_WMI.dll

MOD - [2010/07/15 13:36:22 | 000,122,424 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll

MOD - [2010/06/16 21:48:34 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll

MOD - [2010/06/16 21:48:32 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll

MOD - [2010/06/16 21:48:32 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll

MOD - [2010/02/10 02:58:30 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll

MOD - [2010/02/10 02:58:28 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll

MOD - [2010/02/10 02:58:24 | 000,040,960 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll

MOD - [2010/02/10 02:58:24 | 000,007,680 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll

MOD - [2010/02/10 02:58:22 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll

MOD - [2010/02/10 02:58:22 | 000,005,632 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll

MOD - [2010/02/10 02:58:18 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll

MOD - [2010/02/10 02:58:14 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll

MOD - [2009/06/10 22:23:17 | 002,933,248 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012/01/26 18:32:28 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Running] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)

SRV:64bit: - [2011/08/12 00:38:04 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)

SRV:64bit: - [2010/06/29 20:52:12 | 004,181,256 | ---- | M] (Motorola, Inc.) [On_Demand | Running] -- C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe -- (Bluetooth Device Manager)

SRV:64bit: - [2010/06/22 06:57:44 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)

SRV:64bit: - [2010/06/19 00:26:18 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service)

SRV:64bit: - [2010/06/18 06:10:14 | 000,258,048 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)

SRV:64bit: - [2010/05/20 22:28:14 | 000,677,128 | ---- | M] (Motorola, Inc.) [Auto | Running] -- C:\Program Files\Motorola\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)

SRV:64bit: - [2010/05/20 22:28:12 | 001,096,968 | ---- | M] (Motorola, Inc.) [On_Demand | Running] -- C:\Program Files\Motorola\Bluetooth\audiosrv.exe -- (Bluetooth Media Service)

SRV:64bit: - [2010/04/24 03:42:40 | 000,445,192 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe -- (DpHost)

SRV:64bit: - [2010/02/23 16:38:54 | 002,192,176 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysNative\vcsFPService.exe -- (vcsFPService)

SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV:64bit: - [2009/07/08 21:49:02 | 000,030,520 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)

SRV:64bit: - [2009/03/03 11:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)

SRV - [2012/03/24 15:54:20 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)

SRV - [2012/03/13 15:13:32 | 000,918,880 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe -- (vToolbarUpdater10.2.0)

SRV - [2012/01/26 18:32:20 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)

SRV - [2011/10/12 07:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)

SRV - [2011/08/02 07:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)

SRV - [2010/06/30 05:51:12 | 000,245,232 | ---- | M] (CyberLink) [Auto | Stopped] -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe -- (CLKMSVC10_C6F09094)

SRV - [2010/06/30 03:00:08 | 000,027,192 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)

SRV - [2010/06/25 21:55:34 | 000,092,216 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)

SRV - [2010/05/01 02:21:14 | 002,533,400 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®

SRV - [2010/05/01 02:21:14 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®

SRV - [2010/04/04 00:01:24 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)

SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2010/02/23 16:19:02 | 001,799,472 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vcsFPService.exe -- (vcsFPService)

SRV - [2010/02/19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)

SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/12/19 14:45:22 | 000,146,736 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)

DRV:64bit: - [2011/10/07 07:23:46 | 000,283,728 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)

DRV:64bit: - [2011/09/13 07:30:08 | 000,037,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)

DRV:64bit: - [2011/08/08 07:08:58 | 000,046,672 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)

DRV:64bit: - [2011/08/02 18:38:56 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)

DRV:64bit: - [2011/07/22 17:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)

DRV:64bit: - [2011/07/12 22:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)

DRV:64bit: - [2011/07/11 02:14:36 | 000,375,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)

DRV:64bit: - [2011/07/11 02:14:08 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)

DRV:64bit: - [2011/07/11 02:14:06 | 000,120,400 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)

DRV:64bit: - [2011/07/11 02:14:06 | 000,026,704 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AVGIDSEH.sys -- (AVGIDSEH)

DRV:64bit: - [2011/03/11 07:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011/03/11 07:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2010/06/29 19:12:26 | 003,232,768 | ---- | M] (Motorola, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmusb.sys -- (BTMUSB)

DRV:64bit: - [2010/06/25 07:32:52 | 000,032,880 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)

DRV:64bit: - [2010/06/24 06:37:24 | 000,931,168 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)

DRV:64bit: - [2010/06/22 08:17:52 | 006,856,704 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)

DRV:64bit: - [2010/06/22 06:28:32 | 010,342,240 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)

DRV:64bit: - [2010/06/22 06:28:32 | 010,342,240 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)

DRV:64bit: - [2010/06/22 06:24:12 | 000,264,192 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)

DRV:64bit: - [2010/06/18 06:10:14 | 000,515,584 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)

DRV:64bit: - [2010/05/28 00:32:56 | 000,320,560 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)

DRV:64bit: - [2010/05/06 14:21:46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)

DRV:64bit: - [2010/05/01 02:21:00 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel®

DRV:64bit: - [2010/04/13 18:44:22 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)

DRV:64bit: - [2010/04/10 01:53:04 | 000,052,736 | ---- | M] (Motorola, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btmcom.sys -- (BTMCOM)

DRV:64bit: - [2010/03/05 06:43:00 | 000,346,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)

DRV:64bit: - [2010/01/11 23:31:04 | 000,232,992 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)

DRV:64bit: - [2009/10/26 21:39:44 | 000,151,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)

DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009/07/14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2009/07/14 02:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009/07/14 00:31:10 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)

DRV:64bit: - [2009/07/08 21:49:08 | 000,030,008 | ---- | M] (Hewlett-Packard) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)

DRV:64bit: - [2009/07/08 21:48:50 | 000,041,272 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)

DRV:64bit: - [2009/06/10 22:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)

DRV:64bit: - [2009/06/10 22:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)

DRV:64bit: - [2009/06/10 22:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)

DRV:64bit: - [2009/06/10 21:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)

DRV:64bit: - [2009/06/10 21:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel®

DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)

DRV:64bit: - [2009/02/24 19:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcdbus.sys -- (mcdbus)

DRV:64bit: - [2008/06/27 08:51:10 | 000,088,632 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs)

DRV:64bit: - [2007/05/14 16:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)

DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

DRV - [2009/02/24 19:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\mcdbus.sys -- (mcdbus)

DRV - [2008/08/14 08:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWow64\drivers\adfs.sys -- (adfs)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPNOT/2

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {22E414F6-9D98-4E57-A2C3-FA80C3015568}

IE:64bit: - HKLM\..\SearchScopes\{22E414F6-9D98-4E57-A2C3-FA80C3015568}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox

IE:64bit: - HKLM\..\SearchScopes\{94ED22A3-938E-4ED2-9314-B5E2CDEA02F5}: "URL" = http://uk.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF

IE:64bit: - HKLM\..\SearchScopes\{E82F8F71-7D41-40AD-ABBA-CEB813399FBF}: "URL" = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPNOT/2

IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)

IE - HKLM\..\SearchScopes,DefaultScope = {22E414F6-9D98-4E57-A2C3-FA80C3015568}

IE - HKLM\..\SearchScopes\{22E414F6-9D98-4E57-A2C3-FA80C3015568}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox

IE - HKLM\..\SearchScopes\{94ED22A3-938E-4ED2-9314-B5E2CDEA02F5}: "URL" = http://uk.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF

IE - HKLM\..\SearchScopes\{E82F8F71-7D41-40AD-ABBA-CEB813399FBF}: "URL" = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1383393120-3484479454-2718812190-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://uk.msn.com/?ocid=ie9fr

IE - HKU\S-1-5-21-1383393120-3484479454-2718812190-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1

IE - HKU\S-1-5-21-1383393120-3484479454-2718812190-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.co.uk/

IE - HKU\S-1-5-21-1383393120-3484479454-2718812190-1000\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)

IE - HKU\S-1-5-21-1383393120-3484479454-2718812190-1000\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}

IE - HKU\S-1-5-21-1383393120-3484479454-2718812190-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&AF=108753&babsrc=SP_ss&mntrId=6078376f00000000000070f3956fb1a2

IE - HKU\S-1-5-21-1383393120-3484479454-2718812190-1000\..\SearchScopes\{22E414F6-9D98-4E57-A2C3-FA80C3015568}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox

IE - HKU\S-1-5-21-1383393120-3484479454-2718812190-1000\..\SearchScopes\{94ED22A3-938E-4ED2-9314-B5E2CDEA02F5}: "URL" = http://uk.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF

IE - HKU\S-1-5-21-1383393120-3484479454-2718812190-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={C21A83BC-E417-4707-A104-CF91F3C42DED}&mid=fce6af74420547d1a7be7285fd00cf57-6731d86a4ea615bf5827179d59738ff7af76b269〈=en&ds=AVG&pr=pr&d=2012-01-31 11:28:19&v=10.0.0.7&sap=dsp&q={searchTerms}

IE - HKU\S-1-5-21-1383393120-3484479454-2718812190-1000\..\SearchScopes\{A531D99C-5A22-449b-83DA-872725C6D0ED}: "URL" = http://search.alot.com/web?q={searchTerms}

IE - HKU\S-1-5-21-1383393120-3484479454-2718812190-1000\..\SearchScopes\{E82F8F71-7D41-40AD-ABBA-CEB813399FBF}: "URL" = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}

IE - HKU\S-1-5-21-1383393120-3484479454-2718812190-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1383393120-3484479454-2718812190-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@onlive.com/OnLiveGameClientDetector,version=1.0.0: C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll (OnLive)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\hp\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\hp\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\ [2012/01/25 01:03:48 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\Firefox [2012/01/25 01:04:32 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/01/27 18:50:09 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012/02/01 16:22:12 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\10.2.0.3\ [2012/03/13 15:14:10 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2012/02/05 22:07:56 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}: C:\Program Files (x86)\PriceGong\2.5.0\FF [2012/02/01 18:07:46 | 000,000,000 | ---D | M]

[2012/01/26 18:57:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\hp\AppData\Roaming\mozilla\Firefox\extensions

[2012/01/26 18:57:30 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Users\hp\AppData\Roaming\mozilla\Firefox\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}

========== Chrome ==========

CHR - default_search_provider: AVG Secure Search (Enabled)

CHR - default_search_provider: search_url = http://isearch.avg.com/search?cid={C21A83BC-E417-4707-A104-CF91F3C42DED}&mid=fce6af74420547d1a7be7285fd00cf57-6731d86a4ea615bf5827179d59738ff7af76b269〈=en&ds=AVG&pr=pr&d=2012-01-31 11:28:19&v=10.0.0.7&sap=dsp&q={searchTerms}

CHR - default_search_provider: suggest_url = http://clients5.google.com/complete/search?hl={language}&q={searchTerms}&client=ie8&inputencoding={inputEncoding}&outputencoding={outputEncoding}

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Users\hp\AppData\Local\Google\Chrome\Application\17.0.963.66\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\hp\AppData\Local\Google\Chrome\Application\17.0.963.66\pdf.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Users\hp\AppData\Local\Google\Chrome\Application\17.0.963.66\gcswf32.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll

CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

CHR - plugin: Java Platform SE 6 U30 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL

CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL

CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll

CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll

CHR - plugin: Bing Bar (Enabled) = C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll

CHR - plugin: OnLive Game Client Detector (Enabled) = C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll

CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

CHR - plugin: Google Update (Enabled) = C:\Users\hp\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll

CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll

CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll

CHR - plugin: Default Plug-in (Enabled) = default_plugin

CHR - Extension: uTorrentBar = C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\bejbohlohkkgompgecdcbbglkpjfjgdj\2.3.3.3_0\

CHR - Extension: YouTube = C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\

CHR - Extension: Google Search = C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\

CHR - Extension: AVG Safe Search = C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\

CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\

CHR - Extension: Gmail = C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\

O1 HOSTS File: ([2011/01/27 16:00:58 | 000,001,211 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: 127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com

O1 - Hosts: 127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com

O1 - Hosts: 127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com

O1 - Hosts: 127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com

O1 - Hosts: 127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com

O1 - Hosts: 127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net

O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)

O2 - BHO: (Shopping Assistant Plugin) - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.5.0\PriceGongIE.dll (PriceGong)

O2 - BHO: (Codec-C Class) - {19480E4E-F264-4DFB-B991-C35664EDBE49} - C:\ProgramData\Codec-C\bhoclass.dll (Injector)

O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (ALOT Appbar Helper) - {85F5CF95-EC8F-49fc-BB3F-38C79455CBA2} - C:\Program Files (x86)\alotappbar\bin\BHO\ALOTHelperBHO.dll (Vertro)

O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll ()

O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)

O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll (Microsoft Corporation)

O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll (Microsoft Corporation)

O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll ()

O3 - HKLM\..\Toolbar: (ALOT Appbar) - {A531D99C-5A22-449b-83DA-872725C6D0ED} - C:\Program Files (x86)\alotappbar\bin\alothelper.dll (Vertro)

O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)

O3 - HKU\S-1-5-21-1383393120-3484479454-2718812190-1000\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.

O3 - HKU\S-1-5-21-1383393120-3484479454-2718812190-1000\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)

O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)

O4:64bit: - HKLM..\Run: [bTMTrayAgent] C:\Program Files\Motorola\Bluetooth\btmshell.dll (Motorola, Inc.)

O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe ()

O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [smartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()

O4:64bit: - HKLM..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)

O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found

O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)

O4 - HKLM..\Run: [bing Bar] C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\mswinext.exe (Microsoft Corp.)

O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()

O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS)

O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Company)

O4 - HKLM..\Run: [ROC_roc_dec12] C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe ()

O4 - HKLM..\Run: [startCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKLM..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()

O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-1383393120-3484479454-2718812190-1000..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe ()

O4 - HKU\S-1-5-21-1383393120-3484479454-2718812190-1000..\Run: [spotify] C:\Users\hp\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)

O4 - HKU\S-1-5-21-1383393120-3484479454-2718812190-1000..\Run: [steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)

O4 - HKU\S-1-5-21-1383393120-3484479454-2718812190-1000..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)

O4 - HKU\S-1-5-21-1383393120-3484479454-2718812190-1000..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED File not found

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O4 - Startup: C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O9:64bit: - Extra Button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm ()

O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm ()

O9 - Extra Button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm ()

O9 - Extra 'Tools' menuitem : @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm ()

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)

O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)

O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com/activex/ractrl.cab?lmi=724 (Performance Viewer Activex Control)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{36F60660-3CA6-4D0C-A8DB-B41BE7C1EAA4}: DhcpNameServer = 192.168.1.254

O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)

O18:64bit: - Protocol\Handler\livecall - No CLSID value found

O18:64bit: - Protocol\Handler\ms-help - No CLSID value found

O18:64bit: - Protocol\Handler\msnim - No CLSID value found

O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found

O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found

O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)

O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.2.0\ViProtocol.dll ()

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe) - C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe (DigitalPersona, Inc.)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2010/03/22 05:24:08 | 000,000,175 | R--- | M] () - F:\autorun.inf -- [ UDF ]

O33 - MountPoints2\{8389b047-4839-11e1-997e-c8d60f5acebc}\Shell - "" = AutoRun

O33 - MountPoints2\{8389b047-4839-11e1-997e-c8d60f5acebc}\Shell\AutoRun\command - "" = F:\setup.exe -- [2010/03/12 11:06:18 | 000,464,248 | R--- | M] (Microsoft Corporation)

O33 - MountPoints2\{8389b047-4839-11e1-997e-c8d60f5acebc}\Shell\configure\command - "" = F:\setup.exe -- [2010/03/12 11:06:18 | 000,464,248 | R--- | M] (Microsoft Corporation)

O33 - MountPoints2\{8389b047-4839-11e1-997e-c8d60f5acebc}\Shell\install\command - "" = F:\setup.exe -- [2010/03/12 11:06:18 | 000,464,248 | R--- | M] (Microsoft Corporation)

O34 - HKLM BootExecute: (autocheck autochk *)

O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/03/28 19:42:42 | 000,000,000 | -H-D | C] -- C:\$AVG

[2012/03/27 20:29:33 | 000,000,000 | ---D | C] -- C:\Users\hp\AppData\Roaming\SUPERAntiSpyware.com

[2012/03/27 20:29:16 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com

[2012/03/27 20:29:16 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware

[2012/03/27 20:14:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavasoft

[2012/03/27 20:14:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft

[2012/03/24 11:06:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Codec-C

[2012/03/07 15:38:12 | 000,000,000 | ---D | C] -- C:\Users\hp\Desktop\Krak head Times

[2012/03/01 12:47:25 | 000,000,000 | ---D | C] -- C:\Users\hp\Desktop\Flash Drive

[2012/03/01 11:24:39 | 000,000,000 | ---D | C] -- C:\Users\hp\VirtualBox VMs

[2012/03/01 11:06:02 | 000,000,000 | ---D | C] -- C:\Users\hp\.VirtualBox

[2012/03/01 10:52:12 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle

[2012/02/02 12:04:10 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\hp\AppData\Roaming\pcouffin.sys

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/03/28 23:23:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1383393120-3484479454-2718812190-1000UA.job

[2012/03/28 20:55:18 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2012/03/28 20:55:18 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2012/03/28 20:54:56 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2012/03/28 20:54:56 | 000,628,460 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2012/03/28 20:54:56 | 000,110,612 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2012/03/28 20:47:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2012/03/28 20:47:21 | 377,901,055 | -HS- | M] () -- C:\hiberfil.sys

[2012/03/28 18:14:17 | 092,861,381 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm

[2012/03/28 09:23:00 | 000,000,844 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1383393120-3484479454-2718812190-1000Core.job

[2012/03/28 08:59:39 | 000,251,828 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm

[2012/03/18 09:39:19 | 004,986,432 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2012/03/01 10:54:45 | 000,001,100 | ---- | M] () -- C:\Users\hp\Application Data\Microsoft\Internet Explorer\Quick Launch\Oracle VM VirtualBox.lnk

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/03/01 10:54:45 | 000,001,100 | ---- | C] () -- C:\Users\hp\Application Data\Microsoft\Internet Explorer\Quick Launch\Oracle VM VirtualBox.lnk

[2012/02/02 12:04:10 | 000,099,384 | ---- | C] () -- C:\Users\hp\AppData\Roaming\inst.exe

[2012/02/02 12:04:10 | 000,007,859 | ---- | C] () -- C:\Users\hp\AppData\Roaming\pcouffin.cat

[2012/02/02 12:04:10 | 000,001,167 | ---- | C] () -- C:\Users\hp\AppData\Roaming\pcouffin.inf

[2012/02/01 17:55:37 | 000,000,067 | ---- | C] () -- C:\Windows\Easy Avi Divx Xvid to DVD Burner.INI

[2012/02/01 17:44:24 | 000,001,057 | ---- | C] () -- C:\Users\hp\AppData\Roaming\vso_ts_preview.xml

[2012/01/27 18:41:00 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll

[2012/01/25 00:46:52 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

[2012/01/25 00:44:38 | 000,014,051 | ---- | C] () -- C:\Windows\SysWow64\RaCoInst.dat

[2012/01/25 00:40:50 | 000,002,189 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat

[2012/01/25 00:39:36 | 000,870,560 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin

[2012/01/25 00:39:36 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll

[2012/01/25 00:39:36 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll

[2012/01/25 00:39:36 | 000,104,636 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin

[2012/01/25 00:39:35 | 000,127,868 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin

[2012/01/25 00:39:35 | 000,002,189 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat

[2012/01/25 00:39:24 | 000,000,299 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog2.ini

[2012/01/25 00:39:24 | 000,000,240 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog.ini

[2012/01/25 00:36:37 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat

[2011/05/16 13:31:44 | 000,008,592 | ---- | C] () -- C:\Windows\SysWow64\ractrlkeyhook.dll

[2010/07/15 13:48:51 | 000,000,188 | ---- | C] () -- C:\Windows\SysWow64\HPWA.ini

[2010/07/15 12:58:37 | 000,009,988 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat

[2010/07/15 12:48:17 | 000,000,186 | ---- | C] () -- C:\Windows\SysWow64\HP Documentation.ini

========== LOP Check ==========

[2012/02/05 12:11:49 | 000,000,000 | ---D | M] -- C:\Users\Jenna\AppData\Roaming\AVG2012

[2012/01/26 17:20:37 | 000,000,000 | ---D | M] -- C:\Users\Jenna\AppData\Roaming\DigitalPersona

[2009/07/14 06:08:49 | 000,021,216 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

< End of report >

[stewright5]

OTL Extras logfile created on: 28/03/2012 23:28:08 - Run 1

OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\hp\Downloads

64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

5.80 Gb Total Physical Memory | 3.94 Gb Available Physical Memory | 67.85% Memory free

11.60 Gb Paging File | 9.01 Gb Available in Paging File | 77.62% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 348.67 Gb Total Space | 228.14 Gb Free Space | 65.43% Space Free | Partition Type: NTFS

Drive D: | 19.14 Gb Total Space | 2.77 Gb Free Space | 14.47% Space Free | Partition Type: NTFS

Drive F: | 2.46 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Drive H: | 97.66 Gb Total Space | 97.54 Gb Free Space | 99.88% Space Free | Partition Type: NTFS

Computer Name: HP-HP | User Name: hp | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

========== Authorized Applications List ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{1D5CE83C-BFDD-4668-8BCB-E8614334A657}" = Adobe Photoshop Lightroom 3.4 64-bit

"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64

"{1F6B7CB0-66D8-4B31-BF1F-D2318E58080E}" = HP SimplePass Identity Protection

"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)

"{23401053-03B3-845A-A946-32BEB58AB5AC}" = ccc-utility64

"{26A24AE4-039D-4CA4-87B4-2F86416020FF}" = Java 6 Update 20 (64-bit)

"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64

"{299625B9-6C69-462C-9CEA-8E06D878B1C5}" = HP 3D DriveGuard

"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64

"{34DA4817-68E1-CC8B-A9A5-392095FA28C9}" = ATI Catalyst Install Manager

"{426FAE9F-7373-496E-A215-9DB7EF4398CF}" = Validity Sensors DDK

"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64

"{4B4E2FA2-3B1E-4147-99DB-5033981D8C2F}" = HP MediaSmart Movies and TV

"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

"{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64

"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour

"{731A1D36-BF17-4C76-B7E7-CC055AF8C54E}" = HP MediaSmart SmartMenu

"{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support

"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64

"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64

"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4

"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64

"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010

"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010

"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010

"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4

"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9B2C4509-2B9F-4303-BA74-E2F9BB773F03}" = Oracle VM VirtualBox 4.1.8

"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant

"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64

"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64

"{B5FC1E1B-E70D-45F1-8E40-A3C30698B323}" = HP Wireless Assistant

"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64

"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware

"{D050583D-5CEC-47B1-88AA-8B328CAA8621}" = AVG 2012

"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)

"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4

"{E3EC7FC4-B4BF-4911-9A43-F7C753CE03F5}" = AVG 2012

"{EC2C1B61-3AA4-4477-8067-27B6276536DB}" = SmartFTP Client

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit

"AVG" = AVG 2012

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Ralink Motorola BC4 Bluetooth 3.0+HS Adapter_is1" = Ralink Motorola BC4 Bluetooth 3.0+HS Adapter

"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4

"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam

"{0215A652-E081-4B09-9333-DC85AAB67FFA}" = Adobe Dreamweaver CS5.5

"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86

"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam

"{0497EAED-70DA-4BBE-BEB3-AF77FD8788EA}" = Adobe Premiere Pro CS5.5

"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4

"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4

"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack

"{07E49BC1-24FF-4D7A-AC74-727BE95801AF}" = LightScribe System Software

"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements

"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar

"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86

"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler

"{0A653E82-9056-A08A-8262-62F59FF285C7}" = CCC Help Korean

"{0D542538-335E-08BA-21C5-62E9A7B2BE60}" = Catalyst Control Center InstallProxy

"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4

"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup

"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86

"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4

"{11A63D4E-6512-6D57-8690-3D656A483AB0}" = CCC Help French

"{132234A4-9362-4829-957F-FF11715F7815}" = HP Documentation

"{147D8BB7-FEE8-5D53-390D-7FB94FC26BC8}" = CCC Help Italian

"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4

"{16734097-34B9-C5E3-7863-7A9CAAEB391F}" = ccc-core-static

"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4

"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB

"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool

"{222A544B-E6B7-496F-B4D7-6FE74FF0E616}" = Bing Bar Platform

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library

"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java 6 Update 30

"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com

"{2EF17083-57D4-4D64-AE4F-55F32A2C4571}" = Codec-C

"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video

"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform

"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support

"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help

"{35772A32-7A3D-A8FC-840C-B84B536E62FD}" = CCC Help Swedish

"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4

"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7

"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player

"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4

"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4

"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin

"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology

"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go

"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor

"{42C095E5-4CE2-A376-9893-93431C6A236E}" = CCC Help Dutch

"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager

"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR

"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials

"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4B156358-CE9C-4E9F-8CAD-79AE86A68C60}" = HP Power Manager

"{543F949F-2B95-448F-9F2E-56F0C5FF8E2C}" = Catalyst Control Center - Branding

"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4

"{5BA6D86E-AA0D-05FF-09B5-ED3CD5277A42}" = CCC Help German

"{5D4875F6-89D1-4E9C-B7B9-9164C9D20C9C}" = Kaspersky Security Scan

"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86

"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4

"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support

"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail

"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components

"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library

"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4

"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK

"{6B65BA9C-2E00-3BCB-8EA5-94A7841B39C1}" = CCC Help Thai

"{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo

"{70743ADB-DD63-DA15-1E6C-32D88C54E04D}" = CCC Help English

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{72D90DB3-A16A-4545-B555-868471101833}" = HP Setup

"{778E3C06-48EB-79CA-775E-BEA3086896AD}" = CCC Help Japanese

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{7A083F0E-189D-9100-8883-3B7E75B53E3F}" = CCC Help Chinese Traditional

"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4

"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4

"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4

"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7

"{8AE4C1DF-D685-56CB-4B4E-181A12FFAF55}" = CCC Help Turkish

"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update

"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}" = Ralink RT3090 802.11b/g/n WiFi Adapter

"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010

"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010

"{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010

"{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010

"{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010

"{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010

"{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010

"{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010

"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010

"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010

"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-002A-0409-1000-0000000FF1CE}_Office14.PROPLUS_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010

"{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUS_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010

"{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010

"{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010

"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010

"{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010

"{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0116-0409-1000-0000000FF1CE}_Office14.PROPLUS_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010

"{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music

"{925BC35B-CA11-577E-95C7-67C5BD4776BA}" = Catalyst Control Center Graphics Previews Common

"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86

"{93138715-2252-4107-C3C6-D7F8ACAD4956}" = CCC Help Finnish

"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4

"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195

"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4

"{95A73EEC-18CA-0C70-2E88-C6F901C69583}" = CCC Help Russian

"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9C7243A7-5C0E-3190-A042-01D88F7BB791}" = CCC Help Portuguese

"{9ECF7817-DB11-4FBA-9DF1-296A578D513A}" = Adobe Shockwave Player 11.5

"{AA6F75E4-1807-4AAF-8CCC-4B9A48476BA5}" = Catalyst Control Center Localization All

"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.5.0 MUI

"{ACF5C43A-3E69-ED63-FCF9-831B3B9D1516}" = CCC Help Polish

"{AF144D2F-E890-B537-DC7C-DE01A8AC5405}" = CCC Help Norwegian

"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync

"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect

"{B4201487-FA15-8BCC-6833-E355A43CCCDB}" = Catalyst Control Center Graphics Previews Vista

"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger

"{B5DE2511-C5D3-0AAC-0470-606067398EBB}" = CCC Help Chinese Standard

"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4

"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86

"{B95B1BA9-F887-4B3C-8D3A-CCD4C4675120}" = Microsoft Default Manager

"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module

"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo

"{BDE646E8-86E0-50E1-37BC-0AEBB2185D76}" = Adobe Widget Browser

"{C28DD992-5B7B-D195-6841-4EC57DF512BD}" = Adobe Story

"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4

"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint

"{C77A8D2F-DE6E-E548-FA06-C56251441D95}" = CCC Help Spanish

"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector

"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw

"{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video

"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86

"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!

"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel® Turbo Boost Technology Driver

"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86

"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD

"{E05DB9F9-C8E7-45F2-BE9E-76D4C447CE9B}" = HP Software Framework

"{E342D296-DB9D-4FC7-ACB0-39926C0BFA16}" = HP Quick Launch

"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio

"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4

"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call

"{E93EAD24-E483-52AA-2E6F-C792E51E3F92}" = CCC Help Czech

"{ECB2E743-BFBD-7C77-6C62-F54ACD0ECE6D}" = CCC Help Hungarian

"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery

"{F0A06BEC-E4BA-DB4F-C3DF-37A3C77780EF}" = CCC Help Danish

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard

"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help

"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4

"{F90DE865-1A3D-D6D6-0638-F1D2EFCB5C29}" = PX Profile Update

"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4

"{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video

"{FC17E0A7-EAA9-4902-92F8-C83B9FD02246}" = HP Support Assistant

"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables

"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All

"{FD7DDB2A-445B-78D3-EAFB-6F7BE425285E}" = CCC Help Greek

"AC3Filter" = AC3Filter (remove only)

"AC3Filter_is1" = AC3Filter 1.62b

"Adobe AIR" = Adobe AIR

"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4

"alotAppbar" = ALOT Appbar

"Any Video Converter_is1" = Any Video Converter 3.3.3

"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help

"com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Story

"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player

"com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1" = Adobe Widget Browser

"CoreFTP" = Core FTP LE

"DivX Setup" = DivX Setup

"EasyBits Magic Desktop" = Magic Desktop

"Free DVD Creator (by minidvdsoft)_is1" = Free DVD Creator version 2.0

"HP DVB-T TV Tuner" = HP DVB-T TV Tuner 8.0.64.43

"HP Photo Creations" = HP Photo Creations

"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam

"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite

"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video

"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go

"InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo

"InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music

"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint

"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector

"InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video

"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!

"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD

"InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video

"MagicDisc 2.7.106" = MagicDisc 2.7.106

"My HP Game Console" = HP Game Console

"Office14.PROPLUS" = Microsoft Office Professional Plus 2010

"OnLive" = OnLive

"PriceGong" = PriceGong 2.5.0

"SmartFTP Client 4.0 (x64) Setup Files" = SmartFTP Client Setup Files 4.0 (x64) (remove only)

"Steam App 71270" = Football Manager 2012

"Steam App 71400" = Football Manager 2012 Editor

"uTorrentBar Toolbar" = uTorrentBar Toolbar

"VLC media player" = VideoLAN VLC media player 0.8.6f

"WildTangent hp Master Uninstall" = HP Games

"WinLiveSuite_Wave3" = Windows Live Essentials

"WinRAR archiver" = WinRAR 4.10 (32-bit)

"WT087328" = Blackhawk Striker 2

"WT087342" = Dora's Carnival Adventure

"WT087360" = Escape Rosecliff Island

"WT087361" = FATE

"WT087362" = Final Drive Nitro

"WT087374" = Jewel Quest - Heritage

"WT087394" = Penguins!

"WT087395" = Poker Superstars III

"WT087396" = Polar Bowler

"WT087397" = Polar Golfer

"WT087420" = Agatha Christie - Death on the Nile

"WT087428" = Bejeweled 2 Deluxe

"WT087453" = Chuzzle Deluxe

"WT087501" = Plants vs. Zombies

"WT087513" = Virtual Villagers - The Secret City

"WT087533" = Zuma Deluxe

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1383393120-3484479454-2718812190-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Google Chrome" = Google Chrome

"Spotify" = Spotify

========== Last 10 Event Log Errors ==========

[ Application Events ]

Error - 27/02/2012 03:41:06 | Computer Name = hp-HP | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledEvent 58102369

Error - 27/02/2012 03:41:06 | Computer Name = hp-HP | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledSPRetry 58102369

Error - 27/02/2012 03:41:07 | Computer Name = hp-HP | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: Continuously busy for more than a second

Error - 27/02/2012 03:41:07 | Computer Name = hp-HP | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledEvent 58103461

Error - 27/02/2012 03:41:07 | Computer Name = hp-HP | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledSPRetry 58103461

Error - 27/02/2012 03:41:08 | Computer Name = hp-HP | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: Continuously busy for more than a second

Error - 27/02/2012 03:41:08 | Computer Name = hp-HP | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledEvent 58104538

Error - 27/02/2012 03:41:08 | Computer Name = hp-HP | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledSPRetry 58104538

Error - 27/02/2012 03:41:12 | Computer Name = hp-HP | Source = Windows Backup | ID = 4103

Description =

Error - 29/02/2012 19:56:21 | Computer Name = hp-HP | Source = EventSystem | ID = 4621

Description =

[ Hewlett-Packard Events ]

Error - 08/02/2012 10:48:07 | Computer Name = hp-HP | Source = Hewlett-Packard | ID = 0

Description = en-GB Could not find a part of the path 'C:\ProgramData\Hewlett-Packard\HP

Support Framework\Logs\Temp\HPSA\HPSASession_201202081448.xml'. mscorlib at System.IO.__Error.WinIOError(Int32

errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode

mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32

bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,

Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,

FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) at

System.IO.StreamWriter.CreateFile(String path, Boolean append) at System.IO.StreamWriter..ctor(String

path, Boolean append, Encoding encoding, Int32 bufferSize) at System.IO.StreamWriter..ctor(String

path, Boolean append, Encoding encoding) at System.IO.File.WriteAllText(String

path, String contents, Encoding encoding) at HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()

Error - 17/02/2012 04:46:44 | Computer Name = hp-HP | Source = Hewlett-Packard | ID = 0

Description = en-GB Could not find a part of the path 'C:\ProgramData\Hewlett-Packard\HP

Support Framework\Logs\Temp\HPSA\HPSASession_201202170846.xml'. mscorlib at System.IO.__Error.WinIOError(Int32

errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode

mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32

bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,

Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,

FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) at

System.IO.StreamWriter.CreateFile(String path, Boolean append) at System.IO.StreamWriter..ctor(String

path, Boolean append, Encoding encoding, Int32 bufferSize) at System.IO.StreamWriter..ctor(String

path, Boolean append, Encoding encoding) at System.IO.File.WriteAllText(String

path, String contents, Encoding encoding) at HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()

Error - 17/02/2012 04:55:05 | Computer Name = hp-HP | Source = Hewlett-Packard | ID = 0

Description = en-GB Could not find a part of the path 'C:\ProgramData\Hewlett-Packard\HP

Support Framework\Logs\Temp\HPSA\HPSASession_201202170855.xml'. mscorlib at System.IO.__Error.WinIOError(Int32

errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode

mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32

bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,

Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,

FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) at

System.IO.StreamWriter.CreateFile(String path, Boolean append) at System.IO.StreamWriter..ctor(String

path, Boolean append, Encoding encoding, Int32 bufferSize) at System.IO.StreamWriter..ctor(String

path, Boolean append, Encoding encoding) at System.IO.File.WriteAllText(String

path, String contents, Encoding encoding) at HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()

Error - 22/02/2012 16:18:23 | Computer Name = hp-HP | Source = Hewlett-Packard | ID = 0

Description = en-GB Could not find a part of the path 'C:\ProgramData\Hewlett-Packard\HP

Support Framework\Logs\Temp\HPSA\HPSASession_201202222018.xml'. mscorlib at System.IO.__Error.WinIOError(Int32

errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode

mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32

bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,

Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,

FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) at

System.IO.StreamWriter.CreateFile(String path, Boolean append) at System.IO.StreamWriter..ctor(String

path, Boolean append, Encoding encoding, Int32 bufferSize) at System.IO.StreamWriter..ctor(String

path, Boolean append, Encoding encoding) at System.IO.File.WriteAllText(String

path, String contents, Encoding encoding) at HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()

Error - 29/02/2012 13:22:48 | Computer Name = hp-HP | Source = Hewlett-Packard | ID = 0

Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\021229052235.xml

File not created by asset agent

Error - 29/02/2012 13:23:22 | Computer Name = hp-HP | Source = Hewlett-Packard | ID = 0

Description = en-GB Could not find a part of the path 'C:\ProgramData\Hewlett-Packard\HP

Support Framework\Logs\Temp\HPSA\HPSASession_201202291723.xml'. mscorlib at System.IO.__Error.WinIOError(Int32

errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode

mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32

bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,

Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,

FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) at

System.IO.StreamWriter.CreateFile(String path, Boolean append) at System.IO.StreamWriter..ctor(String

path, Boolean append, Encoding encoding, Int32 bufferSize) at System.IO.StreamWriter..ctor(String

path, Boolean append, Encoding encoding) at System.IO.File.WriteAllText(String

path, String contents, Encoding encoding) at HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()

Error - 07/03/2012 10:45:13 | Computer Name = hp-HP | Source = Hewlett-Packard | ID = 0

Description = en-GB Could not find a part of the path 'C:\ProgramData\Hewlett-Packard\HP

Support Framework\Logs\Temp\HPSA\HPSASession_201203071445.xml'. mscorlib at System.IO.__Error.WinIOError(Int32

errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode

mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32

bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,

Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,

FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) at

System.IO.StreamWriter.CreateFile(String path, Boolean append) at System.IO.StreamWriter..ctor(String

path, Boolean append, Encoding encoding, Int32 bufferSize) at System.IO.StreamWriter..ctor(String

path, Boolean append, Encoding encoding) at System.IO.File.WriteAllText(String

path, String contents, Encoding encoding) at HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()

Error - 14/03/2012 13:37:56 | Computer Name = hp-HP | Source = Hewlett-Packard | ID = 0

Description = en-GB Could not find a part of the path 'C:\ProgramData\Hewlett-Packard\HP

Support Framework\Logs\Temp\HPSA\HPSASession_201203141737.xml'. mscorlib at System.IO.__Error.WinIOError(Int32

errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode

mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32

bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,

Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,

FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) at

System.IO.StreamWriter.CreateFile(String path, Boolean append) at System.IO.StreamWriter..ctor(String

path, Boolean append, Encoding encoding, Int32 bufferSize) at System.IO.StreamWriter..ctor(String

path, Boolean append, Encoding encoding) at System.IO.File.WriteAllText(String

path, String contents, Encoding encoding) at HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()

Error - 21/03/2012 11:20:55 | Computer Name = hp-HP | Source = Hewlett-Packard | ID = 0

Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\031221032053.xml

File not created by asset agent

Error - 21/03/2012 11:21:47 | Computer Name = hp-HP | Source = Hewlett-Packard | ID = 0

Description = en-GB Could not find a part of the path 'C:\ProgramData\Hewlett-Packard\HP

Support Framework\Logs\Temp\HPSA\HPSASession_201203211521.xml'. mscorlib at System.IO.__Error.WinIOError(Int32

errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode

mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32

bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,

Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,

FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) at

System.IO.StreamWriter.CreateFile(String path, Boolean append) at System.IO.StreamWriter..ctor(String

path, Boolean append, Encoding encoding, Int32 bufferSize) at System.IO.StreamWriter..ctor(String

path, Boolean append, Encoding encoding) at System.IO.File.WriteAllText(String

path, String contents, Encoding encoding) at HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()

[ HP Wireless Assistant Events ]

Error - 24/01/2012 13:08:12 | Computer Name = hp-HP | Source = HP WA Service | ID = 0

Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.

(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32

errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object

o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean

getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String

propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 24/01/2012 13:08:12 | Computer Name = hp-HP | Source = HP WA Service | ID = 0

Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.

(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32

errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object

o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean

getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String

propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 24/01/2012 13:09:12 | Computer Name = hp-HP | Source = HP WA Service | ID = 0

Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.

(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32

errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object

o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean

getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String

propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 24/01/2012 13:09:12 | Computer Name = hp-HP | Source = HP WA Service | ID = 0

Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.

(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32

errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object

o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean

getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String

propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 24/01/2012 13:10:12 | Computer Name = hp-HP | Source = HP WA Service | ID = 0

Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.

(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32

errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object

o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean

getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String

propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 24/01/2012 13:10:12 | Computer Name = hp-HP | Source = HP WA Service | ID = 0

Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.

(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32

errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object

o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean

getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String

propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 24/01/2012 13:11:12 | Computer Name = hp-HP | Source = HP WA Service | ID = 0

Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.

(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32

errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object

o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean

getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String

propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 24/01/2012 13:11:12 | Computer Name = hp-HP | Source = HP WA Service | ID = 0

Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.

(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32

errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object

o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean

getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String

propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 24/01/2012 13:12:12 | Computer Name = hp-HP | Source = HP WA Service | ID = 0

Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.

(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32

errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object

o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean

getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String

propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 24/01/2012 13:12:12 | Computer Name = hp-HP | Source = HP WA Service | ID = 0

Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.

(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32

errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object

o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean

getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String

propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

[ System Events ]

Error - 23/03/2012 10:17:29 | Computer Name = hp-HP | Source = Ntfs | ID = 262199

Description = The file system structure on the disk is corrupt and unusable. Please

run the chkdsk utility on the volume \Device\HarddiskVolumeShadowCopy1.

Error - 23/03/2012 10:17:29 | Computer Name = hp-HP | Source = Ntfs | ID = 262199

Description = The file system structure on the disk is corrupt and unusable. Please

run the chkdsk utility on the volume \Device\HarddiskVolumeShadowCopy1.

Error - 23/03/2012 10:17:29 | Computer Name = hp-HP | Source = Ntfs | ID = 262199

Description = The file system structure on the disk is corrupt and unusable. Please

run the chkdsk utility on the volume \Device\HarddiskVolumeShadowCopy1.

Error - 23/03/2012 10:17:29 | Computer Name = hp-HP | Source = Ntfs | ID = 262199

Description = The file system structure on the disk is corrupt and unusable. Please

run the chkdsk utility on the volume \Device\HarddiskVolumeShadowCopy1.

Error - 23/03/2012 10:17:29 | Computer Name = hp-HP | Source = Ntfs | ID = 262199

Description = The file system structure on the disk is corrupt and unusable. Please

run the chkdsk utility on the volume \Device\HarddiskVolumeShadowCopy1.

Error - 23/03/2012 10:17:29 | Computer Name = hp-HP | Source = Ntfs | ID = 262199

Description = The file system structure on the disk is corrupt and unusable. Please

run the chkdsk utility on the volume \Device\HarddiskVolumeShadowCopy1.

Error - 23/03/2012 10:17:29 | Computer Name = hp-HP | Source = Ntfs | ID = 262199

Description = The file system structure on the disk is corrupt and unusable. Please

run the chkdsk utility on the volume \Device\HarddiskVolumeShadowCopy1.

Error - 23/03/2012 10:17:29 | Computer Name = hp-HP | Source = Ntfs | ID = 262199

Description = The file system structure on the disk is corrupt and unusable. Please

run the chkdsk utility on the volume \Device\HarddiskVolumeShadowCopy1.

Error - 24/03/2012 10:54:30 | Computer Name = hp-HP | Source = Service Control Manager | ID = 7009

Description = A timeout was reached (30000 milliseconds) while waiting for the Steam

Client Service service to connect.

Error - 24/03/2012 10:54:30 | Computer Name = hp-HP | Source = Service Control Manager | ID = 7000

Description = The Steam Client Service service failed to start due to the following

error: %%1053

< End of report >

[D-FRED-BROWN]

Hello stewright5 and welcome to Malwarebytes!

I am D-FRED-BROWN and I will be helping you.

Please print or save this topic: it will make it easier for you to follow the instructions and complete all of the necessary steps.

-------------

Please download to your Desktop:

• TDSSKiller.zip from here and extract it (right click on it => "Extract here").
  

>>> TDSSKiller: Double-click on TDSSKiller.exe to run the application.

• Click on the Start Scan button and wait for the scan and disinfection process to be over.
  
• If an infected file is detected, the default action will be Cure, click on Continue
  
• If a suspicious file is detected, the default action will be Skip, click on Continue
  
• If you are asked to reboot the computer to complete the process, click on the Reboot Now button. A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt" (for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt). Please copy and paste the contents of that file here.
  
• If no reboot is required, click on Report. A log file will appear. Please copy and paste the contents of that file in your next reply.
  

In your next reply, please include the following (you may need to use two posts to get it all in):

• TDSSKiller_log.txt
  

how the PC is running now?

-------------

Please download ComboFix.exe. Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingc...to-use-combofix

***IMPORTANT: save ComboFix to your Desktop***

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please go here to see a list of programs that should be disabled.

**Note: Do not mouseclick ComboFix's window while it's running. That may cause it to stall**

Please include the C:\ComboFix.txt in your next reply for further review.

Also, please let me know if any problems still remain.

-------------

Please download Security Check by screen317 from here or here.

• Save it to your Desktop.
  
• Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  
• A Notepad document should open automatically called checkup.txt; please post the contents of that document.
  

-------------

In your next reply, please include:

• TDSSKiller logfile
  
• C:\ComboFix.txt
  
• Security Check checkup.txt
  

How is your computer running now?

[Maurice Naggar]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!