DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_31
Run by Steve Patane at 18:26:40 on 2012-08-25
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.4087.2335 [GMT -4:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Users\Steve Patane\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\SysWOW64\Ctxfihlp.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files (x86)\Brother\Brmfcmon\BrMfcmon.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Windows\SysWOW64\CTXFISPI.EXE
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page =
https://agencygateway1.allstate.com/eai ... plash.htmlBHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
uRunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_271_Plugin.exe -update plugin
mRun: [CTxfiHlp] CTXFIHLP.EXE
mRun: [Smart File Advisor] "C:\Program Files (x86)\Smart File Advisor\sfa.exe" /checkassoc
mRun: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
mRun: [BrMfcWnd] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
mRun: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {998A88A0-A355-809B-831C-B83A80000992} - C:\Program Files (x86)\uusee\UUSeePlayer.exe
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cabDPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cabDPF: {D4B68B83-8710-488B-A692-D74B50BA558E} -
hxxp://ccfiles.creative.com/Web/softwar ... PIDPDE.cabDPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} -
hxxp://ccfiles.creative.com/Web/softwar ... /CTPID.cabTCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{4CD4DCAA-E482-4001-B7BD-706B3EAD8263} : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{FB3C7BEE-8FD3-46B7-88B5-57934932A6CB} : DhcpNameServer = 192.168.2.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL
mASetup: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
BHO-X64: 0x1 - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL
BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
mRun-x64: [CTxfiHlp] CTXFIHLP.EXE
mRun-x64: [Smart File Advisor] "C:\Program Files (x86)\Smart File Advisor\sfa.exe" /checkassoc
mRun-x64: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
mRun-x64: [BrMfcWnd] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
mRun-x64: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
IE-X64: {998A88A0-A355-809B-831C-B83A80000992} - C:\Program Files (x86)\uusee\UUSeePlayer.exe
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Steve Patane\AppData\Roaming\Mozilla\Firefox\Profiles\q6kmy9pz.default\
FF - prefs.js: browser.search.defaulturl -
hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage -
http://www.comcast.netFF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll
FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npuuseep.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npvsharetvplg.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Veetle\Player\npvlc.dll
FF - plugin: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Steve Patane\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Users\Steve Patane\AppData\Roaming\Mozilla\plugins\npoctoshape.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true);user_pref(network.protocol-handler.warn-external.dnupdate, false
FF - user.js: browser.sessionstore.resume_from_crash - false
user_pref('extensions.autoDisableScopes', 0);user_pref('security.csp.enable', false);user_pref('security.OCSP.enabled', 0);
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-7-20 655944]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-5-15 382272]
R3 btusbflt;Bluetooth USB Filter;C:\Windows\system32\drivers\btusbflt.sys --> C:\Windows\system32\drivers\btusbflt.sys [?]
R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]
R3 CT20XUT.SYS;CT20XUT.SYS;C:\Windows\system32\drivers\CT20XUT.SYS --> C:\Windows\system32\drivers\CT20XUT.SYS [?]
R3 CTEXFIFX.SYS;CTEXFIFX.SYS;C:\Windows\system32\drivers\CTEXFIFX.SYS --> C:\Windows\system32\drivers\CTEXFIFX.SYS [?]
R3 CTHWIUT.SYS;CTHWIUT.SYS;C:\Windows\system32\drivers\CTHWIUT.SYS --> C:\Windows\system32\drivers\CTHWIUT.SYS [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
S2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-7-27 63960]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-6-12 1262400]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-11 250056]
S3 BrSerIb;Brother MFC Serial Interface Driver(WDM);C:\Windows\system32\DRIVERS\BrSerIb.sys --> C:\Windows\system32\DRIVERS\BrSerIb.sys [?]
S3 BrUsbSIb;Brother MFC Serial USB Driver(WDM);C:\Windows\system32\DRIVERS\BrUsbSIb.sys --> C:\Windows\system32\DRIVERS\BrUsbSIb.sys [?]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-4-7 79360]
S3 CT20XUT;CT20XUT;C:\Windows\system32\drivers\CT20XUT.SYS --> C:\Windows\system32\drivers\CT20XUT.SYS [?]
S3 CTEXFIFX;CTEXFIFX;C:\Windows\system32\drivers\CTEXFIFX.SYS --> C:\Windows\system32\drivers\CTEXFIFX.SYS [?]
S3 CTHWIUT;CTHWIUT;C:\Windows\system32\drivers\CTHWIUT.SYS --> C:\Windows\system32\drivers\CTHWIUT.SYS [?]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 51740536]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-8 113120]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-08-25 22:20:55 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{041C8D68-D85B-48B7-BF03-574A2343F28F}\offreg.dll
2012-08-25 13:31:15 9309624 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{041C8D68-D85B-48B7-BF03-574A2343F28F}\mpengine.dll
2012-08-25 01:48:51 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{12138E30-F7D0-4F61-8C9C-DDBB591EDAE8}
2012-08-24 04:36:41 9309624 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-08-24 02:18:26 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{A21C7AED-A101-446C-ADEC-10F09314BB4C}
2012-08-23 22:44:28 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{D1DADFEF-B343-4DC6-A86A-D496E7BF1CB7}
2012-08-23 03:28:18 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{E1500331-0D66-4A95-A93C-A025FC2A338B}
2012-08-22 22:36:43 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{524F25FA-E023-41C8-9E7E-4197D81D5CB1}
2012-08-22 01:43:29 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{8D25DCAC-0801-4CAA-ACAC-E5E85B5BB2B4}
2012-08-19 14:15:23 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{7DA8F3F1-883D-40C8-B9F2-A1F77A47524D}
2012-08-18 23:45:49 -------- d-----w- C:\Users\Steve Patane\fontconfig
2012-08-18 23:32:19 -------- d-----w- C:\Users\Steve Patane\AppData\Local\Google
2012-08-18 23:31:34 -------- d-----w- C:\Program Files (x86)\OApps
2012-08-18 23:30:20 -------- d-----w- C:\Users\Steve Patane\.smplayer
2012-08-18 23:30:00 -------- d-----w- C:\Program Files (x86)\SMPlayer
2012-08-18 12:20:42 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{9685425B-8ED4-40EE-BF5C-AE1AE4C474CB}
2012-08-18 12:20:31 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{679855D8-1127-4860-93BC-8A550E095B75}
2012-08-16 07:08:10 552448 ----a-w- C:\Windows\System32\drivers\bthport.sys
2012-08-16 01:02:13 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{5FF4BA11-B6E5-4435-A993-30AB2BFC9F34}
2012-08-15 22:13:40 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{F40A586B-B9D8-4B27-A529-54BFD2A1B213}
2012-08-15 22:13:26 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{EDDD776A-FD20-4AF0-829A-958E42A2348A}
2012-08-15 01:55:27 -------- d-----w- C:\Users\Steve Patane\AppData\Local\CrashDumps
2012-08-14 00:12:07 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{70545CAD-FF7C-42E6-A48C-543D63BE84AA}
2012-08-14 00:11:56 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{398B2BD4-65DE-4680-9F9A-8EA68CC7F69D}
2012-08-13 03:05:41 -------- d-----w- C:\Program Files (x86)\MediaFire
2012-08-13 00:56:26 -------- d-----w- C:\Users\Steve Patane\AppData\Roaming\YourFileDownloader
2012-08-12 23:03:49 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{532B13E5-FD20-4006-AA98-845EB341207D}
2012-08-12 23:03:37 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{A1C1BFC5-34C4-4115-991E-D96A6B522F43}
2012-08-12 00:49:32 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{51F7A13C-6825-47C7-867E-3D9344BCC39F}
2012-08-12 00:49:21 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{E085198F-122E-4520-96BC-4DB70FA0E5F3}
2012-08-11 22:06:59 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{9FA4CBDC-453E-4C26-845C-9596B7960AB2}
2012-08-11 13:11:36 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{43A6AE59-EDB6-4768-94A8-EA9E74746B43}
2012-08-11 03:04:43 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{4D84AB6B-A160-4399-BF9B-F0B9640A4374}
2012-08-11 00:52:26 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{D0B45F09-F209-46AC-87EA-B1B2560D0F07}
2012-08-10 23:51:20 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{FDA01BAD-D8F1-487F-9030-2E025DCE9460}
2012-08-10 04:46:54 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{EF8A7350-B109-4900-8337-E12F3D71BD95}
2012-08-10 04:46:42 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{C103D6D7-CDFA-4E06-859A-81278F6D5C78}
2012-08-09 02:48:10 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{1B42B5AD-9126-440C-BECC-FF71701DED33}
2012-08-09 02:47:58 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{9FA2DE5A-E901-4BA1-9F35-EFF56A0018C1}
2012-08-08 01:37:44 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{A3300DE4-F368-4555-8240-83417536D528}
2012-08-06 04:14:21 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{2BFD7B89-754B-4D4D-A283-C896617D6C86}
2012-08-06 01:06:32 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{2EF5E464-6E36-4D0D-8926-F02BF51F8325}
2012-08-06 01:06:21 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{5F7B2537-5C56-4789-873B-1E3BDAC665B1}
2012-08-05 16:13:07 -------- d-----w- C:\Users\Steve Patane\AppData\Local\Facebook
2012-08-04 22:11:08 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{B36FF7C0-74A9-4239-9071-0E72797EEFB8}
2012-08-04 22:10:57 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{AE45DBF2-C9AB-4204-BA43-0A486D0ED6D4}
2012-08-04 12:48:40 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{54FB5422-7695-4B98-9BE0-324047221F16}
2012-08-04 12:48:29 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{0818DFAB-EB50-48AC-A97B-26E3264D7F3F}
2012-08-02 22:06:41 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{478E2D32-39E7-4F6B-8529-6A8990C15E45}
2012-08-02 22:06:30 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{E07F4492-2829-40F7-953B-0414B9BE1420}
2012-08-02 00:14:31 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{1E9B700F-1A59-4610-A728-B4FB75671F55}
2012-08-02 00:14:19 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{0E3703C3-B3E8-4806-956F-F6C88EF9A73D}
2012-08-01 00:14:06 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{A44DF487-E299-4A40-A77E-584F5826652A}
2012-07-28 21:38:11 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{B603B9D8-709B-4A24-BB90-C10CA2BAE5B8}
2012-07-28 13:04:28 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{06B8B0F0-D757-46BA-9D26-A2E72A990457}
2012-07-28 13:04:17 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{688002A6-146F-4B6D-8274-BA8EFFD46717}
2012-07-28 01:34:36 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{43C41DC1-761F-4816-AFC8-91F4E2E0C620}
2012-07-27 20:51:30 184248 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2012-07-27 03:29:19 -------- d-----w- C:\ProgramData\Norton
2012-07-27 03:28:56 -------- d-----w- C:\ProgramData\NortonInstaller
2012-07-27 03:11:48 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{3E3A6CB7-921E-431C-8CDB-F6A7030176CB}
2012-07-27 03:11:37 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{34B5DBBB-4EE1-426E-890C-8284C419F95F}
.
==================== Find3M ====================
.
2012-08-15 00:58:18 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-15 00:58:18 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-07-18 17:31:12 3146752 ----a-w- C:\Windows\System32\win32k.sys
2012-07-04 22:01:38 58880 ----a-w- C:\Windows\System32\browcli.dll
2012-07-04 22:01:38 136704 ----a-w- C:\Windows\System32\browser.dll
2012-07-04 21:23:55 41472 ----a-w- C:\Windows\SysWow64\browcli.dll
2012-07-03 17:46:44 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-06-27 07:03:25 1197568 ----a-w- C:\Windows\System32\wininet.dll
2012-06-27 06:59:12 57856 ----a-w- C:\Windows\System32\licmgr10.dll
2012-06-27 06:03:21 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-06-27 06:01:19 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll
2012-06-27 05:41:43 482816 ----a-w- C:\Windows\System32\html.iec
2012-06-27 04:58:58 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2012-06-27 04:53:25 386048 ----a-w- C:\Windows\SysWow64\html.iec
2012-06-27 04:19:51 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-06-16 05:25:51 609792 ----a-w- C:\Windows\System32\vbscript.dll
2012-06-16 04:37:51 428032 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-06-06 05:50:50 2003968 ----a-w- C:\Windows\System32\msxml6.dll
2012-06-06 05:50:50 1880064 ----a-w- C:\Windows\System32\msxml3.dll
2012-06-06 05:09:46 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll
2012-06-06 05:09:46 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-06-02 19:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2012-06-02 19:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-06-02 05:38:26 95088 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2012-06-02 05:38:24 152432 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2012-06-02 05:37:45 459216 ----a-w- C:\Windows\System32\drivers\cng.sys
2012-06-02 05:27:02 340992 ----a-w- C:\Windows\System32\schannel.dll
2012-06-02 05:27:00 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2012-06-02 04:48:39 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2012-06-02 04:48:35 225280 ----a-w- C:\Windows\SysWow64\schannel.dll
2012-06-02 04:47:31 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2012-06-02 04:42:51 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
.
============= FINISH: 18:28:49.74 ===============
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 4/6/2011 11:38:19 PM
System Uptime: 8/23/2012 3:39:02 AM (63 hours ago)
.
Motherboard: EVGA | | EVGA P55 SLI E655
Processor: Intel(R) Core(TM) i5 CPU 750 @ 2.67GHz | CPU 1 | 2668/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 466 GiB total, 346.449 GiB free.
D: is CDROM ()
E: is CDROM ()
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {36fc9e60-c465-11cf-8056-444553540000}
Description: USB Mass Storage Device
Device ID: USB\VID_04F9&PID_01D7&MI_03\6&1196B005&3&0003
Manufacturer: Compatible USB storage device
Name: USB Mass Storage Device
PNP Device ID: USB\VID_04F9&PID_01D7&MI_03\6&1196B005&3&0003
Service: USBSTOR
.
==== System Restore Points ===================
.
RP595: 8/9/2012 6:10:36 PM - Windows Update
RP596: 8/12/2012 11:38:42 PM - Windows Update
RP597: 8/16/2012 3:00:25 AM - Windows Update
RP598: 8/18/2012 7:32:51 PM - Windows Update
RP599: 8/21/2012 9:13:40 PM - Windows Update
RP600: 8/25/2012 9:27:36 AM - Windows Update
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.4)
Adobe Shockwave Player 11.6
Battlefield 2(TM)
Battlefield: Bad Company™ 2
Brother MFL-Pro Suite
CloneCD
Creative Audio Control Panel
Creative Software AutoUpdate
Creative Sound Blaster Properties x64 Edition
D3DX10
DAEMON Tools Pro
Facebook Video Calling 1.2.0.159
GIMP 2.6.11
IsoBuster 2.8.5
Java Auto Updater
Java(TM) 6 Update 31
Junk Mail filter update
Malwarebytes Anti-Malware version 1.62.0.1300
Mass Effect 2
Max Media Creator
MaxDrive PS2
MediaFireDownloader
Mesh Runtime
Messenger Companion
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable - KB2467175
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Mozilla Firefox 14.0.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
NHL 2004
NVIDIA 3D Vision Controller Driver
NVIDIA PhysX
NVIDIA Stereoscopic 3D Driver
Octoshape Streaming Services
OpenAL
Pro Evolution Soccer 2011
Pro Evolution Soccer 2013 DEMO
PunkBuster Services
Revo Uninstaller 1.93
Rugby Challenge
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Shockwave
Skype Click to Call
Skype™ 5.10
Smart File Advisor 1.1.1
SMPlayer 0.6.9
SopCast 3.5.0
StreamTorrent 1.0
swMSM
The Last Starfighter
UnHackMe 5.99 release
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Veetle TV 0.9.18
VideoFileDownload
VirtualCloneDrive
VLC media player 1.1.8
vShare.tv plugin 1.3
Vuze
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Wrestling MPire 2008 (Career Edition)
XtremeTuner HD
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
Zip Motion Block Video codec (Remove Only)
.
==== Event Viewer Messages From Past Week ========
.
8/18/2012 7:36:49 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80246007: Windows 7 Service Pack 1 for x64-based Systems (KB976932).
.
==== End Of File ===========================
CKScanner - Additional Security Risks - These are not necessarily bad
c:\program files (x86)\gimp-2.0\share\gimp\2.0\patterns\cracked.pat
c:\users\steve patane\desktop\steve's\malwarebytes.anti-malware.1.51.2.1300.readnfo_keygen-fff.zip
c:\users\steve patane\desktop\steve's\sp\calyx point v5.3\calyx.point.v5.3.incl.keygen_scurvy.part1.rar
c:\users\steve patane\desktop\steve's\sp\calyx point v5.3\calyx.point.v5.3.incl.keygen_scurvy.part3.rar
scanner sequence 3.CA.11.MGNAXD
----- EOF -----
Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->
Validation Code: 0
Cached Online Validation Code: 0x0
Windows Product Key: *****-*****-QYVKT-HJ3JC-4GJ77
Windows Product Key Hash: pRbIqNqOThbCLKXVVurjRuqwnjg=
Windows Product ID: 00426-068-5551705-86772
Windows Product ID Type: 5
Windows License Type: Retail
Windows OS version: 6.1.7600.2.00010100.0.0.001
ID: {C64C381F-E817-4EF4-A4DA-D64870929795}(3)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: N/A, hr = 0x80070002
Signed By: N/A, hr = 0x80070002
Product Name: Windows 7 Ultimate
Architecture: 0x00000009
Build lab: 7600.win7_gdr.120503-2030
TTS Error:
Validation Diagnostic:
Resolution Status: N/A
Vista WgaER Data-->
ThreatID(s): N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002
OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002
OGA Data-->
Office Status: 109 N/A
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3
Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed
File Scan Data-->
Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{C64C381F-E817-4EF4-A4DA-D64870929795}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7600.2.00010100.0.0.001</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-4GJ77</PKey><PID>00426-068-5551705-86772</PID><PIDType>5</PIDType><SID>S-1-5-21-1374775581-1604023599-3895846352</SID><SYSTEM><Manufacturer>1E655</Manufacturer><Model>1E655A71</Model></SYSTEM><BIOS><Manufacturer>American Megatrends Inc.</Manufacturer><Version>080016 </Version><SMBIOSVersion major="2" minor="6"/><Date>20100913000000.000000+000</Date></BIOS><HWID>49BB3607018400FE</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Eastern Standard Time(GMT-05:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>
Spsys.log Content: 0x80070002
Licensing Data-->
Software licensing service version: 6.1.7600.16385
Name: Windows(R) 7, Ultimate edition
Description: Windows Operating System - Windows(R) 7, RETAIL channel
Activation ID: a0cde89c-3304-4157-b61c-c8ad785d1fad
Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
Extended PID: 00426-00172-068-555170-00-1033-7600.0000-0962011
Installation ID: 017670136502272880180773349663835432322644318236719085
Processor Certificate URL:
http://go.microsoft.com/fwlink/?LinkID=88338Machine Certificate URL:
http://go.microsoft.com/fwlink/?LinkID=88339Use License URL:
http://go.microsoft.com/fwlink/?LinkID=88341Product Key Certificate URL:
http://go.microsoft.com/fwlink/?LinkID=88340Partial Product Key: 4GJ77
License Status: Licensed
Remaining Windows rearm count: 3
Trusted time: 8/26/2012 10:45:07 AM
Windows Activation Technologies-->
HrOffline: 0x00000000
HrOnline: 0x00000000
HealthStatus: 0x0000000000000000
Event Time Stamp: 7:27:2012 22:19
ActiveX: Registered, Version: 7.1.7600.16395
Admin Service: Registered, Version: 7.1.7600.16395
HealthStatus Bitmask Output:
HWID Data-->
HWID Hash Current: QgAAAAMABgABAAEAAgACAAAAAwABAAEA6GFS2SruTjTFE95tCAxCxoCWBp6AwNZHgnfeiBX0qAKgow/PTJCM+3ZW
OEM Activation 1.0 Data-->
N/A
OEM Activation 2.0 Data-->
BIOS valid for OA 2.0: yes, but no SLIC table
Windows marker version: N/A
OEMID and OEMTableID Consistent: N/A
BIOS Information:
ACPI Table Name OEMID Value OEMTableID Value
APIC 091310 APIC0920
FACP 091310 FACP0920
MCFG 091310 OEMMCFG
OEMB 091310 OEMB0920
I use sometimes occasionally for work on weekends. (If you see Allstate on HiJack this log this is the reason)